libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

Merge pull request #1133 from stianst/master

Browse source 
More work on KEYCLOAK-1187
This commit is contained in:
Stian Thorgersen 2015-04-10 14:46:41 +02:00
commit 716bf104db
27 changed files with 527 additions and 724 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

204
core/src/main/java/org/keycloak/representations/idm/ApplicationRepresentation.java
View file

@ -1,46 +1,14 @@
package org.keycloak.representations.idm;
import java.util.List;
import java.util.Map;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class ApplicationRepresentation {
protected String id;
@Deprecated
public class ApplicationRepresentation extends ClientRepresentation {
protected String name;
protected String adminUrl;
protected String baseUrl;
protected Boolean surrogateAuthRequired;
protected Boolean enabled;
protected String secret;
protected String[] defaultRoles;
protected List<String> redirectUris;
protected List<String> webOrigins;
@Deprecated
protected ClaimRepresentation claims;
protected Integer notBefore;
protected Boolean bearerOnly;
protected Boolean consentRequired;
protected Boolean directGrantsOnly;
protected Boolean publicClient;
protected Boolean frontchannelLogout;
protected String protocol;
protected Map<String, String> attributes;
protected Boolean fullScopeAllowed;
protected Integer nodeReRegistrationTimeout;
protected Map<String, Integer> registeredNodes;
protected List<ClientIdentityProviderMappingRepresentation> identityProviders;
protected List<ProtocolMapperRepresentation> protocolMappers;
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getName() {
return name;
@ -50,70 +18,6 @@ public class ApplicationRepresentation {
this.name = name;
}
public Boolean isEnabled() {
return enabled;
}
public void setEnabled(Boolean enabled) {
this.enabled = enabled;
}
public Boolean isSurrogateAuthRequired() {
return surrogateAuthRequired;
}
public void setSurrogateAuthRequired(Boolean surrogateAuthRequired) {
this.surrogateAuthRequired = surrogateAuthRequired;
}
public String getAdminUrl() {
return adminUrl;
}
public void setAdminUrl(String adminUrl) {
this.adminUrl = adminUrl;
}
public String getBaseUrl() {
return baseUrl;
}
public void setBaseUrl(String baseUrl) {
this.baseUrl = baseUrl;
}
public String getSecret() {
return secret;
}
public void setSecret(String secret) {
this.secret = secret;
}
public List<String> getRedirectUris() {
return redirectUris;
}
public void setRedirectUris(List<String> redirectUris) {
this.redirectUris = redirectUris;
}
public List<String> getWebOrigins() {
return webOrigins;
}
public void setWebOrigins(List<String> webOrigins) {
this.webOrigins = webOrigins;
}
public String[] getDefaultRoles() {
return defaultRoles;
}
public void setDefaultRoles(String[] defaultRoles) {
this.defaultRoles = defaultRoles;
}
public ClaimRepresentation getClaims() {
return claims;
}
@ -121,108 +25,4 @@ public class ApplicationRepresentation {
public void setClaims(ClaimRepresentation claims) {
this.claims = claims;
}
public Integer getNotBefore() {
return notBefore;
}
public void setNotBefore(Integer notBefore) {
this.notBefore = notBefore;
}
public Boolean isBearerOnly() {
return bearerOnly;
}
public void setBearerOnly(Boolean bearerOnly) {
this.bearerOnly = bearerOnly;
}
public Boolean isConsentRequired() {
return consentRequired;
}
public void setConsentRequired(Boolean consentRequired) {
this.consentRequired = consentRequired;
}
public Boolean getDirectGrantsOnly() {
return directGrantsOnly;
}
public void setDirectGrantsOnly(Boolean directGrantsOnly) {
this.directGrantsOnly = directGrantsOnly;
}
public Boolean isPublicClient() {
return publicClient;
}
public void setPublicClient(Boolean publicClient) {
this.publicClient = publicClient;
}
public Boolean isFullScopeAllowed() {
return fullScopeAllowed;
}
public void setFullScopeAllowed(Boolean fullScopeAllowed) {
this.fullScopeAllowed = fullScopeAllowed;
}
public String getProtocol() {
return protocol;
}
public void setProtocol(String protocol) {
this.protocol = protocol;
}
public Map<String, String> getAttributes() {
return attributes;
}
public void setAttributes(Map<String, String> attributes) {
this.attributes = attributes;
}
public Integer getNodeReRegistrationTimeout() {
return nodeReRegistrationTimeout;
}
public void setNodeReRegistrationTimeout(Integer nodeReRegistrationTimeout) {
this.nodeReRegistrationTimeout = nodeReRegistrationTimeout;
}
public Map<String, Integer> getRegisteredNodes() {
return registeredNodes;
}
public void setRegisteredNodes(Map<String, Integer> registeredNodes) {
this.registeredNodes = registeredNodes;
}
public Boolean isFrontchannelLogout() {
return frontchannelLogout;
}
public void setFrontchannelLogout(Boolean frontchannelLogout) {
this.frontchannelLogout = frontchannelLogout;
}
public List<ClientIdentityProviderMappingRepresentation> getIdentityProviders() {
return this.identityProviders;
}
public void setIdentityProviders(List<ClientIdentityProviderMappingRepresentation> identityProviders) {
this.identityProviders = identityProviders;
}
public List<ProtocolMapperRepresentation> getProtocolMappers() {
return protocolMappers;
}
public void setProtocolMappers(List<ProtocolMapperRepresentation> protocolMappers) {
this.protocolMappers = protocolMappers;
}
}

218
core/src/main/java/org/keycloak/representations/idm/ClientRepresentation.java Executable file
View file

@ -0,0 +1,218 @@
package org.keycloak.representations.idm;
import java.util.List;
import java.util.Map;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class ClientRepresentation {
protected String id;
protected String clientId;
protected String adminUrl;
protected String baseUrl;
protected Boolean surrogateAuthRequired;
protected Boolean enabled;
protected String secret;
protected String[] defaultRoles;
protected List<String> redirectUris;
protected List<String> webOrigins;
protected Integer notBefore;
protected Boolean bearerOnly;
protected Boolean consentRequired;
protected Boolean directGrantsOnly;
protected Boolean publicClient;
protected Boolean frontchannelLogout;
protected String protocol;
protected Map<String, String> attributes;
protected Boolean fullScopeAllowed;
protected Integer nodeReRegistrationTimeout;
protected Map<String, Integer> registeredNodes;
protected List<ClientIdentityProviderMappingRepresentation> identityProviders;
protected List<ProtocolMapperRepresentation> protocolMappers;
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getClientId() {
return clientId;
}
public void setClientId(String clientId) {
this.clientId = clientId;
}
public Boolean isEnabled() {
return enabled;
}
public void setEnabled(Boolean enabled) {
this.enabled = enabled;
}
public Boolean isSurrogateAuthRequired() {
return surrogateAuthRequired;
}
public void setSurrogateAuthRequired(Boolean surrogateAuthRequired) {
this.surrogateAuthRequired = surrogateAuthRequired;
}
public String getAdminUrl() {
return adminUrl;
}
public void setAdminUrl(String adminUrl) {
this.adminUrl = adminUrl;
}
public String getBaseUrl() {
return baseUrl;
}
public void setBaseUrl(String baseUrl) {
this.baseUrl = baseUrl;
}
public String getSecret() {
return secret;
}
public void setSecret(String secret) {
this.secret = secret;
}
public List<String> getRedirectUris() {
return redirectUris;
}
public void setRedirectUris(List<String> redirectUris) {
this.redirectUris = redirectUris;
}
public List<String> getWebOrigins() {
return webOrigins;
}
public void setWebOrigins(List<String> webOrigins) {
this.webOrigins = webOrigins;
}
public String[] getDefaultRoles() {
return defaultRoles;
}
public void setDefaultRoles(String[] defaultRoles) {
this.defaultRoles = defaultRoles;
}
public Integer getNotBefore() {
return notBefore;
}
public void setNotBefore(Integer notBefore) {
this.notBefore = notBefore;
}
public Boolean isBearerOnly() {
return bearerOnly;
}
public void setBearerOnly(Boolean bearerOnly) {
this.bearerOnly = bearerOnly;
}
public Boolean isConsentRequired() {
return consentRequired;
}
public void setConsentRequired(Boolean consentRequired) {
this.consentRequired = consentRequired;
}
public Boolean getDirectGrantsOnly() {
return directGrantsOnly;
}
public void setDirectGrantsOnly(Boolean directGrantsOnly) {
this.directGrantsOnly = directGrantsOnly;
}
public Boolean isPublicClient() {
return publicClient;
}
public void setPublicClient(Boolean publicClient) {
this.publicClient = publicClient;
}
public Boolean isFullScopeAllowed() {
return fullScopeAllowed;
}
public void setFullScopeAllowed(Boolean fullScopeAllowed) {
this.fullScopeAllowed = fullScopeAllowed;
}
public String getProtocol() {
return protocol;
}
public void setProtocol(String protocol) {
this.protocol = protocol;
}
public Map<String, String> getAttributes() {
return attributes;
}
public void setAttributes(Map<String, String> attributes) {
this.attributes = attributes;
}
public Integer getNodeReRegistrationTimeout() {
return nodeReRegistrationTimeout;
}
public void setNodeReRegistrationTimeout(Integer nodeReRegistrationTimeout) {
this.nodeReRegistrationTimeout = nodeReRegistrationTimeout;
}
public Map<String, Integer> getRegisteredNodes() {
return registeredNodes;
}
public void setRegisteredNodes(Map<String, Integer> registeredNodes) {
this.registeredNodes = registeredNodes;
}
public Boolean isFrontchannelLogout() {
return frontchannelLogout;
}
public void setFrontchannelLogout(Boolean frontchannelLogout) {
this.frontchannelLogout = frontchannelLogout;
}
public List<ClientIdentityProviderMappingRepresentation> getIdentityProviders() {
return this.identityProviders;
}
public void setIdentityProviders(List<ClientIdentityProviderMappingRepresentation> identityProviders) {
this.identityProviders = identityProviders;
}
public List<ProtocolMapperRepresentation> getProtocolMappers() {
return protocolMappers;
}
public void setProtocolMappers(List<ProtocolMapperRepresentation> protocolMappers) {
this.protocolMappers = protocolMappers;
}
}

152
core/src/main/java/org/keycloak/representations/idm/OAuthClientRepresentation.java
View file

@ -1,157 +1,9 @@
package org.keycloak.representations.idm;
import java.util.List;
import java.util.Map;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class OAuthClientRepresentation {
protected String id;
protected String name;
protected List<String> redirectUris;
protected List<String> webOrigins;
protected Boolean enabled;
protected String secret;
@Deprecated
protected ClaimRepresentation claims;
protected Integer notBefore;
protected Boolean publicClient;
protected String protocol;
protected Map<String, String> attributes;
protected Boolean directGrantsOnly;
protected Boolean fullScopeAllowed;
protected Boolean frontchannelLogout;
protected List<ProtocolMapperRepresentation> protocolMappers;
private List<ClientIdentityProviderMappingRepresentation> identityProviders;
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public Boolean isEnabled() {
return enabled;
}
public void setEnabled(Boolean enabled) {
this.enabled = enabled;
}
public List<String> getRedirectUris() {
return redirectUris;
}
public void setRedirectUris(List<String> redirectUris) {
this.redirectUris = redirectUris;
}
public List<String> getWebOrigins() {
return webOrigins;
}
public void setWebOrigins(List<String> webOrigins) {
this.webOrigins = webOrigins;
}
public String getSecret() {
return secret;
}
public void setSecret(String secret) {
this.secret = secret;
}
public ClaimRepresentation getClaims() {
return claims;
}
public void setClaims(ClaimRepresentation claims) {
this.claims = claims;
}
public Integer getNotBefore() {
return notBefore;
}
public void setNotBefore(Integer notBefore) {
this.notBefore = notBefore;
}
public Boolean isPublicClient() {
return publicClient;
}
public void setPublicClient(Boolean publicClient) {
this.publicClient = publicClient;
}
public Boolean isDirectGrantsOnly() {
return directGrantsOnly;
}
public void setDirectGrantsOnly(Boolean directGrantsOnly) {
this.directGrantsOnly = directGrantsOnly;
}
public Boolean isFullScopeAllowed() {
return fullScopeAllowed;
}
public void setFullScopeAllowed(Boolean fullScopeAllowed) {
this.fullScopeAllowed = fullScopeAllowed;
}
public String getProtocol() {
return protocol;
}
public void setProtocol(String protocol) {
this.protocol = protocol;
}
public Map<String, String> getAttributes() {
return attributes;
}
public void setAttributes(Map<String, String> attributes) {
this.attributes = attributes;
}
public Boolean isFrontchannelLogout() {
return frontchannelLogout;
}
public void setFrontchannelLogout(Boolean frontchannelLogout) {
this.frontchannelLogout = frontchannelLogout;
}
public List<ClientIdentityProviderMappingRepresentation> getIdentityProviders() {
return this.identityProviders;
}
public void setIdentityProviders(List<ClientIdentityProviderMappingRepresentation> identityProviders) {
this.identityProviders = identityProviders;
}
public List<ProtocolMapperRepresentation> getProtocolMappers() {
return protocolMappers;
}
public void setProtocolMappers(List<ProtocolMapperRepresentation> protocolMappers) {
this.protocolMappers = protocolMappers;
}
@Deprecated
public class OAuthClientRepresentation extends ApplicationRepresentation {
}

19
core/src/main/java/org/keycloak/representations/idm/RealmRepresentation.java
View file

@ -56,7 +56,10 @@ public class RealmRepresentation {
protected List<UserRepresentation> users;
protected List<ScopeMappingRepresentation> scopeMappings;
protected Map<String, List<ScopeMappingRepresentation>> applicationScopeMappings;
protected List<ClientRepresentation> clients;
@Deprecated
protected List<ApplicationRepresentation> applications;
@Deprecated
protected List<OAuthClientRepresentation> oauthClients;
protected Map<String, String> browserSecurityHeaders;
protected Map<String, String> smtpServer;
@ -101,14 +104,6 @@ public class RealmRepresentation {
return applications;
}
public ApplicationRepresentation resource(String name) {
ApplicationRepresentation resource = new ApplicationRepresentation();
if (applications == null) applications = new ArrayList<ApplicationRepresentation>();
applications.add(resource);
resource.setName(name);
return resource;
}
public void setUsers(List<UserRepresentation> users) {
this.users = users;
}
@ -121,6 +116,14 @@ public class RealmRepresentation {
return user;
}
public List<ClientRepresentation> getClients() {
return clients;
}
public void setClients(List<ClientRepresentation> clients) {
this.clients = clients;
}
public void setApplications(List<ApplicationRepresentation> applications) {
this.applications = applications;
}

4
examples/admin-client/src/main/webapp/index.jsp
View file

@ -1,5 +1,5 @@
<%@ page import="org.keycloak.admin.client.Keycloak" %>
<%@ page import="org.keycloak.admin.client.resource.ApplicationsResource" %>
<%@ page import="org.keycloak.admin.client.resource.ClientsResource" %>
<%@ page import="org.keycloak.representations.idm.ApplicationRepresentation" %>
<%@ page import="org.keycloak.util.UriUtils" %>
<%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1" %>
@ -13,7 +13,7 @@
String authServer = UriUtils.getOrigin(request.getRequestURL().toString()) + "/auth";
Keycloak keycloak = Keycloak.getInstance(authServer, "example", "examples-admin-client", "password", "examples-admin-client", "password");
ApplicationsResource applications = keycloak.realm("example").applications();
ClientsResource applications = keycloak.realm("example").applications();
out.println("<h1>Applications</h1>");
out.println("<ul>");

30
export-import/export-import-api/src/main/java/org/keycloak/exportimport/util/ExportUtils.java
View file

@ -16,6 +16,7 @@ import org.keycloak.models.UserCredentialValueModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.representations.idm.ApplicationRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
@ -53,14 +54,14 @@ public class ExportUtils {
rep.setEventsListeners(new LinkedList<String>(realm.getEventsListeners()));
}
// Applications
List<ClientModel> applications = realm.getClients();
List<ApplicationRepresentation> appReps = new ArrayList<ApplicationRepresentation>();
for (ClientModel app : applications) {
ApplicationRepresentation appRep = exportApplication(app);
appReps.add(appRep);
// Clients
List<ClientModel> clients = realm.getClients();
List<ClientRepresentation> clientReps = new ArrayList<>();
for (ClientModel app : clients) {
ClientRepresentation clientRep = exportClient(app);
clientReps.add(clientRep);
}
rep.setApplications(appReps);
rep.setClients(clientReps);
// Roles
List<RoleRepresentation> realmRoleReps = null;
@ -70,7 +71,7 @@ public class ExportUtils {
if (realmRoles != null && realmRoles.size() > 0) {
realmRoleReps = exportRoles(realmRoles);
}
for (ClientModel app : applications) {
for (ClientModel app : clients) {
Set<RoleModel> currentAppRoles = app.getRoles();
List<RoleRepresentation> currentAppRoleReps = exportRoles(currentAppRoles);
appRolesReps.put(app.getClientId(), currentAppRoleReps);
@ -86,7 +87,7 @@ public class ExportUtils {
rep.setRoles(rolesRep);
// Scopes
List<ClientModel> allClients = new ArrayList<>(applications);
List<ClientModel> allClients = new ArrayList<>(clients);
Map<String, List<ScopeMappingRepresentation>> appScopeReps = new HashMap<>();
for (ClientModel client : allClients) {
@ -147,14 +148,13 @@ public class ExportUtils {
/**
* Full export of application including claims and secret
* @param app
* @param client
* @return full ApplicationRepresentation
*/
public static ApplicationRepresentation exportApplication(ClientModel app) {
ApplicationRepresentation appRep = ModelToRepresentation.toRepresentation(app);
appRep.setSecret(app.getSecret());
return appRep;
public static ClientRepresentation exportClient(ClientModel client) {
ClientRepresentation clientRep = ModelToRepresentation.toRepresentation(client);
clientRep.setSecret(client.getSecret());
return clientRep;
}
public static List<RoleRepresentation> exportRoles(Collection<RoleModel> roles) {

2
export-import/export-import-api/src/main/java/org/keycloak/exportimport/util/ImportUtils.java
View file

@ -119,7 +119,7 @@ public class ImportUtils {
}
adminRole.setDescription("${role_"+AdminRoles.ADMIN+"}");
ClientModel realmAdminApp = KeycloakModelUtils.createApplication(adminRealm, KeycloakModelUtils.getMasterRealmAdminApplicationName(realm));
ClientModel realmAdminApp = KeycloakModelUtils.createClient(adminRealm, KeycloakModelUtils.getMasterRealmAdminApplicationName(realm));
realmAdminApp.setBearerOnly(true);
realm.setMasterAdminApp(realmAdminApp);

7
integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ApplicationResource.java → integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ClientResource.java
View file

@ -1,6 +1,7 @@
package org.keycloak.admin.client.resource;
import org.keycloak.representations.idm.ApplicationRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.UserSessionRepresentation;
@ -21,18 +22,18 @@ import java.util.Set;
/**
* @author rodrigo.sasaki@icarros.com.br
*/
public interface ApplicationResource {
public interface ClientResource {
@Path("protocol-mappers")
public ProtocolMappersResource getProtocolMappers();
@GET
@Produces(MediaType.APPLICATION_JSON)
public ApplicationRepresentation toRepresentation();
public ClientRepresentation toRepresentation();
@PUT
@Consumes(MediaType.APPLICATION_JSON)
public void update(ApplicationRepresentation applicationRepresentation);
public void update(ClientRepresentation clientRepresentation);
@DELETE
public void remove();

7
integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ApplicationsResource.java → integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ClientsResource.java
View file

@ -1,6 +1,7 @@
package org.keycloak.admin.client.resource;
import org.keycloak.representations.idm.ApplicationRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
@ -14,14 +15,14 @@ import java.util.List;
/**
* @author rodrigo.sasaki@icarros.com.br
*/
public interface ApplicationsResource {
public interface ClientsResource {
@Path("{appName}")
public ApplicationResource get(@PathParam("appName") String appName);
public ClientResource get(@PathParam("appName") String appName);
@POST
@Consumes(MediaType.APPLICATION_JSON)
public void create(ApplicationRepresentation applicationRepresentation);
public void create(ClientRepresentation clientRepresentation);
@GET
@Produces(MediaType.APPLICATION_JSON)

2
integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RealmResource.java
View file

@ -24,7 +24,7 @@ public interface RealmResource {
public void update(RealmRepresentation realmRepresentation);
@Path("applications")
public ApplicationsResource applications();
public ClientsResource clients();
@Path("users")
public UsersResource users();

2
model/api/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java
View file

@ -172,7 +172,7 @@ public final class KeycloakModelUtils {
return UUID.randomUUID().toString();
}
public static ClientModel createApplication(RealmModel realm, String name) {
public static ClientModel createClient(RealmModel realm, String name) {
ClientModel app = realm.addClient(name);
generateSecret(app);
app.setFullScopeAllowed(true);

15
model/api/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
View file

@ -15,6 +15,7 @@ import org.keycloak.models.UserModel;
import org.keycloak.models.UserSessionModel;
import org.keycloak.representations.idm.ApplicationRepresentation;
import org.keycloak.representations.idm.ClientIdentityProviderMappingRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.FederatedIdentityRepresentation;
import org.keycloak.representations.idm.IdentityProviderRepresentation;
@ -217,10 +218,10 @@ public class ModelToRepresentation {
return rep;
}
public static ApplicationRepresentation toRepresentation(ClientModel clientModel) {
ApplicationRepresentation rep = new ApplicationRepresentation();
public static ClientRepresentation toRepresentation(ClientModel clientModel) {
ClientRepresentation rep = new ClientRepresentation();
rep.setId(clientModel.getId());
rep.setName(clientModel.getClientId());
rep.setClientId(clientModel.getClientId());
rep.setEnabled(clientModel.isEnabled());
rep.setAdminUrl(clientModel.getManagementUrl());
rep.setPublicClient(clientModel.isPublicClient());
@ -237,12 +238,12 @@ public class ModelToRepresentation {
Set<String> redirectUris = clientModel.getRedirectUris();
if (redirectUris != null) {
rep.setRedirectUris(new LinkedList<String>(redirectUris));
rep.setRedirectUris(new LinkedList<>(redirectUris));
}
Set<String> webOrigins = clientModel.getWebOrigins();
if (webOrigins != null) {
rep.setWebOrigins(new LinkedList<String>(webOrigins));
rep.setWebOrigins(new LinkedList<>(webOrigins));
}
if (!clientModel.getDefaultRoles().isEmpty()) {
@ -250,7 +251,7 @@ public class ModelToRepresentation {
}
if (!clientModel.getRegisteredNodes().isEmpty()) {
rep.setRegisteredNodes(new HashMap<String, Integer>(clientModel.getRegisteredNodes()));
rep.setRegisteredNodes(new HashMap<>(clientModel.getRegisteredNodes()));
}
if (!clientModel.getIdentityProviders().isEmpty()) {
@ -258,7 +259,7 @@ public class ModelToRepresentation {
}
if (!clientModel.getProtocolMappers().isEmpty()) {
List<ProtocolMapperRepresentation> mappings = new LinkedList<ProtocolMapperRepresentation>();
List<ProtocolMapperRepresentation> mappings = new LinkedList<>();
for (ProtocolMapperModel model : clientModel.getProtocolMappers()) {
mappings.add(toRepresentation(model));
}

245
model/api/src/main/java/org/keycloak/models/utils/RepresentationToModel.java
View file

@ -22,6 +22,7 @@ import org.keycloak.models.UserModel;
import org.keycloak.representations.idm.ApplicationRepresentation;
import org.keycloak.representations.idm.ClaimRepresentation;
import org.keycloak.representations.idm.ClientIdentityProviderMappingRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.FederatedIdentityRepresentation;
import org.keycloak.representations.idm.IdentityProviderRepresentation;
@ -50,6 +51,7 @@ public class RepresentationToModel {
public static void importRealm(KeycloakSession session, RealmRepresentation rep, RealmModel newRealm) {
convertDeprecatedSocialProviders(rep);
convertDeprecatedApplications(session, rep);
newRealm.setName(rep.getRealm());
if (rep.isEnabled() != null) newRealm.setEnabled(rep.isEnabled());
@ -127,8 +129,8 @@ public class RepresentationToModel {
importIdentityProviders(rep, newRealm);
if (rep.getApplications() != null) {
Map<String, ClientModel> appMap = createApplications(session, rep, newRealm);
if (rep.getClients() != null) {
createClients(session, rep, newRealm);
}
if (rep.getRoles() != null) {
@ -177,22 +179,17 @@ public class RepresentationToModel {
newRealm.addDefaultRole(roleString.trim());
}
}
// Setup application default roles
if (rep.getApplications() != null) {
for (ApplicationRepresentation resourceRep : rep.getApplications()) {
// Setup client default roles
if (rep.getClients() != null) {
for (ClientRepresentation resourceRep : rep.getClients()) {
if (resourceRep.getDefaultRoles() != null) {
ClientModel appModel = newRealm.getClientByClientId(resourceRep.getName());
appModel.updateDefaultRoles(resourceRep.getDefaultRoles());
ClientModel clientModel = newRealm.getClientByClientId(resourceRep.getClientId());
clientModel.updateDefaultRoles(resourceRep.getDefaultRoles());
}
}
}
if (rep.getOauthClients() != null) {
createOAuthClients(session, rep, newRealm);
}
// Now that all possible roles and applications are created, create scope mappings
// Now that all possible roles and clients are created, create scope mappings
Map<String, ClientModel> appMap = newRealm.getClientNameMap();
@ -201,9 +198,9 @@ public class RepresentationToModel {
for (Map.Entry<String, List<ScopeMappingRepresentation>> entry : rep.getApplicationScopeMappings().entrySet()) {
ClientModel app = appMap.get(entry.getKey());
if (app == null) {
throw new RuntimeException("Unable to find application role mappings for app: " + entry.getKey());
throw new RuntimeException("Unable to find client role mappings for client: " + entry.getKey());
}
createApplicationScopeMappings(newRealm, app, entry.getValue());
createClientScopeMappings(newRealm, app, entry.getValue());
}
}
@ -312,15 +309,41 @@ public class RepresentationToModel {
user.setSocialLinks(null);
}
private static List<ProtocolMapperRepresentation> convertDeprecatedClaimsMask(KeycloakSession session, ClaimRepresentation claimRep) {
if (claimRep == null) {
return null;
}
private static void convertDeprecatedApplications(KeycloakSession session, RealmRepresentation realm) {
if (realm.getApplications() != null || realm.getOauthClients() != null) {
if (realm.getClients() == null) {
realm.setClients(new LinkedList<ClientRepresentation>());
}
logger.warn("Using deprecated 'claims' configuration in JSON representation. It will be removed in future versions");
long mask = getClaimsMask(claimRep);
MigrationProvider migrationProvider = session.getProvider(MigrationProvider.class);
return migrationProvider.getMappersForClaimMask(mask);
List<ApplicationRepresentation> clients = new LinkedList<>();
if (realm.getApplications() != null) {
clients.addAll(realm.getApplications());
}
if (realm.getOauthClients() != null) {
clients.addAll(realm.getOauthClients());
}
for (ApplicationRepresentation app : clients) {
app.setClientId(app.getName());
app.setName(null);
if (app instanceof OAuthClientRepresentation) {
app.setConsentRequired(true);
app.setFullScopeAllowed(false);
}
if (app.getProtocolMappers() == null && app.getClaims() != null) {
long mask = getClaimsMask(app.getClaims());
List<ProtocolMapperRepresentation> convertedProtocolMappers = session.getProvider(MigrationProvider.class).getMappersForClaimMask(mask);
app.setProtocolMappers(convertedProtocolMappers);
app.setClaims(null);
}
realm.getClients().add(app);
}
realm.setApplications(null);
}
}
public static void updateRealm(RealmRepresentation rep, RealmModel realm) {
@ -450,10 +473,10 @@ public class RepresentationToModel {
// APPLICATIONS
private static Map<String, ClientModel> createApplications(KeycloakSession session, RealmRepresentation rep, RealmModel realm) {
private static Map<String, ClientModel> createClients(KeycloakSession session, RealmRepresentation rep, RealmModel realm) {
Map<String, ClientModel> appMap = new HashMap<String, ClientModel>();
for (ApplicationRepresentation resourceRep : rep.getApplications()) {
ClientModel app = createApplication(session, realm, resourceRep, false);
for (ClientRepresentation resourceRep : rep.getClients()) {
ClientModel app = createClient(session, realm, resourceRep, false);
appMap.put(app.getClientId(), app);
}
return appMap;
@ -466,63 +489,57 @@ public class RepresentationToModel {
* @param resourceRep
* @return
*/
public static ClientModel createApplication(KeycloakSession session, RealmModel realm, ApplicationRepresentation resourceRep, boolean addDefaultRoles) {
logger.debug("************ CREATE APPLICATION: {0}" + resourceRep.getName());
public static ClientModel createClient(KeycloakSession session, RealmModel realm, ClientRepresentation resourceRep, boolean addDefaultRoles) {
logger.debug("************ CREATE APPLICATION: {0}" + resourceRep.getClientId());
if (resourceRep.getProtocolMappers() == null) {
List<ProtocolMapperRepresentation> convertedProtocolMappers = convertDeprecatedClaimsMask(session, resourceRep.getClaims());
if (convertedProtocolMappers != null) {
resourceRep.setProtocolMappers(convertedProtocolMappers);
}
}
ClientModel applicationModel = resourceRep.getId()!=null ? realm.addClient(resourceRep.getId(), resourceRep.getName()) : realm.addClient(resourceRep.getName());
if (resourceRep.isEnabled() != null) applicationModel.setEnabled(resourceRep.isEnabled());
applicationModel.setManagementUrl(resourceRep.getAdminUrl());
ClientModel client = resourceRep.getId()!=null ? realm.addClient(resourceRep.getId(), resourceRep.getClientId()) : realm.addClient(resourceRep.getClientId());
if (resourceRep.isEnabled() != null) client.setEnabled(resourceRep.isEnabled());
client.setManagementUrl(resourceRep.getAdminUrl());
if (resourceRep.isSurrogateAuthRequired() != null)
applicationModel.setSurrogateAuthRequired(resourceRep.isSurrogateAuthRequired());
applicationModel.setBaseUrl(resourceRep.getBaseUrl());
if (resourceRep.isBearerOnly() != null) applicationModel.setBearerOnly(resourceRep.isBearerOnly());
if (resourceRep.isPublicClient() != null) applicationModel.setPublicClient(resourceRep.isPublicClient());
if (resourceRep.isFrontchannelLogout() != null) applicationModel.setFrontchannelLogout(resourceRep.isFrontchannelLogout());
if (resourceRep.getProtocol() != null) applicationModel.setProtocol(resourceRep.getProtocol());
client.setSurrogateAuthRequired(resourceRep.isSurrogateAuthRequired());
client.setBaseUrl(resourceRep.getBaseUrl());
if (resourceRep.isBearerOnly() != null) client.setBearerOnly(resourceRep.isBearerOnly());
if (resourceRep.isConsentRequired() != null) client.setConsentRequired(resourceRep.isConsentRequired());
if (resourceRep.isPublicClient() != null) client.setPublicClient(resourceRep.isPublicClient());
if (resourceRep.isFrontchannelLogout() != null) client.setFrontchannelLogout(resourceRep.isFrontchannelLogout());
if (resourceRep.getProtocol() != null) client.setProtocol(resourceRep.getProtocol());
if (resourceRep.isFullScopeAllowed() != null) {
applicationModel.setFullScopeAllowed(resourceRep.isFullScopeAllowed());
client.setFullScopeAllowed(resourceRep.isFullScopeAllowed());
} else {
applicationModel.setFullScopeAllowed(true);
client.setFullScopeAllowed(true);
}
if (resourceRep.getNodeReRegistrationTimeout() != null) {
applicationModel.setNodeReRegistrationTimeout(resourceRep.getNodeReRegistrationTimeout());
client.setNodeReRegistrationTimeout(resourceRep.getNodeReRegistrationTimeout());
} else {
applicationModel.setNodeReRegistrationTimeout(-1);
client.setNodeReRegistrationTimeout(-1);
}
applicationModel.updateApplication();
client.updateApplication();
if (resourceRep.getNotBefore() != null) {
applicationModel.setNotBefore(resourceRep.getNotBefore());
client.setNotBefore(resourceRep.getNotBefore());
}
applicationModel.setSecret(resourceRep.getSecret());
if (applicationModel.getSecret() == null) {
KeycloakModelUtils.generateSecret(applicationModel);
client.setSecret(resourceRep.getSecret());
if (client.getSecret() == null) {
KeycloakModelUtils.generateSecret(client);
}
if (resourceRep.getAttributes() != null) {
for (Map.Entry<String, String> entry : resourceRep.getAttributes().entrySet()) {
applicationModel.setAttribute(entry.getKey(), entry.getValue());
client.setAttribute(entry.getKey(), entry.getValue());
}
}
if (resourceRep.getRedirectUris() != null) {
for (String redirectUri : resourceRep.getRedirectUris()) {
applicationModel.addRedirectUri(redirectUri);
client.addRedirectUri(redirectUri);
}
}
if (resourceRep.getWebOrigins() != null) {
for (String webOrigin : resourceRep.getWebOrigins()) {
logger.debugv("Application: {0} webOrigin: {1}", resourceRep.getName(), webOrigin);
applicationModel.addWebOrigin(webOrigin);
logger.debugv("Application: {0} webOrigin: {1}", resourceRep.getClientId(), webOrigin);
client.addWebOrigin(webOrigin);
}
} else {
// add origins from redirect uris
@ -541,38 +558,38 @@ public class RepresentationToModel {
}
}
if (origins.size() > 0) {
applicationModel.setWebOrigins(origins);
client.setWebOrigins(origins);
}
}
}
if (resourceRep.getRegisteredNodes() != null) {
for (Map.Entry<String, Integer> entry : resourceRep.getRegisteredNodes().entrySet()) {
applicationModel.registerNode(entry.getKey(), entry.getValue());
client.registerNode(entry.getKey(), entry.getValue());
}
}
if (addDefaultRoles && resourceRep.getDefaultRoles() != null) {
applicationModel.updateDefaultRoles(resourceRep.getDefaultRoles());
client.updateDefaultRoles(resourceRep.getDefaultRoles());
}
if (resourceRep.getProtocolMappers() != null) {
// first, remove all default/built in mappers
Set<ProtocolMapperModel> mappers = applicationModel.getProtocolMappers();
for (ProtocolMapperModel mapper : mappers) applicationModel.removeProtocolMapper(mapper);
Set<ProtocolMapperModel> mappers = client.getProtocolMappers();
for (ProtocolMapperModel mapper : mappers) client.removeProtocolMapper(mapper);
for (ProtocolMapperRepresentation mapper : resourceRep.getProtocolMappers()) {
applicationModel.addProtocolMapper(toModel(mapper));
client.addProtocolMapper(toModel(mapper));
}
}
applicationModel.updateIdentityProviders(toModel(resourceRep.getIdentityProviders(), realm));
client.updateIdentityProviders(toModel(resourceRep.getIdentityProviders(), realm));
return applicationModel;
return client;
}
public static void updateApplication(ApplicationRepresentation rep, ClientModel resource) {
if (rep.getName() != null) resource.setClientId(rep.getName());
public static void updateClient(ClientRepresentation rep, ClientModel resource) {
if (rep.getClientId() != null) resource.setClientId(rep.getClientId());
if (rep.isEnabled() != null) resource.setEnabled(rep.isEnabled());
if (rep.isBearerOnly() != null) resource.setBearerOnly(rep.isBearerOnly());
if (rep.isConsentRequired() != null) resource.setConsentRequired(rep.isConsentRequired());
@ -675,94 +692,18 @@ public class RepresentationToModel {
return mask;
}
// OAuth clients
private static void createOAuthClients(KeycloakSession session, RealmRepresentation realmRep, RealmModel realm) {
for (OAuthClientRepresentation rep : realmRep.getOauthClients()) {
createOAuthClient(session, rep, realm);
}
}
public static ClientModel createOAuthClient(String id, String name, RealmModel realm) {
ClientModel model = id!=null ? realm.addClient(id, name) : realm.addClient(name);
model.setConsentRequired(true);
KeycloakModelUtils.generateSecret(model);
return model;
}
public static ClientModel createOAuthClient(KeycloakSession session, OAuthClientRepresentation rep, RealmModel realm) {
ClientModel model = createOAuthClient(rep.getId(), rep.getName(), realm);
model.updateIdentityProviders(toModel(rep.getIdentityProviders(), realm));
updateOAuthClient(session, rep, model);
return model;
}
public static void updateOAuthClient(KeycloakSession session, OAuthClientRepresentation rep, ClientModel model) {
if (rep.getProtocolMappers() == null) {
List<ProtocolMapperRepresentation> convertedProtocolMappers = convertDeprecatedClaimsMask(session, rep.getClaims());
if (convertedProtocolMappers != null) {
rep.setProtocolMappers(convertedProtocolMappers);
}
}
if (rep.getName() != null) model.setClientId(rep.getName());
if (rep.isEnabled() != null) model.setEnabled(rep.isEnabled());
if (rep.isPublicClient() != null) model.setPublicClient(rep.isPublicClient());
if (rep.isFrontchannelLogout() != null) model.setFrontchannelLogout(rep.isFrontchannelLogout());
if (rep.isFullScopeAllowed() != null) model.setFullScopeAllowed(rep.isFullScopeAllowed());
if (rep.isDirectGrantsOnly() != null) model.setDirectGrantsOnly(rep.isDirectGrantsOnly());
if (rep.getNotBefore() != null) {
model.setNotBefore(rep.getNotBefore());
}
if (rep.getSecret() != null) model.setSecret(rep.getSecret());
List<String> redirectUris = rep.getRedirectUris();
if (redirectUris != null) {
model.setRedirectUris(new HashSet<String>(redirectUris));
}
List<String> webOrigins = rep.getWebOrigins();
if (webOrigins != null) {
model.setWebOrigins(new HashSet<String>(webOrigins));
}
if (rep.getNotBefore() != null) {
model.setNotBefore(rep.getNotBefore());
}
if (rep.getProtocol() != null) model.setProtocol(rep.getProtocol());
if (rep.getAttributes() != null) {
for (Map.Entry<String, String> entry : rep.getAttributes().entrySet()) {
model.setAttribute(entry.getKey(), entry.getValue());
}
}
updateClientIdentityProviders(rep.getIdentityProviders(), model);
if (rep.getProtocolMappers() != null) {
// first, remove all default/built in mappers
Set<ProtocolMapperModel> mappers = model.getProtocolMappers();
for (ProtocolMapperModel mapper : mappers) model.removeProtocolMapper(mapper);
for (ProtocolMapperRepresentation mapper : rep.getProtocolMappers()) {
model.addProtocolMapper(toModel(mapper));
}
}
}
// Scope mappings
public static void createApplicationScopeMappings(RealmModel realm, ClientModel applicationModel, List<ScopeMappingRepresentation> mappings) {
public static void createClientScopeMappings(RealmModel realm, ClientModel clientModel, List<ScopeMappingRepresentation> mappings) {
for (ScopeMappingRepresentation mapping : mappings) {
ClientModel client = realm.getClientByClientId(mapping.getClient());
if (client == null) {
throw new RuntimeException("Unknown client specified in application scope mappings");
}
for (String roleString : mapping.getRoles()) {
RoleModel role = applicationModel.getRole(roleString.trim());
RoleModel role = clientModel.getRole(roleString.trim());
if (role == null) {
role = applicationModel.addRole(roleString.trim());
role = clientModel.addRole(roleString.trim());
}
client.addScopeMapping(role);
}
@ -771,7 +712,7 @@ public class RepresentationToModel {
// Users
public static UserModel createUser(KeycloakSession session, RealmModel newRealm, UserRepresentation userRep, Map<String, ClientModel> appMap) {
public static UserModel createUser(KeycloakSession session, RealmModel newRealm, UserRepresentation userRep, Map<String, ClientModel> clientMap) {
convertDeprecatedSocialProviders(userRep);
// Import users just to user storage. Don't federate
@ -814,11 +755,11 @@ public class RepresentationToModel {
}
if (userRep.getApplicationRoles() != null) {
for (Map.Entry<String, List<String>> entry : userRep.getApplicationRoles().entrySet()) {
ClientModel app = appMap.get(entry.getKey());
if (app == null) {
throw new RuntimeException("Unable to find application role mappings for app: " + entry.getKey());
ClientModel client = clientMap.get(entry.getKey());
if (client == null) {
throw new RuntimeException("Unable to find client role mappings for client: " + entry.getKey());
}
createApplicationRoleMappings(app, user, entry.getValue());
createClientRoleMappings(client, user, entry.getValue());
}
}
return user;
@ -853,7 +794,7 @@ public class RepresentationToModel {
// Role mappings
public static void createApplicationRoleMappings(ClientModel applicationModel, UserModel user, List<String> roleNames) {
public static void createClientRoleMappings(ClientModel applicationModel, UserModel user, List<String> roleNames) {
if (user == null) {
throw new RuntimeException("User not found");
}

28
services/src/main/java/org/keycloak/services/managers/ApplicationManager.java → services/src/main/java/org/keycloak/services/managers/ClientManager.java
View file

@ -24,27 +24,27 @@ import java.util.TreeSet;
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class ApplicationManager {
protected Logger logger = Logger.getLogger(ApplicationManager.class);
public class ClientManager {
protected Logger logger = Logger.getLogger(ClientManager.class);
protected RealmManager realmManager;
public ApplicationManager(RealmManager realmManager) {
public ClientManager(RealmManager realmManager) {
this.realmManager = realmManager;
}
public ApplicationManager() {
public ClientManager() {
}
public ClientModel createApplication(RealmModel realm, String name) {
return KeycloakModelUtils.createApplication(realm, name);
public ClientModel createClient(RealmModel realm, String name) {
return KeycloakModelUtils.createClient(realm, name);
}
public boolean removeApplication(RealmModel realm, ClientModel application) {
if (realm.removeClient(application.getId())) {
public boolean removeClient(RealmModel realm, ClientModel client) {
if (realm.removeClient(client.getId())) {
UserSessionProvider sessions = realmManager.getSession().sessions();
if (sessions != null) {
sessions.onClientRemoved(realm, application);
sessions.onClientRemoved(realm, client);
}
return true;
} else {
@ -52,8 +52,8 @@ public class ApplicationManager {
}
}
public Set<String> validateRegisteredNodes(ClientModel application) {
Map<String, Integer> registeredNodes = application.getRegisteredNodes();
public Set<String> validateRegisteredNodes(ClientModel client) {
Map<String, Integer> registeredNodes = client.getRegisteredNodes();
if (registeredNodes == null || registeredNodes.isEmpty()) {
return Collections.emptySet();
}
@ -61,11 +61,11 @@ public class ApplicationManager {
int currentTime = Time.currentTime();
Set<String> validatedNodes = new TreeSet<String>();
if (application.getNodeReRegistrationTimeout() > 0) {
if (client.getNodeReRegistrationTimeout() > 0) {
List<String> toRemove = new LinkedList<String>();
for (Map.Entry<String, Integer> entry : registeredNodes.entrySet()) {
Integer lastReRegistration = entry.getValue();
if (lastReRegistration + application.getNodeReRegistrationTimeout() < currentTime) {
if (lastReRegistration + client.getNodeReRegistrationTimeout() < currentTime) {
toRemove.add(entry.getKey());
} else {
validatedNodes.add(entry.getKey());
@ -74,7 +74,7 @@ public class ApplicationManager {
// Remove time-outed nodes
for (String node : toRemove) {
application.unregisterNode(node);
client.unregisterNode(node);
}
} else {
// Periodic node reRegistration is disabled, so allow all nodes

10
services/src/main/java/org/keycloak/services/managers/RealmManager.java
View file

@ -91,7 +91,7 @@ public class RealmManager {
protected void setupAdminConsole(RealmModel realm) {
ClientModel adminConsole = realm.getClientByClientId(Constants.ADMIN_CONSOLE_APPLICATION);
if (adminConsole == null) adminConsole = new ApplicationManager(this).createApplication(realm, Constants.ADMIN_CONSOLE_APPLICATION);
if (adminConsole == null) adminConsole = new ClientManager(this).createClient(realm, Constants.ADMIN_CONSOLE_APPLICATION);
String baseUrl = contextPath + "/admin/" + realm.getName() + "/console";
adminConsole.setBaseUrl(baseUrl + "/index.html");
adminConsole.setEnabled(true);
@ -139,7 +139,7 @@ public class RealmManager {
boolean removed = model.removeRealm(realm.getId());
if (removed) {
new ApplicationManager(this).removeApplication(getKeycloakAdminstrationRealm(), realm.getMasterAdminApp());
new ClientManager(this).removeClient(getKeycloakAdminstrationRealm(), realm.getMasterAdminApp());
UserSessionProvider sessions = session.sessions();
if (sessions != null) {
@ -174,12 +174,12 @@ public class RealmManager {
private void setupRealmAdminManagement(RealmModel realm) {
if (realm.getName().equals(Config.getAdminRealm())) { return; } // don't need to do this for master realm
ApplicationManager applicationManager = new ApplicationManager(new RealmManager(session));
ClientManager clientManager = new ClientManager(new RealmManager(session));
String realmAdminApplicationName = getRealmAdminApplicationName(realm);
ClientModel realmAdminApp = realm.getClientByClientId(realmAdminApplicationName);
if (realmAdminApp == null) {
realmAdminApp = applicationManager.createApplication(realm, realmAdminApplicationName);
realmAdminApp = clientManager.createClient(realm, realmAdminApplicationName);
}
RoleModel adminRole = realmAdminApp.addRole(AdminRoles.REALM_ADMIN);
adminRole.setDescription("${role_"+AdminRoles.REALM_ADMIN+"}");
@ -197,7 +197,7 @@ public class RealmManager {
private void setupAccountManagement(RealmModel realm) {
ClientModel application = realm.getClientNameMap().get(Constants.ACCOUNT_MANAGEMENT_APP);
if (application == null) {
application = new ApplicationManager(this).createApplication(realm, Constants.ACCOUNT_MANAGEMENT_APP);
application = new ClientManager(this).createClient(realm, Constants.ACCOUNT_MANAGEMENT_APP);
application.setEnabled(true);
application.setFullScopeAllowed(false);
String base = contextPath + "/realms/" + realm.getName() + "/account";

2
services/src/main/java/org/keycloak/services/managers/ResourceAdminManager.java
View file

@ -78,7 +78,7 @@ public class ResourceAdminManager {
return Collections.emptyList();
}
Set<String> registeredNodesHosts = new ApplicationManager().validateRegisteredNodes(application);
Set<String> registeredNodesHosts = new ClientManager().validateRegisteredNodes(application);
// No-cluster setup
if (registeredNodesHosts.isEmpty()) {

6
services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java
View file

@ -22,7 +22,7 @@ import org.keycloak.models.RoleModel;
import org.keycloak.models.UserModel;
import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
import org.keycloak.services.managers.AppAuthManager;
import org.keycloak.services.managers.ApplicationManager;
import org.keycloak.services.managers.ClientManager;
import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.services.resources.KeycloakApplication;
@ -153,12 +153,12 @@ public class AdminConsole {
@GET
@Produces("application/json")
@NoCache
public ApplicationManager.InstallationAdapterConfig config() {
public ClientManager.InstallationAdapterConfig config() {
ClientModel consoleApp = realm.getClientByClientId(Constants.ADMIN_CONSOLE_APPLICATION);
if (consoleApp == null) {
throw new NotFoundException("Could not find admin console application");
}
return new ApplicationManager().toInstallationRepresentation(realm, consoleApp, keycloak.getBaseUri(uriInfo));
return new ClientManager().toInstallationRepresentation(realm, consoleApp, keycloak.getBaseUri(uriInfo));
}

69
services/src/main/java/org/keycloak/services/resources/admin/ApplicationResource.java → services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java
View file

@ -17,9 +17,10 @@ import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.models.utils.RepresentationToModel;
import org.keycloak.representations.adapters.action.GlobalRequestResult;
import org.keycloak.representations.idm.ApplicationRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.UserSessionRepresentation;
import org.keycloak.services.managers.ApplicationManager;
import org.keycloak.services.managers.ClientManager;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.services.managers.ResourceAdminManager;
import org.keycloak.services.resources.KeycloakApplication;
@ -53,11 +54,11 @@ import java.util.Set;
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class ApplicationResource {
protected static final Logger logger = Logger.getLogger(ApplicationResource.class);
public class ClientResource {
protected static final Logger logger = Logger.getLogger(ClientResource.class);
protected RealmModel realm;
private RealmAuth auth;
protected ClientModel application;
protected ClientModel client;
protected KeycloakSession session;
@Context
@ -70,10 +71,10 @@ public class ApplicationResource {
return keycloak;
}
public ApplicationResource(RealmModel realm, RealmAuth auth, ClientModel clientModel, KeycloakSession session) {
public ClientResource(RealmModel realm, RealmAuth auth, ClientModel clientModel, KeycloakSession session) {
this.realm = realm;
this.auth = auth;
this.application = clientModel;
this.client = clientModel;
this.session = session;
auth.init(RealmAuth.Resource.CLIENT);
@ -81,7 +82,7 @@ public class ApplicationResource {
@Path("protocol-mappers")
public ProtocolMappersResource getProtocolMappers() {
ProtocolMappersResource mappers = new ProtocolMappersResource(application, auth);
ProtocolMappersResource mappers = new ProtocolMappersResource(client, auth);
ResteasyProviderFactory.getInstance().injectProperties(mappers);
return mappers;
}
@ -93,14 +94,14 @@ public class ApplicationResource {
*/
@PUT
@Consumes(MediaType.APPLICATION_JSON)
public Response update(final ApplicationRepresentation rep) {
public Response update(final ClientRepresentation rep) {
auth.requireManage();
try {
RepresentationToModel.updateApplication(rep, application);
RepresentationToModel.updateClient(rep, client);
return Response.noContent().build();
} catch (ModelDuplicateException e) {
return Flows.errors().exists("Application " + rep.getName() + " already exists");
return Flows.errors().exists("Client " + rep.getClientId() + " already exists");
}
}
@ -113,10 +114,10 @@ public class ApplicationResource {
@GET
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public ApplicationRepresentation getApplication() {
public ClientRepresentation getClient() {
auth.requireView();
return ModelToRepresentation.toRepresentation(application);
return ModelToRepresentation.toRepresentation(client);
}
/**
@ -126,7 +127,7 @@ public class ApplicationResource {
*/
@Path("certificates/{attr}")
public ClientAttributeCertificateResource getCertficateResource(@PathParam("attr") String attributePrefix) {
return new ClientAttributeCertificateResource(realm, auth, application, session, attributePrefix);
return new ClientAttributeCertificateResource(realm, auth, client, session, attributePrefix);
}
@ -143,8 +144,8 @@ public class ApplicationResource {
public String getInstallation() throws IOException {
auth.requireView();
ApplicationManager applicationManager = new ApplicationManager(new RealmManager(session));
Object rep = applicationManager.toInstallationRepresentation(realm, application, getKeycloakApplication().getBaseUri(uriInfo));
ClientManager clientManager = new ClientManager(new RealmManager(session));
Object rep = clientManager.toInstallationRepresentation(realm, client, getKeycloakApplication().getBaseUri(uriInfo));
// TODO Temporary solution to pretty-print
return JsonSerialization.mapper.writerWithDefaultPrettyPrinter().writeValueAsString(rep);
@ -163,8 +164,8 @@ public class ApplicationResource {
public String getJBossInstallation() throws IOException {
auth.requireView();
ApplicationManager applicationManager = new ApplicationManager(new RealmManager(session));
return applicationManager.toJBossSubsystemConfig(realm, application, getKeycloakApplication().getBaseUri(uriInfo));
ClientManager clientManager = new ClientManager(new RealmManager(session));
return clientManager.toJBossSubsystemConfig(realm, client, getKeycloakApplication().getBaseUri(uriInfo));
}
/**
@ -175,7 +176,7 @@ public class ApplicationResource {
@NoCache
public void deleteApplication() {
auth.requireManage();
new ApplicationManager(new RealmManager(session)).removeApplication(realm, application);
new ClientManager(new RealmManager(session)).removeClient(realm, client);
}
@ -192,7 +193,7 @@ public class ApplicationResource {
auth.requireManage();
logger.debug("regenerateSecret");
UserCredentialModel cred = KeycloakModelUtils.generateSecret(application);
UserCredentialModel cred = KeycloakModelUtils.generateSecret(client);
CredentialRepresentation rep = ModelToRepresentation.toRepresentation(cred);
return rep;
}
@ -210,7 +211,7 @@ public class ApplicationResource {
auth.requireView();
logger.debug("getClientSecret");
UserCredentialModel model = UserCredentialModel.secret(application.getSecret());
UserCredentialModel model = UserCredentialModel.secret(client.getSecret());
if (model == null) throw new NotFoundException("Application does not have a secret");
return ModelToRepresentation.toRepresentation(model);
}
@ -222,12 +223,12 @@ public class ApplicationResource {
*/
@Path("scope-mappings")
public ScopeMappedResource getScopeMappedResource() {
return new ScopeMappedResource(realm, auth, application, session);
return new ScopeMappedResource(realm, auth, client, session);
}
@Path("roles")
public RoleContainerResource getRoleContainerResource() {
return new RoleContainerResource(realm, auth, application);
return new RoleContainerResource(realm, auth, client);
}
/**
@ -244,7 +245,7 @@ public class ApplicationResource {
{
auth.requireView();
return application.getWebOrigins();
return client.getWebOrigins();
}
/**
@ -260,7 +261,7 @@ public class ApplicationResource {
{
auth.requireManage();
application.setWebOrigins(allowedOrigins);
client.setWebOrigins(allowedOrigins);
}
/**
@ -277,7 +278,7 @@ public class ApplicationResource {
auth.requireManage();
for (String origin : allowedOrigins) {
application.removeWebOrigin(origin);
client.removeWebOrigin(origin);
}
}
@ -289,7 +290,7 @@ public class ApplicationResource {
@POST
public GlobalRequestResult pushRevocation() {
auth.requireManage();
return new ResourceAdminManager().pushApplicationRevocationPolicy(uriInfo.getRequestUri(), realm, application);
return new ResourceAdminManager().pushApplicationRevocationPolicy(uriInfo.getRequestUri(), realm, client);
}
/**
@ -308,7 +309,7 @@ public class ApplicationResource {
public Map<String, Integer> getApplicationSessionCount() {
auth.requireView();
Map<String, Integer> map = new HashMap<String, Integer>();
map.put("count", session.sessions().getActiveUserSessions(application.getRealm(), application));
map.put("count", session.sessions().getActiveUserSessions(client.getRealm(), client));
return map;
}
@ -326,7 +327,7 @@ public class ApplicationResource {
firstResult = firstResult != null ? firstResult : -1;
maxResults = maxResults != null ? maxResults : -1;
List<UserSessionRepresentation> sessions = new ArrayList<UserSessionRepresentation>();
for (UserSessionModel userSession : session.sessions().getUserSessions(application.getRealm(), application, firstResult, maxResults)) {
for (UserSessionModel userSession : session.sessions().getUserSessions(client.getRealm(), client, firstResult, maxResults)) {
UserSessionRepresentation rep = ModelToRepresentation.toRepresentation(userSession);
sessions.add(rep);
}
@ -341,7 +342,7 @@ public class ApplicationResource {
@POST
public GlobalRequestResult logoutAll() {
auth.requireManage();
return new ResourceAdminManager().logoutApplication(uriInfo.getRequestUri(), realm, application);
return new ResourceAdminManager().logoutApplication(uriInfo.getRequestUri(), realm, client);
}
/**
@ -356,7 +357,7 @@ public class ApplicationResource {
if (user == null) {
throw new NotFoundException("User not found");
}
new ResourceAdminManager().logoutUserFromApplication(uriInfo.getRequestUri(), realm, application, user, session);
new ResourceAdminManager().logoutUserFromApplication(uriInfo.getRequestUri(), realm, client, user, session);
}
/**
@ -375,7 +376,7 @@ public class ApplicationResource {
throw new BadRequestException("Node not found in params");
}
if (logger.isDebugEnabled()) logger.debug("Register node: " + node);
application.registerNode(node, Time.currentTime());
client.registerNode(node, Time.currentTime());
}
/**
@ -390,12 +391,12 @@ public class ApplicationResource {
auth.requireManage();
if (logger.isDebugEnabled()) logger.debug("Unregister node: " + node);
Integer time = application.getRegisteredNodes().get(node);
Integer time = client.getRegisteredNodes().get(node);
if (time == null) {
throw new NotFoundException("Application does not have a node " + node);
}
application.unregisterNode(node);
client.unregisterNode(node);
}
/**
@ -410,7 +411,7 @@ public class ApplicationResource {
auth.requireManage();
logger.debug("Test availability of cluster nodes");
return new ResourceAdminManager().testNodesAvailability(uriInfo.getRequestUri(), realm, application);
return new ResourceAdminManager().testNodesAvailability(uriInfo.getRequestUri(), realm, client);
}
}

8
services/src/main/java/org/keycloak/services/resources/admin/ApplicationsByIdResource.java → services/src/main/java/org/keycloak/services/resources/admin/ClientsByIdResource.java
View file

@ -7,18 +7,18 @@ import org.keycloak.models.RealmModel;
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class ApplicationsByIdResource extends ApplicationsResource {
public ApplicationsByIdResource(RealmModel realm, RealmAuth auth) {
public class ClientsByIdResource extends ClientsResource {
public ClientsByIdResource(RealmModel realm, RealmAuth auth) {
super(realm, auth);
}
@Override
protected ClientModel getApplicationByPathParam(String id) {
protected ClientModel getClientByPathParam(String id) {
return realm.getClientById(id);
}
@Override
protected String getApplicationPath(ClientModel clientModel) {
protected String getClientPath(ClientModel clientModel) {
return clientModel.getId();
}

43
services/src/main/java/org/keycloak/services/resources/admin/ApplicationsResource.java → services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java
View file

@ -10,7 +10,7 @@ import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.RealmModel;
import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.models.utils.RepresentationToModel;
import org.keycloak.representations.idm.ApplicationRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.services.resources.flows.Flows;
import javax.ws.rs.Consumes;
@ -32,7 +32,7 @@ import java.util.List;
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class ApplicationsResource {
public class ClientsResource {
protected static final Logger logger = Logger.getLogger(RealmAdminResource.class);
protected RealmModel realm;
private RealmAuth auth;
@ -40,7 +40,7 @@ public class ApplicationsResource {
@Context
protected KeycloakSession session;
public ApplicationsResource(RealmModel realm, RealmAuth auth) {
public ClientsResource(RealmModel realm, RealmAuth auth) {
this.realm = realm;
this.auth = auth;
@ -55,10 +55,10 @@ public class ApplicationsResource {
@GET
@Produces(MediaType.APPLICATION_JSON)
@NoCache
public List<ApplicationRepresentation> getApplications() {
public List<ClientRepresentation> getClients() {
auth.requireAny();
List<ApplicationRepresentation> rep = new ArrayList<ApplicationRepresentation>();
List<ClientRepresentation> rep = new ArrayList<>();
List<ClientModel> clientModels = realm.getClients();
boolean view = auth.hasView();
@ -66,9 +66,9 @@ public class ApplicationsResource {
if (view) {
rep.add(ModelToRepresentation.toRepresentation(clientModel));
} else {
ApplicationRepresentation app = new ApplicationRepresentation();
app.setName(clientModel.getClientId());
rep.add(app);
ClientRepresentation client = new ClientRepresentation();
client.setClientId(clientModel.getClientId());
rep.add(client);
}
}
@ -76,7 +76,7 @@ public class ApplicationsResource {
}
/**
* Create a new application. Application name must be unique!
* Create a new client. Client client_id must be unique!
*
* @param uriInfo
* @param rep
@ -84,18 +84,18 @@ public class ApplicationsResource {
*/
@POST
@Consumes(MediaType.APPLICATION_JSON)
public Response createApplication(final @Context UriInfo uriInfo, final ApplicationRepresentation rep) {
public Response createClient(final @Context UriInfo uriInfo, final ClientRepresentation rep) {
auth.requireManage();
try {
ClientModel clientModel = RepresentationToModel.createApplication(session, realm, rep, true);
return Response.created(uriInfo.getAbsolutePathBuilder().path(getApplicationPath(clientModel)).build()).build();
ClientModel clientModel = RepresentationToModel.createClient(session, realm, rep, true);
return Response.created(uriInfo.getAbsolutePathBuilder().path(getClientPath(clientModel)).build()).build();
} catch (ModelDuplicateException e) {
return Flows.errors().exists("Application " + rep.getName() + " already exists");
return Flows.errors().exists("Client " + rep.getClientId() + " already exists");
}
}
protected String getApplicationPath(ClientModel clientModel) {
protected String getClientPath(ClientModel clientModel) {
return clientModel.getClientId();
}
@ -106,18 +106,17 @@ public class ApplicationsResource {
* @return
*/
@Path("{app-name}")
public ApplicationResource getApplication(final @PathParam("app-name") String name) {
ClientModel clientModel = getApplicationByPathParam(name);
public ClientResource getClient(final @PathParam("app-name") String name) {
ClientModel clientModel = getClientByPathParam(name);
if (clientModel == null) {
throw new NotFoundException("Could not find application: " + name);
throw new NotFoundException("Could not find client: " + name);
}
ApplicationResource applicationResource = new ApplicationResource(realm, auth, clientModel, session);
ResteasyProviderFactory.getInstance().injectProperties(applicationResource);
//resourceContext.initResource(applicationResource);
return applicationResource;
ClientResource clientResource = new ClientResource(realm, auth, clientModel, session);
ResteasyProviderFactory.getInstance().injectProperties(clientResource);
return clientResource;
}
protected ClientModel getApplicationByPathParam(String name) {
protected ClientModel getClientByPathParam(String name) {
return realm.getClientByClientId(name);
}

12
services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
View file

@ -101,11 +101,11 @@ public class RealmAdminResource {
* @return
*/
@Path("applications")
public ApplicationsResource getApplications() {
ApplicationsResource applicationsResource = new ApplicationsResource(realm, auth);
ResteasyProviderFactory.getInstance().injectProperties(applicationsResource);
public ClientsResource getApplications() {
ClientsResource clientsResource = new ClientsResource(realm, auth);
ResteasyProviderFactory.getInstance().injectProperties(clientsResource);
//resourceContext.initResource(applicationsResource);
return applicationsResource;
return clientsResource;
}
/**
@ -114,8 +114,8 @@ public class RealmAdminResource {
* @return
*/
@Path("applications-by-id")
public ApplicationsByIdResource getApplicationsById() {
ApplicationsByIdResource applicationsResource = new ApplicationsByIdResource(realm, auth);
public ClientsByIdResource getApplicationsById() {
ClientsByIdResource applicationsResource = new ClientsByIdResource(realm, auth);
ResteasyProviderFactory.getInstance().injectProperties(applicationsResource);
//resourceContext.initResource(applicationsResource);
return applicationsResource;

15
testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTestStrategy.java
View file

@ -150,7 +150,6 @@ public class AdapterTestStrategy extends ExternalResource {
}
}
@Test
public void testSavedPostRequest() throws Exception {
// test login to customer-portal which does a bearer request to customer-db
driver.navigate().to(APP_SERVER_BASE_URL + "/input-portal");
@ -189,7 +188,6 @@ public class AdapterTestStrategy extends ExternalResource {
}
@Test
public void testLoginSSOAndLogout() throws Exception {
// test login to customer-portal which does a bearer request to customer-db
driver.navigate().to(APP_SERVER_BASE_URL + "/customer-portal");
@ -246,7 +244,6 @@ public class AdapterTestStrategy extends ExternalResource {
}
@Test
public void testServletRequestLogout() throws Exception {
// test login to customer-portal which does a bearer request to customer-db
driver.navigate().to(APP_SERVER_BASE_URL + "/customer-portal");
@ -288,7 +285,6 @@ public class AdapterTestStrategy extends ExternalResource {
}
@Test
public void testLoginSSOIdle() throws Exception {
// test login to customer-portal which does a bearer request to customer-db
driver.navigate().to(APP_SERVER_BASE_URL + "/customer-portal");
@ -322,7 +318,6 @@ public class AdapterTestStrategy extends ExternalResource {
session.close();
}
@Test
public void testLoginSSOIdleRemoveExpiredUserSessions() throws Exception {
// test login to customer-portal which does a bearer request to customer-db
driver.navigate().to(APP_SERVER_BASE_URL + "/customer-portal");
@ -364,7 +359,6 @@ public class AdapterTestStrategy extends ExternalResource {
session.close();
}
@Test
public void testLoginSSOMax() throws Exception {
// test login to customer-portal which does a bearer request to customer-db
driver.navigate().to(APP_SERVER_BASE_URL + "/customer-portal");
@ -402,7 +396,6 @@ public class AdapterTestStrategy extends ExternalResource {
* KEYCLOAK-518
* @throws Exception
*/
@Test
public void testNullBearerToken() throws Exception {
Client client = ClientBuilder.newClient();
WebTarget target = client.target(APP_SERVER_BASE_URL + "/customer-db/");
@ -420,7 +413,6 @@ public class AdapterTestStrategy extends ExternalResource {
* KEYCLOAK-518
* @throws Exception
*/
@Test
public void testBadUser() throws Exception {
Client client = ClientBuilder.newClient();
UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_URL);
@ -440,7 +432,6 @@ public class AdapterTestStrategy extends ExternalResource {
}
@Test
public void testVersion() throws Exception {
Client client = ClientBuilder.newClient();
WebTarget target = client.target(AUTH_SERVER_URL).path("version");
@ -463,7 +454,6 @@ public class AdapterTestStrategy extends ExternalResource {
@Test
public void testAuthenticated() throws Exception {
// test login to customer-portal which does a bearer request to customer-db
driver.navigate().to(APP_SERVER_BASE_URL + "/secure-portal");
@ -491,7 +481,6 @@ public class AdapterTestStrategy extends ExternalResource {
*
* @throws Throwable
*/
@Test
public void testSingleSessionInvalidated() throws Throwable {
AdapterTestStrategy browser1 = this;
AdapterTestStrategy browser2 = new AdapterTestStrategy(AUTH_SERVER_URL, APP_SERVER_BASE_URL, keycloakRule);
@ -529,7 +518,6 @@ public class AdapterTestStrategy extends ExternalResource {
/**
* KEYCLOAK-741
*/
@Test
public void testSessionInvalidatedAfterFailedRefresh() throws Throwable {
final AtomicInteger origTokenLifespan = new AtomicInteger();
@ -581,14 +569,13 @@ public class AdapterTestStrategy extends ExternalResource {
/**
* KEYCLOAK-942
*/
@Test
public void testAdminApplicationLogout() throws Throwable {
// login as bburke
loginAndCheckSession(driver, loginPage);
// logout mposolda with admin client
Keycloak keycloakAdmin = Keycloak.getInstance(AUTH_SERVER_URL, "master", "admin", "admin", Constants.ADMIN_CONSOLE_APPLICATION);
keycloakAdmin.realm("demo").applications().get("session-portal").logoutUser("mposolda");
keycloakAdmin.realm("demo").clients().get("session-portal").logoutUser("mposolda");
// bburke should be still logged with original httpSession in our browser window
driver.navigate().to(APP_SERVER_BASE_URL + "/session-portal");

7
testsuite/integration/src/test/java/org/keycloak/testsuite/admin/AbstractClientTest.java
View file

@ -9,6 +9,7 @@ import org.keycloak.models.Constants;
import org.keycloak.models.RealmModel;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.representations.idm.ApplicationRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.IdentityProviderRepresentation;
import org.keycloak.representations.idm.OAuthClientRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
@ -97,10 +98,8 @@ public abstract class AbstractClientTest {
public static String name(Object o1) {
if (o1 instanceof RealmRepresentation) {
return ((RealmRepresentation) o1).getRealm();
} else if (o1 instanceof ApplicationRepresentation) {
return ((ApplicationRepresentation) o1).getName();
} else if (o1 instanceof OAuthClientRepresentation) {
return ((OAuthClientRepresentation) o1).getName();
} else if (o1 instanceof ClientRepresentation) {
return ((ClientRepresentation) o1).getClientId();
} else if (o1 instanceof IdentityProviderRepresentation) {
return ((IdentityProviderRepresentation) o1).getAlias();
}

18
testsuite/integration/src/test/java/org/keycloak/testsuite/admin/AdminAPITest.java
View file

@ -35,7 +35,7 @@ import org.keycloak.models.UserSessionModel;
import org.keycloak.protocol.oidc.OIDCLoginProtocol;
import org.keycloak.protocol.oidc.TokenManager;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.idm.ApplicationRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.services.managers.RealmManager;
@ -125,19 +125,19 @@ public class AdminAPITest {
storedRealm = realmTarget.request().get(RealmRepresentation.class);
checkRealmRep(rep, storedRealm);
if (rep.getApplications() != null) {
if (rep.getClients() != null) {
WebTarget applicationsTarget = realmTarget.path("applications");
for (ApplicationRepresentation appRep : rep.getApplications()) {
ApplicationRepresentation newApp = new ApplicationRepresentation();
for (ClientRepresentation appRep : rep.getClients()) {
ClientRepresentation newApp = new ClientRepresentation();
if (appRep.getId() != null) newApp.setId(appRep.getId());
newApp.setName(appRep.getName());
newApp.setClientId(appRep.getClientId());
if (appRep.getSecret() != null) {
newApp.setSecret(appRep.getSecret());
}
Response appCreateResponse = applicationsTarget.request().post(Entity.json(newApp));
Assert.assertEquals(201, appCreateResponse.getStatus());
appCreateResponse.close();
WebTarget appTarget = applicationsTarget.path(appRep.getName());
WebTarget appTarget = applicationsTarget.path(appRep.getClientId());
CredentialRepresentation cred = appTarget.path("client-secret").request().get(CredentialRepresentation.class);
if (appRep.getSecret() != null) Assert.assertEquals(appRep.getSecret(), cred.getValue());
CredentialRepresentation newCred = appTarget.path("client-secret").request().post(null, CredentialRepresentation.class);
@ -148,7 +148,7 @@ public class AdminAPITest {
appUpdateResponse.close();
ApplicationRepresentation storedApp = appTarget.request().get(ApplicationRepresentation.class);
ClientRepresentation storedApp = appTarget.request().get(ClientRepresentation.class);
checkAppUpdate(appRep, storedApp);
@ -165,8 +165,8 @@ public class AdminAPITest {
client.close();
}
protected void checkAppUpdate(ApplicationRepresentation appRep, ApplicationRepresentation storedApp) {
if (appRep.getName() != null) Assert.assertEquals(appRep.getName(), storedApp.getName());
protected void checkAppUpdate(ClientRepresentation appRep, ClientRepresentation storedApp) {
if (appRep.getClientId() != null) Assert.assertEquals(appRep.getClientId(), storedApp.getClientId());
if (appRep.isEnabled() != null) Assert.assertEquals(appRep.isEnabled(), storedApp.isEnabled());
if (appRep.isBearerOnly() != null) Assert.assertEquals(appRep.isBearerOnly(), storedApp.isBearerOnly());
if (appRep.isPublicClient() != null) Assert.assertEquals(appRep.isPublicClient(), storedApp.isPublicClient());

60
testsuite/integration/src/test/java/org/keycloak/testsuite/admin/ApplicationTest.java → testsuite/integration/src/test/java/org/keycloak/testsuite/admin/ClientTest.java
View file

@ -2,10 +2,10 @@ package org.keycloak.testsuite.admin;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.admin.client.resource.ApplicationResource;
import org.keycloak.admin.client.resource.ClientResource;
import org.keycloak.admin.client.resource.ProtocolMappersResource;
import org.keycloak.protocol.oidc.OIDCLoginProtocolFactory;
import org.keycloak.representations.idm.ApplicationRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.ProtocolMapperRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserSessionRepresentation;
@ -29,7 +29,7 @@ import static org.junit.Assert.fail;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class ApplicationTest extends AbstractClientTest {
public class ClientTest extends AbstractClientTest {
@Rule
public WebRule webRule = new WebRule(this);
@ -41,38 +41,38 @@ public class ApplicationTest extends AbstractClientTest {
protected OAuthClient oauth;
@Test
public void getApplications() {
assertNames(realm.applications().findAll(), "account", "realm-management", "security-admin-console");
public void getClients() {
assertNames(realm.clients().findAll(), "account", "realm-management", "security-admin-console");
}
@Test
public void createApplication() {
ApplicationRepresentation rep = new ApplicationRepresentation();
rep.setName("my-app");
public void createClient() {
ClientRepresentation rep = new ClientRepresentation();
rep.setClientId("my-app");
rep.setEnabled(true);
realm.applications().create(rep);
realm.clients().create(rep);
assertNames(realm.applications().findAll(), "account", "realm-management", "security-admin-console", "my-app");
assertNames(realm.clients().findAll(), "account", "realm-management", "security-admin-console", "my-app");
}
@Test
public void removeApplication() {
createApplication();
public void removeClient() {
createClient();
realm.applications().get("my-app").remove();
realm.clients().get("my-app").remove();
}
@Test
public void getApplicationRepresentation() {
createApplication();
public void getClientRepresentation() {
createClient();
ApplicationRepresentation rep = realm.applications().get("my-app").toRepresentation();
assertEquals("my-app", rep.getName());
ClientRepresentation rep = realm.clients().get("my-app").toRepresentation();
assertEquals("my-app", rep.getClientId());
assertTrue(rep.isEnabled());
}
@Test
public void getApplicationSessions() throws Exception {
public void getClientSessions() throws Exception {
OAuthClient.AccessTokenResponse response = oauth.doGrantAccessTokenRequest("password", "test-user@localhost", "password");
assertEquals(200, response.getStatusCode());
@ -81,7 +81,7 @@ public class ApplicationTest extends AbstractClientTest {
OAuthClient.AccessTokenResponse response2 = oauth.doAccessTokenRequest(codeResponse.getCode(), "password");
assertEquals(200, response2.getStatusCode());
ApplicationResource app = keycloak.realm("test").applications().get("test-app");
ClientResource app = keycloak.realm("test").clients().get("test-app");
assertEquals(2, (long) app.getApplicationSessionCount().get("count"));
@ -93,29 +93,29 @@ public class ApplicationTest extends AbstractClientTest {
@Test
// KEYCLOAK-1110
public void deleteDefaultRole() {
ApplicationRepresentation rep = new ApplicationRepresentation();
rep.setName("my-app");
ClientRepresentation rep = new ClientRepresentation();
rep.setClientId("my-app");
rep.setEnabled(true);
realm.applications().create(rep);
realm.clients().create(rep);
RoleRepresentation role = new RoleRepresentation("test", "test");
realm.applications().get("my-app").roles().create(role);
realm.clients().get("my-app").roles().create(role);
rep = realm.applications().get("my-app").toRepresentation();
rep = realm.clients().get("my-app").toRepresentation();
rep.setDefaultRoles(new String[] { "test" });
realm.applications().get("my-app").update(rep);
realm.clients().get("my-app").update(rep);
assertArrayEquals(new String[] { "test" }, realm.applications().get("my-app").toRepresentation().getDefaultRoles());
assertArrayEquals(new String[] { "test" }, realm.clients().get("my-app").toRepresentation().getDefaultRoles());
realm.applications().get("my-app").roles().deleteRole("test");
realm.clients().get("my-app").roles().deleteRole("test");
assertNull(realm.applications().get("my-app").toRepresentation().getDefaultRoles());
assertNull(realm.clients().get("my-app").toRepresentation().getDefaultRoles());
}
@Test
public void testProtocolMappers() {
createApplication();
ProtocolMappersResource mappersResource = realm.applications().get("my-app").getProtocolMappers();
createClient();
ProtocolMappersResource mappersResource = realm.clients().get("my-app").getProtocolMappers();
protocolMappersTest(mappersResource);
}

10
testsuite/integration/src/test/java/org/keycloak/testsuite/composites/CompositeRoleTest.java
View file

@ -35,7 +35,7 @@ import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.representations.AccessToken;
import org.keycloak.services.managers.ApplicationManager;
import org.keycloak.services.managers.ClientManager;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.testsuite.ApplicationServlet;
import org.keycloak.testsuite.OAuthClient;
@ -85,7 +85,7 @@ public class CompositeRoleTest {
realmRole1User.updateCredential(UserCredentialModel.password("password"));
realmRole1User.grantRole(realmRole1);
final ClientModel realmComposite1Application = new ApplicationManager(manager).createApplication(realm, "REALM_COMPOSITE_1_APPLICATION");
final ClientModel realmComposite1Application = new ClientManager(manager).createClient(realm, "REALM_COMPOSITE_1_APPLICATION");
realmComposite1Application.setFullScopeAllowed(false);
realmComposite1Application.setEnabled(true);
realmComposite1Application.addScopeMapping(realmComposite1);
@ -94,7 +94,7 @@ public class CompositeRoleTest {
realmComposite1Application.setManagementUrl("http://localhost:8081/app/logout");
realmComposite1Application.setSecret("password");
final ClientModel realmRole1Application = new ApplicationManager(manager).createApplication(realm, "REALM_ROLE_1_APPLICATION");
final ClientModel realmRole1Application = new ClientManager(manager).createClient(realm, "REALM_ROLE_1_APPLICATION");
realmRole1Application.setFullScopeAllowed(false);
realmRole1Application.setEnabled(true);
realmRole1Application.addScopeMapping(realmRole1);
@ -104,7 +104,7 @@ public class CompositeRoleTest {
realmRole1Application.setSecret("password");
final ClientModel appRoleApplication = new ApplicationManager(manager).createApplication(realm, "APP_ROLE_APPLICATION");
final ClientModel appRoleApplication = new ClientManager(manager).createClient(realm, "APP_ROLE_APPLICATION");
appRoleApplication.setFullScopeAllowed(false);
appRoleApplication.setEnabled(true);
appRoleApplication.addRedirectUri("http://localhost:8081/app/*");
@ -127,7 +127,7 @@ public class CompositeRoleTest {
realmAppRoleUser.updateCredential(UserCredentialModel.password("password"));
realmAppRoleUser.grantRole(appRole2);
final ClientModel appCompositeApplication = new ApplicationManager(manager).createApplication(realm, "APP_COMPOSITE_APPLICATION");
final ClientModel appCompositeApplication = new ClientManager(manager).createClient(realm, "APP_COMPOSITE_APPLICATION");
appCompositeApplication.setFullScopeAllowed(false);
appCompositeApplication.setEnabled(true);
appCompositeApplication.addRedirectUri("http://localhost:8081/app/*");

56
testsuite/integration/src/test/java/org/keycloak/testsuite/model/ClientModelTest.java
View file

@ -8,8 +8,8 @@ import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.models.utils.RepresentationToModel;
import org.keycloak.representations.idm.ApplicationRepresentation;
import org.keycloak.services.managers.ApplicationManager;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.services.managers.ClientManager;
import java.util.Iterator;
import java.util.List;
@ -18,37 +18,37 @@ import java.util.List;
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class ClientModelTest extends AbstractModelTest {
private ClientModel application;
private ClientModel client;
private RealmModel realm;
private ApplicationManager appManager;
private ClientManager appManager;
@Before
@Override
public void before() throws Exception {
super.before();
appManager = new ApplicationManager(realmManager);
appManager = new ClientManager(realmManager);
realm = realmManager.createRealm("original");
application = realm.addClient("application");
application.setBaseUrl("http://base");
application.setManagementUrl("http://management");
application.setClientId("app-name");
application.addRole("role-1");
application.addRole("role-2");
application.addRole("role-3");
application.addDefaultRole("role-1");
application.addDefaultRole("role-2");
client = realm.addClient("application");
client.setBaseUrl("http://base");
client.setManagementUrl("http://management");
client.setClientId("app-name");
client.addRole("role-1");
client.addRole("role-2");
client.addRole("role-3");
client.addDefaultRole("role-1");
client.addDefaultRole("role-2");
application.addRedirectUri("redirect-1");
application.addRedirectUri("redirect-2");
client.addRedirectUri("redirect-1");
client.addRedirectUri("redirect-2");
application.addWebOrigin("origin-1");
application.addWebOrigin("origin-2");
client.addWebOrigin("origin-1");
client.addWebOrigin("origin-2");
application.registerNode("node1", 10);
application.registerNode("10.20.30.40", 50);
client.registerNode("node1", 10);
client.registerNode("10.20.30.40", 50);
application.updateApplication();
client.updateApplication();
}
@Test
@ -56,26 +56,26 @@ public class ClientModelTest extends AbstractModelTest {
RealmModel persisted = realmManager.getRealm(realm.getId());
ClientModel actual = persisted.getClientNameMap().get("app-name");
assertEquals(application, actual);
assertEquals(client, actual);
}
@Test
public void json() {
ApplicationRepresentation representation = ModelToRepresentation.toRepresentation(application);
ClientRepresentation representation = ModelToRepresentation.toRepresentation(client);
representation.setId(null);
RealmModel realm = realmManager.createRealm("copy");
ClientModel copy = RepresentationToModel.createApplication(session, realm, representation, true);
ClientModel copy = RepresentationToModel.createClient(session, realm, representation, true);
assertEquals(application, copy);
assertEquals(client, copy);
}
@Test
public void testAddApplicationWithId() {
application = realm.addClient("app-123", "application2");
client = realm.addClient("app-123", "application2");
commit();
application = realmManager.getRealm(realm.getId()).getClientById("app-123");
Assert.assertNotNull(application);
client = realmManager.getRealm(realm.getId()).getClientById("app-123");
Assert.assertNotNull(client);
}