KEYCLOAK-600 Users shouldn't be registered with Federation Provider on an import

model/api/src/main/java/org/keycloak/models/utils/RepresentationToModel.java

@@ -577,7 +577,8 @@ public class RepresentationToModel {
     // Users
 
     public static UserModel createUser(KeycloakSession session, RealmModel newRealm, UserRepresentation userRep, Map<String, ApplicationModel> appMap) {
-        UserModel user = session.users().addUser(newRealm, userRep.getId(), userRep.getUsername(), false);
+        // Import users just to user storage. Don't federate
+        UserModel user = session.userStorage().addUser(newRealm, userRep.getId(), userRep.getUsername(), false);
         user.setEnabled(userRep.isEnabled());
         user.setEmail(userRep.getEmail());
         user.setFirstName(userRep.getFirstName());

model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/UserAdapter.java

@@ -336,7 +336,7 @@ public class UserAdapter extends AbstractMongoAdapter<MongoUserEntity> implement
     @Override
     public void setFederationLink(String link) {
         user.setFederationLink(link);
-
+        updateUser();
     }
 
     @Override

testsuite/integration/src/main/java/org/keycloak/testutils/DummyUserFederationProvider.java

@@ -7,6 +7,7 @@ import org.keycloak.models.UserFederationProvider;
 import org.keycloak.models.UserModel;
 
 import java.util.Collections;
+import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
@@ -16,6 +17,9 @@ import java.util.Set;
  * @version $Revision: 1 $
  */
 public class DummyUserFederationProvider implements UserFederationProvider {
+
+    private static Map<String, UserModel> users = new HashMap<String, UserModel>();
+
     @Override
     public UserModel proxy(UserModel local) {
         return local;
@@ -23,11 +27,12 @@ public class DummyUserFederationProvider implements UserFederationProvider {
 
     @Override
     public boolean synchronizeRegistrations() {
-        return false;
+        return true;
     }
 
     @Override
     public UserModel register(RealmModel realm, UserModel user) {
+        users.put(user.getUsername(), user);
         return user;
     }
 
@@ -38,7 +43,7 @@ public class DummyUserFederationProvider implements UserFederationProvider {
 
     @Override
     public UserModel getUserByUsername(RealmModel realm, String username) {
-        return null;
+        return users.get(username);
     }
 
     @Override

testsuite/integration/src/test/java/org/keycloak/testsuite/model/ImportTest.java

@@ -12,10 +12,14 @@ import org.keycloak.models.RealmModel;
 import org.keycloak.models.RequiredCredentialModel;
 import org.keycloak.models.RoleModel;
 import org.keycloak.models.SocialLinkModel;
+import org.keycloak.models.UserFederationProvider;
+import org.keycloak.models.UserFederationProviderFactory;
 import org.keycloak.models.UserFederationProviderModel;
 import org.keycloak.models.UserModel;
 import org.keycloak.representations.idm.RealmRepresentation;
 import org.keycloak.services.managers.RealmManager;
+import org.keycloak.testutils.DummyUserFederationProvider;
+import org.keycloak.testutils.DummyUserFederationProviderFactory;
 
 import java.util.List;
 import java.util.Map;
@@ -203,6 +207,10 @@ public class ImportTest extends AbstractModelTest {
         Assert.assertEquals("dummy", ldap.getProviderName());
         Assert.assertEquals(1, ldap.getPriority());
         Assert.assertEquals("ldap://foo", ldap.getConfig().get("important.config"));
+
+        // Assert that federation link wasn't created during import
+        UserFederationProviderFactory factory = (UserFederationProviderFactory)session.getKeycloakSessionFactory().getProviderFactory(UserFederationProvider.class, "dummy");
+        Assert.assertNull(factory.getInstance(session, null).getUserByUsername(realm, "wburke"));
     }
 
     @Test