From b23ea18c89f24abb89a80d494165125761580560 Mon Sep 17 00:00:00 2001 From: Moritz Becker Date: Wed, 20 Jan 2016 01:09:07 +0100 Subject: [PATCH 01/30] client UI fix --- .../base/admin/resources/js/controllers/clients.js | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/themes/src/main/resources/theme/base/admin/resources/js/controllers/clients.js b/themes/src/main/resources/theme/base/admin/resources/js/controllers/clients.js index aac6a55101..6694c87161 100755 --- a/themes/src/main/resources/theme/base/admin/resources/js/controllers/clients.js +++ b/themes/src/main/resources/theme/base/admin/resources/js/controllers/clients.js @@ -738,8 +738,7 @@ module.controller('ClientDetailCtrl', function($scope, realm, client, templates, "bearer-only" ]; - $scope.protocols = ['openid-connect', - 'saml'];//Object.keys(serverInfo.providers['login-protocol'].providers).sort(); + $scope.protocols = Object.keys(serverInfo.providers['login-protocol'].providers).sort(); $scope.templates = [ {name:'NONE'}]; for (var i = 0; i < templates.length; i++) { @@ -2124,11 +2123,4 @@ module.controller('ClientTemplateScopeMappingCtrl', function($scope, $http, real }; updateTemplateRealmRoles(); -}); - - - - - - - +}); \ No newline at end of file From 35a2d176fa5553ac9471567d0a7428d79aca757d Mon Sep 17 00:00:00 2001 From: Moritz Becker Date: Thu, 21 Jan 2016 17:09:42 +0100 Subject: [PATCH 02/30] Fixed sql syntax error in credential migration script --- model/jpa/src/main/resources/META-INF/jpa-changelog-1.8.0.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/model/jpa/src/main/resources/META-INF/jpa-changelog-1.8.0.xml b/model/jpa/src/main/resources/META-INF/jpa-changelog-1.8.0.xml index 5900f8cca0..12606a36c3 100755 --- a/model/jpa/src/main/resources/META-INF/jpa-changelog-1.8.0.xml +++ b/model/jpa/src/main/resources/META-INF/jpa-changelog-1.8.0.xml @@ -117,7 +117,7 @@ - TYPE in ('password-history', 'password') AND ALGORITHM is 'HmacSHA1' + TYPE in ('password-history', 'password') AND ALGORITHM = 'HmacSHA1' From 751410497414baa91f2e71bd20580d6bab874dae Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Fri, 15 Jan 2016 15:29:45 -0500 Subject: [PATCH 03/30] KEYCLOAK-1280: I18N for logging --- pom.xml | 13 ++- services/pom.xml | 15 ++++ .../org/keycloak/services/ServicesLogger.java | 89 +++++++++++++++++++ .../resources/KeycloakApplication.java | 32 +++---- 4 files changed, 132 insertions(+), 17 deletions(-) mode change 100755 => 100644 pom.xml create mode 100644 services/src/main/java/org/keycloak/services/ServicesLogger.java mode change 100755 => 100644 services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java diff --git a/pom.xml b/pom.xml old mode 100755 new mode 100644 index a7cf76d9cd..9a021b67db --- a/pom.xml +++ b/pom.xml @@ -35,7 +35,8 @@ 1.1.1.Final 2.7.0.Final 3.2.0 - 3.1.4.GA + 3.3.0.Final + 2.0.1.Final 1.2.0.Beta1 1.0.4.Final 1.0.0.Final @@ -297,6 +298,16 @@ jboss-logging ${jboss.logging.version} + + org.jboss.logging + jboss-logging-annotations + ${jboss.logging.tools.version} + + + org.jboss.logging + jboss-logging-processor + ${jboss.logging.tools.version} + log4j log4j diff --git a/services/pom.xml b/services/pom.xml index 3f7dba9618..64c4221995 100755 --- a/services/pom.xml +++ b/services/pom.xml @@ -57,6 +57,18 @@ org.jboss.logging jboss-logging + + org.jboss.logging + jboss-logging-annotations + provided + true + + + org.jboss.logging + jboss-logging-processor + provided + true + org.jboss.resteasy resteasy-jaxrs @@ -129,6 +141,9 @@ ${maven.compiler.source} ${maven.compiler.target} + + -AgeneratedTranslationFilesPath=${project.build.directory}/generated-translation-files + diff --git a/services/src/main/java/org/keycloak/services/ServicesLogger.java b/services/src/main/java/org/keycloak/services/ServicesLogger.java new file mode 100644 index 0000000000..e5c5029cf8 --- /dev/null +++ b/services/src/main/java/org/keycloak/services/ServicesLogger.java @@ -0,0 +1,89 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ + +package org.keycloak.services; + +import org.jboss.logging.BasicLogger; +import org.jboss.logging.Logger; +import org.jboss.logging.annotations.Cause; +import org.jboss.logging.annotations.LogMessage; +import org.jboss.logging.annotations.Message; +import org.jboss.logging.annotations.MessageLogger; + +import static org.jboss.logging.Logger.Level.ERROR; +import static org.jboss.logging.Logger.Level.INFO; +import static org.jboss.logging.Logger.Level.WARN; + + +/** + * Main logger for the Keycloak Services module. + * + * @author Stan Silvert ssilvert@redhat.com (C) 2016 Red Hat Inc. + */ +@MessageLogger(projectCode="KC-SERVICES", length=4) +public interface ServicesLogger extends BasicLogger { + + ServicesLogger ROOT_LOGGER = Logger.getMessageLogger(ServicesLogger.class, "org.keycloak.services"); + + @LogMessage(level = INFO) + @Message(id=1, value="Loading config from %s") + void loadingFrom(Object from); + + @LogMessage(level = ERROR) + @Message(id=2, value="Failed to migrate datamodel") + void migrationFailure(@Cause Throwable t); + + @LogMessage(level = INFO) + @Message(id=3, value="Not importing realm %s from %s. It already exists.") + void realmExists(String realmName, String from); + + @LogMessage(level = INFO) + @Message(id=4, value="Imported realm %s from %s.") + void importedRealm(String realmName, String from); + + @LogMessage(level = WARN) + @Message(id=5, value="Unable to import realm %s from %s.") + void unableToImportRealm(@Cause Throwable t, String realmName, String from); + + @LogMessage(level = INFO) + @Message(id=6, value="Importing users from '%s'") + void imprtingUsersFrom(Object from); + + @LogMessage(level = ERROR) + @Message(id=7, value="Failed to load 'keycloak-add-user.json'") + void failedToLoadUsers(@Cause Throwable t); + + @LogMessage(level = ERROR) + @Message(id=8, value="Failed to add user %s to realm %s: realm not found") + void addUserFailedRealmNotFound(String user, String realm); + + @LogMessage(level = INFO) + @Message(id=9, value="Added user '%s' to realm '%s'") + void addUserSuccess(String user, String realm); + + @LogMessage(level = ERROR) + @Message(id=10, value="Failed to add user '%s' to realm '%s': user with username exists") + void addUserFailedUserExists(String user, String realm); + + @LogMessage(level = ERROR) + @Message(id=11, value="Failed to add user '%s' to realm '%s'") + void addUserFailed(@Cause Throwable t, String user, String realm); + + @LogMessage(level = ERROR) + @Message(id=12, value="Failed to delete '%s'") + void failedToDeleteFile(String fileName); +} diff --git a/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java b/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java old mode 100755 new mode 100644 index c0842eecfd..e619183ec1 --- a/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java +++ b/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java @@ -3,7 +3,6 @@ package org.keycloak.services.resources; import com.fasterxml.jackson.core.type.TypeReference; import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; -import org.jboss.logging.Logger; import org.jboss.resteasy.core.Dispatcher; import org.jboss.resteasy.spi.ResteasyProviderFactory; import org.keycloak.Config; @@ -15,6 +14,7 @@ import org.keycloak.models.utils.RepresentationToModel; import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.representations.idm.UserRepresentation; import org.keycloak.services.DefaultKeycloakSessionFactory; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.filters.KeycloakTransactionCommitter; import org.keycloak.services.managers.ApplianceBootstrap; import org.keycloak.services.managers.RealmManager; @@ -44,7 +44,7 @@ import java.util.*; */ public class KeycloakApplication extends Application { - private static final Logger log = Logger.getLogger(KeycloakApplication.class); + private static final ServicesLogger log = ServicesLogger.ROOT_LOGGER; protected Set singletons = new HashSet(); protected Set> classes = new HashSet>(); @@ -135,7 +135,7 @@ public class KeycloakApplication extends Application { session.getTransaction().commit(); } catch (Exception e) { session.getTransaction().rollback(); - log.error("Failed to migrate datamodel", e); + log.migrationFailure(e); } finally { session.close(); } @@ -163,7 +163,7 @@ public class KeycloakApplication extends Application { if (configDir != null) { File f = new File(configDir + File.separator + "keycloak-server.json"); if (f.isFile()) { - log.info("Load config from " + f.getAbsolutePath()); + log.loadingFrom(f.getAbsolutePath()); node = new ObjectMapper().readTree(f); } } @@ -171,7 +171,7 @@ public class KeycloakApplication extends Application { if (node == null) { URL resource = Thread.currentThread().getContextClassLoader().getResource("META-INF/keycloak-server.json"); if (resource != null) { - log.info("Load config from " + resource); + log.loadingFrom(resource); node = new ObjectMapper().readTree(resource); } } @@ -247,22 +247,22 @@ public class KeycloakApplication extends Application { manager.setContextPath(getContextPath()); if (rep.getId() != null && manager.getRealm(rep.getId()) != null) { - log.info("Not importing realm " + rep.getRealm() + " from " + from + ". It already exists."); + log.realmExists(rep.getRealm(), from); return; } if (manager.getRealmByName(rep.getRealm()) != null) { - log.info("Not importing realm " + rep.getRealm() + " from " + from + ". It already exists."); + log.realmExists(rep.getRealm(), from); return; } try { RealmModel realm = manager.importRealm(rep); session.getTransaction().commit(); - log.info("Imported realm " + realm.getName() + " from " + from); + log.importedRealm(realm.getName(), from); } catch (Throwable t) { session.getTransaction().rollback(); - log.warn("Unable to import realm " + rep.getRealm() + " from " + from + ". Cause: " + t.getMessage()); + log.unableToImportRealm(t, rep.getRealm(), from); } } finally { session.close(); @@ -274,14 +274,14 @@ public class KeycloakApplication extends Application { if (configDir != null) { File addUserFile = new File(configDir + File.separator + "keycloak-add-user.json"); if (addUserFile.isFile()) { - log.info("Importing users from '" + addUserFile + "'"); + log.imprtingUsersFrom(addUserFile); List realms; try { realms = JsonSerialization.readValue(new FileInputStream(addUserFile), new TypeReference>() { }); } catch (IOException e) { - log.errorv("Failed to load 'keycloak-add-user.json': {0}", e.getMessage()); + log.failedToLoadUsers(e); return; } @@ -293,7 +293,7 @@ public class KeycloakApplication extends Application { RealmModel realm = session.realms().getRealmByName(realmRep.getRealm()); if (realm == null) { - log.errorv("Failed to add user ''{0}'' to realm ''{1}'': realm not found", userRep.getUsername(), realmRep.getRealm()); + log.addUserFailedRealmNotFound(userRep.getUsername(), realmRep.getRealm()); } else { UserModel user = session.users().addUser(realm, userRep.getUsername()); user.setEnabled(userRep.isEnabled()); @@ -302,12 +302,12 @@ public class KeycloakApplication extends Application { } session.getTransaction().commit(); - log.infov("Added user ''{0}'' to realm ''{1}''", userRep.getUsername(), realmRep.getRealm()); + log.addUserSuccess(userRep.getUsername(), realmRep.getRealm()); } catch (ModelDuplicateException e) { - log.errorv("Failed to add user ''{0}'' to realm ''{1}'': user with username exists", userRep.getUsername(), realmRep.getRealm()); + log.addUserFailedUserExists(userRep.getUsername(), realmRep.getRealm()); } catch (Throwable t) { session.getTransaction().rollback(); - log.errorv("Failed to add user ''{0}'' to realm ''{1}'': {2}", userRep.getUsername(), realmRep.getRealm(), t.getMessage()); + log.addUserFailed(t, userRep.getUsername(), realmRep.getRealm()); } finally { session.close(); } @@ -315,7 +315,7 @@ public class KeycloakApplication extends Application { } if (!addUserFile.delete()) { - log.errorv("Failed to delete '{0}'", addUserFile.getAbsolutePath()); + log.failedToDeleteFile(addUserFile.getAbsolutePath()); } } } From 3b4cb94ff1c7a964c4723e90c9300bfb74b76751 Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Mon, 18 Jan 2016 12:18:15 -0500 Subject: [PATCH 04/30] KEYCLOAK-1280: i18n logging for org.keycloak.authentication --- .../AuthenticationProcessor.java | 22 ++++++++--------- .../ClientAuthenticationFlow.java | 19 ++++++++------- .../DefaultAuthenticationFlow.java | 6 ++--- .../org/keycloak/services/ServicesLogger.java | 24 +++++++++++++++++++ 4 files changed, 49 insertions(+), 22 deletions(-) diff --git a/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java b/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java index 7fac42b460..0ea6ad99b8 100755 --- a/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java +++ b/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java @@ -1,6 +1,5 @@ package org.keycloak.authentication; -import org.jboss.logging.Logger; import org.jboss.resteasy.spi.HttpRequest; import org.keycloak.common.ClientConnection; import org.keycloak.OAuth2Constants; @@ -24,6 +23,7 @@ import org.keycloak.protocol.LoginProtocol; import org.keycloak.protocol.LoginProtocol.Error; import org.keycloak.protocol.oidc.TokenManager; import org.keycloak.services.ErrorPage; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.managers.BruteForceProtector; import org.keycloak.services.managers.ClientSessionCode; @@ -44,7 +44,7 @@ import java.util.Map; */ public class AuthenticationProcessor { public static final String CURRENT_AUTHENTICATION_EXECUTION = "current.authentication.execution"; - protected static Logger logger = Logger.getLogger(AuthenticationProcessor.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; protected RealmModel realm; protected UserSessionModel userSession; protected ClientSessionModel clientSession; @@ -539,25 +539,25 @@ public class AuthenticationProcessor { if (failure instanceof AuthenticationFlowException) { AuthenticationFlowException e = (AuthenticationFlowException) failure; if (e.getError() == AuthenticationFlowError.INVALID_USER) { - logger.error("failed authentication: " + e.getError().toString(), e); + logger.failedAuthentication(e); event.error(Errors.USER_NOT_FOUND); return ErrorPage.error(session, Messages.INVALID_USER); } else if (e.getError() == AuthenticationFlowError.USER_DISABLED) { - logger.error("failed authentication: " + e.getError().toString(), e); + logger.failedAuthentication(e); event.error(Errors.USER_DISABLED); return ErrorPage.error(session, Messages.ACCOUNT_DISABLED); } else if (e.getError() == AuthenticationFlowError.USER_TEMPORARILY_DISABLED) { - logger.error("failed authentication: " + e.getError().toString(), e); + logger.failedAuthentication(e); event.error(Errors.USER_TEMPORARILY_DISABLED); return ErrorPage.error(session, Messages.ACCOUNT_TEMPORARILY_DISABLED); } else if (e.getError() == AuthenticationFlowError.INVALID_CLIENT_SESSION) { - logger.error("failed authentication: " + e.getError().toString(), e); + logger.failedAuthentication(e); event.error(Errors.INVALID_CODE); return ErrorPage.error(session, Messages.INVALID_CODE); } else if (e.getError() == AuthenticationFlowError.EXPIRED_CODE) { - logger.error("failed authentication: " + e.getError().toString(), e); + logger.failedAuthentication(e); event.error(Errors.EXPIRED_CODE); return ErrorPage.error(session, Messages.EXPIRED_CODE); @@ -580,13 +580,13 @@ public class AuthenticationProcessor { return processor.authenticate(); } else { - logger.error("failed authentication: " + e.getError().toString(), e); + logger.failedAuthentication(e); event.error(Errors.INVALID_USER_CREDENTIALS); return ErrorPage.error(session, Messages.INVALID_USER); } } else { - logger.error("failed authentication", failure); + logger.failedAuthentication(failure); event.error(Errors.INVALID_USER_CREDENTIALS); return ErrorPage.error(session, Messages.UNEXPECTED_ERROR_HANDLING_REQUEST); } @@ -596,7 +596,7 @@ public class AuthenticationProcessor { public Response handleClientAuthException(Exception failure) { if (failure instanceof AuthenticationFlowException) { AuthenticationFlowException e = (AuthenticationFlowException) failure; - logger.error("Failed client authentication: " + e.getError().toString(), e); + logger.failedClientAuthentication(e); if (e.getError() == AuthenticationFlowError.CLIENT_NOT_FOUND) { event.error(Errors.CLIENT_NOT_FOUND); return ClientAuthUtil.errorResponse(Response.Status.BAD_REQUEST.getStatusCode(), "invalid_client", "Could not find client"); @@ -611,7 +611,7 @@ public class AuthenticationProcessor { return ClientAuthUtil.errorResponse(Response.Status.BAD_REQUEST.getStatusCode(), "unauthorized_client", e.getError().toString() + ": " + e.getMessage()); } } else { - logger.error("Unexpected error when authenticating client", failure); + logger.errorAuthenticatingClient(failure); event.error(Errors.INVALID_CLIENT_CREDENTIALS); return ClientAuthUtil.errorResponse(Response.Status.BAD_REQUEST.getStatusCode(), "unauthorized_client", "Unexpected error when authenticating client: " + failure.getMessage()); } diff --git a/services/src/main/java/org/keycloak/authentication/ClientAuthenticationFlow.java b/services/src/main/java/org/keycloak/authentication/ClientAuthenticationFlow.java index 2380c72302..f6b23c7495 100755 --- a/services/src/main/java/org/keycloak/authentication/ClientAuthenticationFlow.java +++ b/services/src/main/java/org/keycloak/authentication/ClientAuthenticationFlow.java @@ -12,12 +12,15 @@ import org.keycloak.models.AuthenticationExecutionModel; import org.keycloak.models.AuthenticationFlowModel; import org.keycloak.models.ClientModel; import org.keycloak.models.utils.KeycloakModelUtils; +import org.keycloak.services.ServicesLogger; /** * @author Marek Posolda */ public class ClientAuthenticationFlow implements AuthenticationFlow { + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; + Response alternativeChallenge = null; AuthenticationProcessor processor; AuthenticationFlowModel flow; @@ -42,7 +45,7 @@ public class ClientAuthenticationFlow implements AuthenticationFlow { throw new AuthenticationFlowException("Could not find ClientAuthenticatorFactory for: " + model.getAuthenticator(), AuthenticationFlowError.INTERNAL_ERROR); } ClientAuthenticator authenticator = factory.create(); - AuthenticationProcessor.logger.debugv("client authenticator: {0}", factory.getId()); + logger.debugv("client authenticator: {0}", factory.getId()); AuthenticationProcessor.Result context = processor.createClientAuthenticatorContext(model, authenticator, executions); authenticator.authenticateClient(context); @@ -54,7 +57,7 @@ public class ClientAuthenticationFlow implements AuthenticationFlow { // Fallback to secret just in case (for backwards compatibility) if (expectedClientAuthType == null) { expectedClientAuthType = KeycloakModelUtils.getDefaultClientAuthenticatorType(); - AuthenticationProcessor.logger.warnv("Client {0} doesn't have have authentication method configured. Fallback to {1}", client.getClientId(), expectedClientAuthType); + logger.authMethodFallback(client.getClientId(), expectedClientAuthType); } // Check if client authentication matches @@ -66,7 +69,7 @@ public class ClientAuthenticationFlow implements AuthenticationFlow { throw new AuthenticationFlowException("Expected success, but for an unknown reason the status was " + context.getStatus(), AuthenticationFlowError.INTERNAL_ERROR); } - AuthenticationProcessor.logger.debugv("Client {0} authenticated by {1}", client.getClientId(), factory.getId()); + logger.debugv("Client {0} authenticated by {1}", client.getClientId(), factory.getId()); processor.getEvent().detail(Details.CLIENT_AUTH_METHOD, factory.getId()); return null; } @@ -96,12 +99,12 @@ public class ClientAuthenticationFlow implements AuthenticationFlow { } } - if (AuthenticationProcessor.logger.isTraceEnabled()) { + if (logger.isTraceEnabled()) { List exIds = new ArrayList<>(); for (AuthenticationExecutionModel execution : executionsToRun) { exIds.add(execution.getId()); } - AuthenticationProcessor.logger.tracef("Using executions for client authentication: %s", exIds.toString()); + logger.tracef("Using executions for client authentication: %s", exIds.toString()); } return executionsToRun; @@ -111,7 +114,7 @@ public class ClientAuthenticationFlow implements AuthenticationFlow { AuthenticationExecutionModel execution = result.getExecution(); FlowStatus status = result.getStatus(); - AuthenticationProcessor.logger.debugv("client authenticator {0}: {1}", status.toString(), execution.getAuthenticator()); + logger.debugv("client authenticator {0}: {1}", status.toString(), execution.getAuthenticator()); if (status == FlowStatus.SUCCESS) { return null; @@ -135,13 +138,13 @@ public class ClientAuthenticationFlow implements AuthenticationFlow { } else if (status == FlowStatus.FAILURE_CHALLENGE) { return sendChallenge(result, execution); } else { - AuthenticationProcessor.logger.error("Unknown result status"); + logger.unknownResultStatus(); throw new AuthenticationFlowException(AuthenticationFlowError.INTERNAL_ERROR); } } public Response sendChallenge(AuthenticationProcessor.Result result, AuthenticationExecutionModel execution) { - AuthenticationProcessor.logger.debugv("client authenticator: sending challenge for authentication execution {0}", execution.getAuthenticator()); + logger.debugv("client authenticator: sending challenge for authentication execution {0}", execution.getAuthenticator()); if (result.getError() != null) { String errorAsString = result.getError().toString().toLowerCase(); diff --git a/services/src/main/java/org/keycloak/authentication/DefaultAuthenticationFlow.java b/services/src/main/java/org/keycloak/authentication/DefaultAuthenticationFlow.java index 0933c87fe0..ff140b6ce9 100755 --- a/services/src/main/java/org/keycloak/authentication/DefaultAuthenticationFlow.java +++ b/services/src/main/java/org/keycloak/authentication/DefaultAuthenticationFlow.java @@ -1,10 +1,10 @@ package org.keycloak.authentication; -import org.jboss.logging.Logger; import org.keycloak.models.AuthenticationExecutionModel; import org.keycloak.models.AuthenticationFlowModel; import org.keycloak.models.ClientSessionModel; import org.keycloak.models.UserModel; +import org.keycloak.services.ServicesLogger; import javax.ws.rs.core.Response; import java.util.Iterator; @@ -15,7 +15,7 @@ import java.util.List; * @version $Revision: 1 $ */ public class DefaultAuthenticationFlow implements AuthenticationFlow { - protected static Logger logger = Logger.getLogger(DefaultAuthenticationFlow.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; Response alternativeChallenge = null; AuthenticationExecutionModel challengedAlternativeExecution = null; boolean alternativeSuccessful = false; @@ -222,7 +222,7 @@ public class DefaultAuthenticationFlow implements AuthenticationFlow { return processor.authenticate(); default: logger.debugv("authenticator INTERNAL_ERROR: {0}", execution.getAuthenticator()); - logger.error("Unknown result status"); + logger.unknownResultStatus(); throw new AuthenticationFlowException(AuthenticationFlowError.INTERNAL_ERROR); } } diff --git a/services/src/main/java/org/keycloak/services/ServicesLogger.java b/services/src/main/java/org/keycloak/services/ServicesLogger.java index e5c5029cf8..87d4e56d8c 100644 --- a/services/src/main/java/org/keycloak/services/ServicesLogger.java +++ b/services/src/main/java/org/keycloak/services/ServicesLogger.java @@ -86,4 +86,28 @@ public interface ServicesLogger extends BasicLogger { @LogMessage(level = ERROR) @Message(id=12, value="Failed to delete '%s'") void failedToDeleteFile(String fileName); + + @LogMessage(level = ERROR) + @Message(id=13, value="failed authentication") + void failedAuthentication(@Cause Throwable t); + + @LogMessage(level = ERROR) + @Message(id=14, value="Failed client authentication") + void failedClientAuthentication(@Cause Throwable t); + + @LogMessage(level = ERROR) + @Message(id=15, value="Unexpected error when authenticating client") + void errorAuthenticatingClient(@Cause Throwable t); + + @LogMessage(level = ERROR) + @Message(id=16, value="Unknown flow to execute with") + void unknownFlow(); + + @LogMessage(level = ERROR) + @Message(id=17, value="Unknown result status") + void unknownResultStatus(); + + @LogMessage(level = WARN) + @Message(id=18, value="Client %s doesn't have have authentication method configured. Fallback to %s") + void authMethodFallback(String clientId, String expectedClientAuthType); } From b1baea702380707424c3b9d289123feff112169d Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Mon, 18 Jan 2016 12:43:31 -0500 Subject: [PATCH 05/30] KEYCLOAK-1280: i18n logging for org.keycloak.authentication.authenticators.broker --- .../broker/IdpConfirmLinkAuthenticator.java | 6 ++--- .../IdpCreateUserIfUniqueAuthenticator.java | 6 ++--- .../IdpEmailVerificationAuthenticator.java | 10 ++++---- .../broker/IdpReviewProfileAuthenticator.java | 4 ++-- .../org/keycloak/services/ServicesLogger.java | 24 +++++++++++++++++++ 5 files changed, 37 insertions(+), 13 deletions(-) diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpConfirmLinkAuthenticator.java b/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpConfirmLinkAuthenticator.java index a99a59c04d..130964be68 100755 --- a/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpConfirmLinkAuthenticator.java +++ b/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpConfirmLinkAuthenticator.java @@ -3,7 +3,6 @@ package org.keycloak.authentication.authenticators.broker; import javax.ws.rs.core.MultivaluedMap; import javax.ws.rs.core.Response; -import org.jboss.logging.Logger; import org.keycloak.authentication.AuthenticationFlowContext; import org.keycloak.authentication.AuthenticationFlowError; import org.keycloak.authentication.AuthenticationFlowException; @@ -15,6 +14,7 @@ import org.keycloak.models.ClientSessionModel; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.models.UserModel; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.messages.Messages; /** @@ -22,7 +22,7 @@ import org.keycloak.services.messages.Messages; */ public class IdpConfirmLinkAuthenticator extends AbstractIdpAuthenticator { - protected static Logger logger = Logger.getLogger(IdpConfirmLinkAuthenticator.class); + protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; @Override protected void authenticateImpl(AuthenticationFlowContext context, SerializedBrokeredIdentityContext serializedCtx, BrokeredIdentityContext brokerContext) { @@ -30,7 +30,7 @@ public class IdpConfirmLinkAuthenticator extends AbstractIdpAuthenticator { String existingUserInfo = clientSession.getNote(EXISTING_USER_INFO); if (existingUserInfo == null) { - logger.warnf("No duplication detected."); + logger.noDuplicationDetected(); context.attempted(); return; } diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpCreateUserIfUniqueAuthenticator.java b/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpCreateUserIfUniqueAuthenticator.java index f4da7e97d7..130fea72e4 100644 --- a/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpCreateUserIfUniqueAuthenticator.java +++ b/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpCreateUserIfUniqueAuthenticator.java @@ -5,7 +5,6 @@ import java.util.Map; import javax.ws.rs.core.Response; -import org.jboss.logging.Logger; import org.keycloak.authentication.AuthenticationFlowContext; import org.keycloak.authentication.authenticators.broker.util.ExistingUserInfo; import org.keycloak.authentication.authenticators.broker.util.SerializedBrokeredIdentityContext; @@ -16,6 +15,7 @@ import org.keycloak.models.AuthenticatorConfigModel; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.models.UserModel; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.messages.Messages; /** @@ -23,7 +23,7 @@ import org.keycloak.services.messages.Messages; */ public class IdpCreateUserIfUniqueAuthenticator extends AbstractIdpAuthenticator { - protected static Logger logger = Logger.getLogger(IdpCreateUserIfUniqueAuthenticator.class); + protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; @Override @@ -43,7 +43,7 @@ public class IdpCreateUserIfUniqueAuthenticator extends AbstractIdpAuthenticator String username = getUsername(context, serializedCtx, brokerContext); if (username == null) { - logger.warnf("%s is null. Reset flow and enforce showing reviewProfile page", realm.isRegistrationEmailAsUsername() ? "Email" : "Username"); + logger.resetFlow(realm.isRegistrationEmailAsUsername() ? "Email" : "Username"); context.getClientSession().setNote(ENFORCE_UPDATE_PROFILE, "true"); context.resetFlow(); return; diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpEmailVerificationAuthenticator.java b/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpEmailVerificationAuthenticator.java index 5c74b17208..a9dd2c02a4 100755 --- a/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpEmailVerificationAuthenticator.java +++ b/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpEmailVerificationAuthenticator.java @@ -6,7 +6,6 @@ import javax.ws.rs.core.MultivaluedMap; import javax.ws.rs.core.Response; import javax.ws.rs.core.UriBuilder; -import org.jboss.logging.Logger; import org.keycloak.authentication.AuthenticationFlowContext; import org.keycloak.authentication.AuthenticationFlowError; import org.keycloak.authentication.requiredactions.VerifyEmail; @@ -24,6 +23,7 @@ import org.keycloak.models.Constants; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.models.UserModel; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.messages.Messages; import org.keycloak.services.resources.LoginActionsService; @@ -32,7 +32,7 @@ import org.keycloak.services.resources.LoginActionsService; */ public class IdpEmailVerificationAuthenticator extends AbstractIdpAuthenticator { - protected static Logger logger = Logger.getLogger(IdpEmailVerificationAuthenticator.class); + protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; @Override protected void authenticateImpl(AuthenticationFlowContext context, SerializedBrokeredIdentityContext serializedCtx, BrokeredIdentityContext brokerContext) { @@ -41,7 +41,7 @@ public class IdpEmailVerificationAuthenticator extends AbstractIdpAuthenticator ClientSessionModel clientSession = context.getClientSession(); if (realm.getSmtpConfig().size() == 0) { - logger.warnf("Smtp is not configured for the realm. Ignoring email verification authenticator"); + logger.smtpNotConfigured(); context.attempted(); return; } @@ -78,7 +78,7 @@ public class IdpEmailVerificationAuthenticator extends AbstractIdpAuthenticator } catch (EmailException e) { event.error(Errors.EMAIL_SEND_FAILED); - logger.error("Failed to send email to confirm identity broker linking", e); + logger.confirmBrokerEmailFailed(e); Response challenge = context.form() .setError(Messages.EMAIL_SENT_ERROR) .createErrorPage(); @@ -118,7 +118,7 @@ public class IdpEmailVerificationAuthenticator extends AbstractIdpAuthenticator context.setUser(existingUser); context.success(); } else { - logger.error("Key parameter don't match with the expected value from client session"); + logger.keyParamDoesNotMatch(); Response challengeResponse = context.form() .setError(Messages.INVALID_ACCESS_CODE) .createErrorPage(); diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpReviewProfileAuthenticator.java b/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpReviewProfileAuthenticator.java index 1cf11b721c..6b0b97fc7b 100755 --- a/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpReviewProfileAuthenticator.java +++ b/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpReviewProfileAuthenticator.java @@ -5,7 +5,6 @@ import java.util.List; import javax.ws.rs.core.MultivaluedMap; import javax.ws.rs.core.Response; -import org.jboss.logging.Logger; import org.keycloak.authentication.AuthenticationFlowContext; import org.keycloak.authentication.authenticators.broker.util.SerializedBrokeredIdentityContext; import org.keycloak.broker.provider.BrokeredIdentityContext; @@ -21,6 +20,7 @@ import org.keycloak.models.RealmModel; import org.keycloak.models.UserModel; import org.keycloak.models.utils.FormMessage; import org.keycloak.representations.idm.IdentityProviderRepresentation; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.resources.AttributeFormDataProcessor; import org.keycloak.services.validation.Validation; @@ -29,7 +29,7 @@ import org.keycloak.services.validation.Validation; */ public class IdpReviewProfileAuthenticator extends AbstractIdpAuthenticator { - protected static Logger logger = Logger.getLogger(IdpReviewProfileAuthenticator.class); + protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; @Override public boolean requiresUser() { diff --git a/services/src/main/java/org/keycloak/services/ServicesLogger.java b/services/src/main/java/org/keycloak/services/ServicesLogger.java index 87d4e56d8c..7eefbbd471 100644 --- a/services/src/main/java/org/keycloak/services/ServicesLogger.java +++ b/services/src/main/java/org/keycloak/services/ServicesLogger.java @@ -110,4 +110,28 @@ public interface ServicesLogger extends BasicLogger { @LogMessage(level = WARN) @Message(id=18, value="Client %s doesn't have have authentication method configured. Fallback to %s") void authMethodFallback(String clientId, String expectedClientAuthType); + + @LogMessage(level = WARN) + @Message(id=19, value="No duplication detected.") + void noDuplicationDetected(); + + @LogMessage(level = WARN) + @Message(id=20, value="%s is null. Reset flow and enforce showing reviewProfile page") + void resetFlow(String emailOrUserName); + + @LogMessage(level = ERROR) + @Message(id=21, value="Failed to send email to confirm identity broker linking") + void confirmBrokerEmailFailed(@Cause Throwable t); + + @LogMessage(level = ERROR) + @Message(id=22, value="Key parameter don't match with the expected value from client session") + void keyParamDoesNotMatch(); + + @LogMessage(level = WARN) + @Message(id=23, value="Smtp is not configured for the realm. Ignoring email verification authenticator") + void smtpNotConfigured(); + + @LogMessage(level = WARN) + @Message(id=23, value="Smtp is not configured for the realm. Ignoring email verification authenticator") + void smtpNotConfigured(); } From 0ef8c18b931e2ed3724f0f7ab49c9342caccc4b6 Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Mon, 18 Jan 2016 13:04:15 -0500 Subject: [PATCH 06/30] KEYCLOAK-1280: i18n logging for org.keycloak.services.authentication.authenticators.browser --- .../browser/AbstractUsernameFormAuthenticator.java | 6 +++--- .../authenticators/browser/SpnegoAuthenticator.java | 4 ++-- .../authenticators/browser/UsernamePasswordForm.java | 4 ++-- .../main/java/org/keycloak/services/ServicesLogger.java | 7 ++++--- 4 files changed, 11 insertions(+), 10 deletions(-) diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/browser/AbstractUsernameFormAuthenticator.java b/services/src/main/java/org/keycloak/authentication/authenticators/browser/AbstractUsernameFormAuthenticator.java index 68b036fa18..9cae5ef12c 100755 --- a/services/src/main/java/org/keycloak/authentication/authenticators/browser/AbstractUsernameFormAuthenticator.java +++ b/services/src/main/java/org/keycloak/authentication/authenticators/browser/AbstractUsernameFormAuthenticator.java @@ -1,6 +1,5 @@ package org.keycloak.authentication.authenticators.browser; -import org.jboss.logging.Logger; import org.keycloak.authentication.AbstractFormAuthenticator; import org.keycloak.authentication.AuthenticationFlowError; import org.keycloak.authentication.AuthenticationFlowContext; @@ -11,6 +10,7 @@ import org.keycloak.models.UserCredentialModel; import org.keycloak.models.UserModel; import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.representations.idm.CredentialRepresentation; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.messages.Messages; @@ -25,7 +25,7 @@ import java.util.List; */ public abstract class AbstractUsernameFormAuthenticator extends AbstractFormAuthenticator { - private static final Logger logger = Logger.getLogger(AbstractUsernameFormAuthenticator.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; public static final String REGISTRATION_FORM_ACTION = "registration_form"; public static final String ATTEMPTED_USERNAME = "ATTEMPTED_USERNAME"; @@ -109,7 +109,7 @@ public abstract class AbstractUsernameFormAuthenticator extends AbstractFormAuth try { user = KeycloakModelUtils.findUserByNameOrEmail(context.getSession(), context.getRealm(), username); } catch (ModelDuplicateException mde) { - logger.error(mde.getMessage(), mde); + logger.modelDuplicateException(mde); // Could happen during federation import if (mde.getDuplicateFieldName() != null && mde.getDuplicateFieldName().equals(UserModel.EMAIL)) { diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/browser/SpnegoAuthenticator.java b/services/src/main/java/org/keycloak/authentication/authenticators/browser/SpnegoAuthenticator.java index f1c0128661..ea6e27ac38 100755 --- a/services/src/main/java/org/keycloak/authentication/authenticators/browser/SpnegoAuthenticator.java +++ b/services/src/main/java/org/keycloak/authentication/authenticators/browser/SpnegoAuthenticator.java @@ -1,6 +1,5 @@ package org.keycloak.authentication.authenticators.browser; -import org.jboss.logging.Logger; import org.jboss.resteasy.spi.HttpRequest; import org.keycloak.authentication.AuthenticationFlowError; import org.keycloak.authentication.AuthenticationFlowContext; @@ -13,6 +12,7 @@ import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.models.UserCredentialModel; import org.keycloak.models.UserModel; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.messages.Messages; import javax.ws.rs.core.HttpHeaders; @@ -27,7 +27,7 @@ import java.util.Map; */ public class SpnegoAuthenticator extends AbstractUsernameFormAuthenticator implements Authenticator{ public static final String KERBEROS_DISABLED = "kerberos_disabled"; - protected static Logger logger = Logger.getLogger(SpnegoAuthenticator.class); + protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; @Override public boolean requiresUser() { diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/browser/UsernamePasswordForm.java b/services/src/main/java/org/keycloak/authentication/authenticators/browser/UsernamePasswordForm.java index a2581e3350..bbf36dc5c1 100755 --- a/services/src/main/java/org/keycloak/authentication/authenticators/browser/UsernamePasswordForm.java +++ b/services/src/main/java/org/keycloak/authentication/authenticators/browser/UsernamePasswordForm.java @@ -1,6 +1,5 @@ package org.keycloak.authentication.authenticators.browser; -import org.jboss.logging.Logger; import org.jboss.resteasy.specimpl.MultivaluedMapImpl; import org.keycloak.authentication.AuthenticationFlowContext; import org.keycloak.authentication.AuthenticationProcessor; @@ -10,6 +9,7 @@ import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.models.UserModel; import org.keycloak.protocol.oidc.OIDCLoginProtocol; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.managers.AuthenticationManager; import javax.ws.rs.core.MultivaluedMap; @@ -20,7 +20,7 @@ import javax.ws.rs.core.Response; * @version $Revision: 1 $ */ public class UsernamePasswordForm extends AbstractUsernameFormAuthenticator implements Authenticator { - protected static Logger logger = Logger.getLogger(UsernamePasswordForm.class); + protected static ServicesLogger log = ServicesLogger.ROOT_LOGGER; @Override public void action(AuthenticationFlowContext context) { diff --git a/services/src/main/java/org/keycloak/services/ServicesLogger.java b/services/src/main/java/org/keycloak/services/ServicesLogger.java index 7eefbbd471..e6d09f220e 100644 --- a/services/src/main/java/org/keycloak/services/ServicesLogger.java +++ b/services/src/main/java/org/keycloak/services/ServicesLogger.java @@ -27,6 +27,7 @@ import org.jboss.logging.annotations.MessageLogger; import static org.jboss.logging.Logger.Level.ERROR; import static org.jboss.logging.Logger.Level.INFO; import static org.jboss.logging.Logger.Level.WARN; +import org.keycloak.models.ModelDuplicateException; /** @@ -131,7 +132,7 @@ public interface ServicesLogger extends BasicLogger { @Message(id=23, value="Smtp is not configured for the realm. Ignoring email verification authenticator") void smtpNotConfigured(); - @LogMessage(level = WARN) - @Message(id=23, value="Smtp is not configured for the realm. Ignoring email verification authenticator") - void smtpNotConfigured(); + @LogMessage(level = ERROR) + @Message(id=24, value="") + void modelDuplicateException(@Cause ModelDuplicateException mde); } From 36e711fb8809404a9f07316593b38a4b837ac00a Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Mon, 18 Jan 2016 13:16:32 -0500 Subject: [PATCH 07/30] KEYCLOAK-1280: i18n logging for org.keycloak.authentication.authenticators.client --- .../client/ClientIdAndSecretAuthenticator.java | 4 ++-- .../authenticators/client/JWTClientAuthenticator.java | 6 +++--- .../src/main/java/org/keycloak/services/ServicesLogger.java | 4 ++++ 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/client/ClientIdAndSecretAuthenticator.java b/services/src/main/java/org/keycloak/authentication/authenticators/client/ClientIdAndSecretAuthenticator.java index 5f2a3681b8..042a6bb628 100644 --- a/services/src/main/java/org/keycloak/authentication/authenticators/client/ClientIdAndSecretAuthenticator.java +++ b/services/src/main/java/org/keycloak/authentication/authenticators/client/ClientIdAndSecretAuthenticator.java @@ -11,7 +11,6 @@ import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MultivaluedMap; import javax.ws.rs.core.Response; -import org.jboss.logging.Logger; import org.keycloak.OAuth2Constants; import org.keycloak.authentication.AuthenticationFlowError; import org.keycloak.authentication.ClientAuthenticationFlowContext; @@ -19,6 +18,7 @@ import org.keycloak.models.AuthenticationExecutionModel; import org.keycloak.models.ClientModel; import org.keycloak.provider.ProviderConfigProperty; import org.keycloak.representations.idm.CredentialRepresentation; +import org.keycloak.services.ServicesLogger; import org.keycloak.util.BasicAuthHelper; /** @@ -30,7 +30,7 @@ import org.keycloak.util.BasicAuthHelper; */ public class ClientIdAndSecretAuthenticator extends AbstractClientAuthenticator { - protected static Logger logger = Logger.getLogger(ClientIdAndSecretAuthenticator.class); + protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; public static final String PROVIDER_ID = "client-secret"; diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/client/JWTClientAuthenticator.java b/services/src/main/java/org/keycloak/authentication/authenticators/client/JWTClientAuthenticator.java index 4416f4d865..4cb728f67a 100644 --- a/services/src/main/java/org/keycloak/authentication/authenticators/client/JWTClientAuthenticator.java +++ b/services/src/main/java/org/keycloak/authentication/authenticators/client/JWTClientAuthenticator.java @@ -11,7 +11,6 @@ import java.util.Map; import javax.ws.rs.core.MultivaluedMap; import javax.ws.rs.core.Response; -import org.jboss.logging.Logger; import org.keycloak.OAuth2Constants; import org.keycloak.authentication.AuthenticationFlowError; import org.keycloak.authentication.ClientAuthenticationFlowContext; @@ -23,6 +22,7 @@ import org.keycloak.models.RealmModel; import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.provider.ProviderConfigProperty; import org.keycloak.representations.JsonWebToken; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.Urls; /** @@ -36,7 +36,7 @@ import org.keycloak.services.Urls; */ public class JWTClientAuthenticator extends AbstractClientAuthenticator { - protected static Logger logger = Logger.getLogger(JWTClientAuthenticator.class); + protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; public static final String PROVIDER_ID = "client-jwt"; public static final String CERTIFICATE_ATTR = "jwt.credential.certificate"; @@ -129,7 +129,7 @@ public class JWTClientAuthenticator extends AbstractClientAuthenticator { context.success(); } catch (Exception e) { - logger.error("Error when validate client assertion", e); + logger.errorValidatingAssertion(e); Response challengeResponse = ClientAuthUtil.errorResponse(Response.Status.BAD_REQUEST.getStatusCode(), "unauthorized_client", "Client authentication with signed JWT failed: " + e.getMessage()); context.failure(AuthenticationFlowError.INVALID_CLIENT_CREDENTIALS, challengeResponse); } diff --git a/services/src/main/java/org/keycloak/services/ServicesLogger.java b/services/src/main/java/org/keycloak/services/ServicesLogger.java index e6d09f220e..068d916abd 100644 --- a/services/src/main/java/org/keycloak/services/ServicesLogger.java +++ b/services/src/main/java/org/keycloak/services/ServicesLogger.java @@ -135,4 +135,8 @@ public interface ServicesLogger extends BasicLogger { @LogMessage(level = ERROR) @Message(id=24, value="") void modelDuplicateException(@Cause ModelDuplicateException mde); + + @LogMessage(level = ERROR) + @Message(id=25, value="Error when validating client assertion") + void errorValidatingAssertion(@Cause Throwable t); } From dfb92db2b7fa23e3dbe3841067af595aca5aefbf Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Mon, 18 Jan 2016 13:20:59 -0500 Subject: [PATCH 08/30] KEYCLOAK-1280: i18n logging for org.keycloak.authentication.authenticators.directgrant --- .../authenticators/directgrant/ValidateOTP.java | 2 -- .../authenticators/directgrant/ValidatePassword.java | 2 -- .../authenticators/directgrant/ValidateUsername.java | 6 +++--- 3 files changed, 3 insertions(+), 7 deletions(-) diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/directgrant/ValidateOTP.java b/services/src/main/java/org/keycloak/authentication/authenticators/directgrant/ValidateOTP.java index f555ae6526..b1a1570a5e 100755 --- a/services/src/main/java/org/keycloak/authentication/authenticators/directgrant/ValidateOTP.java +++ b/services/src/main/java/org/keycloak/authentication/authenticators/directgrant/ValidateOTP.java @@ -1,6 +1,5 @@ package org.keycloak.authentication.authenticators.directgrant; -import org.jboss.logging.Logger; import org.keycloak.authentication.AuthenticationFlowError; import org.keycloak.authentication.AuthenticationFlowContext; import org.keycloak.events.Errors; @@ -23,7 +22,6 @@ import java.util.List; */ public class ValidateOTP extends AbstractDirectGrantAuthenticator { - private static final Logger logger = Logger.getLogger(ValidateOTP.class); public static final String PROVIDER_ID = "direct-grant-validate-otp"; @Override diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/directgrant/ValidatePassword.java b/services/src/main/java/org/keycloak/authentication/authenticators/directgrant/ValidatePassword.java index 0bb89e43ee..a4d70df81d 100755 --- a/services/src/main/java/org/keycloak/authentication/authenticators/directgrant/ValidatePassword.java +++ b/services/src/main/java/org/keycloak/authentication/authenticators/directgrant/ValidatePassword.java @@ -1,6 +1,5 @@ package org.keycloak.authentication.authenticators.directgrant; -import org.jboss.logging.Logger; import org.keycloak.authentication.AuthenticationFlowError; import org.keycloak.authentication.AuthenticationFlowContext; import org.keycloak.events.Errors; @@ -23,7 +22,6 @@ import java.util.List; */ public class ValidatePassword extends AbstractDirectGrantAuthenticator { - private static final Logger logger = Logger.getLogger(ValidatePassword.class); public static final String PROVIDER_ID = "direct-grant-validate-password"; @Override diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/directgrant/ValidateUsername.java b/services/src/main/java/org/keycloak/authentication/authenticators/directgrant/ValidateUsername.java index d7fe1fec19..e8907bc35b 100755 --- a/services/src/main/java/org/keycloak/authentication/authenticators/directgrant/ValidateUsername.java +++ b/services/src/main/java/org/keycloak/authentication/authenticators/directgrant/ValidateUsername.java @@ -1,6 +1,5 @@ package org.keycloak.authentication.authenticators.directgrant; -import org.jboss.logging.Logger; import org.keycloak.authentication.AuthenticationFlowError; import org.keycloak.authentication.AuthenticationFlowContext; import org.keycloak.authentication.authenticators.browser.AbstractUsernameFormAuthenticator; @@ -13,6 +12,7 @@ import org.keycloak.models.RealmModel; import org.keycloak.models.UserModel; import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.provider.ProviderConfigProperty; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.managers.AuthenticationManager; import javax.ws.rs.core.MultivaluedMap; @@ -26,7 +26,7 @@ import java.util.List; */ public class ValidateUsername extends AbstractDirectGrantAuthenticator { - private static final Logger logger = Logger.getLogger(ValidateUsername.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; public static final String PROVIDER_ID = "direct-grant-validate-username"; @Override @@ -46,7 +46,7 @@ public class ValidateUsername extends AbstractDirectGrantAuthenticator { try { user = KeycloakModelUtils.findUserByNameOrEmail(context.getSession(), context.getRealm(), username); } catch (ModelDuplicateException mde) { - logger.error(mde.getMessage(), mde); + logger.modelDuplicateException(mde); Response challengeResponse = errorResponse(Response.Status.UNAUTHORIZED.getStatusCode(), "invalid_request", "Invalid user credentials"); context.failure(AuthenticationFlowError.INVALID_USER, challengeResponse); return; From 7bc74aac736a50dda96f95d5adcec4fba6e59c3b Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Mon, 18 Jan 2016 14:19:06 -0500 Subject: [PATCH 09/30] KEYCLOAK-1280: i18n logging for org.keycloak.authentication.authenticators.resetcred --- .../authenticators/resetcred/ResetCredentialChooseUser.java | 4 ++-- .../authenticators/resetcred/ResetCredentialEmail.java | 6 +++--- .../src/main/java/org/keycloak/services/ServicesLogger.java | 5 +++++ 3 files changed, 10 insertions(+), 5 deletions(-) diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/resetcred/ResetCredentialChooseUser.java b/services/src/main/java/org/keycloak/authentication/authenticators/resetcred/ResetCredentialChooseUser.java index e48d19456c..778384bfdb 100755 --- a/services/src/main/java/org/keycloak/authentication/authenticators/resetcred/ResetCredentialChooseUser.java +++ b/services/src/main/java/org/keycloak/authentication/authenticators/resetcred/ResetCredentialChooseUser.java @@ -1,6 +1,5 @@ package org.keycloak.authentication.authenticators.resetcred; -import org.jboss.logging.Logger; import org.keycloak.Config; import org.keycloak.authentication.AuthenticationFlowContext; import org.keycloak.authentication.AuthenticationFlowError; @@ -17,6 +16,7 @@ import org.keycloak.models.KeycloakSessionFactory; import org.keycloak.models.RealmModel; import org.keycloak.models.UserModel; import org.keycloak.provider.ProviderConfigProperty; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.messages.Messages; import javax.ws.rs.core.MultivaluedMap; @@ -29,7 +29,7 @@ import java.util.List; */ public class ResetCredentialChooseUser implements Authenticator, AuthenticatorFactory { - protected static Logger logger = Logger.getLogger(ResetCredentialChooseUser.class); + protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; public static final String PROVIDER_ID = "reset-credentials-choose-user"; diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/resetcred/ResetCredentialEmail.java b/services/src/main/java/org/keycloak/authentication/authenticators/resetcred/ResetCredentialEmail.java index a66126dfce..a50343df89 100755 --- a/services/src/main/java/org/keycloak/authentication/authenticators/resetcred/ResetCredentialEmail.java +++ b/services/src/main/java/org/keycloak/authentication/authenticators/resetcred/ResetCredentialEmail.java @@ -1,6 +1,5 @@ package org.keycloak.authentication.authenticators.resetcred; -import org.jboss.logging.Logger; import org.keycloak.Config; import org.keycloak.authentication.AuthenticationFlowContext; import org.keycloak.authentication.AuthenticationFlowError; @@ -22,6 +21,7 @@ import org.keycloak.models.UserModel; import org.keycloak.models.utils.FormMessage; import org.keycloak.models.utils.HmacOTP; import org.keycloak.provider.ProviderConfigProperty; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.messages.Messages; import javax.ws.rs.core.Response; @@ -36,7 +36,7 @@ import java.util.concurrent.TimeUnit; public class ResetCredentialEmail implements Authenticator, AuthenticatorFactory { public static final String RESET_CREDENTIAL_SECRET = "RESET_CREDENTIAL_SECRET"; - protected static Logger logger = Logger.getLogger(ResetCredentialEmail.class); + protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; public static final String PROVIDER_ID = "reset-credential-email"; @@ -83,7 +83,7 @@ public class ResetCredentialEmail implements Authenticator, AuthenticatorFactory .detail(Details.USERNAME, username) .user(user) .error(Errors.EMAIL_SEND_FAILED); - logger.error("Failed to send password reset email", e); + logger.failedToSendPwdResetEmail(e); Response challenge = context.form() .setError(Messages.EMAIL_SENT_ERROR) .createErrorPage(); diff --git a/services/src/main/java/org/keycloak/services/ServicesLogger.java b/services/src/main/java/org/keycloak/services/ServicesLogger.java index 068d916abd..db2b8ae646 100644 --- a/services/src/main/java/org/keycloak/services/ServicesLogger.java +++ b/services/src/main/java/org/keycloak/services/ServicesLogger.java @@ -27,6 +27,7 @@ import org.jboss.logging.annotations.MessageLogger; import static org.jboss.logging.Logger.Level.ERROR; import static org.jboss.logging.Logger.Level.INFO; import static org.jboss.logging.Logger.Level.WARN; +import org.keycloak.email.EmailException; import org.keycloak.models.ModelDuplicateException; @@ -139,4 +140,8 @@ public interface ServicesLogger extends BasicLogger { @LogMessage(level = ERROR) @Message(id=25, value="Error when validating client assertion") void errorValidatingAssertion(@Cause Throwable t); + + @LogMessage(level = ERROR) + @Message(id=26, value="Failed to send password reset email") + void failedToSendPwdResetEmail(@Cause EmailException e); } From 2cecce37a700ac8d2ebc266be00dda7667839ece Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Mon, 18 Jan 2016 14:23:41 -0500 Subject: [PATCH 10/30] KEYCLOAK-1280: i18n logging for org.keycloak.authentication.forms --- .../authentication/forms/RegistrationRecaptcha.java | 6 +++--- .../src/main/java/org/keycloak/services/ServicesLogger.java | 4 ++++ 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/services/src/main/java/org/keycloak/authentication/forms/RegistrationRecaptcha.java b/services/src/main/java/org/keycloak/authentication/forms/RegistrationRecaptcha.java index 601e9cb51c..9e2ea369ed 100755 --- a/services/src/main/java/org/keycloak/authentication/forms/RegistrationRecaptcha.java +++ b/services/src/main/java/org/keycloak/authentication/forms/RegistrationRecaptcha.java @@ -6,7 +6,6 @@ import org.apache.http.client.HttpClient; import org.apache.http.client.entity.UrlEncodedFormEntity; import org.apache.http.client.methods.HttpPost; import org.apache.http.message.BasicNameValuePair; -import org.jboss.logging.Logger; import org.keycloak.Config; import org.keycloak.authentication.FormAction; import org.keycloak.authentication.FormActionFactory; @@ -25,6 +24,7 @@ import org.keycloak.models.UserModel; import org.keycloak.models.utils.FormMessage; import org.keycloak.provider.ConfiguredProvider; import org.keycloak.provider.ProviderConfigProperty; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.messages.Messages; import org.keycloak.services.validation.Validation; import org.keycloak.util.JsonSerialization; @@ -45,7 +45,7 @@ public class RegistrationRecaptcha implements FormAction, FormActionFactory, Con public static final String RECAPTCHA_REFERENCE_CATEGORY = "recaptcha"; public static final String SITE_KEY = "site.key"; public static final String SITE_SECRET = "secret"; - protected static Logger logger = Logger.getLogger(RegistrationRecaptcha.class); + protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; public static final String PROVIDER_ID = "registration-recaptcha-action"; @@ -135,7 +135,7 @@ public class RegistrationRecaptcha implements FormAction, FormActionFactory, Con content.close(); } } catch (Exception e) { - logger.error("Recaptcha failed", e); + logger.recaptchaFailed(e); } return success; } diff --git a/services/src/main/java/org/keycloak/services/ServicesLogger.java b/services/src/main/java/org/keycloak/services/ServicesLogger.java index db2b8ae646..a5c72a4880 100644 --- a/services/src/main/java/org/keycloak/services/ServicesLogger.java +++ b/services/src/main/java/org/keycloak/services/ServicesLogger.java @@ -144,4 +144,8 @@ public interface ServicesLogger extends BasicLogger { @LogMessage(level = ERROR) @Message(id=26, value="Failed to send password reset email") void failedToSendPwdResetEmail(@Cause EmailException e); + + @LogMessage(level = ERROR) + @Message(id=28, value="Recaptcha failed") + void recaptchaFailed(@Cause Exception e); } From b544adf17068ecf215820ee34f4d71f48051a559 Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Mon, 18 Jan 2016 14:28:21 -0500 Subject: [PATCH 11/30] KEYCLOAK-1280: i18n logging for org.keycloak.authentication.requiredactions --- .../authentication/requiredactions/UpdatePassword.java | 4 ++-- .../authentication/requiredactions/UpdateProfile.java | 4 ++-- .../keycloak/authentication/requiredactions/UpdateTotp.java | 4 ++-- .../keycloak/authentication/requiredactions/VerifyEmail.java | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) mode change 100755 => 100644 services/src/main/java/org/keycloak/authentication/requiredactions/UpdateProfile.java mode change 100755 => 100644 services/src/main/java/org/keycloak/authentication/requiredactions/UpdateTotp.java diff --git a/services/src/main/java/org/keycloak/authentication/requiredactions/UpdatePassword.java b/services/src/main/java/org/keycloak/authentication/requiredactions/UpdatePassword.java index a28195e67c..3bbef83a87 100755 --- a/services/src/main/java/org/keycloak/authentication/requiredactions/UpdatePassword.java +++ b/services/src/main/java/org/keycloak/authentication/requiredactions/UpdatePassword.java @@ -1,6 +1,5 @@ package org.keycloak.authentication.requiredactions; -import org.jboss.logging.Logger; import org.keycloak.Config; import org.keycloak.authentication.RequiredActionContext; import org.keycloak.authentication.RequiredActionFactory; @@ -13,6 +12,7 @@ import org.keycloak.models.ModelException; import org.keycloak.models.UserCredentialModel; import org.keycloak.models.UserCredentialValueModel; import org.keycloak.models.UserModel; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.messages.Messages; import org.keycloak.services.validation.Validation; import org.keycloak.common.util.Time; @@ -26,7 +26,7 @@ import java.util.concurrent.TimeUnit; * @version $Revision: 1 $ */ public class UpdatePassword implements RequiredActionProvider, RequiredActionFactory { - protected static Logger logger = Logger.getLogger(UpdatePassword.class); + protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; @Override public void evaluateTriggers(RequiredActionContext context) { int daysToExpirePassword = context.getRealm().getPasswordPolicy().getDaysToExpirePassword(); diff --git a/services/src/main/java/org/keycloak/authentication/requiredactions/UpdateProfile.java b/services/src/main/java/org/keycloak/authentication/requiredactions/UpdateProfile.java old mode 100755 new mode 100644 index dace75b3e3..66deb43484 --- a/services/src/main/java/org/keycloak/authentication/requiredactions/UpdateProfile.java +++ b/services/src/main/java/org/keycloak/authentication/requiredactions/UpdateProfile.java @@ -1,6 +1,5 @@ package org.keycloak.authentication.requiredactions; -import org.jboss.logging.Logger; import org.keycloak.Config; import org.keycloak.authentication.RequiredActionContext; import org.keycloak.authentication.RequiredActionFactory; @@ -13,6 +12,7 @@ import org.keycloak.models.KeycloakSessionFactory; import org.keycloak.models.RealmModel; import org.keycloak.models.UserModel; import org.keycloak.models.utils.FormMessage; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.messages.Messages; import org.keycloak.services.resources.AttributeFormDataProcessor; import org.keycloak.services.validation.Validation; @@ -26,7 +26,7 @@ import java.util.List; * @version $Revision: 1 $ */ public class UpdateProfile implements RequiredActionProvider, RequiredActionFactory { - protected static Logger logger = Logger.getLogger(UpdateProfile.class); + protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; @Override public void evaluateTriggers(RequiredActionContext context) { } diff --git a/services/src/main/java/org/keycloak/authentication/requiredactions/UpdateTotp.java b/services/src/main/java/org/keycloak/authentication/requiredactions/UpdateTotp.java old mode 100755 new mode 100644 index c6186029bf..a37f1b24b8 --- a/services/src/main/java/org/keycloak/authentication/requiredactions/UpdateTotp.java +++ b/services/src/main/java/org/keycloak/authentication/requiredactions/UpdateTotp.java @@ -1,6 +1,5 @@ package org.keycloak.authentication.requiredactions; -import org.jboss.logging.Logger; import org.keycloak.Config; import org.keycloak.authentication.RequiredActionContext; import org.keycloak.authentication.RequiredActionFactory; @@ -12,6 +11,7 @@ import org.keycloak.models.KeycloakSessionFactory; import org.keycloak.models.UserCredentialModel; import org.keycloak.models.UserModel; import org.keycloak.models.utils.CredentialValidation; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.messages.Messages; import org.keycloak.services.validation.Validation; @@ -23,7 +23,7 @@ import javax.ws.rs.core.Response; * @version $Revision: 1 $ */ public class UpdateTotp implements RequiredActionProvider, RequiredActionFactory { - protected static Logger logger = Logger.getLogger(UpdateTotp.class); + protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; @Override public void evaluateTriggers(RequiredActionContext context) { } diff --git a/services/src/main/java/org/keycloak/authentication/requiredactions/VerifyEmail.java b/services/src/main/java/org/keycloak/authentication/requiredactions/VerifyEmail.java index 3fccd85dc0..e7bb08e860 100755 --- a/services/src/main/java/org/keycloak/authentication/requiredactions/VerifyEmail.java +++ b/services/src/main/java/org/keycloak/authentication/requiredactions/VerifyEmail.java @@ -1,6 +1,5 @@ package org.keycloak.authentication.requiredactions; -import org.jboss.logging.Logger; import org.keycloak.Config; import org.keycloak.authentication.RequiredActionContext; import org.keycloak.authentication.RequiredActionFactory; @@ -14,6 +13,7 @@ import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSessionFactory; import org.keycloak.models.UserModel; import org.keycloak.models.utils.HmacOTP; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.resources.LoginActionsService; import org.keycloak.services.validation.Validation; @@ -24,7 +24,7 @@ import javax.ws.rs.core.Response; * @version $Revision: 1 $ */ public class VerifyEmail implements RequiredActionProvider, RequiredActionFactory { - protected static Logger logger = Logger.getLogger(VerifyEmail.class); + protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; @Override public void evaluateTriggers(RequiredActionContext context) { if (context.getRealm().isVerifyEmail() && !context.getUser().isEmailVerified()) { From 24602257e147e0d63fdae2884b4f6d6eb7c3af05 Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Mon, 18 Jan 2016 14:32:05 -0500 Subject: [PATCH 12/30] KEYCLOAK-1280: i18n logging for org.keycloak.email --- .../java/org/keycloak/email/DefaultEmailSenderProvider.java | 6 +++--- .../src/main/java/org/keycloak/services/ServicesLogger.java | 4 ++++ 2 files changed, 7 insertions(+), 3 deletions(-) mode change 100755 => 100644 services/src/main/java/org/keycloak/email/DefaultEmailSenderProvider.java diff --git a/services/src/main/java/org/keycloak/email/DefaultEmailSenderProvider.java b/services/src/main/java/org/keycloak/email/DefaultEmailSenderProvider.java old mode 100755 new mode 100644 index bbb331061d..7069ef2f1a --- a/services/src/main/java/org/keycloak/email/DefaultEmailSenderProvider.java +++ b/services/src/main/java/org/keycloak/email/DefaultEmailSenderProvider.java @@ -1,11 +1,11 @@ package org.keycloak.email; -import org.jboss.logging.Logger; import org.keycloak.truststore.HostnameVerificationPolicy; import org.keycloak.truststore.JSSETruststoreConfigurator; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.models.UserModel; +import org.keycloak.services.ServicesLogger; import javax.mail.Message; import javax.mail.Multipart; @@ -26,7 +26,7 @@ import java.util.Properties; */ public class DefaultEmailSenderProvider implements EmailSenderProvider { - private static final Logger log = Logger.getLogger(DefaultEmailSenderProvider.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; private final KeycloakSession session; @@ -104,7 +104,7 @@ public class DefaultEmailSenderProvider implements EmailSenderProvider { } transport.sendMessage(msg, new InternetAddress[]{new InternetAddress(address)}); } catch (Exception e) { - log.error("Failed to send email", e); + logger.failedToSendEmail(e); throw new EmailException(e); } } diff --git a/services/src/main/java/org/keycloak/services/ServicesLogger.java b/services/src/main/java/org/keycloak/services/ServicesLogger.java index a5c72a4880..b7e7f8681f 100644 --- a/services/src/main/java/org/keycloak/services/ServicesLogger.java +++ b/services/src/main/java/org/keycloak/services/ServicesLogger.java @@ -148,4 +148,8 @@ public interface ServicesLogger extends BasicLogger { @LogMessage(level = ERROR) @Message(id=28, value="Recaptcha failed") void recaptchaFailed(@Cause Exception e); + + @LogMessage(level = ERROR) + @Message(id=29, value="Failed to send email") + void failedToSendEmail(@Cause Exception e); } From 273c662b291cfc5c15c49092b42be3704fa79b7f Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Mon, 18 Jan 2016 16:07:11 -0500 Subject: [PATCH 13/30] KEYCLOAK-1280: i18n logging for org.keycloak.exportimport --- .../exportimport/ExportImportManager.java | 16 +++++------ .../org/keycloak/services/ServicesLogger.java | 28 +++++++++++++++++++ 2 files changed, 36 insertions(+), 8 deletions(-) diff --git a/services/src/main/java/org/keycloak/exportimport/ExportImportManager.java b/services/src/main/java/org/keycloak/exportimport/ExportImportManager.java index a373de40ff..389a973345 100644 --- a/services/src/main/java/org/keycloak/exportimport/ExportImportManager.java +++ b/services/src/main/java/org/keycloak/exportimport/ExportImportManager.java @@ -1,7 +1,7 @@ package org.keycloak.exportimport; -import org.jboss.logging.Logger; +import org.keycloak.services.ServicesLogger; import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSessionFactory; @@ -12,7 +12,7 @@ import java.io.IOException; */ public class ExportImportManager { - private static final Logger logger = Logger.getLogger(ExportImportManager.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; private KeycloakSessionFactory sessionFactory; @@ -65,13 +65,13 @@ public class ExportImportManager { try { Strategy strategy = ExportImportConfig.getStrategy(); if (realmName == null) { - logger.infof("Full model import requested. Strategy: %s", strategy.toString()); + logger.fullModelImport(strategy.toString()); importProvider.importModel(sessionFactory, strategy); } else { - logger.infof("Import of realm '%s' requested. Strategy: %s", realmName, strategy.toString()); + logger.realmImportRequested(realmName, strategy.toString()); importProvider.importRealm(sessionFactory, realmName, strategy); } - logger.info("Import finished successfully"); + logger.importSuccess(); } catch (IOException e) { throw new RuntimeException("Failed to run import", e); } @@ -80,13 +80,13 @@ public class ExportImportManager { public void runExport() { try { if (realmName == null) { - logger.info("Full model export requested"); + logger.fullModelExportRequested(); exportProvider.exportModel(sessionFactory); } else { - logger.infof("Export of realm '%s' requested", realmName); + logger.realmExportRequested(realmName); exportProvider.exportRealm(sessionFactory, realmName); } - logger.info("Export finished successfully"); + logger.exportSuccess(); } catch (IOException e) { throw new RuntimeException("Failed to run export"); } diff --git a/services/src/main/java/org/keycloak/services/ServicesLogger.java b/services/src/main/java/org/keycloak/services/ServicesLogger.java index b7e7f8681f..5b61cedfb3 100644 --- a/services/src/main/java/org/keycloak/services/ServicesLogger.java +++ b/services/src/main/java/org/keycloak/services/ServicesLogger.java @@ -152,4 +152,32 @@ public interface ServicesLogger extends BasicLogger { @LogMessage(level = ERROR) @Message(id=29, value="Failed to send email") void failedToSendEmail(@Cause Exception e); + + @LogMessage(level = INFO) + @Message(id=30, value="Full model import requested. Strategy: %s") + void fullModelImport(String strategy); + + @LogMessage(level = INFO) + @Message(id=31, value="Import of realm '%s' requested. Strategy: %s") + void realmImportRequested(String realmName, String strategy); + + @LogMessage(level = INFO) + @Message(id=32, value="Import finished successfully") + void importSuccess(); + + @LogMessage(level = INFO) + @Message(id=33, value="Full model export requested") + void fullModelExportRequested(); + + @LogMessage(level = INFO) + @Message(id=34, value="Export of realm '%s' requested.") + void realmExportRequested(String realmName); + + @LogMessage(level = INFO) + @Message(id=35, value="Export finished successfully") + void exportSuccess(); + + + + } From d2ad1808a53b8480e3a3af099d6fc3ae8446da74 Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Mon, 18 Jan 2016 16:18:59 -0500 Subject: [PATCH 14/30] KEYCLOAK-1280: i18n logging for org.keycloak.partialimport --- .../keycloak/partialimport/AbstractPartialImport.java | 8 ++++---- .../org/keycloak/partialimport/RolesPartialImport.java | 6 +++--- .../java/org/keycloak/services/ServicesLogger.java | 10 +++++++++- 3 files changed, 16 insertions(+), 8 deletions(-) diff --git a/services/src/main/java/org/keycloak/partialimport/AbstractPartialImport.java b/services/src/main/java/org/keycloak/partialimport/AbstractPartialImport.java index 33f9c1296b..127465fd79 100644 --- a/services/src/main/java/org/keycloak/partialimport/AbstractPartialImport.java +++ b/services/src/main/java/org/keycloak/partialimport/AbstractPartialImport.java @@ -21,11 +21,11 @@ import java.util.HashSet; import java.util.List; import java.util.Set; import javax.ws.rs.core.Response; -import org.jboss.logging.Logger; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.representations.idm.PartialImportRepresentation; import org.keycloak.services.ErrorResponse; +import org.keycloak.services.ServicesLogger; /** * Base PartialImport for most resource types. @@ -33,7 +33,7 @@ import org.keycloak.services.ErrorResponse; * @author Stan Silvert ssilvert@redhat.com (C) 2016 Red Hat Inc. */ public abstract class AbstractPartialImport implements PartialImport { - protected static Logger logger = Logger.getLogger(AbstractPartialImport.class); + protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; protected final Set toOverwrite = new HashSet<>(); protected final Set toSkip = new HashSet<>(); @@ -99,7 +99,7 @@ public abstract class AbstractPartialImport implements PartialImport { try { create(realm, session, resourceRep); } catch (Exception e) { - logger.error("Error overwriting " + getName(resourceRep), e); + logger.overwriteError(e, getName(resourceRep)); throw new ErrorResponseException(ErrorResponse.error(e.getMessage(), Response.Status.INTERNAL_SERVER_ERROR)); } @@ -121,7 +121,7 @@ public abstract class AbstractPartialImport implements PartialImport { String modelId = getModelId(realm, session, resourceRep); results.addResult(added(modelId, resourceRep)); } catch (Exception e) { - logger.error("Error creating " + getName(resourceRep), e); + logger.creationError(e, getName(resourceRep)); throw new ErrorResponseException(ErrorResponse.error(e.getMessage(), Response.Status.INTERNAL_SERVER_ERROR)); } } diff --git a/services/src/main/java/org/keycloak/partialimport/RolesPartialImport.java b/services/src/main/java/org/keycloak/partialimport/RolesPartialImport.java index 6bf145e10b..35b2625511 100644 --- a/services/src/main/java/org/keycloak/partialimport/RolesPartialImport.java +++ b/services/src/main/java/org/keycloak/partialimport/RolesPartialImport.java @@ -20,7 +20,6 @@ import java.util.List; import java.util.Map; import java.util.Set; import javax.ws.rs.core.Response; -import org.jboss.logging.Logger; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.models.utils.KeycloakModelUtils; @@ -29,6 +28,7 @@ import org.keycloak.representations.idm.PartialImportRepresentation; import org.keycloak.representations.idm.RoleRepresentation; import org.keycloak.representations.idm.RolesRepresentation; import org.keycloak.services.ErrorResponse; +import org.keycloak.services.ServicesLogger; /** * This class handles both realm roles and client roles. It delegates to @@ -44,7 +44,7 @@ import org.keycloak.services.ErrorResponse; * @author Stan Silvert ssilvert@redhat.com (C) 2016 Red Hat Inc. */ public class RolesPartialImport implements PartialImport { - protected static Logger logger = Logger.getLogger(RolesPartialImport.class); + protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; private Set realmRolesToOverwrite; private Set realmRolesToSkip; @@ -97,7 +97,7 @@ public class RolesPartialImport implements PartialImport { try { RepresentationToModel.importRoles(rep.getRoles(), realm); } catch (Exception e) { - logger.error("Error importing roles", e); + logger.roleImportError(e); throw new ErrorResponseException(ErrorResponse.error(e.getMessage(), Response.Status.INTERNAL_SERVER_ERROR)); } diff --git a/services/src/main/java/org/keycloak/services/ServicesLogger.java b/services/src/main/java/org/keycloak/services/ServicesLogger.java index 5b61cedfb3..ab540de773 100644 --- a/services/src/main/java/org/keycloak/services/ServicesLogger.java +++ b/services/src/main/java/org/keycloak/services/ServicesLogger.java @@ -177,7 +177,15 @@ public interface ServicesLogger extends BasicLogger { @Message(id=35, value="Export finished successfully") void exportSuccess(); - + @LogMessage(level = ERROR) + @Message(id=36, value="Error overwriting %s") + void overwriteError(@Cause Exception e, String name); + @LogMessage(level = ERROR) + @Message(id=37, value="Error creating %s") + void creationError(@Cause Exception e, String name); + @LogMessage(level = ERROR) + @Message(id=38, value="Error importing roles") + void roleImportError(@Cause Exception e); } From 9dccd45543b020e65f0eea88e863436b04c6daff Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Mon, 18 Jan 2016 16:22:18 -0500 Subject: [PATCH 15/30] KEYCLOAK-1280: i18n logging for org.keycloak.protocol --- .../org/keycloak/protocol/AuthorizationEndpointBase.java | 6 +++--- .../main/java/org/keycloak/protocol/RestartLoginCookie.java | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) mode change 100755 => 100644 services/src/main/java/org/keycloak/protocol/RestartLoginCookie.java diff --git a/services/src/main/java/org/keycloak/protocol/AuthorizationEndpointBase.java b/services/src/main/java/org/keycloak/protocol/AuthorizationEndpointBase.java index 4ac200aec2..1b2e87148c 100755 --- a/services/src/main/java/org/keycloak/protocol/AuthorizationEndpointBase.java +++ b/services/src/main/java/org/keycloak/protocol/AuthorizationEndpointBase.java @@ -7,7 +7,6 @@ import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.Response; import javax.ws.rs.core.UriInfo; -import org.jboss.logging.Logger; import org.jboss.resteasy.spi.HttpRequest; import org.keycloak.authentication.AuthenticationProcessor; import org.keycloak.common.ClientConnection; @@ -19,6 +18,7 @@ import org.keycloak.models.IdentityProviderModel; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.protocol.LoginProtocol.Error; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.Urls; import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.managers.ClientSessionCode; @@ -31,7 +31,7 @@ import org.keycloak.services.resources.LoginActionsService; */ public abstract class AuthorizationEndpointBase { - private static final Logger logger = Logger.getLogger(AuthorizationEndpointBase.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; protected RealmModel realm; protected EventBuilder event; @@ -70,7 +70,7 @@ public abstract class AuthorizationEndpointBase { /** * Common method to handle browser authentication request in protocols unified way. - * + * * @param clientSession for current request * @param protocol handler for protocol used to initiate login * @param isPassive set to true if login should be passive (without login screen shown) diff --git a/services/src/main/java/org/keycloak/protocol/RestartLoginCookie.java b/services/src/main/java/org/keycloak/protocol/RestartLoginCookie.java old mode 100755 new mode 100644 index c7157ac516..95b8430274 --- a/services/src/main/java/org/keycloak/protocol/RestartLoginCookie.java +++ b/services/src/main/java/org/keycloak/protocol/RestartLoginCookie.java @@ -1,7 +1,6 @@ package org.keycloak.protocol; import com.fasterxml.jackson.annotation.JsonProperty; -import org.jboss.logging.Logger; import org.keycloak.common.ClientConnection; import org.keycloak.jose.jws.JWSBuilder; import org.keycloak.jose.jws.JWSInput; @@ -10,6 +9,7 @@ import org.keycloak.models.ClientModel; import org.keycloak.models.ClientSessionModel; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.util.CookieHelper; @@ -27,7 +27,7 @@ import java.util.Map; * @version $Revision: 1 $ */ public class RestartLoginCookie { - private static final Logger logger = Logger.getLogger(RestartLoginCookie.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; public static final String KC_RESTART = "KC_RESTART"; @JsonProperty("cs") protected String clientSession; From 550e23c8f6709563d18a6e9a97d602d90eb77a15 Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Mon, 18 Jan 2016 16:35:51 -0500 Subject: [PATCH 16/30] KEYCLOAK-1280: i18n logging for org.keycloak.protocol.oidc --- .../keycloak/protocol/oidc/OIDCLoginProtocol.java | 8 ++++---- .../protocol/oidc/OIDCLoginProtocolFactory.java | 6 +++--- .../protocol/oidc/OIDCLoginProtocolService.java | 4 ++-- .../org/keycloak/protocol/oidc/TokenManager.java | 4 ++-- .../java/org/keycloak/services/ServicesLogger.java | 13 +++++++++++++ 5 files changed, 24 insertions(+), 11 deletions(-) mode change 100755 => 100644 services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java diff --git a/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocol.java b/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocol.java index 40bcc67dc2..e064fd5132 100755 --- a/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocol.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocol.java @@ -21,7 +21,6 @@ */ package org.keycloak.protocol.oidc; -import org.jboss.logging.Logger; import org.keycloak.OAuth2Constants; import org.keycloak.events.Details; import org.keycloak.events.EventBuilder; @@ -37,6 +36,7 @@ import org.keycloak.protocol.oidc.utils.OIDCRedirectUriBuilder; import org.keycloak.protocol.oidc.utils.OIDCResponseMode; import org.keycloak.protocol.oidc.utils.OIDCResponseType; import org.keycloak.representations.AccessTokenResponse; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.managers.ClientSessionCode; import org.keycloak.services.managers.ResourceAdminManager; @@ -68,7 +68,7 @@ public class OIDCLoginProtocol implements LoginProtocol { public static final String RESPONSE_MODE_PARAM = "response_mode"; - private static final Logger log = Logger.getLogger(OIDCLoginProtocol.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; protected KeycloakSession session; @@ -143,7 +143,7 @@ public class OIDCLoginProtocol implements LoginProtocol { String redirect = clientSession.getRedirectUri(); OIDCRedirectUriBuilder redirectUri = OIDCRedirectUriBuilder.fromUri(redirect, responseMode); String state = clientSession.getNote(OIDCLoginProtocol.STATE_PARAM); - log.debugv("redirectAccessCode: state: {0}", state); + logger.debugv("redirectAccessCode: state: {0}", state); if (state != null) redirectUri.addParam(OAuth2Constants.STATE, state); @@ -203,7 +203,7 @@ public class OIDCLoginProtocol implements LoginProtocol { case PASSIVE_LOGIN_REQUIRED: return "login_required"; default: - log.warn("Untranslated protocol Error: " + error.name() + " so we return default SAML error"); + logger.untranslatedProtocol(error.name()); return "access_denied"; } } diff --git a/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolFactory.java b/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolFactory.java index a215e4cc06..8a13d9cd15 100755 --- a/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolFactory.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolFactory.java @@ -16,7 +16,6 @@ */ package org.keycloak.protocol.oidc; -import org.jboss.logging.Logger; import org.keycloak.common.constants.KerberosConstants; import org.keycloak.common.util.UriUtils; import org.keycloak.events.EventBuilder; @@ -34,6 +33,7 @@ import org.keycloak.protocol.oidc.mappers.UserPropertyMapper; import org.keycloak.protocol.oidc.mappers.UserSessionNoteMapper; import org.keycloak.representations.idm.ClientRepresentation; import org.keycloak.representations.idm.ClientTemplateRepresentation; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.managers.AuthenticationManager; import java.util.ArrayList; @@ -50,7 +50,7 @@ import org.keycloak.protocol.oidc.mappers.UserAttributeMapper; * @version $Revision: 1 $ */ public class OIDCLoginProtocolFactory extends AbstractLoginProtocolFactory { - private static Logger logger = Logger.getLogger(OIDCLoginProtocolFactory.class); + private static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; public static final String USERNAME = "username"; public static final String EMAIL = "email"; @@ -195,7 +195,7 @@ public class OIDCLoginProtocolFactory extends AbstractLoginProtocolFactory { // Backwards compatibility only if (rep.isDirectGrantsOnly() != null) { - logger.warn("Using deprecated 'directGrantsOnly' configuration in JSON representation. It will be removed in future versions"); + logger.usingDeprecatedDirectGrantsOnly(); newClient.setStandardFlowEnabled(!rep.isDirectGrantsOnly()); newClient.setDirectAccessGrantsEnabled(rep.isDirectGrantsOnly()); } else { diff --git a/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java b/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java old mode 100755 new mode 100644 index 6f6be0ceee..625317e744 --- a/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java @@ -1,6 +1,5 @@ package org.keycloak.protocol.oidc; -import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.spi.ResteasyProviderFactory; import org.keycloak.OAuth2Constants; @@ -16,6 +15,7 @@ import org.keycloak.protocol.oidc.endpoints.LogoutEndpoint; import org.keycloak.protocol.oidc.endpoints.TokenEndpoint; import org.keycloak.protocol.oidc.endpoints.UserInfoEndpoint; import org.keycloak.protocol.oidc.representations.JSONWebKeySet; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.resources.RealmsResource; import javax.ws.rs.GET; @@ -37,7 +37,7 @@ import javax.ws.rs.core.UriInfo; */ public class OIDCLoginProtocolService { - protected static final Logger logger = Logger.getLogger(OIDCLoginProtocolService.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; private RealmModel realm; private TokenManager tokenManager; diff --git a/services/src/main/java/org/keycloak/protocol/oidc/TokenManager.java b/services/src/main/java/org/keycloak/protocol/oidc/TokenManager.java index 0051434477..7a3d5dc7da 100755 --- a/services/src/main/java/org/keycloak/protocol/oidc/TokenManager.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/TokenManager.java @@ -1,6 +1,5 @@ package org.keycloak.protocol.oidc; -import org.jboss.logging.Logger; import org.keycloak.common.ClientConnection; import org.keycloak.OAuth2Constants; import org.keycloak.OAuthErrorException; @@ -34,6 +33,7 @@ import org.keycloak.representations.AccessTokenResponse; import org.keycloak.representations.IDToken; import org.keycloak.representations.RefreshToken; import org.keycloak.services.ErrorResponseException; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.managers.ClientSessionCode; import org.keycloak.services.managers.UserSessionManager; @@ -59,7 +59,7 @@ import java.util.Set; * @version $Revision: 1 $ */ public class TokenManager { - protected static final Logger logger = Logger.getLogger(TokenManager.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; public static void applyScope(RoleModel role, RoleModel scope, Set visited, Set requested) { if (visited.contains(scope)) return; diff --git a/services/src/main/java/org/keycloak/services/ServicesLogger.java b/services/src/main/java/org/keycloak/services/ServicesLogger.java index ab540de773..b7be23c917 100644 --- a/services/src/main/java/org/keycloak/services/ServicesLogger.java +++ b/services/src/main/java/org/keycloak/services/ServicesLogger.java @@ -17,6 +17,7 @@ package org.keycloak.services; +import java.net.URI; import org.jboss.logging.BasicLogger; import org.jboss.logging.Logger; import org.jboss.logging.annotations.Cause; @@ -188,4 +189,16 @@ public interface ServicesLogger extends BasicLogger { @LogMessage(level = ERROR) @Message(id=38, value="Error importing roles") void roleImportError(@Cause Exception e); + + @LogMessage(level = WARN) + @Message(id=39, value="Untranslated protocol Error: %s so we return default SAML error") + void untranslatedProtocol(String errorName); + + @LogMessage(level = WARN) + @Message(id=40, value="Using deprecated 'directGrantsOnly' configuration in JSON representation. It will be removed in future versions") + void usingDeprecatedDirectGrantsOnly(); + + @LogMessage(level = WARN) + @Message(id=41, value="Invoking deprecated endpoint %s") + void invokingDeprecatedEndpoint(URI requestUri); } From adfc192877a70d3e9ecd334a88ea5088f20c05ce Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Mon, 18 Jan 2016 17:00:37 -0500 Subject: [PATCH 17/30] KEYCLOAK-1280: i18n logging for org.keycloak.protocol.oidc.endpoints --- .../oidc/endpoints/AuthorizationEndpoint.java | 10 +++++----- .../protocol/oidc/endpoints/LogoutEndpoint.java | 4 ++-- .../protocol/oidc/endpoints/TokenEndpoint.java | 14 +++++++------- .../org/keycloak/services/ServicesLogger.java | 16 ++++++++++++++++ 4 files changed, 30 insertions(+), 14 deletions(-) mode change 100755 => 100644 services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java mode change 100755 => 100644 services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java old mode 100755 new mode 100644 index 27070ad91b..61db4f1410 --- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java @@ -4,7 +4,6 @@ import javax.ws.rs.GET; import javax.ws.rs.core.MultivaluedMap; import javax.ws.rs.core.Response; -import org.jboss.logging.Logger; import org.keycloak.authentication.AuthenticationProcessor; import org.keycloak.constants.AdapterConstants; import org.keycloak.events.Details; @@ -24,6 +23,7 @@ import org.keycloak.protocol.oidc.utils.OIDCResponseMode; import org.keycloak.protocol.oidc.utils.OIDCResponseType; import org.keycloak.protocol.oidc.utils.RedirectUtils; import org.keycloak.services.ErrorPageException; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.Urls; import org.keycloak.services.managers.ClientSessionCode; import org.keycloak.services.messages.Messages; @@ -34,7 +34,7 @@ import org.keycloak.services.resources.LoginActionsService; */ public class AuthorizationEndpoint extends AuthorizationEndpointBase { - private static final Logger logger = Logger.getLogger(AuthorizationEndpoint.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; public static final String CODE_AUTH_TYPE = "code"; @@ -182,7 +182,7 @@ public class AuthorizationEndpoint extends AuthorizationEndpointBase { action = Action.CODE; } } catch (IllegalArgumentException iae) { - logger.error(iae.getMessage()); + logger.error(iae); event.error(Errors.INVALID_REQUEST); throw new ErrorPageException(session, Messages.INVALID_PARAMETER, OIDCLoginProtocol.RESPONSE_TYPE_PARAM); } @@ -193,7 +193,7 @@ public class AuthorizationEndpoint extends AuthorizationEndpointBase { // Disallowed by OIDC specs if (parsedResponseType.isImplicitOrHybridFlow() && parsedResponseMode == OIDCResponseMode.QUERY) { - logger.error("Response_mode 'query' not allowed for implicit or hybrid flow"); + logger.responseModeQueryNotAllowed(); event.error(Errors.INVALID_REQUEST); throw new ErrorPageException(session, Messages.INVALID_PARAMETER, OIDCLoginProtocol.RESPONSE_MODE_PARAM); } @@ -277,4 +277,4 @@ public class AuthorizationEndpoint extends AuthorizationEndpointBase { -} \ No newline at end of file +} diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LogoutEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LogoutEndpoint.java index 8453daaa0d..69258b65fc 100755 --- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LogoutEndpoint.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LogoutEndpoint.java @@ -1,6 +1,5 @@ package org.keycloak.protocol.oidc.endpoints; -import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.spi.HttpRequest; import org.keycloak.common.ClientConnection; @@ -21,6 +20,7 @@ import org.keycloak.protocol.oidc.utils.RedirectUtils; import org.keycloak.representations.IDToken; import org.keycloak.representations.RefreshToken; import org.keycloak.services.ErrorResponseException; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.messages.Messages; import org.keycloak.services.resources.Cors; @@ -43,7 +43,7 @@ import javax.ws.rs.core.UriInfo; * @author Stian Thorgersen */ public class LogoutEndpoint { - protected static Logger logger = Logger.getLogger(LogoutEndpoint.class); + protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; @Context private KeycloakSession session; diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java old mode 100755 new mode 100644 index 382d2e2308..4e28bc3243 --- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java @@ -1,6 +1,5 @@ package org.keycloak.protocol.oidc.endpoints; -import org.jboss.logging.Logger; import org.jboss.resteasy.spi.HttpRequest; import org.jboss.resteasy.spi.ResteasyProviderFactory; import org.keycloak.common.ClientConnection; @@ -27,6 +26,7 @@ import org.keycloak.protocol.oidc.utils.AuthorizeClientUtil; import org.keycloak.representations.AccessToken; import org.keycloak.representations.AccessTokenResponse; import org.keycloak.services.ErrorResponseException; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.managers.ClientManager; import org.keycloak.services.managers.ClientSessionCode; @@ -51,7 +51,7 @@ import java.util.Map; */ public class TokenEndpoint { - private static final Logger logger = Logger.getLogger(TokenEndpoint.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; private MultivaluedMap formParams; private ClientModel client; private Map clientAuthAttributes; @@ -285,7 +285,7 @@ public class TokenEndpoint { private void updateClientSession(ClientSessionModel clientSession) { if(clientSession == null) { - logger.error("client session is null"); + logger.clientSessionNull(); return; } @@ -303,16 +303,16 @@ public class TokenEndpoint { private void updateClientSessions(List clientSessions) { if(clientSessions == null) { - logger.error("client sessions is null"); + logger.clientSessionNull(); return; } for (ClientSessionModel clientSession : clientSessions) { if(clientSession == null) { - logger.error("client session is null"); + logger.clientSessionNull(); continue; } if(clientSession.getClient() == null) { - logger.error("client model in client session is null"); + logger.clientModelNull(); continue; } if(client.getId().equals(clientSession.getClient().getId())) { @@ -448,4 +448,4 @@ public class TokenEndpoint { return Cors.add(request, Response.ok(res, MediaType.APPLICATION_JSON_TYPE)).auth().allowedOrigins(client).allowedMethods("POST").exposedHeaders(Cors.ACCESS_CONTROL_ALLOW_METHODS).build(); } -} \ No newline at end of file +} diff --git a/services/src/main/java/org/keycloak/services/ServicesLogger.java b/services/src/main/java/org/keycloak/services/ServicesLogger.java index b7be23c917..4935a31ecc 100644 --- a/services/src/main/java/org/keycloak/services/ServicesLogger.java +++ b/services/src/main/java/org/keycloak/services/ServicesLogger.java @@ -201,4 +201,20 @@ public interface ServicesLogger extends BasicLogger { @LogMessage(level = WARN) @Message(id=41, value="Invoking deprecated endpoint %s") void invokingDeprecatedEndpoint(URI requestUri); + + @LogMessage(level = ERROR) + @Message(id=42, value="Response_mode 'query' not allowed for implicit or hybrid flow") + void responseModeQueryNotAllowed(); + + @LogMessage(level = ERROR) + @Message(id=43, value="Client session is null") + void clientSessionNull(); + + @LogMessage(level = ERROR) + @Message(id=44, value="Client model in client session is null") + void clientModelNull(); + + @LogMessage(level = ERROR) + @Message(id=45, value="Invalid token. Token verification failed.") + void invalidToken(); } From 9c337389411a1173ae143495e1fccb402a1712e4 Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Tue, 19 Jan 2016 08:21:36 -0500 Subject: [PATCH 18/30] KEYCLOAK-1280: i18n logging for org.keycloak.protocol.oidc.mappers --- .../protocol/oidc/mappers/OIDCAttributeMapperHelper.java | 6 +++--- .../keycloak/protocol/oidc/mappers/UserAttributeMapper.java | 2 +- .../src/main/java/org/keycloak/services/ServicesLogger.java | 4 ++++ 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/services/src/main/java/org/keycloak/protocol/oidc/mappers/OIDCAttributeMapperHelper.java b/services/src/main/java/org/keycloak/protocol/oidc/mappers/OIDCAttributeMapperHelper.java index 227bd0c43b..358fdfc531 100755 --- a/services/src/main/java/org/keycloak/protocol/oidc/mappers/OIDCAttributeMapperHelper.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/mappers/OIDCAttributeMapperHelper.java @@ -1,11 +1,11 @@ package org.keycloak.protocol.oidc.mappers; -import org.jboss.logging.Logger; import org.keycloak.models.ProtocolMapperModel; import org.keycloak.protocol.ProtocolMapperUtils; import org.keycloak.protocol.oidc.OIDCLoginProtocol; import org.keycloak.provider.ProviderConfigProperty; import org.keycloak.representations.IDToken; +import org.keycloak.services.ServicesLogger; import java.util.ArrayList; import java.util.HashMap; @@ -17,7 +17,7 @@ import java.util.Map; * @version $Revision: 1 $ */ public class OIDCAttributeMapperHelper { - private static final Logger logger = Logger.getLogger(OIDCAttributeMapperHelper.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; public static final String TOKEN_CLAIM_NAME = "claim.name"; public static final String TOKEN_CLAIM_NAME_LABEL = "tokenClaimName.label"; @@ -46,7 +46,7 @@ public class OIDCAttributeMapperHelper { return result; } else { if (valueAsList.size() > 1) { - logger.warnf("Multiple values found '%s' for protocol mapper '%s' but expected just single value", attributeValue.toString(), mappingModel.getName()); + logger.multipleValuesForMapper(attributeValue.toString(), mappingModel.getName()); } attributeValue = valueAsList.get(0); diff --git a/services/src/main/java/org/keycloak/protocol/oidc/mappers/UserAttributeMapper.java b/services/src/main/java/org/keycloak/protocol/oidc/mappers/UserAttributeMapper.java index 5f48cc828c..800fb1bc21 100755 --- a/services/src/main/java/org/keycloak/protocol/oidc/mappers/UserAttributeMapper.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/mappers/UserAttributeMapper.java @@ -110,7 +110,7 @@ public class UserAttributeMapper extends AbstractOIDCProtocolMapper implements O if (multivalued) { mapper.getConfig().put(ProtocolMapperUtils.MULTIVALUED, "true"); } - + return mapper; } diff --git a/services/src/main/java/org/keycloak/services/ServicesLogger.java b/services/src/main/java/org/keycloak/services/ServicesLogger.java index 4935a31ecc..fd6c09ec01 100644 --- a/services/src/main/java/org/keycloak/services/ServicesLogger.java +++ b/services/src/main/java/org/keycloak/services/ServicesLogger.java @@ -217,4 +217,8 @@ public interface ServicesLogger extends BasicLogger { @LogMessage(level = ERROR) @Message(id=45, value="Invalid token. Token verification failed.") void invalidToken(); + + @LogMessage(level = WARN) + @Message(id=46, value="Multiple values found '%s' for protocol mapper '%s' but expected just single value") + void multipleValuesForMapper(String attrValue, String mapper); } From 0de4170865505100f2e18fc2cbc4d7268c723dce Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Tue, 19 Jan 2016 08:23:36 -0500 Subject: [PATCH 19/30] KEYCLOAK-1280: i18n logging for org.keycloak.protocol.oidc.utils --- .../java/org/keycloak/protocol/oidc/utils/RedirectUtils.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java b/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java index cf8354d6d1..0db1ddb068 100644 --- a/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java @@ -1,10 +1,10 @@ package org.keycloak.protocol.oidc.utils; -import org.jboss.logging.Logger; import org.keycloak.models.ClientModel; import org.keycloak.models.Constants; import org.keycloak.models.RealmModel; import org.keycloak.services.Urls; +import org.keycloak.services.ServicesLogger; import javax.ws.rs.core.UriInfo; import java.net.URI; @@ -16,7 +16,7 @@ import java.util.Set; */ public class RedirectUtils { - private static final Logger logger = Logger.getLogger(RedirectUtils.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; public static String verifyRealmRedirectUri(UriInfo uriInfo, String redirectUri, RealmModel realm) { Set validRedirects = getValidateRedirectUris(uriInfo, realm); From 1f04676f08ab3699b18b966b16d0f71adeed42a8 Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Tue, 19 Jan 2016 08:28:03 -0500 Subject: [PATCH 20/30] KEYCLOAK-1280: i18n logging for org.keycloak.provider --- .../FileSystemProviderLoaderFactory.java | 22 ++++++++++++++++--- .../keycloak/provider/ProviderManager.java | 22 ++++++++++++++++--- 2 files changed, 38 insertions(+), 6 deletions(-) diff --git a/services/src/main/java/org/keycloak/provider/FileSystemProviderLoaderFactory.java b/services/src/main/java/org/keycloak/provider/FileSystemProviderLoaderFactory.java index 4c887eb73b..9e8aa5d78a 100644 --- a/services/src/main/java/org/keycloak/provider/FileSystemProviderLoaderFactory.java +++ b/services/src/main/java/org/keycloak/provider/FileSystemProviderLoaderFactory.java @@ -1,6 +1,22 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.provider; -import org.jboss.logging.Logger; +import org.keycloak.services.ServicesLogger; import java.io.File; import java.io.FilenameFilter; @@ -14,7 +30,7 @@ import java.util.List; */ public class FileSystemProviderLoaderFactory implements ProviderLoaderFactory { - private static final Logger log = Logger.getLogger(FileSystemProviderLoaderFactory.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; @Override public boolean supports(String type) { @@ -43,7 +59,7 @@ public class FileSystemProviderLoaderFactory implements ProviderLoaderFactory { } } - log.debug("Loading providers from " + urls.toString()); + logger.debug("Loading providers from " + urls.toString()); return new URLClassLoader(urls.toArray(new URL[urls.size()]), parent); } catch (Exception e) { diff --git a/services/src/main/java/org/keycloak/provider/ProviderManager.java b/services/src/main/java/org/keycloak/provider/ProviderManager.java index 3f250da672..e091481012 100644 --- a/services/src/main/java/org/keycloak/provider/ProviderManager.java +++ b/services/src/main/java/org/keycloak/provider/ProviderManager.java @@ -1,6 +1,22 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.provider; -import org.jboss.logging.Logger; +import org.keycloak.services.ServicesLogger; import java.util.HashMap; import java.util.IdentityHashMap; @@ -14,7 +30,7 @@ import java.util.ServiceLoader; */ public class ProviderManager { - private static final Logger log = Logger.getLogger(ProviderManager.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; private List loaders = new LinkedList(); private Map> cache = new HashMap>(); @@ -25,7 +41,7 @@ public class ProviderManager { factories.add(f); } - log.debugv("Provider loaders {0}", factories); + logger.debugv("Provider loaders {0}", factories); loaders.add(new DefaultProviderLoader(baseClassLoader)); From 27ad9dcdd1ecc94770d7d09c79ab62fcfc890b1b Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Tue, 19 Jan 2016 08:39:53 -0500 Subject: [PATCH 21/30] KEYCLOAK-1280: i18n logging for org.keycloak.services --- .../services/DefaultKeycloakSession.java | 18 +++++++++- .../DefaultKeycloakSessionFactory.java | 36 +++++++++++++------ .../DefaultKeycloakTransactionManager.java | 22 ++++++++++-- .../org/keycloak/services/ServicesLogger.java | 8 +++++ 4 files changed, 70 insertions(+), 14 deletions(-) mode change 100755 => 100644 services/src/main/java/org/keycloak/services/DefaultKeycloakSession.java mode change 100755 => 100644 services/src/main/java/org/keycloak/services/DefaultKeycloakSessionFactory.java diff --git a/services/src/main/java/org/keycloak/services/DefaultKeycloakSession.java b/services/src/main/java/org/keycloak/services/DefaultKeycloakSession.java old mode 100755 new mode 100644 index c8eb3baa04..779b779f90 --- a/services/src/main/java/org/keycloak/services/DefaultKeycloakSession.java +++ b/services/src/main/java/org/keycloak/services/DefaultKeycloakSession.java @@ -1,3 +1,19 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services; import org.keycloak.models.*; @@ -94,7 +110,7 @@ public class DefaultKeycloakSession implements KeycloakSession { T provider = (T) providers.get(hash); if (provider == null) { ProviderFactory providerFactory = factory.getProviderFactory(clazz, id); - + if (providerFactory != null) { provider = providerFactory.create(this); providers.put(hash, provider); diff --git a/services/src/main/java/org/keycloak/services/DefaultKeycloakSessionFactory.java b/services/src/main/java/org/keycloak/services/DefaultKeycloakSessionFactory.java old mode 100755 new mode 100644 index 7a7974a6ad..1d7616f37a --- a/services/src/main/java/org/keycloak/services/DefaultKeycloakSessionFactory.java +++ b/services/src/main/java/org/keycloak/services/DefaultKeycloakSessionFactory.java @@ -1,6 +1,21 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services; -import org.jboss.logging.Logger; import org.keycloak.Config; import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSessionFactory; @@ -10,6 +25,7 @@ import org.keycloak.provider.ProviderEventListener; import org.keycloak.provider.ProviderFactory; import org.keycloak.provider.ProviderManager; import org.keycloak.provider.Spi; +import org.keycloak.services.ServicesLogger; import java.util.HashMap; import java.util.HashSet; @@ -22,7 +38,7 @@ import java.util.concurrent.CopyOnWriteArrayList; public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory { - private static final Logger log = Logger.getLogger(DefaultKeycloakSessionFactory.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; private Map, String> provider = new HashMap, String>(); private Map, Map> factoriesMap = new HashMap, Map>(); @@ -30,7 +46,7 @@ public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory { // TODO: Likely should be changed to int and use Time.currentTime() to be compatible with all our "time" reps protected long serverStartupTimestamp; - + @Override public void register(ProviderEventListener listener) { listeners.add(listener); @@ -50,7 +66,7 @@ public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory { public void init() { serverStartupTimestamp = System.currentTimeMillis(); - + ProviderManager pm = new ProviderManager(getClass().getClassLoader(), Config.scope().getArray("providers")); for (Spi spi : ServiceLoader.load(Spi.class, getClass().getClassLoader())) { @@ -70,12 +86,12 @@ public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory { factory.init(scope); if (spi.isInternal() && !isInternal(factory)) { - log.warnv("{0} ({1}) is implementing the internal SPI {2}. This SPI is internal and may change without notice", factory.getId(), factory.getClass().getName(), spi.getName()); + logger.spiMayChange(factory.getId(), factory.getClass().getName(), spi.getName()); } factories.put(factory.getId(), factory); - log.debugv("Loaded SPI {0} (provider = {1})", spi.getName(), provider); + logger.debugv("Loaded SPI {0} (provider = {1})", spi.getName(), provider); } else { for (ProviderFactory factory : pm.load(spi)) { Config.Scope scope = Config.scope(spi.getName(), factory.getId()); @@ -83,12 +99,12 @@ public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory { factory.init(scope); if (spi.isInternal() && !isInternal(factory)) { - log.warnv("{0} ({1}) is implementing the internal SPI {2}. This SPI is internal and may change without notice", factory.getId(), factory.getClass().getName(), spi.getName()); + logger.spiMayChange(factory.getId(), factory.getClass().getName(), spi.getName()); } factories.put(factory.getId(), factory); } else { - log.debugv("SPI {0} provider {1} disabled", spi.getName(), factory.getId()); + logger.debugv("SPI {0} provider {1} disabled", spi.getName(), factory.getId()); } } @@ -96,9 +112,9 @@ public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory { provider = factories.values().iterator().next().getId(); this.provider.put(spi.getProviderClass(), provider); - log.debugv("Loaded SPI {0} (provider = {1})", spi.getName(), provider); + logger.debugv("Loaded SPI {0} (provider = {1})", spi.getName(), provider); } else { - log.debugv("Loaded SPI {0} (providers = {1})", spi.getName(), factories.keySet()); + logger.debugv("Loaded SPI {0} (providers = {1})", spi.getName(), factories.keySet()); } } } diff --git a/services/src/main/java/org/keycloak/services/DefaultKeycloakTransactionManager.java b/services/src/main/java/org/keycloak/services/DefaultKeycloakTransactionManager.java index c39bc8a947..6618a49477 100755 --- a/services/src/main/java/org/keycloak/services/DefaultKeycloakTransactionManager.java +++ b/services/src/main/java/org/keycloak/services/DefaultKeycloakTransactionManager.java @@ -1,8 +1,24 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services; -import org.jboss.logging.Logger; import org.keycloak.models.KeycloakTransaction; import org.keycloak.models.KeycloakTransactionManager; +import org.keycloak.services.ServicesLogger; import java.util.LinkedList; import java.util.List; @@ -12,7 +28,7 @@ import java.util.List; */ public class DefaultKeycloakTransactionManager implements KeycloakTransactionManager { - public static final Logger logger = Logger.getLogger(DefaultKeycloakTransactionManager.class); + public static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; private List transactions = new LinkedList(); private List afterCompletion = new LinkedList(); @@ -75,7 +91,7 @@ public class DefaultKeycloakTransactionManager implements KeycloakTransactionMan try { tx.rollback(); } catch (RuntimeException e) { - logger.error("Exception during rollback", e); + logger.exceptionDuringRollback(e); } } } diff --git a/services/src/main/java/org/keycloak/services/ServicesLogger.java b/services/src/main/java/org/keycloak/services/ServicesLogger.java index fd6c09ec01..86edfdcb9b 100644 --- a/services/src/main/java/org/keycloak/services/ServicesLogger.java +++ b/services/src/main/java/org/keycloak/services/ServicesLogger.java @@ -221,4 +221,12 @@ public interface ServicesLogger extends BasicLogger { @LogMessage(level = WARN) @Message(id=46, value="Multiple values found '%s' for protocol mapper '%s' but expected just single value") void multipleValuesForMapper(String attrValue, String mapper); + + @LogMessage(level = WARN) + @Message(id=47, value="%s (%s) is implementing the internal SPI %s. This SPI is internal and may change without notice") + void spiMayChange(String factoryId, String factoryClass, String spiName); + + @LogMessage(level = ERROR) + @Message(id=48, value="Exception during rollback") + void exceptionDuringRollback(@Cause RuntimeException e); } From c81b37cc4df505de5ed1a40e9c270fb3fae9ae3d Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Tue, 19 Jan 2016 08:46:56 -0500 Subject: [PATCH 22/30] KEYCLOAK-1280: i18n logging for org.keycloak.services.clientregistration.oidc --- .../org/keycloak/services/ServicesLogger.java | 4 ++++ .../oidc/OIDCClientRegistrationProvider.java | 24 +++++++++++++++---- 2 files changed, 24 insertions(+), 4 deletions(-) diff --git a/services/src/main/java/org/keycloak/services/ServicesLogger.java b/services/src/main/java/org/keycloak/services/ServicesLogger.java index 86edfdcb9b..a8481711fc 100644 --- a/services/src/main/java/org/keycloak/services/ServicesLogger.java +++ b/services/src/main/java/org/keycloak/services/ServicesLogger.java @@ -229,4 +229,8 @@ public interface ServicesLogger extends BasicLogger { @LogMessage(level = ERROR) @Message(id=48, value="Exception during rollback") void exceptionDuringRollback(@Cause RuntimeException e); + + @LogMessage(level = ERROR) + @Message(id=49, value="%s") + void clientRegistrationException(String message); } diff --git a/services/src/main/java/org/keycloak/services/clientregistration/oidc/OIDCClientRegistrationProvider.java b/services/src/main/java/org/keycloak/services/clientregistration/oidc/OIDCClientRegistrationProvider.java index 4ab168ebcf..9bd7d387b3 100755 --- a/services/src/main/java/org/keycloak/services/clientregistration/oidc/OIDCClientRegistrationProvider.java +++ b/services/src/main/java/org/keycloak/services/clientregistration/oidc/OIDCClientRegistrationProvider.java @@ -1,12 +1,28 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.clientregistration.oidc; -import org.jboss.logging.Logger; import org.keycloak.common.util.Time; import org.keycloak.events.EventBuilder; import org.keycloak.models.KeycloakSession; import org.keycloak.representations.oidc.OIDCClientRepresentation; import org.keycloak.representations.idm.ClientRepresentation; import org.keycloak.services.ErrorResponseException; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.clientregistration.AbstractClientRegistrationProvider; import org.keycloak.services.clientregistration.ClientRegistrationAuth; import org.keycloak.services.clientregistration.ClientRegistrationException; @@ -22,7 +38,7 @@ import java.net.URI; */ public class OIDCClientRegistrationProvider extends AbstractClientRegistrationProvider { - private static final Logger log = Logger.getLogger(OIDCClientRegistrationProvider.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; public OIDCClientRegistrationProvider(KeycloakSession session) { super(session); @@ -44,7 +60,7 @@ public class OIDCClientRegistrationProvider extends AbstractClientRegistrationPr clientOIDC.setClientIdIssuedAt(Time.currentTime()); return Response.created(uri).entity(clientOIDC).build(); } catch (ClientRegistrationException cre) { - log.error(cre.getMessage()); + logger.clientRegistrationException(cre.getMessage()); throw new ErrorResponseException(ErrorCodes.INVALID_CLIENT_METADATA, "Client metadata invalid", Response.Status.BAD_REQUEST); } } @@ -69,7 +85,7 @@ public class OIDCClientRegistrationProvider extends AbstractClientRegistrationPr clientOIDC = DescriptionConverter.toExternalResponse(client, uri); return Response.ok(clientOIDC).build(); } catch (ClientRegistrationException cre) { - log.error(cre.getMessage()); + logger.clientRegistrationException(cre.getMessage()); throw new ErrorResponseException(ErrorCodes.INVALID_CLIENT_METADATA, "Client metadata invalid", Response.Status.BAD_REQUEST); } } From 779a5c2f3c9ba6df9e08c9880d59ae6edd7b1536 Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Tue, 19 Jan 2016 09:31:35 -0500 Subject: [PATCH 23/30] KEYCLOAK-1280: i18n logging for org.keycloak.services.managers --- .../org/keycloak/services/ServicesLogger.java | 54 +++++++++++++++++++ .../services/managers/AppAuthManager.java | 19 +++++-- .../services/managers/ApplianceBootstrap.java | 22 ++++++-- .../managers/AuthenticationManager.java | 10 ++-- .../services/managers/ClientManager.java | 20 ++++++- .../managers/DefaultBruteForceProtector.java | 24 +++++++-- .../managers/LDAPConnectionTestManager.java | 26 +++++++-- .../services/managers/RealmManager.java | 4 +- .../managers/ResourceAdminManager.java | 26 +++++++-- .../services/managers/UserSessionManager.java | 25 +++++++-- .../services/managers/UsersSyncManager.java | 27 ++++++++-- 11 files changed, 218 insertions(+), 39 deletions(-) mode change 100755 => 100644 services/src/main/java/org/keycloak/services/managers/ClientManager.java mode change 100755 => 100644 services/src/main/java/org/keycloak/services/managers/DefaultBruteForceProtector.java diff --git a/services/src/main/java/org/keycloak/services/ServicesLogger.java b/services/src/main/java/org/keycloak/services/ServicesLogger.java index a8481711fc..3fb387459a 100644 --- a/services/src/main/java/org/keycloak/services/ServicesLogger.java +++ b/services/src/main/java/org/keycloak/services/ServicesLogger.java @@ -17,7 +17,9 @@ package org.keycloak.services; +import java.io.IOException; import java.net.URI; +import javax.naming.NamingException; import org.jboss.logging.BasicLogger; import org.jboss.logging.Logger; import org.jboss.logging.annotations.Cause; @@ -233,4 +235,56 @@ public interface ServicesLogger extends BasicLogger { @LogMessage(level = ERROR) @Message(id=49, value="%s") void clientRegistrationException(String message); + + @LogMessage(level = INFO) + @Message(id=50, value="Initializing %s realm") + void initializingAdminRealm(String adminRealmName); + + @LogMessage(level = WARN) + @Message(id=51, value="Failed to logout client, continuing") + void failedToLogoutClient(@Cause Exception e); + + @LogMessage(level = ERROR) + @Message(id=52, value="Failed processing type") + void failedProcessingType(@Cause Exception e); + + @LogMessage(level = WARN) + @Message(id=53, value="login failure for user %s from ip %s") + void loginFailure(String user, String ip); + + @LogMessage(level = ERROR) + @Message(id=54, value="Unknown action: %s") + void unknownAction(String action); + + @LogMessage(level = ERROR) + @Message(id=55, value="%s") + void errorAuthenticating(@Cause Exception e, String message); + + @LogMessage(level = WARN) + @Message(id=56, value="Error when closing LDAP connection") + void errorClosingLDAP(@Cause NamingException ne); + + @LogMessage(level = WARN) + @Message(id=57, value="Logout for client '%s' failed") + void logoutFailed(@Cause IOException ioe, String clientId); + + @LogMessage(level = WARN) + @Message(id=58, value="Failed to send revocation request") + void failedToSendRevocation(@Cause IOException ioe); + + @LogMessage(level = WARN) + @Message(id=59, value="Availability test failed for uri '%s'") + void availabilityTestFailed(String managementUrl); + + @LogMessage(level = WARN) + @Message(id=60, value="Role '%s' not available in realm") + void roleNotInRealm(String offlineAccessRole); + + @LogMessage(level = ERROR) + @Message(id=61, value="Error occurred during full sync of users") + void errorDuringFullUserSync(@Cause Throwable t); + + @LogMessage(level = ERROR) + @Message(id=62, value="Error occurred during sync of changed users") + void errorDuringChangedUserSync(@Cause Throwable t); } diff --git a/services/src/main/java/org/keycloak/services/managers/AppAuthManager.java b/services/src/main/java/org/keycloak/services/managers/AppAuthManager.java index 111486a0e5..52c147144f 100755 --- a/services/src/main/java/org/keycloak/services/managers/AppAuthManager.java +++ b/services/src/main/java/org/keycloak/services/managers/AppAuthManager.java @@ -1,6 +1,21 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.managers; -import org.jboss.logging.Logger; import org.jboss.resteasy.spi.UnauthorizedException; import org.keycloak.common.ClientConnection; import org.keycloak.models.KeycloakContext; @@ -16,8 +31,6 @@ import javax.ws.rs.core.UriInfo; */ public class AppAuthManager extends AuthenticationManager { - protected static Logger logger = Logger.getLogger(AppAuthManager.class); - @Override public AuthResult authenticateIdentityCookie(KeycloakSession session, RealmModel realm) { AuthResult authResult = super.authenticateIdentityCookie(session, realm); diff --git a/services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java b/services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java index 3b741c13c5..c5690915b4 100755 --- a/services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java +++ b/services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java @@ -1,12 +1,28 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.managers; -import org.jboss.logging.Logger; import org.keycloak.Config; import org.keycloak.common.Version; import org.keycloak.common.enums.SslRequired; import org.keycloak.models.*; import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.representations.idm.CredentialRepresentation; +import org.keycloak.services.ServicesLogger; /** * @author Bill Burke @@ -14,7 +30,7 @@ import org.keycloak.representations.idm.CredentialRepresentation; */ public class ApplianceBootstrap { - private static final Logger logger = Logger.getLogger(ApplianceBootstrap.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; private final KeycloakSession session; public ApplianceBootstrap(KeycloakSession session) { @@ -40,7 +56,7 @@ public class ApplianceBootstrap { } String adminRealmName = Config.getAdminRealm(); - logger.info("Initializing " + adminRealmName + " realm"); + logger.initializingAdminRealm(adminRealmName); RealmManager manager = new RealmManager(session); manager.setContextPath(contextPath); diff --git a/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java b/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java index 8f68a27b78..0f9a124bef 100755 --- a/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java +++ b/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java @@ -1,5 +1,5 @@ /* - * Copyright 2015 Red Hat Inc. and/or its affiliates and other contributors + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors * as indicated by the @author tags. All rights reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); you may not @@ -16,7 +16,6 @@ */ package org.keycloak.services.managers; -import org.jboss.logging.Logger; import org.jboss.resteasy.specimpl.MultivaluedMapImpl; import org.jboss.resteasy.spi.HttpRequest; import org.keycloak.common.ClientConnection; @@ -39,6 +38,7 @@ import org.keycloak.protocol.LoginProtocol; import org.keycloak.protocol.LoginProtocol.Error; import org.keycloak.protocol.oidc.TokenManager; import org.keycloak.representations.AccessToken; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.Urls; import org.keycloak.services.messages.Messages; import org.keycloak.services.resources.IdentityBrokerService; @@ -60,7 +60,7 @@ import java.util.Set; */ public class AuthenticationManager { public static final String END_AFTER_REQUIRED_ACTIONS = "END_AFTER_REQUIRED_ACTIONS"; - protected static Logger logger = Logger.getLogger(AuthenticationManager.class); + protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; public static final String FORM_USERNAME = "username"; // used for auth login public static final String KEYCLOAK_IDENTITY_COOKIE = "KEYCLOAK_IDENTITY"; @@ -195,7 +195,7 @@ public class AuthenticationManager { protocol.backchannelLogout(userSession, clientSession); clientSession.setAction(ClientSessionModel.Action.LOGGED_OUT.name()); } catch (Exception e) { - logger.warn("Failed to logout client, continuing", e); + logger.failedToLogoutClient(e); } } } @@ -216,7 +216,7 @@ public class AuthenticationManager { return response; } } catch (Exception e) { - logger.warn("Failed to logout client, continuing", e); + logger.failedToLogoutClient(e); } } diff --git a/services/src/main/java/org/keycloak/services/managers/ClientManager.java b/services/src/main/java/org/keycloak/services/managers/ClientManager.java old mode 100755 new mode 100644 index 21bb5692ba..db68a3c6ec --- a/services/src/main/java/org/keycloak/services/managers/ClientManager.java +++ b/services/src/main/java/org/keycloak/services/managers/ClientManager.java @@ -1,8 +1,23 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.managers; import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonPropertyOrder; -import org.jboss.logging.Logger; import org.keycloak.authentication.ClientAuthenticator; import org.keycloak.authentication.ClientAuthenticatorFactory; import org.keycloak.common.constants.ServiceAccountConstants; @@ -21,6 +36,7 @@ import org.keycloak.protocol.oidc.mappers.UserSessionNoteMapper; import org.keycloak.representations.adapters.config.BaseRealmConfig; import org.keycloak.common.util.Time; import org.keycloak.representations.idm.ClientRepresentation; +import org.keycloak.services.ServicesLogger; import java.net.URI; import java.util.Collections; @@ -35,7 +51,7 @@ import java.util.TreeSet; * @version $Revision: 1 $ */ public class ClientManager { - protected Logger logger = Logger.getLogger(ClientManager.class); + protected ServicesLogger logger = ServicesLogger.ROOT_LOGGER; protected RealmManager realmManager; diff --git a/services/src/main/java/org/keycloak/services/managers/DefaultBruteForceProtector.java b/services/src/main/java/org/keycloak/services/managers/DefaultBruteForceProtector.java old mode 100755 new mode 100644 index 0164c2c58f..240bf237b5 --- a/services/src/main/java/org/keycloak/services/managers/DefaultBruteForceProtector.java +++ b/services/src/main/java/org/keycloak/services/managers/DefaultBruteForceProtector.java @@ -1,12 +1,28 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.managers; -import org.jboss.logging.Logger; import org.keycloak.common.ClientConnection; import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSessionFactory; import org.keycloak.models.RealmModel; import org.keycloak.models.UsernameLoginFailureModel; +import org.keycloak.services.ServicesLogger; import java.util.ArrayList; import java.util.Collections; @@ -21,7 +37,7 @@ import java.util.concurrent.TimeUnit; * @version $Revision: 1 $ */ public class DefaultBruteForceProtector implements Runnable, BruteForceProtector { - protected static Logger logger = Logger.getLogger(DefaultBruteForceProtector.class); + protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; protected volatile boolean run = true; protected int maxDeltaTimeSeconds = 60 * 60 * 12; // 12 hours @@ -178,7 +194,7 @@ public class DefaultBruteForceProtector implements Runnable, BruteForceProtector session.close(); } } catch (Exception e) { - logger.error("Failed processing type", e); + logger.failedProcessingType(e); } } catch (InterruptedException e) { break; @@ -190,7 +206,7 @@ public class DefaultBruteForceProtector implements Runnable, BruteForceProtector } protected void logFailure(LoginEvent event) { - logger.warn("login failure for user " + event.username + " from ip " + event.ip); + logger.loginFailure(event.username, event.ip); failures++; long delta = 0; if (lastFailure > 0) { diff --git a/services/src/main/java/org/keycloak/services/managers/LDAPConnectionTestManager.java b/services/src/main/java/org/keycloak/services/managers/LDAPConnectionTestManager.java index fff0bfb3b1..285cd379c0 100755 --- a/services/src/main/java/org/keycloak/services/managers/LDAPConnectionTestManager.java +++ b/services/src/main/java/org/keycloak/services/managers/LDAPConnectionTestManager.java @@ -1,6 +1,22 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.managers; -import org.jboss.logging.Logger; +import org.keycloak.services.ServicesLogger; import javax.naming.Context; import javax.naming.NamingException; @@ -12,14 +28,14 @@ import java.util.Hashtable; */ public class LDAPConnectionTestManager { - protected static final Logger logger = Logger.getLogger(LDAPConnectionTestManager.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; public static final String TEST_CONNECTION = "testConnection"; public static final String TEST_AUTHENTICATION = "testAuthentication"; public boolean testLDAP(String action, String connectionUrl, String bindDn, String bindCredential) { if (!TEST_CONNECTION.equals(action) && !TEST_AUTHENTICATION.equals(action)) { - logger.error("Unknown action: " + action); + logger.unknownAction(action); return false; } @@ -44,14 +60,14 @@ public class LDAPConnectionTestManager { return true; } catch (Exception ne) { String errorMessage = (TEST_AUTHENTICATION.equals(action)) ? "Error when authenticating to LDAP: " : "Error when connecting to LDAP: "; - logger.error(errorMessage + ne.getMessage(), ne); + logger.errorAuthenticating(ne, errorMessage + ne.getMessage()); return false; } finally { if (ldapContext != null) { try { ldapContext.close(); } catch (NamingException ne) { - logger.warn("Error when closing LDAP connection", ne); + logger.errorClosingLDAP(ne); } } } diff --git a/services/src/main/java/org/keycloak/services/managers/RealmManager.java b/services/src/main/java/org/keycloak/services/managers/RealmManager.java index e16ac9115c..a72079c6be 100755 --- a/services/src/main/java/org/keycloak/services/managers/RealmManager.java +++ b/services/src/main/java/org/keycloak/services/managers/RealmManager.java @@ -1,5 +1,5 @@ /* - * Copyright 2015 Red Hat Inc. and/or its affiliates and other contributors + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors * as indicated by the @author tags. All rights reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); you may not @@ -16,7 +16,6 @@ */ package org.keycloak.services.managers; -import org.jboss.logging.Logger; import org.keycloak.Config; import org.keycloak.common.enums.SslRequired; import org.keycloak.models.session.UserSessionPersisterProvider; @@ -61,7 +60,6 @@ import org.keycloak.protocol.ProtocolMapperUtils; * @version $Revision: 1 $ */ public class RealmManager implements RealmImporter { - protected static final Logger logger = Logger.getLogger(RealmManager.class); protected KeycloakSession session; protected RealmProvider model; diff --git a/services/src/main/java/org/keycloak/services/managers/ResourceAdminManager.java b/services/src/main/java/org/keycloak/services/managers/ResourceAdminManager.java index f9f63c04dd..e240bf015f 100755 --- a/services/src/main/java/org/keycloak/services/managers/ResourceAdminManager.java +++ b/services/src/main/java/org/keycloak/services/managers/ResourceAdminManager.java @@ -1,6 +1,21 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.managers; -import org.jboss.logging.Logger; import org.keycloak.TokenIdGenerator; import org.keycloak.connections.httpclient.HttpClientProvider; import org.keycloak.constants.AdapterConstants; @@ -15,6 +30,7 @@ import org.keycloak.representations.adapters.action.GlobalRequestResult; import org.keycloak.representations.adapters.action.LogoutAction; import org.keycloak.representations.adapters.action.PushNotBeforeAction; import org.keycloak.representations.adapters.action.TestAvailabilityAction; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.util.ResolveRelative; import org.keycloak.common.util.KeycloakUriBuilder; import org.keycloak.common.util.MultivaluedHashMap; @@ -37,7 +53,7 @@ import java.util.Set; * @version $Revision: 1 $ */ public class ResourceAdminManager { - protected static Logger logger = Logger.getLogger(ResourceAdminManager.class); + protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; private static final String CLIENT_SESSION_HOST_PROPERTY = "${application.session.host}"; private KeycloakSession session; @@ -237,7 +253,7 @@ public class ResourceAdminManager { logger.debugf("logout success for %s: %s", managementUrl, success); return success; } catch (IOException e) { - logger.warn("Logout for client '" + resource.getClientId() + "' failed", e); + logger.logoutFailed(e, resource.getClientId()); return false; } } @@ -288,7 +304,7 @@ public class ResourceAdminManager { logger.debugf("pushRevocation success for %s: %s", managementUrl, success); return success; } catch (IOException e) { - logger.warn("Failed to send revocation request", e); + logger.failedToSendRevocation(e); return false; } } @@ -326,7 +342,7 @@ public class ResourceAdminManager { logger.debugf("testAvailability success for %s: %s", managementUrl, success); return success; } catch (IOException e) { - logger.warn("Availability test failed for uri '" + managementUrl + "'", e); + logger.availabilityTestFailed(managementUrl); return false; } } diff --git a/services/src/main/java/org/keycloak/services/managers/UserSessionManager.java b/services/src/main/java/org/keycloak/services/managers/UserSessionManager.java index 99516a2131..33a97db23e 100644 --- a/services/src/main/java/org/keycloak/services/managers/UserSessionManager.java +++ b/services/src/main/java/org/keycloak/services/managers/UserSessionManager.java @@ -1,3 +1,19 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.managers; import java.util.HashSet; @@ -5,7 +21,7 @@ import java.util.LinkedList; import java.util.List; import java.util.Set; -import org.jboss.logging.Logger; +import org.keycloak.common.util.Time; import org.keycloak.models.ClientModel; import org.keycloak.models.ClientSessionModel; import org.keycloak.models.Constants; @@ -16,7 +32,8 @@ import org.keycloak.models.RoleModel; import org.keycloak.models.UserModel; import org.keycloak.models.UserSessionModel; import org.keycloak.models.session.UserSessionPersisterProvider; -import org.keycloak.common.util.Time; +import org.keycloak.services.ServicesLogger; + /** * @@ -24,7 +41,7 @@ import org.keycloak.common.util.Time; */ public class UserSessionManager { - protected static Logger logger = Logger.getLogger(UserSessionManager.class); + protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; private final KeycloakSession kcSession; private final UserSessionPersisterProvider persister; @@ -119,7 +136,7 @@ public class UserSessionManager { public boolean isOfflineTokenAllowed(ClientSessionModel clientSession) { RoleModel offlineAccessRole = clientSession.getRealm().getRole(Constants.OFFLINE_ACCESS_ROLE); if (offlineAccessRole == null) { - logger.warnf("Role '%s' not available in realm", Constants.OFFLINE_ACCESS_ROLE); + logger.roleNotInRealm(Constants.OFFLINE_ACCESS_ROLE); return false; } diff --git a/services/src/main/java/org/keycloak/services/managers/UsersSyncManager.java b/services/src/main/java/org/keycloak/services/managers/UsersSyncManager.java index 7b062318a5..5e87cc7152 100755 --- a/services/src/main/java/org/keycloak/services/managers/UsersSyncManager.java +++ b/services/src/main/java/org/keycloak/services/managers/UsersSyncManager.java @@ -1,6 +1,22 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.managers; -import org.jboss.logging.Logger; +import org.keycloak.common.util.Time; import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSessionFactory; import org.keycloak.models.KeycloakSessionTask; @@ -10,8 +26,9 @@ import org.keycloak.models.UserFederationProviderFactory; import org.keycloak.models.UserFederationProviderModel; import org.keycloak.models.UserFederationSyncResult; import org.keycloak.models.utils.KeycloakModelUtils; +import org.keycloak.services.ServicesLogger; import org.keycloak.timer.TimerProvider; -import org.keycloak.common.util.Time; + import java.util.List; @@ -20,7 +37,7 @@ import java.util.List; */ public class UsersSyncManager { - protected static final Logger logger = Logger.getLogger(UsersSyncManager.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; /** * Check federationProviderModel of all realms and possibly start periodic sync for them @@ -69,7 +86,7 @@ public class UsersSyncManager { try { syncAllUsers(sessionFactory, realmId, fedProvider); } catch (Throwable t) { - logger.error("Error occurred during full sync of users", t); + logger.errorDuringFullUserSync(t); } } @@ -87,7 +104,7 @@ public class UsersSyncManager { try { syncChangedUsers(sessionFactory, realmId, fedProvider); } catch (Throwable t) { - logger.error("Error occurred during sync of changed users", t); + logger.errorDuringChangedUserSync(t); } } From 857201ab555443fe4ddd5482579610c734048d48 Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Tue, 19 Jan 2016 12:39:11 -0500 Subject: [PATCH 24/30] KEYCLOAK-1280: i18n logging for org.keycloak.services.messages --- .../org/keycloak/services/ServicesLogger.java | 8 +++++++ .../messages/AdminMessagesProvider.java | 24 +++++++++++++++---- 2 files changed, 28 insertions(+), 4 deletions(-) diff --git a/services/src/main/java/org/keycloak/services/ServicesLogger.java b/services/src/main/java/org/keycloak/services/ServicesLogger.java index 3fb387459a..2ddfa1d6fe 100644 --- a/services/src/main/java/org/keycloak/services/ServicesLogger.java +++ b/services/src/main/java/org/keycloak/services/ServicesLogger.java @@ -287,4 +287,12 @@ public interface ServicesLogger extends BasicLogger { @LogMessage(level = ERROR) @Message(id=62, value="Error occurred during sync of changed users") void errorDuringChangedUserSync(@Cause Throwable t); + + @LogMessage(level = WARN) + @Message(id=63, value="Failed to format message due to: %s") + void failedToFormatMessage(String cause); + + @LogMessage(level = WARN) + @Message(id=64, value="Failed to load messages") + void failedToloadMessages(@Cause IOException ioe); } diff --git a/services/src/main/java/org/keycloak/services/messages/AdminMessagesProvider.java b/services/src/main/java/org/keycloak/services/messages/AdminMessagesProvider.java index 7b6b3ed967..9140b31dd5 100644 --- a/services/src/main/java/org/keycloak/services/messages/AdminMessagesProvider.java +++ b/services/src/main/java/org/keycloak/services/messages/AdminMessagesProvider.java @@ -1,3 +1,19 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.messages; import java.io.IOException; @@ -5,16 +21,16 @@ import java.net.URL; import java.text.MessageFormat; import java.util.Locale; import java.util.Properties; -import org.jboss.logging.Logger; import org.keycloak.models.KeycloakSession; import org.keycloak.messages.MessagesProvider; +import org.keycloak.services.ServicesLogger; /** * @author Leonardo Zanivan */ public class AdminMessagesProvider implements MessagesProvider { - private static final Logger logger = Logger.getLogger(AdminMessagesProvider.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; private KeycloakSession session; private Locale locale; @@ -33,7 +49,7 @@ public class AdminMessagesProvider implements MessagesProvider { try { return new MessageFormat(message, locale).format(parameters); } catch (Exception e) { - logger.warnf("Failed to format message due to: %s", e.getMessage()); + logger.failedToFormatMessage(e.getMessage()); return message; } } @@ -55,7 +71,7 @@ public class AdminMessagesProvider implements MessagesProvider { try { properties.load(url.openStream()); } catch (IOException ex) { - logger.warn("Failed to load messages", ex); + logger.failedToloadMessages(ex); } } From e73a88443c85b9e6d74f094114adab4cc48d2d5f Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Tue, 19 Jan 2016 13:32:56 -0500 Subject: [PATCH 25/30] KEYCLOAK-1280: i18n logging for org.keycloak.services.resources --- .../org/keycloak/services/ServicesLogger.java | 56 +++++++++++++++++++ .../AbstractSecuredLocalService.java | 20 ++++++- .../services/resources/AccountService.java | 7 ++- .../resources/ClientsManagementService.java | 20 ++++++- .../org/keycloak/services/resources/Cors.java | 20 ++++++- .../resources/IdentityBrokerService.java | 44 +++++++-------- .../resources/KeycloakApplication.java | 47 +++++++++++----- .../resources/LoginActionsService.java | 20 +++---- .../resources/ModelExceptionMapper.java | 21 ++++++- .../resources/PublicRealmResource.java | 21 ++++++- .../services/resources/RealmsResource.java | 21 ++++++- .../resources/ServerVersionResource.java | 21 ++++++- .../services/resources/ThemeResource.java | 23 +++++++- .../services/resources/WelcomeResource.java | 27 +++++++-- 14 files changed, 296 insertions(+), 72 deletions(-) mode change 100755 => 100644 services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java mode change 100755 => 100644 services/src/main/java/org/keycloak/services/resources/ThemeResource.java diff --git a/services/src/main/java/org/keycloak/services/ServicesLogger.java b/services/src/main/java/org/keycloak/services/ServicesLogger.java index 2ddfa1d6fe..ec84a8083e 100644 --- a/services/src/main/java/org/keycloak/services/ServicesLogger.java +++ b/services/src/main/java/org/keycloak/services/ServicesLogger.java @@ -295,4 +295,60 @@ public interface ServicesLogger extends BasicLogger { @LogMessage(level = WARN) @Message(id=64, value="Failed to load messages") void failedToloadMessages(@Cause IOException ioe); + + @LogMessage(level = ERROR) + @Message(id=65, value="Failed to update Password") + void failedToUpdatePassword(@Cause Exception e); + + @LogMessage(level = ERROR) + @Message(id=66, value="Could not fire event.") + void couldNotFireEvent(@Cause Exception e); + + @LogMessage(level = ERROR) + @Message(id=67, value="failed to parse RestartLoginCookie") + void failedToParseRestartLoginCookie(@Cause Exception e); + + @LogMessage(level = ERROR) + @Message(id=68, value="Not found serialized context in clientSession under note '%s'") + void notFoundSerializedCtxInClientSession(String noteKey); + + @LogMessage(level = ERROR) + @Message(id=69, value="Flow not configured for identity provider '%s'") + void flowNotConfigForIDP(String identityProviderAlias); + + @LogMessage(level = ERROR) + @Message(id=70, value="Not found configured flow with ID '%s' for identity provider '%s'") + void flowNotFoundForIDP(String flowId, String identityProviderAlias); + + @LogMessage(level = ERROR) + @Message(id=71, value="required action doesn't match current required action") + void reqdActionDoesNotMatch(); + + @LogMessage(level = ERROR) + @Message(id=72, value="Invalid key for email verification") + void invalidKeyForEmailVerification(); + + @LogMessage(level = ERROR) + @Message(id=73, value="User session was null") + void userSessionNull(); + + @LogMessage(level = ERROR) + @Message(id=74, value="Required action provider was null") + void actionProviderNull(); + + @LogMessage(level = WARN) + @Message(id=75, value="Failed to get theme request") + void failedToGetThemeRequest(@Cause Exception e); + + @LogMessage(level = ERROR) + @Message(id=76, value="Rejected non-local attempt to create initial user from %s") + void rejectedNonLocalAttemptToCreateInitialUser(String remoteAddr); + + @LogMessage(level = INFO) + @Message(id=77, value="Created initial admin user with username %s") + void createdInitialAdminUser(String userName); + + @LogMessage(level = WARN) + @Message(id=78, value="Rejected attempt to create initial user as user is already created") + void initialUserAlreadyCreated(); } diff --git a/services/src/main/java/org/keycloak/services/resources/AbstractSecuredLocalService.java b/services/src/main/java/org/keycloak/services/resources/AbstractSecuredLocalService.java index 956b1e12f9..8d7765f8eb 100755 --- a/services/src/main/java/org/keycloak/services/resources/AbstractSecuredLocalService.java +++ b/services/src/main/java/org/keycloak/services/resources/AbstractSecuredLocalService.java @@ -1,6 +1,21 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.resources; -import org.jboss.logging.Logger; import org.jboss.resteasy.spi.BadRequestException; import org.jboss.resteasy.spi.HttpRequest; import org.keycloak.AbstractOAuthClient; @@ -12,6 +27,7 @@ import org.keycloak.models.RealmModel; import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.protocol.oidc.OIDCLoginProtocolService; import org.keycloak.services.ForbiddenException; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.managers.AppAuthManager; import org.keycloak.services.managers.Auth; import org.keycloak.services.managers.AuthenticationManager; @@ -39,7 +55,7 @@ import java.util.Set; * @version $Revision: 1 $ */ public abstract class AbstractSecuredLocalService { - private static final Logger logger = Logger.getLogger(AbstractSecuredLocalService.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; private static final String KEYCLOAK_STATE_CHECKER = "KEYCLOAK_STATE_CHECKER"; diff --git a/services/src/main/java/org/keycloak/services/resources/AccountService.java b/services/src/main/java/org/keycloak/services/resources/AccountService.java index 38833b7249..9908900cdf 100755 --- a/services/src/main/java/org/keycloak/services/resources/AccountService.java +++ b/services/src/main/java/org/keycloak/services/resources/AccountService.java @@ -51,6 +51,7 @@ import org.keycloak.protocol.oidc.utils.RedirectUtils; import org.keycloak.representations.idm.CredentialRepresentation; import org.keycloak.representations.idm.UserRepresentation; import org.keycloak.services.ForbiddenException; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.Urls; import org.keycloak.services.managers.AppAuthManager; import org.keycloak.services.managers.Auth; @@ -91,7 +92,7 @@ import java.util.UUID; */ public class AccountService extends AbstractSecuredLocalService { - private static final Logger logger = Logger.getLogger(AccountService.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; private static Set VALID_PATHS = new HashSet(); static { @@ -641,11 +642,11 @@ public class AccountService extends AbstractSecuredLocalService { setReferrerOnPage(); return account.setError(Messages.READ_ONLY_PASSWORD).createResponse(AccountPages.PASSWORD); }catch (ModelException me) { - logger.error("Failed to update password", me); + logger.failedToUpdatePassword(me); setReferrerOnPage(); return account.setError(me.getMessage(), me.getParameters()).createResponse(AccountPages.PASSWORD); }catch (Exception ape) { - logger.error("Failed to update password", ape); + logger.failedToUpdatePassword(ape); setReferrerOnPage(); return account.setError(ape.getMessage()).createResponse(AccountPages.PASSWORD); } diff --git a/services/src/main/java/org/keycloak/services/resources/ClientsManagementService.java b/services/src/main/java/org/keycloak/services/resources/ClientsManagementService.java index a93371282c..93ddabd55d 100755 --- a/services/src/main/java/org/keycloak/services/resources/ClientsManagementService.java +++ b/services/src/main/java/org/keycloak/services/resources/ClientsManagementService.java @@ -1,6 +1,21 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.resources; -import org.jboss.logging.Logger; import org.jboss.resteasy.spi.BadRequestException; import org.jboss.resteasy.spi.HttpRequest; import org.jboss.resteasy.spi.UnauthorizedException; @@ -16,6 +31,7 @@ import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.protocol.oidc.utils.AuthorizeClientUtil; import org.keycloak.services.ForbiddenException; +import org.keycloak.services.ServicesLogger; import org.keycloak.common.util.Time; import javax.ws.rs.HeaderParam; @@ -38,7 +54,7 @@ import java.util.Map; */ public class ClientsManagementService { - protected static final Logger logger = Logger.getLogger(ClientsManagementService.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; private RealmModel realm; diff --git a/services/src/main/java/org/keycloak/services/resources/Cors.java b/services/src/main/java/org/keycloak/services/resources/Cors.java index 09b3ea7ba0..a8e518ca7f 100755 --- a/services/src/main/java/org/keycloak/services/resources/Cors.java +++ b/services/src/main/java/org/keycloak/services/resources/Cors.java @@ -1,11 +1,27 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.resources; -import org.jboss.logging.Logger; import org.jboss.resteasy.spi.HttpRequest; import org.jboss.resteasy.spi.HttpResponse; import org.keycloak.models.ClientModel; import org.keycloak.representations.AccessToken; import org.keycloak.common.util.CollectionUtil; +import org.keycloak.services.ServicesLogger; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.ResponseBuilder; @@ -18,7 +34,7 @@ import java.util.concurrent.TimeUnit; * @author Stian Thorgersen */ public class Cors { - protected static final Logger logger = Logger.getLogger(Cors.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; public static final long DEFAULT_MAX_AGE = TimeUnit.HOURS.toSeconds(1); public static final String DEFAULT_ALLOW_METHODS = "GET, HEAD, OPTIONS"; diff --git a/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java b/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java old mode 100755 new mode 100644 index 823917bce6..937df1652a --- a/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java +++ b/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java @@ -1,7 +1,7 @@ /* * JBoss, Home of Professional Open Source * - * Copyright 2013 Red Hat, Inc. and/or its affiliates. + * Copyright 2016 Red Hat, Inc. and/or its affiliates. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,7 +17,6 @@ */ package org.keycloak.services.resources; -import org.jboss.logging.Logger; import org.jboss.resteasy.spi.HttpRequest; import org.jboss.resteasy.spi.ResteasyProviderFactory; import org.keycloak.OAuth2Constants; @@ -60,6 +59,7 @@ import org.keycloak.services.managers.ClientSessionCode; import org.keycloak.services.messages.Messages; import org.keycloak.services.ErrorResponse; import org.keycloak.services.ErrorPage; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.Urls; import org.keycloak.services.validation.Validation; import org.keycloak.broker.social.SocialIdentityProvider; @@ -93,7 +93,7 @@ import static org.keycloak.models.Constants.ACCOUNT_MANAGEMENT_CLIENT_ID; */ public class IdentityBrokerService implements IdentityProvider.AuthenticationCallback { - private static final Logger LOGGER = Logger.getLogger(IdentityBrokerService.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; private final RealmModel realmModel; @@ -138,7 +138,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal this.event.detail(Details.IDENTITY_PROVIDER, providerId); if (isDebugEnabled()) { - LOGGER.debugf("Sending authentication request to identity provider [%s].", providerId); + logger.debugf("Sending authentication request to identity provider [%s].", providerId); } try { @@ -148,7 +148,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal if (response != null) { if (isDebugEnabled()) { - LOGGER.debugf("Identity provider [%s] is going to send a request [%s].", identityProvider, response); + logger.debugf("Identity provider [%s] is going to send a request [%s].", identityProvider, response); } return response; } @@ -252,7 +252,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal String providerId = identityProviderConfig.getAlias(); if (!identityProviderConfig.isStoreToken()) { if (isDebugEnabled()) { - LOGGER.debugf("Token will not be stored for identity provider [%s].", providerId); + logger.debugf("Token will not be stored for identity provider [%s].", providerId); } context.setToken(null); } @@ -288,7 +288,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal if (federatedUser == null) { - LOGGER.debugf("Federated user not found for provider '%s' and broker username '%s' . Redirecting to flow for firstBrokerLogin", providerId, context.getUsername()); + logger.debugf("Federated user not found for provider '%s' and broker username '%s' . Redirecting to flow for firstBrokerLogin", providerId, context.getUsername()); String username = context.getModelUsername(); if (username == null) { @@ -371,7 +371,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal String isRegisteredNewUser = clientSession.getNote(AbstractIdpAuthenticator.BROKER_REGISTERED_NEW_USER); if (Boolean.parseBoolean(isRegisteredNewUser)) { - LOGGER.debugf("Registered new user '%s' after first login with identity provider '%s'. Identity provider username is '%s' . ", federatedUser.getUsername(), providerId, context.getUsername()); + logger.debugf("Registered new user '%s' after first login with identity provider '%s'. Identity provider username is '%s' . ", federatedUser.getUsername(), providerId, context.getUsername()); context.getIdp().importNewUser(session, realmModel, federatedUser, context); Set mappers = realmModel.getIdentityProviderMappersByAlias(providerId); @@ -384,7 +384,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal } if (context.getIdpConfig().isTrustEmail() && !Validation.isBlank(federatedUser.getEmail()) && !Boolean.parseBoolean(clientSession.getNote(AbstractIdpAuthenticator.UPDATE_PROFILE_EMAIL_CHANGED))) { - LOGGER.debugf("Email verified automatically after registration of user '%s' through Identity provider '%s' ", federatedUser.getUsername(), context.getIdpConfig().getAlias()); + logger.debugf("Email verified automatically after registration of user '%s' through Identity provider '%s' ", federatedUser.getUsername(), context.getIdpConfig().getAlias()); federatedUser.setEmailVerified(true); } @@ -394,7 +394,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal .success(); } else { - LOGGER.debugf("Linked existing keycloak user '%s' with identity provider '%s' . Identity provider username is '%s' .", federatedUser.getUsername(), providerId, context.getUsername()); + logger.debugf("Linked existing keycloak user '%s' with identity provider '%s' . Identity provider username is '%s' .", federatedUser.getUsername(), providerId, context.getUsername()); event.event(EventType.FEDERATED_IDENTITY_LINK) .success(); @@ -414,11 +414,11 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal String postBrokerLoginFlowId = context.getIdpConfig().getPostBrokerLoginFlowId(); if (postBrokerLoginFlowId == null) { - LOGGER.debugf("Skip redirect to postBrokerLogin flow. PostBrokerLogin flow not set for identityProvider '%s'.", context.getIdpConfig().getAlias()); + logger.debugf("Skip redirect to postBrokerLogin flow. PostBrokerLogin flow not set for identityProvider '%s'.", context.getIdpConfig().getAlias()); return afterPostBrokerLoginFlowSuccess(clientSession, context, wasFirstBrokerLogin); } else { - LOGGER.debugf("Redirect to postBrokerLogin flow after authentication with identityProvider '%s'.", context.getIdpConfig().getAlias()); + logger.debugf("Redirect to postBrokerLogin flow after authentication with identityProvider '%s'.", context.getIdpConfig().getAlias()); clientSession.setTimestamp(Time.currentTime()); @@ -489,7 +489,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal boolean firstBrokerLoginInProgress = (clientSession.getNote(AbstractIdpAuthenticator.BROKERED_CONTEXT_NOTE) != null); if (firstBrokerLoginInProgress) { - LOGGER.debugf("Reauthenticated with broker '%s' when linking user '%s' with other broker", context.getIdpConfig().getAlias(), federatedUser.getUsername()); + logger.debugf("Reauthenticated with broker '%s' when linking user '%s' with other broker", context.getIdpConfig().getAlias(), federatedUser.getUsername()); UserModel linkingUser = AbstractIdpAuthenticator.getExistingUser(session, realmModel, clientSession); if (!linkingUser.getId().equals(federatedUser.getId())) { @@ -517,7 +517,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal userSession.setNote(Details.IDENTITY_PROVIDER_USERNAME, context.getUsername()); if (isDebugEnabled()) { - LOGGER.debugf("Performing local authentication for user [%s].", federatedUser); + logger.debugf("Performing local authentication for user [%s].", federatedUser); } return AuthenticationProcessor.redirectToRequiredActions(realmModel, clientSession, uriInfo); @@ -553,7 +553,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal UserModel authenticatedUser = clientSession.getUserSession().getUser(); if (isDebugEnabled()) { - LOGGER.debugf("Linking account [%s] from identity provider [%s] to user [%s].", federatedIdentityModel, context.getIdpConfig().getAlias(), authenticatedUser); + logger.debugf("Linking account [%s] from identity provider [%s] to user [%s].", federatedIdentityModel, context.getIdpConfig().getAlias(), authenticatedUser); } if (!authenticatedUser.isEnabled()) { @@ -585,7 +585,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal this.session.users().updateFederatedIdentity(this.realmModel, federatedUser, federatedIdentityModel); if (isDebugEnabled()) { - LOGGER.debugf("Identity [%s] update with response from identity provider [%s].", federatedUser, context.getIdpConfig().getAlias()); + logger.debugf("Identity [%s] update with response from identity provider [%s].", federatedUser, context.getIdpConfig().getAlias()); } } context.getIdp().updateBrokeredUser(session, realmModel, federatedUser, context); @@ -613,7 +613,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal throw new IdentityBrokerException("Invalid client"); } - LOGGER.debugf("Got authorization code from client [%s].", client.getClientId()); + logger.debugf("Got authorization code from client [%s].", client.getClientId()); this.event.client(client); this.session.getContext().setClient(client); @@ -623,7 +623,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal } if (isDebugEnabled()) { - LOGGER.debugf("Authorization code is valid."); + logger.debugf("Authorization code is valid."); } return clientCode; @@ -777,15 +777,15 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal this.session.getTransaction().commit(); } } catch (Exception e) { - LOGGER.error("Could not fire event.", e); + logger.couldNotFireEvent(e); rollback(); } } if (throwable != null) { - LOGGER.error(message, throwable); + logger.error(message, throwable); } else { - LOGGER.error(message); + logger.error(message); } } @@ -794,7 +794,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal } private boolean isDebugEnabled() { - return LOGGER.isDebugEnabled(); + return logger.isDebugEnabled(); } private void rollback() { diff --git a/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java b/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java index e619183ec1..38cc097367 100644 --- a/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java +++ b/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java @@ -1,3 +1,20 @@ +/* + * JBoss, Home of Professional Open Source + * + * Copyright 2016 Red Hat, Inc. and/or its affiliates. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ package org.keycloak.services.resources; import com.fasterxml.jackson.core.type.TypeReference; @@ -44,7 +61,7 @@ import java.util.*; */ public class KeycloakApplication extends Application { - private static final ServicesLogger log = ServicesLogger.ROOT_LOGGER; + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; protected Set singletons = new HashSet(); protected Set> classes = new HashSet>(); @@ -135,7 +152,7 @@ public class KeycloakApplication extends Application { session.getTransaction().commit(); } catch (Exception e) { session.getTransaction().rollback(); - log.migrationFailure(e); + logger.migrationFailure(e); } finally { session.close(); } @@ -163,7 +180,7 @@ public class KeycloakApplication extends Application { if (configDir != null) { File f = new File(configDir + File.separator + "keycloak-server.json"); if (f.isFile()) { - log.loadingFrom(f.getAbsolutePath()); + logger.loadingFrom(f.getAbsolutePath()); node = new ObjectMapper().readTree(f); } } @@ -171,7 +188,7 @@ public class KeycloakApplication extends Application { if (node == null) { URL resource = Thread.currentThread().getContextClassLoader().getResource("META-INF/keycloak-server.json"); if (resource != null) { - log.loadingFrom(resource); + logger.loadingFrom(resource); node = new ObjectMapper().readTree(resource); } } @@ -247,22 +264,22 @@ public class KeycloakApplication extends Application { manager.setContextPath(getContextPath()); if (rep.getId() != null && manager.getRealm(rep.getId()) != null) { - log.realmExists(rep.getRealm(), from); + logger.realmExists(rep.getRealm(), from); return; } if (manager.getRealmByName(rep.getRealm()) != null) { - log.realmExists(rep.getRealm(), from); + logger.realmExists(rep.getRealm(), from); return; } try { RealmModel realm = manager.importRealm(rep); session.getTransaction().commit(); - log.importedRealm(realm.getName(), from); + logger.importedRealm(realm.getName(), from); } catch (Throwable t) { session.getTransaction().rollback(); - log.unableToImportRealm(t, rep.getRealm(), from); + logger.unableToImportRealm(t, rep.getRealm(), from); } } finally { session.close(); @@ -274,14 +291,14 @@ public class KeycloakApplication extends Application { if (configDir != null) { File addUserFile = new File(configDir + File.separator + "keycloak-add-user.json"); if (addUserFile.isFile()) { - log.imprtingUsersFrom(addUserFile); + logger.imprtingUsersFrom(addUserFile); List realms; try { realms = JsonSerialization.readValue(new FileInputStream(addUserFile), new TypeReference>() { }); } catch (IOException e) { - log.failedToLoadUsers(e); + logger.failedToLoadUsers(e); return; } @@ -293,7 +310,7 @@ public class KeycloakApplication extends Application { RealmModel realm = session.realms().getRealmByName(realmRep.getRealm()); if (realm == null) { - log.addUserFailedRealmNotFound(userRep.getUsername(), realmRep.getRealm()); + logger.addUserFailedRealmNotFound(userRep.getUsername(), realmRep.getRealm()); } else { UserModel user = session.users().addUser(realm, userRep.getUsername()); user.setEnabled(userRep.isEnabled()); @@ -302,12 +319,12 @@ public class KeycloakApplication extends Application { } session.getTransaction().commit(); - log.addUserSuccess(userRep.getUsername(), realmRep.getRealm()); + logger.addUserSuccess(userRep.getUsername(), realmRep.getRealm()); } catch (ModelDuplicateException e) { - log.addUserFailedUserExists(userRep.getUsername(), realmRep.getRealm()); + logger.addUserFailedUserExists(userRep.getUsername(), realmRep.getRealm()); } catch (Throwable t) { session.getTransaction().rollback(); - log.addUserFailed(t, userRep.getUsername(), realmRep.getRealm()); + logger.addUserFailed(t, userRep.getUsername(), realmRep.getRealm()); } finally { session.close(); } @@ -315,7 +332,7 @@ public class KeycloakApplication extends Application { } if (!addUserFile.delete()) { - log.failedToDeleteFile(addUserFile.getAbsolutePath()); + logger.failedToDeleteFile(addUserFile.getAbsolutePath()); } } } diff --git a/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java b/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java index 87b390b98e..2967b67214 100755 --- a/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java +++ b/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java @@ -21,7 +21,6 @@ */ package org.keycloak.services.resources; -import org.jboss.logging.Logger; import org.jboss.resteasy.spi.HttpRequest; import org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator; import org.keycloak.authentication.authenticators.broker.util.PostBrokerLoginConstants; @@ -63,6 +62,7 @@ import org.keycloak.protocol.oidc.OIDCLoginProtocol; import org.keycloak.protocol.oidc.utils.OIDCResponseMode; import org.keycloak.protocol.oidc.utils.OIDCResponseType; import org.keycloak.services.ErrorPage; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.Urls; import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.managers.ClientSessionCode; @@ -91,7 +91,7 @@ import java.net.URI; */ public class LoginActionsService { - protected static final Logger logger = Logger.getLogger(LoginActionsService.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; public static final String ACTION_COOKIE = "KEYCLOAK_ACTION"; public static final String AUTHENTICATE_PATH = "authenticate"; @@ -225,7 +225,7 @@ public class LoginActionsService { return false; } } catch (Exception e) { - logger.error("failed to parse RestartLoginCookie", e); + logger.failedToParseRestartLoginCookie(e); } } event.error(Errors.INVALID_CODE); @@ -527,7 +527,7 @@ public class LoginActionsService { String noteKey = firstBrokerLogin ? AbstractIdpAuthenticator.BROKERED_CONTEXT_NOTE : PostBrokerLoginConstants.PBL_BROKERED_IDENTITY_CONTEXT; SerializedBrokeredIdentityContext serializedCtx = SerializedBrokeredIdentityContext.readFromClientSession(clientSessionn, noteKey); if (serializedCtx == null) { - logger.errorf("Not found serialized context in clientSession under note '%s'", noteKey); + logger.notFoundSerializedCtxInClientSession(noteKey); throw new WebApplicationException(ErrorPage.error(session, "Not found serialized context in clientSession.")); } BrokeredIdentityContext brokerContext = serializedCtx.deserialize(session, clientSessionn); @@ -535,12 +535,12 @@ public class LoginActionsService { String flowId = firstBrokerLogin ? brokerContext.getIdpConfig().getFirstBrokerLoginFlowId() : brokerContext.getIdpConfig().getPostBrokerLoginFlowId(); if (flowId == null) { - logger.errorf("Flow not configured for identity provider '%s'", identityProviderAlias); + logger.flowNotConfigForIDP(identityProviderAlias); throw new WebApplicationException(ErrorPage.error(session, "Flow not configured for identity provider")); } AuthenticationFlowModel brokerLoginFlow = realm.getAuthenticationFlowById(flowId); if (brokerLoginFlow == null) { - logger.errorf("Not found configured flow with ID '%s' for identity provider '%s'", flowId, identityProviderAlias); + logger.flowNotFoundForIDP(flowId, identityProviderAlias); throw new WebApplicationException(ErrorPage.error(session, "Flow not found for identity provider")); } @@ -659,7 +659,7 @@ public class LoginActionsService { ClientSessionCode accessCode = checks.clientCode; ClientSessionModel clientSession = accessCode.getClientSession(); if (!ClientSessionModel.Action.VERIFY_EMAIL.name().equals(clientSession.getNote(AuthenticationManager.CURRENT_REQUIRED_ACTION))) { - logger.error("required action doesn't match current required action"); + logger.reqdActionDoesNotMatch(); event.error(Errors.INVALID_CODE); throw new WebApplicationException(ErrorPage.error(session, Messages.INVALID_CODE)); } @@ -672,7 +672,7 @@ public class LoginActionsService { String keyFromSession = clientSession.getNote(Constants.VERIFY_EMAIL_KEY); clientSession.removeNote(Constants.VERIFY_EMAIL_KEY); if (!key.equals(keyFromSession)) { - logger.error("Invalid key for email verification"); + logger.invalidKeyForEmailVerification(); event.error(Errors.INVALID_USER_CREDENTIALS); throw new WebApplicationException(ErrorPage.error(session, Messages.INVALID_CODE)); } @@ -813,7 +813,7 @@ public class LoginActionsService { final ClientSessionModel clientSession = clientCode.getClientSession(); if (clientSession.getUserSession() == null) { - logger.error("user session was null"); + logger.userSessionNull(); event.error(Errors.USER_SESSION_NOT_FOUND); throw new WebApplicationException(ErrorPage.error(session, Messages.SESSION_NOT_ACTIVE)); } @@ -831,7 +831,7 @@ public class LoginActionsService { RequiredActionFactory factory = (RequiredActionFactory)session.getKeycloakSessionFactory().getProviderFactory(RequiredActionProvider.class, action); if (factory == null) { - logger.error("required action provider was null"); + logger.actionProviderNull(); event.error(Errors.INVALID_CODE); throw new WebApplicationException(ErrorPage.error(session, Messages.INVALID_CODE)); } diff --git a/services/src/main/java/org/keycloak/services/resources/ModelExceptionMapper.java b/services/src/main/java/org/keycloak/services/resources/ModelExceptionMapper.java index 49264902ac..643348eaf2 100644 --- a/services/src/main/java/org/keycloak/services/resources/ModelExceptionMapper.java +++ b/services/src/main/java/org/keycloak/services/resources/ModelExceptionMapper.java @@ -1,3 +1,20 @@ +/* + * JBoss, Home of Professional Open Source + * + * Copyright 2016 Red Hat, Inc. and/or its affiliates. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ package org.keycloak.services.resources; import javax.ws.rs.core.Context; @@ -5,11 +22,11 @@ import javax.ws.rs.core.Response; import javax.ws.rs.ext.ExceptionMapper; import javax.ws.rs.ext.Provider; -import org.jboss.logging.Logger; import org.keycloak.messages.MessagesProvider; import org.keycloak.models.KeycloakSession; import org.keycloak.models.ModelException; import org.keycloak.services.ErrorResponse; +import org.keycloak.services.ServicesLogger; /** * @author Leonardo Zanivan @@ -17,7 +34,7 @@ import org.keycloak.services.ErrorResponse; @Provider public class ModelExceptionMapper implements ExceptionMapper { - private static final Logger logger = Logger.getLogger(ModelExceptionMapper.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; @Context private KeycloakSession session; diff --git a/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java b/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java index 6758af99b0..42ce480691 100755 --- a/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java +++ b/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java @@ -1,12 +1,29 @@ +/* + * JBoss, Home of Professional Open Source + * + * Copyright 2016 Red Hat, Inc. and/or its affiliates. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ package org.keycloak.services.resources; -import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.spi.HttpRequest; import org.jboss.resteasy.spi.HttpResponse; import org.keycloak.models.RealmModel; import org.keycloak.protocol.oidc.OIDCLoginProtocolService; import org.keycloak.representations.idm.PublishedRealmRepresentation; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.resources.admin.AdminRoot; import javax.ws.rs.GET; @@ -25,7 +42,7 @@ import javax.ws.rs.core.UriInfo; * @version $Revision: 1 $ */ public class PublicRealmResource { - protected static final Logger logger = Logger.getLogger(PublicRealmResource.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; @Context protected UriInfo uriInfo; diff --git a/services/src/main/java/org/keycloak/services/resources/RealmsResource.java b/services/src/main/java/org/keycloak/services/resources/RealmsResource.java index e3a418d172..3a764d6320 100755 --- a/services/src/main/java/org/keycloak/services/resources/RealmsResource.java +++ b/services/src/main/java/org/keycloak/services/resources/RealmsResource.java @@ -1,6 +1,22 @@ +/* + * JBoss, Home of Professional Open Source + * + * Copyright 2016 Red Hat, Inc. and/or its affiliates. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ package org.keycloak.services.resources; -import org.jboss.logging.Logger; import org.jboss.resteasy.spi.NotFoundException; import org.jboss.resteasy.spi.ResteasyProviderFactory; import org.keycloak.common.ClientConnection; @@ -13,6 +29,7 @@ import org.keycloak.protocol.LoginProtocol; import org.keycloak.protocol.LoginProtocolFactory; import org.keycloak.protocol.oidc.OIDCLoginProtocol; import org.keycloak.protocol.oidc.OIDCLoginProtocolService; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.clientregistration.ClientRegistrationService; import org.keycloak.services.managers.RealmManager; import org.keycloak.services.util.CacheControlUtil; @@ -31,7 +48,7 @@ import javax.ws.rs.core.*; */ @Path("/realms") public class RealmsResource { - protected static Logger logger = Logger.getLogger(RealmsResource.class); + protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; @Context protected KeycloakSession session; diff --git a/services/src/main/java/org/keycloak/services/resources/ServerVersionResource.java b/services/src/main/java/org/keycloak/services/resources/ServerVersionResource.java index ffc3aa326c..29ebcb6c04 100755 --- a/services/src/main/java/org/keycloak/services/resources/ServerVersionResource.java +++ b/services/src/main/java/org/keycloak/services/resources/ServerVersionResource.java @@ -1,10 +1,27 @@ +/* + * JBoss, Home of Professional Open Source + * + * Copyright 2016 Red Hat, Inc. and/or its affiliates. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ package org.keycloak.services.resources; -import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.spi.HttpRequest; import org.jboss.resteasy.spi.HttpResponse; import org.keycloak.representations.VersionRepresentation; +import org.keycloak.services.ServicesLogger; import javax.ws.rs.GET; import javax.ws.rs.OPTIONS; @@ -21,7 +38,7 @@ import javax.ws.rs.core.Response; @Path("/version") public class ServerVersionResource { - protected static final Logger logger = Logger.getLogger(ServerVersionResource.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; @Context protected HttpRequest request; diff --git a/services/src/main/java/org/keycloak/services/resources/ThemeResource.java b/services/src/main/java/org/keycloak/services/resources/ThemeResource.java old mode 100755 new mode 100644 index 1bc5f49b02..658f911485 --- a/services/src/main/java/org/keycloak/services/resources/ThemeResource.java +++ b/services/src/main/java/org/keycloak/services/resources/ThemeResource.java @@ -1,11 +1,28 @@ +/* + * JBoss, Home of Professional Open Source + * + * Copyright 2016 Red Hat, Inc. and/or its affiliates. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ package org.keycloak.services.resources; -import org.jboss.logging.Logger; import org.keycloak.common.Version; import org.keycloak.theme.Theme; import org.keycloak.theme.ThemeProvider; import org.keycloak.models.KeycloakSession; import org.keycloak.common.util.MimeTypeUtil; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.util.CacheControlUtil; import javax.ws.rs.GET; @@ -23,7 +40,7 @@ import java.io.InputStream; @Path("/resources") public class ThemeResource { - private static final Logger logger = Logger.getLogger(ThemeResource.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; @Context private KeycloakSession session; @@ -53,7 +70,7 @@ public class ThemeResource { return Response.status(Response.Status.NOT_FOUND).build(); } } catch (Exception e) { - logger.warn("Failed to get theme resource", e); + logger.failedToGetThemeRequest(e); return Response.serverError().build(); } } diff --git a/services/src/main/java/org/keycloak/services/resources/WelcomeResource.java b/services/src/main/java/org/keycloak/services/resources/WelcomeResource.java index 9b0dfac03c..0f2f00f3b8 100755 --- a/services/src/main/java/org/keycloak/services/resources/WelcomeResource.java +++ b/services/src/main/java/org/keycloak/services/resources/WelcomeResource.java @@ -1,12 +1,29 @@ +/* + * JBoss, Home of Professional Open Source + * + * Copyright 2016 Red Hat, Inc. and/or its affiliates. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ package org.keycloak.services.resources; -import org.jboss.logging.Logger; import org.keycloak.Config; import org.keycloak.theme.FreeMarkerUtil; import org.keycloak.theme.Theme; import org.keycloak.theme.ThemeProvider; import org.keycloak.models.KeycloakSession; import org.keycloak.common.util.MimeTypeUtil; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.managers.ApplianceBootstrap; import org.keycloak.services.util.CacheControlUtil; @@ -27,7 +44,7 @@ import java.util.Map; @Path("/") public class WelcomeResource { - private static final Logger logger = Logger.getLogger(WelcomeResource.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; private boolean bootstrap; @@ -69,7 +86,7 @@ public class WelcomeResource { return createWelcomePage(null, null); } else { if (!isLocal()) { - logger.errorv("Rejected non-local attempt to create initial user from {0}", session.getContext().getConnection().getRemoteAddr()); + logger.rejectedNonLocalAttemptToCreateInitialUser(session.getContext().getConnection().getRemoteAddr()); throw new WebApplicationException(Response.Status.BAD_REQUEST); } @@ -94,10 +111,10 @@ public class WelcomeResource { bootstrap = false; applianceBootstrap.createMasterRealmUser(username, password); - logger.infov("Created initial admin user with username {0}", username); + logger.createdInitialAdminUser(username); return createWelcomePage("User created", null); } else { - logger.warnv("Rejected attempt to create initial user as user is already created"); + logger.initialUserAlreadyCreated(); return createWelcomePage(null, "Users already exists"); } } From 446cd3701f6f21021c88b70db6d179f00e83d0b7 Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Wed, 20 Jan 2016 14:23:37 -0500 Subject: [PATCH 26/30] KEYCLOAK-1280: i18n logging for org.keycloak.services.resources --- .../org/keycloak/services/ServicesLogger.java | 42 +++++++++++++++++++ .../resources/admin/AdminConsole.java | 26 +++++++++--- .../resources/admin/AdminEventBuilder.java | 28 ++++++++++--- .../services/resources/admin/AdminRoot.java | 22 ++++++++-- .../admin/AttackDetectionResource.java | 20 ++++++++- .../AuthenticationManagementResource.java | 26 +++++++++--- .../resources/admin/ClientResource.java | 20 ++++++++- .../admin/ClientRoleMappingsResource.java | 20 ++++++++- .../admin/ClientTemplateResource.java | 20 ++++++++- .../admin/ClientTemplatesResource.java | 26 +++++++++--- .../resources/admin/ClientsResource.java | 28 ++++++++++--- .../resources/admin/GroupResource.java | 19 +++++++-- .../resources/admin/GroupsResource.java | 19 +++++++-- .../admin/IdentityProviderResource.java | 20 ++++++++- .../admin/ProtocolMappersResource.java | 24 +++++++++-- .../resources/admin/RealmAdminResource.java | 20 ++++++++- .../resources/admin/RealmsAdminResource.java | 28 ++++++++++--- .../resources/admin/RoleByIdResource.java | 22 ++++++++-- .../resources/admin/RoleMapperResource.java | 20 ++++++++- .../admin/UserFederationProviderResource.java | 24 +++++++++-- .../UserFederationProvidersResource.java | 28 ++++++++++--- .../resources/admin/UsersResource.java | 22 ++++++++-- 22 files changed, 448 insertions(+), 76 deletions(-) mode change 100755 => 100644 services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java mode change 100755 => 100644 services/src/main/java/org/keycloak/services/resources/admin/ClientTemplateResource.java mode change 100755 => 100644 services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java mode change 100755 => 100644 services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java mode change 100755 => 100644 services/src/main/java/org/keycloak/services/resources/admin/RoleMapperResource.java diff --git a/services/src/main/java/org/keycloak/services/ServicesLogger.java b/services/src/main/java/org/keycloak/services/ServicesLogger.java index ec84a8083e..e0ff699fe1 100644 --- a/services/src/main/java/org/keycloak/services/ServicesLogger.java +++ b/services/src/main/java/org/keycloak/services/ServicesLogger.java @@ -28,9 +28,11 @@ import org.jboss.logging.annotations.Message; import org.jboss.logging.annotations.MessageLogger; import static org.jboss.logging.Logger.Level.ERROR; +import static org.jboss.logging.Logger.Level.FATAL; import static org.jboss.logging.Logger.Level.INFO; import static org.jboss.logging.Logger.Level.WARN; import org.keycloak.email.EmailException; +import org.keycloak.events.EventListenerProvider; import org.keycloak.models.ModelDuplicateException; @@ -351,4 +353,44 @@ public interface ServicesLogger extends BasicLogger { @LogMessage(level = WARN) @Message(id=78, value="Rejected attempt to create initial user as user is already created") void initialUserAlreadyCreated(); + + @LogMessage(level = WARN) + @Message(id=79, value="Locale not specified for messages.json") + void localeNotSpecified(); + + @LogMessage(level = WARN) + @Message(id=80, value="Message bundle not found for language code '%s'") + void msgBundleNotFound(String lang); + + @LogMessage(level = FATAL) + @Message(id=81, value="Message bundle not found for language code 'en'") + void msgBundleNotFoundForEn(); + + @LogMessage(level = ERROR) + @Message(id=82, value="Admin Events enabled, but no event store provider configured") + void noEventStoreProvider(); + + @LogMessage(level = ERROR) + @Message(id=83, value="Event listener '%s' registered, but provider not found") + void providerNotFound(String id); + + @LogMessage(level = ERROR) + @Message(id=84, value="Failed to save event") + void failedToSaveEvent(@Cause Throwable t); + + @LogMessage(level = ERROR) + @Message(id=85, value="Failed to send type to %s") + void failedToSendType(@Cause Throwable t, EventListenerProvider listener); + + @LogMessage(level = INFO) + @Message(id=86, value="Added 'kerberos' to required realm credentials") + void addedKerberosToRealmCredentials(); + + @LogMessage(level = INFO) + @Message(id=87, value="Syncing data for mapper '%s' of type '%s'. Direction: %s") + void syncingDataForMapper(String modelName, String mapperType, String direction); + + @LogMessage(level = ERROR) + @Message(id=88, value="Failed to send execute actions email") + void failedToSendActionsEmail(@Cause EmailException e); } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java b/services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java old mode 100755 new mode 100644 index bf1a69bae7..2f9d14a917 --- a/services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java @@ -1,7 +1,22 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.resources.admin; import com.fasterxml.jackson.annotation.JsonProperty; -import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.spi.HttpRequest; import org.jboss.resteasy.spi.HttpResponse; @@ -21,6 +36,7 @@ import org.keycloak.models.RealmModel; import org.keycloak.models.RoleModel; import org.keycloak.models.UserModel; import org.keycloak.protocol.oidc.OIDCLoginProtocolService; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.managers.AppAuthManager; import org.keycloak.services.managers.ClientManager; import org.keycloak.services.managers.AuthenticationManager; @@ -48,7 +64,7 @@ import javax.ws.rs.QueryParam; * @version $Revision: 1 $ */ public class AdminConsole { - protected static final Logger logger = Logger.getLogger(AdminConsole.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; @Context protected UriInfo uriInfo; @@ -302,18 +318,18 @@ public class AdminConsole { @Produces(MediaType.APPLICATION_JSON) public Properties getMessages(@QueryParam("lang") String lang) { if (lang == null) { - logger.warn("Locale not specified for messages.json"); + logger.localeNotSpecified(); lang = "en"; } try { Properties msgs = getTheme().getMessages("admin-messages", Locale.forLanguageTag(lang)); if (msgs.isEmpty()) { - logger.warn("Message bundle not found for language code '" + lang + "'"); + logger.msgBundleNotFound(lang); msgs = getTheme().getMessages("admin-messages", Locale.ENGLISH); } - if (msgs.isEmpty()) logger.fatal("Message bundle not found for language code 'en'"); + if (msgs.isEmpty()) logger.msgBundleNotFoundForEn(); return msgs; } catch (IOException e) { diff --git a/services/src/main/java/org/keycloak/services/resources/admin/AdminEventBuilder.java b/services/src/main/java/org/keycloak/services/resources/admin/AdminEventBuilder.java index ea88a7d9b5..89b4fbd115 100644 --- a/services/src/main/java/org/keycloak/services/resources/admin/AdminEventBuilder.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/AdminEventBuilder.java @@ -1,10 +1,25 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.resources.admin; import java.io.IOException; import java.util.LinkedList; import java.util.List; -import org.jboss.logging.Logger; import org.keycloak.common.ClientConnection; import org.keycloak.events.EventListenerProvider; import org.keycloak.events.EventStoreProvider; @@ -15,6 +30,7 @@ import org.keycloak.models.ClientModel; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.models.UserModel; +import org.keycloak.services.ServicesLogger; import org.keycloak.util.JsonSerialization; import org.keycloak.common.util.Time; @@ -22,7 +38,7 @@ import javax.ws.rs.core.UriInfo; public class AdminEventBuilder { - private static final Logger log = Logger.getLogger(AdminEventBuilder.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; private EventStoreProvider store; private List listeners; @@ -38,7 +54,7 @@ public class AdminEventBuilder { if (store != null) { this.store = store; } else { - log.error("Admin Events enabled, but no event store provider configured"); + logger.noEventStoreProvider(); } } @@ -49,7 +65,7 @@ public class AdminEventBuilder { if (listener != null) { listeners.add(listener); } else { - log.error("Event listener '" + id + "' registered, but provider not found"); + logger.providerNotFound(id); } } } @@ -199,7 +215,7 @@ public class AdminEventBuilder { try { store.onEvent(adminEvent, includeRepresentation); } catch (Throwable t) { - log.error("Failed to save event", t); + logger.failedToSaveEvent(t); } } @@ -208,7 +224,7 @@ public class AdminEventBuilder { try { l.onEvent(adminEvent, includeRepresentation); } catch (Throwable t) { - log.error("Failed to send type to " + l, t); + logger.failedToSendType(t, l); } } } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/AdminRoot.java b/services/src/main/java/org/keycloak/services/resources/admin/AdminRoot.java index 4b9a65c631..d29ffe7921 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/AdminRoot.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/AdminRoot.java @@ -1,6 +1,21 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.resources.admin; -import org.jboss.logging.Logger; import org.jboss.resteasy.spi.HttpRequest; import org.jboss.resteasy.spi.HttpResponse; import org.jboss.resteasy.spi.NoLogWebApplicationException; @@ -17,6 +32,7 @@ import org.keycloak.models.RealmModel; import org.keycloak.protocol.oidc.TokenManager; import org.keycloak.representations.AccessToken; import org.keycloak.services.ForbiddenException; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.managers.AppAuthManager; import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.managers.RealmManager; @@ -40,7 +56,7 @@ import javax.ws.rs.core.UriInfo; */ @Path("/admin") public class AdminRoot { - protected static final Logger logger = Logger.getLogger(AdminRoot.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; @Context protected UriInfo uriInfo; @@ -189,7 +205,7 @@ public class AdminRoot { } Cors.add(request).allowedOrigins(auth.getToken()).allowedMethods("GET", "PUT", "POST", "DELETE").auth().build(response); - + RealmsAdminResource adminResource = new RealmsAdminResource(auth, tokenManager); ResteasyProviderFactory.getInstance().injectProperties(adminResource); return adminResource; diff --git a/services/src/main/java/org/keycloak/services/resources/admin/AttackDetectionResource.java b/services/src/main/java/org/keycloak/services/resources/admin/AttackDetectionResource.java index c2fb26fd86..ee9b046ae7 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/AttackDetectionResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/AttackDetectionResource.java @@ -1,12 +1,28 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.resources.admin; -import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; import org.keycloak.common.ClientConnection; import org.keycloak.events.admin.OperationType; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.models.UsernameLoginFailureModel; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.managers.BruteForceProtector; import javax.ws.rs.DELETE; @@ -28,7 +44,7 @@ import java.util.Map; * @version $Revision: 1 $ */ public class AttackDetectionResource { - protected static final Logger logger = Logger.getLogger(AttackDetectionResource.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; protected RealmAuth auth; protected RealmModel realm; private AdminEventBuilder adminEvent; diff --git a/services/src/main/java/org/keycloak/services/resources/admin/AuthenticationManagementResource.java b/services/src/main/java/org/keycloak/services/resources/admin/AuthenticationManagementResource.java index 9ff6807c6d..0837a6765a 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/AuthenticationManagementResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/AuthenticationManagementResource.java @@ -1,6 +1,21 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.resources.admin; -import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.spi.BadRequestException; import org.jboss.resteasy.spi.NotFoundException; @@ -23,6 +38,7 @@ import org.keycloak.provider.ProviderConfigProperty; import org.keycloak.provider.ProviderFactory; import org.keycloak.representations.idm.ConfigPropertyRepresentation; import org.keycloak.services.ErrorResponse; +import org.keycloak.services.ServicesLogger; import org.keycloak.utils.CredentialHelper; import javax.ws.rs.Consumes; @@ -57,7 +73,7 @@ public class AuthenticationManagementResource { @Context private UriInfo uriInfo; - private static Logger logger = Logger.getLogger(AuthenticationManagementResource.class); + private static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; public AuthenticationManagementResource(RealmModel realm, KeycloakSession session, RealmAuth auth, AdminEventBuilder adminEvent) { this.realm = realm; @@ -276,7 +292,7 @@ public class AuthenticationManagementResource { @Consumes(MediaType.APPLICATION_JSON) public Response createFlow(AuthenticationFlowModel model) { this.auth.requireManage(); - + if (model.getAlias() == null || model.getAlias().isEmpty()) { return ErrorResponse.exists("Failed to create flow with empty alias name"); } @@ -715,12 +731,12 @@ public class AuthenticationManagementResource { if (parentFlow.isBuiltIn()) { throw new BadRequestException("It is illegal to remove execution from a built in flow"); } - + if(model.getFlowId() != null) { AuthenticationFlowModel nonTopLevelFlow = realm.getAuthenticationFlowById(model.getFlowId()); realm.removeAuthenticationFlow(nonTopLevelFlow); } - + realm.removeAuthenticatorExecution(model); } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java index 6a26b85ba5..e38f186108 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java @@ -1,6 +1,21 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.resources.admin; -import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.spi.BadRequestException; import org.jboss.resteasy.spi.NotFoundException; @@ -23,6 +38,7 @@ import org.keycloak.representations.idm.ClientRepresentation; import org.keycloak.representations.idm.CredentialRepresentation; import org.keycloak.representations.idm.UserRepresentation; import org.keycloak.representations.idm.UserSessionRepresentation; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.clientregistration.ClientRegistrationTokenUtils; import org.keycloak.services.managers.ClientManager; import org.keycloak.services.managers.RealmManager; @@ -62,7 +78,7 @@ import static java.lang.Boolean.TRUE; * @version $Revision: 1 $ */ public class ClientResource { - protected static final Logger logger = Logger.getLogger(ClientResource.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; protected RealmModel realm; private RealmAuth auth; private AdminEventBuilder adminEvent; diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientRoleMappingsResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientRoleMappingsResource.java index 9f5188c5e0..fc045cd30c 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/ClientRoleMappingsResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientRoleMappingsResource.java @@ -1,6 +1,21 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.resources.admin; -import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.spi.NotFoundException; import org.keycloak.events.admin.OperationType; @@ -10,6 +25,7 @@ import org.keycloak.models.RoleMapperModel; import org.keycloak.models.RoleModel; import org.keycloak.models.utils.ModelToRepresentation; import org.keycloak.representations.idm.RoleRepresentation; +import org.keycloak.services.ServicesLogger; import javax.ws.rs.Consumes; import javax.ws.rs.DELETE; @@ -30,7 +46,7 @@ import java.util.Set; * @version $Revision: 1 $ */ public class ClientRoleMappingsResource { - protected static final Logger logger = Logger.getLogger(ClientRoleMappingsResource.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; protected RealmModel realm; protected RealmAuth auth; diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientTemplateResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientTemplateResource.java old mode 100755 new mode 100644 index c67c04d3f2..5b3028076e --- a/services/src/main/java/org/keycloak/services/resources/admin/ClientTemplateResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientTemplateResource.java @@ -1,6 +1,21 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.resources.admin; -import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.spi.ResteasyProviderFactory; import org.keycloak.events.admin.OperationType; @@ -12,6 +27,7 @@ import org.keycloak.models.utils.ModelToRepresentation; import org.keycloak.models.utils.RepresentationToModel; import org.keycloak.representations.idm.ClientTemplateRepresentation; import org.keycloak.services.ErrorResponse; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.resources.KeycloakApplication; import javax.ws.rs.Consumes; @@ -33,7 +49,7 @@ import javax.ws.rs.core.UriInfo; * @version $Revision: 1 $ */ public class ClientTemplateResource { - protected static final Logger logger = Logger.getLogger(ClientTemplateResource.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; protected RealmModel realm; private RealmAuth auth; private AdminEventBuilder adminEvent; diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientTemplatesResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientTemplatesResource.java index e3c6387b41..daa23f1c19 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/ClientTemplatesResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientTemplatesResource.java @@ -1,6 +1,21 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.resources.admin; -import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.spi.NotFoundException; import org.jboss.resteasy.spi.ResteasyProviderFactory; @@ -13,6 +28,7 @@ import org.keycloak.models.utils.ModelToRepresentation; import org.keycloak.models.utils.RepresentationToModel; import org.keycloak.representations.idm.ClientTemplateRepresentation; import org.keycloak.services.ErrorResponse; +import org.keycloak.services.ServicesLogger; import javax.ws.rs.Consumes; import javax.ws.rs.GET; @@ -34,7 +50,7 @@ import java.util.List; * @version $Revision: 1 $ */ public class ClientTemplatesResource { - protected static final Logger logger = Logger.getLogger(RealmAdminResource.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; protected RealmModel realm; private RealmAuth auth; private AdminEventBuilder adminEvent; @@ -46,7 +62,7 @@ public class ClientTemplatesResource { this.realm = realm; this.auth = auth; this.adminEvent = adminEvent; - + auth.init(RealmAuth.Resource.CLIENT); } @@ -96,9 +112,9 @@ public class ClientTemplatesResource { try { ClientTemplateModel clientModel = RepresentationToModel.createClientTemplate(session, realm, rep); - + adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo, clientModel.getId()).representation(rep).success(); - + return Response.created(uriInfo.getAbsolutePathBuilder().path(clientModel.getId()).build()).build(); } catch (ModelDuplicateException e) { return ErrorResponse.exists("Client Template " + rep.getName() + " already exists"); diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java index 8b5decd4b3..78a4597aac 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java @@ -1,6 +1,21 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.resources.admin; -import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.spi.NotFoundException; import org.jboss.resteasy.spi.ResteasyProviderFactory; @@ -12,6 +27,7 @@ import org.keycloak.models.RealmModel; import org.keycloak.models.utils.ModelToRepresentation; import org.keycloak.representations.idm.ClientRepresentation; import org.keycloak.services.ErrorResponse; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.managers.ClientManager; import javax.ws.rs.Consumes; @@ -35,11 +51,11 @@ import java.util.List; * @version $Revision: 1 $ */ public class ClientsResource { - protected static final Logger logger = Logger.getLogger(RealmAdminResource.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; protected RealmModel realm; private RealmAuth auth; private AdminEventBuilder adminEvent; - + @Context protected KeycloakSession session; @@ -47,7 +63,7 @@ public class ClientsResource { this.realm = realm; this.auth = auth; this.adminEvent = adminEvent; - + auth.init(RealmAuth.Resource.CLIENT); } @@ -96,9 +112,9 @@ public class ClientsResource { try { ClientModel clientModel = ClientManager.createClient(session, realm, rep, true); - + adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo, clientModel.getId()).representation(rep).success(); - + return Response.created(uriInfo.getAbsolutePathBuilder().path(clientModel.getId()).build()).build(); } catch (ModelDuplicateException e) { return ErrorResponse.exists("Client " + rep.getClientId() + " already exists"); diff --git a/services/src/main/java/org/keycloak/services/resources/admin/GroupResource.java b/services/src/main/java/org/keycloak/services/resources/admin/GroupResource.java index 4fe413045a..8dddacd457 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/GroupResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/GroupResource.java @@ -1,6 +1,21 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.resources.admin; -import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.spi.NotFoundException; import org.jboss.resteasy.spi.ResteasyProviderFactory; @@ -36,8 +51,6 @@ import java.util.Set; */ public class GroupResource { - private static Logger logger = Logger.getLogger(GroupResource.class); - private final RealmModel realm; private final KeycloakSession session; private final RealmAuth auth; diff --git a/services/src/main/java/org/keycloak/services/resources/admin/GroupsResource.java b/services/src/main/java/org/keycloak/services/resources/admin/GroupsResource.java index 67e4970b14..cc48796c58 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/GroupsResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/GroupsResource.java @@ -1,6 +1,21 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.resources.admin; -import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.spi.NotFoundException; import org.jboss.resteasy.spi.ResteasyProviderFactory; @@ -28,8 +43,6 @@ import java.util.List; */ public class GroupsResource { - private static Logger logger = Logger.getLogger(GroupsResource.class); - private final RealmModel realm; private final KeycloakSession session; private final RealmAuth auth; diff --git a/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java b/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java old mode 100755 new mode 100644 index 4b166478b0..8b4adca386 --- a/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java @@ -1,6 +1,21 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.resources.admin; -import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.spi.NotFoundException; import org.keycloak.broker.provider.IdentityProvider; @@ -24,6 +39,7 @@ import org.keycloak.representations.idm.IdentityProviderMapperRepresentation; import org.keycloak.representations.idm.IdentityProviderMapperTypeRepresentation; import org.keycloak.representations.idm.IdentityProviderRepresentation; import org.keycloak.services.ErrorResponse; +import org.keycloak.services.ServicesLogger; import org.keycloak.broker.social.SocialIdentityProvider; import javax.ws.rs.Consumes; @@ -51,7 +67,7 @@ import java.util.Map; */ public class IdentityProviderResource { - private static Logger logger = Logger.getLogger(IdentityProviderResource.class); + private static ServicesLogger logger = ServicesLogger.ROOT_LOGGER; private final RealmAuth auth; private final RealmModel realm; diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ProtocolMappersResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ProtocolMappersResource.java index b966a17618..3258fc2736 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/ProtocolMappersResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ProtocolMappersResource.java @@ -1,6 +1,21 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.resources.admin; -import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.spi.NotFoundException; import org.keycloak.events.admin.OperationType; @@ -12,6 +27,7 @@ import org.keycloak.models.utils.ModelToRepresentation; import org.keycloak.models.utils.RepresentationToModel; import org.keycloak.representations.idm.ProtocolMapperRepresentation; import org.keycloak.services.ErrorResponse; +import org.keycloak.services.ServicesLogger; import javax.ws.rs.Consumes; import javax.ws.rs.DELETE; @@ -36,12 +52,12 @@ import java.util.List; * @version $Revision: 1 $ */ public class ProtocolMappersResource { - protected static final Logger logger = Logger.getLogger(ProtocolMappersResource.class); - + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; + protected ProtocolMapperContainerModel client; protected RealmAuth auth; - + protected AdminEventBuilder adminEvent; @Context diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java old mode 100755 new mode 100644 index e282ef09c9..516ba28b1d --- a/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java @@ -1,6 +1,21 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.resources.admin; -import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.spi.BadRequestException; import org.jboss.resteasy.spi.NotFoundException; @@ -38,6 +53,7 @@ import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.managers.LDAPConnectionTestManager; import org.keycloak.services.managers.RealmManager; import org.keycloak.services.managers.ResourceAdminManager; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.managers.UsersSyncManager; import org.keycloak.services.ErrorResponse; import org.keycloak.timer.TimerProvider; @@ -75,7 +91,7 @@ import org.keycloak.representations.idm.PartialImportRepresentation; * @version $Revision: 1 $ */ public class RealmAdminResource { - protected static final Logger logger = Logger.getLogger(RealmAdminResource.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; protected RealmAuth auth; protected RealmModel realm; private TokenManager tokenManager; diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java index 1656fab855..c7cd924699 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java @@ -1,6 +1,21 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.resources.admin; -import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.spi.NotFoundException; import org.jboss.resteasy.spi.ResteasyProviderFactory; @@ -18,6 +33,7 @@ import org.keycloak.services.ForbiddenException; import org.keycloak.services.managers.RealmManager; import org.keycloak.services.resources.KeycloakApplication; import org.keycloak.services.ErrorResponse; +import org.keycloak.services.ServicesLogger; import javax.ws.rs.Consumes; import javax.ws.rs.GET; @@ -43,16 +59,16 @@ import java.util.List; * @version $Revision: 1 $ */ public class RealmsAdminResource { - protected static final Logger logger = Logger.getLogger(RealmsAdminResource.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; protected AdminAuth auth; protected TokenManager tokenManager; @Context protected KeycloakSession session; - + @Context protected KeycloakApplication keycloak; - + @Context protected ClientConnection clientConnection; @@ -132,7 +148,7 @@ public class RealmsAdminResource { URI location = AdminRoot.realmsUrl(uriInfo).path(realm.getName()).build(); logger.debugv("imported realm success, sending back: {0}", location.toString()); - + return Response.created(location).build(); } catch (ModelDuplicateException e) { return ErrorResponse.exists("Realm " + rep.getRealm() + " already exists"); @@ -177,7 +193,7 @@ public class RealmsAdminResource { } else { realmAuth = new RealmAuth(auth, realm.getClientByClientId(realmManager.getRealmAdminClientId(auth.getRealm()))); } - + AdminEventBuilder adminEvent = new AdminEventBuilder(realm, auth, session, clientConnection); session.getContext().setRealm(realm); diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RoleByIdResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RoleByIdResource.java index 1482cabe3f..2e82be4216 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/RoleByIdResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/RoleByIdResource.java @@ -1,6 +1,21 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.resources.admin; -import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.spi.NotFoundException; import org.keycloak.events.admin.OperationType; @@ -10,6 +25,7 @@ import org.keycloak.models.RealmModel; import org.keycloak.models.RoleModel; import org.keycloak.models.UserModel; import org.keycloak.representations.idm.RoleRepresentation; +import org.keycloak.services.ServicesLogger; import javax.ws.rs.Consumes; import javax.ws.rs.DELETE; @@ -33,7 +49,7 @@ import java.util.Set; * @version $Revision: 1 $ */ public class RoleByIdResource extends RoleResource { - protected static final Logger logger = Logger.getLogger(RoleByIdResource.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; private final RealmModel realm; private final RealmAuth auth; private AdminEventBuilder adminEvent; @@ -226,7 +242,7 @@ public class RoleByIdResource extends RoleResource { RoleModel role = getRoleModel(id); auth.requireManage(); deleteComposites(roles, role); - + adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).representation(roles).success(); } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RoleMapperResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RoleMapperResource.java old mode 100755 new mode 100644 index 202ac3add9..c6ae9da673 --- a/services/src/main/java/org/keycloak/services/resources/admin/RoleMapperResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/RoleMapperResource.java @@ -1,6 +1,21 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.resources.admin; -import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.spi.NotFoundException; import org.keycloak.common.ClientConnection; @@ -14,6 +29,7 @@ import org.keycloak.models.utils.ModelToRepresentation; import org.keycloak.representations.idm.ClientMappingsRepresentation; import org.keycloak.representations.idm.MappingsRepresentation; import org.keycloak.representations.idm.RoleRepresentation; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.managers.RealmManager; import javax.ws.rs.Consumes; @@ -40,7 +56,7 @@ import java.util.Set; * @version $Revision: 1 $ */ public class RoleMapperResource { - protected static final Logger logger = Logger.getLogger(RoleMapperResource.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; protected RealmModel realm; diff --git a/services/src/main/java/org/keycloak/services/resources/admin/UserFederationProviderResource.java b/services/src/main/java/org/keycloak/services/resources/admin/UserFederationProviderResource.java index 29402474df..d398e8a75b 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/UserFederationProviderResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/UserFederationProviderResource.java @@ -1,3 +1,19 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.resources.admin; import java.util.Collections; @@ -21,7 +37,6 @@ import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import javax.ws.rs.core.UriInfo; -import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.spi.NotFoundException; import org.keycloak.events.admin.OperationType; @@ -46,6 +61,7 @@ import org.keycloak.representations.idm.UserFederationMapperRepresentation; import org.keycloak.representations.idm.UserFederationMapperTypeRepresentation; import org.keycloak.representations.idm.UserFederationProviderRepresentation; import org.keycloak.services.ErrorResponseException; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.managers.UsersSyncManager; import org.keycloak.timer.TimerProvider; @@ -54,7 +70,7 @@ import org.keycloak.timer.TimerProvider; */ public class UserFederationProviderResource { - protected static final Logger logger = Logger.getLogger(UserFederationProviderResource.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; private final KeycloakSession session; private final RealmModel realm; @@ -93,7 +109,7 @@ public class UserFederationProviderResource { new UsersSyncManager().refreshPeriodicSyncForProvider(session.getKeycloakSessionFactory(), session.getProvider(TimerProvider.class), model, realm.getId()); boolean kerberosCredsAdded = UserFederationProvidersResource.checkKerberosCredential(session, realm, model); if (kerberosCredsAdded) { - logger.info("Added 'kerberos' to required realm credentials"); + logger.addedKerberosToRealmCredentials(); } adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(rep).success(); @@ -335,7 +351,7 @@ public class UserFederationProviderResource { UserFederationProviderFactory providerFactory = (UserFederationProviderFactory) session.getKeycloakSessionFactory().getProviderFactory(UserFederationProvider.class, providerModel.getProviderName()); UserFederationProvider federationProvider = providerFactory.getInstance(session, providerModel); - logger.infof("Syncing data for mapper '%s' of type '%s'. Direction: %s", mapperModel.getName(), mapperModel.getFederationMapperType(), direction); + logger.syncingDataForMapper(mapperModel.getName(), mapperModel.getFederationMapperType(), direction); UserFederationSyncResult syncResult; if ("fedToKeycloak".equals(direction)) { diff --git a/services/src/main/java/org/keycloak/services/resources/admin/UserFederationProvidersResource.java b/services/src/main/java/org/keycloak/services/resources/admin/UserFederationProvidersResource.java index 1c390ad5ac..dd97f794e1 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/UserFederationProvidersResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/UserFederationProvidersResource.java @@ -1,6 +1,21 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.resources.admin; -import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.spi.NotFoundException; import org.jboss.resteasy.spi.ResteasyProviderFactory; @@ -20,6 +35,7 @@ import org.keycloak.representations.idm.ConfigPropertyRepresentation; import org.keycloak.representations.idm.CredentialRepresentation; import org.keycloak.representations.idm.UserFederationProviderFactoryRepresentation; import org.keycloak.representations.idm.UserFederationProviderRepresentation; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.managers.UsersSyncManager; import org.keycloak.timer.TimerProvider; import org.keycloak.utils.CredentialHelper; @@ -46,12 +62,12 @@ import java.util.List; * @version $Revision: 1 $ */ public class UserFederationProvidersResource { - protected static final Logger logger = Logger.getLogger(UserFederationProvidersResource.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; protected RealmModel realm; protected RealmAuth auth; - + protected AdminEventBuilder adminEvent; @Context @@ -64,7 +80,7 @@ public class UserFederationProvidersResource { this.auth = auth; this.realm = realm; this.adminEvent = adminEvent; - + auth.init(RealmAuth.Resource.USER); } @@ -165,10 +181,10 @@ public class UserFederationProvidersResource { new UsersSyncManager().refreshPeriodicSyncForProvider(session.getKeycloakSessionFactory(), session.getProvider(TimerProvider.class), model, realm.getId()); boolean kerberosCredsAdded = checkKerberosCredential(session, realm, model); if (kerberosCredsAdded) { - logger.info("Added 'kerberos' to required realm credentials"); + logger.addedKerberosToRealmCredentials(); } - + adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo).representation(rep).success(); return Response.created(uriInfo.getAbsolutePathBuilder().path(model.getId()).build()).build(); diff --git a/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java b/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java index 77a925c268..d77f0a99e0 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java @@ -1,6 +1,21 @@ +/* + * Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.resources.admin; -import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.spi.BadRequestException; import org.jboss.resteasy.spi.NotFoundException; @@ -43,6 +58,7 @@ import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.managers.ClientSessionCode; import org.keycloak.services.managers.UserManager; import org.keycloak.services.ErrorResponse; +import org.keycloak.services.ServicesLogger; import org.keycloak.services.Urls; import javax.ws.rs.Consumes; @@ -85,7 +101,7 @@ import org.keycloak.common.util.Time; * @version $Revision: 1 $ */ public class UsersResource { - protected static final Logger logger = Logger.getLogger(UsersResource.class); + protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; protected RealmModel realm; @@ -804,7 +820,7 @@ public class UsersResource { return Response.ok().build(); } catch (EmailException e) { - logger.error("Failed to send execute actions email", e); + logger.failedToSendActionsEmail(e); return ErrorResponse.error("Failed to send execute actions email", Response.Status.INTERNAL_SERVER_ERROR); } } From c6dd0d52b905f5d4cd294e5392b07be8d9874977 Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Wed, 20 Jan 2016 14:30:35 -0500 Subject: [PATCH 27/30] KEYCLOAK-1280: i18n logging for org.keycloak.services.scheduled --- .../main/java/org/keycloak/services/ServicesLogger.java | 8 ++++++++ .../keycloak/services/scheduled/ScheduledTaskRunner.java | 8 ++++---- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/services/src/main/java/org/keycloak/services/ServicesLogger.java b/services/src/main/java/org/keycloak/services/ServicesLogger.java index e0ff699fe1..ffd1132e8d 100644 --- a/services/src/main/java/org/keycloak/services/ServicesLogger.java +++ b/services/src/main/java/org/keycloak/services/ServicesLogger.java @@ -393,4 +393,12 @@ public interface ServicesLogger extends BasicLogger { @LogMessage(level = ERROR) @Message(id=88, value="Failed to send execute actions email") void failedToSendActionsEmail(@Cause EmailException e); + + @LogMessage(level = ERROR) + @Message(id=89, value="Failed to run scheduled task %s") + void failedToRunScheduledTask(@Cause Throwable t, String taskClass); + + @LogMessage(level = ERROR) + @Message(id=90, value="Failed to close ProviderSession") + void failedToCloseProviderSession(@Cause Throwable t); } diff --git a/services/src/main/java/org/keycloak/services/scheduled/ScheduledTaskRunner.java b/services/src/main/java/org/keycloak/services/scheduled/ScheduledTaskRunner.java index c892e7086c..44381d22dc 100644 --- a/services/src/main/java/org/keycloak/services/scheduled/ScheduledTaskRunner.java +++ b/services/src/main/java/org/keycloak/services/scheduled/ScheduledTaskRunner.java @@ -1,15 +1,15 @@ package org.keycloak.services.scheduled; -import org.jboss.logging.Logger; import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSessionFactory; +import org.keycloak.services.ServicesLogger; /** * @author Stian Thorgersen */ public class ScheduledTaskRunner implements Runnable { - private static final Logger logger = Logger.getLogger(ScheduledTaskRunner.class); + private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER; private final KeycloakSessionFactory sessionFactory; private final ScheduledTask task; @@ -29,14 +29,14 @@ public class ScheduledTaskRunner implements Runnable { logger.debug("Executed scheduled task " + task.getClass().getSimpleName()); } catch (Throwable t) { - logger.error("Failed to run scheduled task " + task.getClass().getSimpleName(), t); + logger.failedToRunScheduledTask(t, task.getClass().getSimpleName()); session.getTransaction().rollback(); } finally { try { session.close(); } catch (Throwable t) { - logger.error("Failed to close ProviderSession", t); + logger.failedToCloseProviderSession(t); } } } From fa2055c896d3a311ddeeef2c607e07c4e1aa5e82 Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Wed, 20 Jan 2016 15:37:40 -0500 Subject: [PATCH 28/30] KEYCLOAK-1280: pom should not override version from dependency management --- adapters/oidc/wildfly/wildfly-subsystem/pom.xml | 1 - adapters/saml/wildfly/wildfly-subsystem/pom.xml | 1 - 2 files changed, 2 deletions(-) diff --git a/adapters/oidc/wildfly/wildfly-subsystem/pom.xml b/adapters/oidc/wildfly/wildfly-subsystem/pom.xml index 53b6e2add0..0c4d0d97e2 100755 --- a/adapters/oidc/wildfly/wildfly-subsystem/pom.xml +++ b/adapters/oidc/wildfly/wildfly-subsystem/pom.xml @@ -70,7 +70,6 @@ org.jboss.logging jboss-logging-annotations - ${jboss-logging-tools.version} provided diff --git a/adapters/saml/wildfly/wildfly-subsystem/pom.xml b/adapters/saml/wildfly/wildfly-subsystem/pom.xml index 8aadd05073..b92d3fdfb5 100755 --- a/adapters/saml/wildfly/wildfly-subsystem/pom.xml +++ b/adapters/saml/wildfly/wildfly-subsystem/pom.xml @@ -70,7 +70,6 @@ org.jboss.logging jboss-logging-annotations - ${jboss-logging-tools.version} provided From cd3a6007d7d06754efdd8bcb254c030c4fadae62 Mon Sep 17 00:00:00 2001 From: Michael Irwin Date: Fri, 22 Jan 2016 00:33:46 -0500 Subject: [PATCH 29/30] Update javascript-adapter.xml Several spelling fixes, grammar adjustments, and other alterations. Some parts are still a little hard to read/follow, but this is at least a little bit of an improvement. --- .../en/en-US/modules/javascript-adapter.xml | 63 +++++++++---------- 1 file changed, 31 insertions(+), 32 deletions(-) diff --git a/docbook/auth-server-docs/reference/en/en-US/modules/javascript-adapter.xml b/docbook/auth-server-docs/reference/en/en-US/modules/javascript-adapter.xml index 88d7f047b6..3d56bc9533 100755 --- a/docbook/auth-server-docs/reference/en/en-US/modules/javascript-adapter.xml +++ b/docbook/auth-server-docs/reference/en/en-US/modules/javascript-adapter.xml @@ -2,8 +2,8 @@ Javascript Adapter The Keycloak Server comes with a Javascript library you can use to secure HTML/Javascript applications. This - library is referencable directly from the keycloak server. You can also download the adapter from Keycloak's download - site if you want a static copy of this library. It + library is referenceable directly from the keycloak server. You can also download the adapter from Keycloak's download + site if you want a static copy. It works in the same way as other application adapters except that your browser is driving the OAuth redirect protocol rather than the server. @@ -14,13 +14,13 @@ To use this adapter, you must first configure an application (or client) through the Keycloak Admin Console. You should select public for the Client Type field. As public clients can't - be verified with a client secret you are required to configure one or more valid redirect uris as well. - Once you've configured the application click on the Installation tab and download the keycloak.json - file. This file should be hosted in your web-server at the same root as your HTML pages. Alternatively you can either - specify the URL for this file, or manually configure the adapter. + be verified with a client secret, you are required to configure one or more valid redirect uris. + Once you've configured the application, click on the Installation tab and download the keycloak.json + file. This file should be hosted on your web-server at the same root as your HTML pages. Alternatively, you can manually + configure the adapter and specify the URL for this file. - Next you have to initialize the adapter in your application. An example on how to do this is shown below. + Next, you have to initialize the adapter in your application. An example is shown below. @@ -47,7 +47,7 @@ var keycloak = Keycloak({ }); ]]> You can also pass login-required or check-sso to the init function. Login - required will redirect to the login form on the server, while check-sso will redirect to the auth server to check + required will cause a redirect to the login form on the server, while check-sso will simply redirect to the auth server to check if the user is already logged in to the realm. For example: - To refresh the token if it's expired call the updateToken method. This method returns a promise - object which can be used to invoke a function on success or failure. This method can be used to wrap functions - that should only be called with a valid token. For example the following method will refresh the token if it + To refresh the token when it is expired, call the updateToken method. This method returns a promise + object, which can be used to invoke a function on success or failure. This method can be used to wrap functions + that should only be called with a valid token. For example, the following method will refresh the token if it expires within 30 seconds, and then invoke the specified function. If the token is valid for more than 30 seconds it will just call the specified function. Session status iframe - By default the JavaScript adapter creates a non-visible iframe that is used to detect if a single-sign out has occured. + By default, the JavaScript adapter creates a non-visible iframe that is used to detect if a single-sign out has occurred. This does not require any network traffic, instead the status is retrieved from a special status cookie. This feature can be disabled by setting checkLoginIframe: false in the options passed to the init method. @@ -140,33 +140,32 @@ keycloak.updateToken(30).success(function() { Implicit and Hybrid Flow - By default the JavaScript adapter uses OpenID Connect standard (Authorization code) flow, which - means that after authentication will Keycloak server redirects back to your application and Javascript adapter will exchange code for access token and refresh token. + By default, the JavaScript adapter uses OpenID Connect standard (Authorization code) flow, which + means that after authentication, the Keycloak server redirects the user back to your application, where the JavaScript adapter will exchange the code for an access token and a refresh token. - However Keycloak also supports OpenID Connect Implicit flow - where access token is directly sent after successful authentication from Keycloak and there is no additional request for exchange code. - This might have better performance than standard flow as there is no additional request for exchange code-to-token. However sending access token - in URL fragment might be security issue in some environments (Token can be more easily stolen from the network etc). + However, Keycloak also supports OpenID Connect Implicit flow + where an access token is sent immediately after successful authentication with Keycloak (there is no additional request for exchange code). + This could have better performance than standard flow, as there is no additional request to exchange the code for tokens. However, sending the access token + in the URL fragment could pose a security issue in some environments (access logs might expose tokens located in the URL). - To enable implicit flow, you need to enable the flag Implicit Flow Enabled for the client in Keycloak admin console. You also need to pass - the parameter flow with value implicit to init method, so that Javascript adapter will use implicit flow instead of standard flow. - The example is here: + To enable implicit flow, you need to enable the Implicit Flow Enabled flag for the client in the Keycloak admin console. You also need to pass + the parameter flow with value implicit to init method. + An example is below: - Note that with implicit flow, you don't have refresh token available after authentication. This makes it harder for your application to periodically update - access token in background (without browser redirection). It's recommended that you implement onTokenExpired callback method on keycloak object, so you - have possibility to do something after token is expired (For example you can call keycloak.login, which will redirect browser to Keycloak login screen and it will immediately - redirect you back if SSO session is still valid and user is still logged. However make sure to save the application state before doing redirect.) + Note that with implicit flow, you are not given a refresh token after authentication. This makes it harder for your application to periodically update + the access token in background (without browser redirection). It's recommended that you implement an onTokenExpired callback method on the keycloak object, so you + are notified after the token is expired (For example you can call keycloak.login, which will redirect browser to Keycloak login screen and it will immediately + redirect you back if the SSO session is still valid and the user is still logged. However, make sure to save the application state before performing a redirect.) - Keycloak also have support for OpenID Connect Hybrid flow. This requires - that client in admin console has both flags Standard Flow Enabled and Implicit Flow Enabled enabled in admin console. - The Keycloak will send both the code and tokens to your application. Access token can be immediately used and in the meantime, code can be exchanged for access token and refresh token. - Hybrid flow is good for performance similarly like implicit flow, because access token is available immediatelly to your application. But similarly like implicit flow, the token is - sent in URL fragment, so security may not be so good. - One advantage over implicit flow is, that you have also refresh token available in your application (after code-to-token request is finished in background). + Keycloak also has support for OpenID Connect Hybrid flow. This requires + the client to have both the Standard Flow Enabled and Implicit Flow Enabled flags enabled in the admin console. + The Keycloak server will then send both the code and tokens to your application. The access token can be used immediately while the code can be exchanged for access and refresh tokens. + Similar to the implicit flow, the hybrid flow is good for performance because the access token is available immediately. But, the token is still sent in the URL, and security risks might still apply. + However, one advantage over the implicit flow is that a refresh token is made available to the application (after the code-to-token request is finished). For hybrid flow, you need to pass the parameter flow with value hybrid to init method. @@ -410,4 +409,4 @@ keycloak.onAuthSuccess = function() { alert('authenticated'); } - \ No newline at end of file + From 4e23311318e75217eeffd5fd4ca0045a9db44acd Mon Sep 17 00:00:00 2001 From: Vlastimil Elias Date: Fri, 22 Jan 2016 11:03:08 +0100 Subject: [PATCH 30/30] KEYCLOAK-2348 - Social login provider for Microsoft account - KC master branch --- .../en/en-US/modules/identity-broker.xml | 95 ++++++++++++++++++- .../microsoft/MicrosoftIdentityProvider.java | 77 +++++++++++++++ .../MicrosoftIdentityProviderFactory.java | 46 +++++++++ .../MicrosoftUserAttributeMapper.java | 29 ++++++ ...oak.broker.provider.IdentityProviderMapper | 3 +- ...roker.social.SocialIdentityProviderFactory | 3 +- ...realm-identity-provider-microsoft-ext.html | 0 .../realm-identity-provider-microsoft.html | 1 + .../keycloak/login/resources/css/login.css | 11 +++ 9 files changed, 260 insertions(+), 5 deletions(-) create mode 100755 services/src/main/java/org/keycloak/social/microsoft/MicrosoftIdentityProvider.java create mode 100644 services/src/main/java/org/keycloak/social/microsoft/MicrosoftIdentityProviderFactory.java create mode 100644 services/src/main/java/org/keycloak/social/microsoft/MicrosoftUserAttributeMapper.java create mode 100755 themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-microsoft-ext.html create mode 100755 themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-microsoft.html diff --git a/docbook/auth-server-docs/reference/en/en-US/modules/identity-broker.xml b/docbook/auth-server-docs/reference/en/en-US/modules/identity-broker.xml index c0183ba3fd..8e32deced4 100755 --- a/docbook/auth-server-docs/reference/en/en-US/modules/identity-broker.xml +++ b/docbook/auth-server-docs/reference/en/en-US/modules/identity-broker.xml @@ -211,7 +211,7 @@ Social providers allows you to enable social authentication to your realm. Keycloak makes it easy to let users log in to your application using an existing account with a social network. - Currently Facebook, Google, Twitter, GitHub, LinkedIn and StackOverflow are supported with more planned for the future. + Currently Facebook, Google, Twitter, GitHub, LinkedIn, Microsoft and StackOverflow are supported with more planned for the future. @@ -357,7 +357,7 @@ So is trying to remember yet another username and password combination. Social identity providers makes it easy for users to register on your realm and quickly sign in using a social network. Keycloak provides built-in support for the most common social networks out there, such as Google, Facebook, Twitter, - Github, LinkedId and StackOverflow. + Github, LinkedId, Microsoft and StackOverflow.
@@ -855,6 +855,95 @@
+
+ Microsoft + + To enable login with Microsoft account you first have to register an OAuth application on + Microsoft account Developer Center. Then you need to copy the client id and secret into the Keycloak Admin Console. + + + Let's see first how to create an application with Microsoft. + + + + + Go to create new application on Microsoft account Developer Center url and login here. + Use any value for Application Name, Application Logo and URLs you want. + In API Settings set Target Domain to the domain where your Keycloak instance runs. + + + + + Copy Client Id and Client Secret from App Settings page. + + + + + Now that you have the client id and secret you can proceed with the creation of a Microsoft Identity Provider in Keycloak. As follows: + + + + + Select the Microsoft identity provider from the drop-down box on the top right corner of the identity providers table in Keycloak's Admin Console. You should be presented with a specific page to configure the selected provided. + + + + + Copy the client id and client secret to their corresponding fields in the Keycloak Admin Console. Click Save. + + + + + Once you create the identity provider in Keycloak, you must update your Microsoft application with the redirect url that was + generated to your identity provider. + + + + + Open the Microsoft account Developer Center and select API Settings of your application. In Redirect URLs + insert the redirect uri created by Keycloak. The redirect uri + usually have the following format: http://{host}:{port}/auth/realms/{realm}/broker/microsoft/endpoint. + + + + + + You can always get the redirect url for a specific identity provider from the table presented when you + click on the 'Identity Provider' tab in Realm > Settings. + + + + That is it! This pretty much what you need to do in order to setup this identity provider. + + + The table below lists some additional configuration options you may use when configuring this provider. + + + Configuration Options + + + + + Configuration + + + Description + + + + + + + Default Scopes + + + Allows you to manually specify the scopes that users must authorize when authenticating with this provider. For a complete list of scopes, please take a look at https://msdn.microsoft.com/en-us/library/hh243646.aspx. By default, Keycloak uses the following scopes: wl.basic,wl.emails + + + + +
+
StackOverflow @@ -1282,7 +1371,7 @@ keycloak.createLoginUrl({
Mapping/Importing User profile data from Social Identity Provider - You can import user profile data provided by social identity providers like Google, GitHub, LinkedIn, Stackoverflow and Facebook + You can import user profile data provided by social identity providers like Google, GitHub, LinkedIn, Microsoft, Stackoverflow and Facebook into new Keycloak user created from given social accounts. After you configure a broker, you'll see a Mappers button appear. Click on that and you'll get to the list of mappers that are assigned to this broker. There is a Create button on this page. Clicking on this create button allows you to create a broker mapper. diff --git a/services/src/main/java/org/keycloak/social/microsoft/MicrosoftIdentityProvider.java b/services/src/main/java/org/keycloak/social/microsoft/MicrosoftIdentityProvider.java new file mode 100755 index 0000000000..694c2f74dd --- /dev/null +++ b/services/src/main/java/org/keycloak/social/microsoft/MicrosoftIdentityProvider.java @@ -0,0 +1,77 @@ +package org.keycloak.social.microsoft; + +import java.net.URLEncoder; + +import org.jboss.logging.Logger; +import org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider; +import org.keycloak.broker.oidc.OAuth2IdentityProviderConfig; +import org.keycloak.broker.oidc.mappers.AbstractJsonUserAttributeMapper; +import org.keycloak.broker.oidc.util.JsonSimpleHttp; +import org.keycloak.broker.provider.BrokeredIdentityContext; +import org.keycloak.broker.provider.IdentityBrokerException; +import org.keycloak.broker.provider.util.SimpleHttp; +import org.keycloak.broker.social.SocialIdentityProvider; + +import com.fasterxml.jackson.databind.JsonNode; + +/** + * + * Identity provider for Microsoft account. Uses OAuth 2 protocol of Windows Live Services as documented at https://msdn.microsoft.com/en-us/library/hh243647.aspx + * + * @author Vlastimil Elias (velias at redhat dot com) + */ +public class MicrosoftIdentityProvider extends AbstractOAuth2IdentityProvider implements SocialIdentityProvider { + + private static final Logger log = Logger.getLogger(MicrosoftIdentityProvider.class); + + public static final String AUTH_URL = "https://login.live.com/oauth20_authorize.srf"; + public static final String TOKEN_URL = "https://login.live.com/oauth20_token.srf"; + public static final String PROFILE_URL = "https://apis.live.net/v5.0/me"; + public static final String DEFAULT_SCOPE = "wl.basic,wl.emails"; + + public MicrosoftIdentityProvider(OAuth2IdentityProviderConfig config) { + super(config); + config.setAuthorizationUrl(AUTH_URL); + config.setTokenUrl(TOKEN_URL); + config.setUserInfoUrl(PROFILE_URL); + } + + @Override + protected BrokeredIdentityContext doGetFederatedIdentity(String accessToken) { + try { + String URL = PROFILE_URL + "?access_token=" + URLEncoder.encode(accessToken, "UTF-8"); + if (log.isDebugEnabled()) { + log.debug("Microsoft Live user profile request to: " + URL); + } + JsonNode profile = JsonSimpleHttp.asJson(SimpleHttp.doGet(URL)); + + String id = getJsonProperty(profile, "id"); + + String email = null; + if (profile.has("emails")) { + email = getJsonProperty(profile.get("emails"), "preferred"); + } + + BrokeredIdentityContext user = new BrokeredIdentityContext(id); + + user.setUsername(email != null ? email : id); + user.setFirstName(getJsonProperty(profile, "first_name")); + user.setLastName(getJsonProperty(profile, "last_name")); + if (email != null) + user.setEmail(email); + user.setIdpConfig(getConfig()); + user.setIdp(this); + + AbstractJsonUserAttributeMapper.storeUserProfileForMapper(user, profile, getConfig().getAlias()); + + return user; + } catch (Exception e) { + throw new IdentityBrokerException("Could not obtain user profile from Microsoft Live ID.", e); + } + } + + @Override + protected String getDefaultScopes() { + return DEFAULT_SCOPE; + } +} diff --git a/services/src/main/java/org/keycloak/social/microsoft/MicrosoftIdentityProviderFactory.java b/services/src/main/java/org/keycloak/social/microsoft/MicrosoftIdentityProviderFactory.java new file mode 100644 index 0000000000..e1105fa96a --- /dev/null +++ b/services/src/main/java/org/keycloak/social/microsoft/MicrosoftIdentityProviderFactory.java @@ -0,0 +1,46 @@ +/* + * JBoss, Home of Professional Open Source + * + * Copyright 2013 Red Hat, Inc. and/or its affiliates. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.keycloak.social.microsoft; + +import org.keycloak.broker.oidc.OAuth2IdentityProviderConfig; +import org.keycloak.broker.provider.AbstractIdentityProviderFactory; +import org.keycloak.broker.social.SocialIdentityProviderFactory; +import org.keycloak.models.IdentityProviderModel; + +/** + * @author Vlastimil Elias (velias at redhat dot com) + */ +public class MicrosoftIdentityProviderFactory extends AbstractIdentityProviderFactory implements SocialIdentityProviderFactory { + + public static final String PROVIDER_ID = "microsoft"; + + @Override + public String getName() { + return "Microsoft"; + } + + @Override + public MicrosoftIdentityProvider create(IdentityProviderModel model) { + return new MicrosoftIdentityProvider(new OAuth2IdentityProviderConfig(model)); + } + + @Override + public String getId() { + return PROVIDER_ID; + } +} diff --git a/services/src/main/java/org/keycloak/social/microsoft/MicrosoftUserAttributeMapper.java b/services/src/main/java/org/keycloak/social/microsoft/MicrosoftUserAttributeMapper.java new file mode 100644 index 0000000000..bee8a91a71 --- /dev/null +++ b/services/src/main/java/org/keycloak/social/microsoft/MicrosoftUserAttributeMapper.java @@ -0,0 +1,29 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2015 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @authors tag. All rights reserved. + */ +package org.keycloak.social.microsoft; + +import org.keycloak.broker.oidc.mappers.AbstractJsonUserAttributeMapper; + +/** + * User attribute mapper. + * + * @author Vlastimil Elias (velias at redhat dot com) + */ +public class MicrosoftUserAttributeMapper extends AbstractJsonUserAttributeMapper { + + private static final String[] cp = new String[] { MicrosoftIdentityProviderFactory.PROVIDER_ID }; + + @Override + public String[] getCompatibleProviders() { + return cp; + } + + @Override + public String getId() { + return "microsoft-user-attribute-mapper"; + } + +} diff --git a/services/src/main/resources/META-INF/services/org.keycloak.broker.provider.IdentityProviderMapper b/services/src/main/resources/META-INF/services/org.keycloak.broker.provider.IdentityProviderMapper index 394c776cde..5f68100faa 100755 --- a/services/src/main/resources/META-INF/services/org.keycloak.broker.provider.IdentityProviderMapper +++ b/services/src/main/resources/META-INF/services/org.keycloak.broker.provider.IdentityProviderMapper @@ -12,4 +12,5 @@ org.keycloak.social.facebook.FacebookUserAttributeMapper org.keycloak.social.github.GitHubUserAttributeMapper org.keycloak.social.google.GoogleUserAttributeMapper org.keycloak.social.linkedin.LinkedInUserAttributeMapper -org.keycloak.social.stackoverflow.StackoverflowUserAttributeMapper \ No newline at end of file +org.keycloak.social.stackoverflow.StackoverflowUserAttributeMapper +org.keycloak.social.microsoft.MicrosoftUserAttributeMapper diff --git a/services/src/main/resources/META-INF/services/org.keycloak.broker.social.SocialIdentityProviderFactory b/services/src/main/resources/META-INF/services/org.keycloak.broker.social.SocialIdentityProviderFactory index 9ba5b4d1af..ddb6876238 100755 --- a/services/src/main/resources/META-INF/services/org.keycloak.broker.social.SocialIdentityProviderFactory +++ b/services/src/main/resources/META-INF/services/org.keycloak.broker.social.SocialIdentityProviderFactory @@ -3,4 +3,5 @@ org.keycloak.social.github.GitHubIdentityProviderFactory org.keycloak.social.google.GoogleIdentityProviderFactory org.keycloak.social.linkedin.LinkedInIdentityProviderFactory org.keycloak.social.stackoverflow.StackoverflowIdentityProviderFactory -org.keycloak.social.twitter.TwitterIdentityProviderFactory \ No newline at end of file +org.keycloak.social.twitter.TwitterIdentityProviderFactory +org.keycloak.social.microsoft.MicrosoftIdentityProviderFactory diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-microsoft-ext.html b/themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-microsoft-ext.html new file mode 100755 index 0000000000..e69de29bb2 diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-microsoft.html b/themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-microsoft.html new file mode 100755 index 0000000000..a4630ac786 --- /dev/null +++ b/themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-microsoft.html @@ -0,0 +1 @@ +
\ No newline at end of file diff --git a/themes/src/main/resources/theme/keycloak/login/resources/css/login.css b/themes/src/main/resources/theme/keycloak/login/resources/css/login.css index b45f9b9073..9c28f3afdb 100644 --- a/themes/src/main/resources/theme/keycloak/login/resources/css/login.css +++ b/themes/src/main/resources/theme/keycloak/login/resources/css/login.css @@ -201,6 +201,9 @@ ol#kc-totp-settings li:first-of-type { .zocial.facebook, .zocial.github, .zocial.google, +.zocial.microsoft, +.zocial.stackoverflow, +.zocial.linkedin, .zocial.twitter { background-image: none; border-radius: 2px; @@ -222,10 +225,18 @@ ol#kc-totp-settings li:first-of-type { .zocial.facebook:hover, .zocial.github:hover, .zocial.google:hover, +.zocial.microsoft:hover, +.zocial.stackoverflow:hover, +.zocial.linkedin:hover, .zocial.twitter:hover { background-image: linear-gradient(rgba(0, 0, 0, 0.2) 0%, rgba(0, 0, 0, 0.2) 100%) !important; } +/* Copy of zocial windows classes to be used for microsoft's social provider button */ +.zocial.microsoft {background-color: #0052a4; color: #fff;} +.zocial.microsoft:before { content: "\f15d"; } + + @media (min-width: 768px) { #kc-container-wrapper { bottom: 13%;