Remove legacy code which isn't used anymore and was deprecated for some time (#23264)
Closes #23263
This commit is contained in:
parent
04d16ed170
commit
798846df6f
11 changed files with 0 additions and 634 deletions
|
@ -23,7 +23,6 @@ import org.keycloak.credential.CredentialInput;
|
|||
import org.keycloak.models.ClientScopeModel;
|
||||
import org.keycloak.models.CredentialValidationOutput;
|
||||
import org.keycloak.models.IdentityProviderModel;
|
||||
import org.keycloak.models.LegacySessionSupportProvider;
|
||||
import org.keycloak.models.cache.infinispan.events.InvalidationEvent;
|
||||
import org.keycloak.common.constants.ServiceAccountConstants;
|
||||
import org.keycloak.component.ComponentModel;
|
||||
|
@ -377,7 +376,6 @@ public class UserCacheSession implements UserCache, OnCreateComponent, OnUpdateC
|
|||
|
||||
private void onCache(RealmModel realm, UserAdapter adapter, UserModel delegate) {
|
||||
((OnUserCache)getDelegate()).onCache(realm, adapter, delegate);
|
||||
((OnUserCache) session.getProvider(LegacySessionSupportProvider.class).userCredentialManager()).onCache(realm, adapter, delegate);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -1,210 +0,0 @@
|
|||
/*
|
||||
* Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.keycloak.credential;
|
||||
|
||||
import org.jboss.logging.Logger;
|
||||
import org.keycloak.common.util.reflections.Types;
|
||||
import org.keycloak.models.CredentialValidationOutput;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.models.UserCredentialManager;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.models.cache.CachedUserModel;
|
||||
import org.keycloak.models.cache.OnUserCache;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import java.util.stream.Stream;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||
* @version $Revision: 1 $
|
||||
*/
|
||||
@Deprecated
|
||||
public class UserCredentialStoreManager implements UserCredentialManager, OnUserCache {
|
||||
|
||||
private final static Logger log = Logger.getLogger(UserCredentialStoreManager.class);
|
||||
|
||||
private final KeycloakSession session;
|
||||
|
||||
public UserCredentialStoreManager(KeycloakSession session) {
|
||||
this.session = session;
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead
|
||||
public void updateCredential(RealmModel realm, UserModel user, CredentialModel cred) {
|
||||
warnAboutUsage();
|
||||
user.credentialManager().updateStoredCredential(cred);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead
|
||||
public CredentialModel createCredential(RealmModel realm, UserModel user, CredentialModel cred) {
|
||||
warnAboutUsage();
|
||||
return user.credentialManager().createStoredCredential(cred);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead
|
||||
public boolean removeStoredCredential(RealmModel realm, UserModel user, String id) {
|
||||
warnAboutUsage();
|
||||
return user.credentialManager().removeStoredCredentialById(id);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead
|
||||
public CredentialModel getStoredCredentialById(RealmModel realm, UserModel user, String id) {
|
||||
warnAboutUsage();
|
||||
return user.credentialManager().getStoredCredentialById(id);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead
|
||||
public Stream<CredentialModel> getStoredCredentialsStream(RealmModel realm, UserModel user) {
|
||||
warnAboutUsage();
|
||||
return user.credentialManager().getStoredCredentialsStream();
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead
|
||||
public Stream<CredentialModel> getStoredCredentialsByTypeStream(RealmModel realm, UserModel user, String type) {
|
||||
warnAboutUsage();
|
||||
return user.credentialManager().getStoredCredentialsByTypeStream(type);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead
|
||||
public CredentialModel getStoredCredentialByNameAndType(RealmModel realm, UserModel user, String name, String type) {
|
||||
warnAboutUsage();
|
||||
return user.credentialManager().getStoredCredentialByNameAndType(name, type);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead
|
||||
public boolean moveCredentialTo(RealmModel realm, UserModel user, String id, String newPreviousCredentialId){
|
||||
warnAboutUsage();
|
||||
return user.credentialManager().moveStoredCredentialTo(id, newPreviousCredentialId);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead
|
||||
public boolean isValid(RealmModel realm, UserModel user, CredentialInput... inputs) {
|
||||
warnAboutUsage();
|
||||
return isValid(realm, user, Arrays.asList(inputs));
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead
|
||||
public CredentialModel createCredentialThroughProvider(RealmModel realm, UserModel user, CredentialModel model){
|
||||
warnAboutUsage();
|
||||
return user.credentialManager().createCredentialThroughProvider(model);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead
|
||||
public void updateCredentialLabel(RealmModel realm, UserModel user, String credentialId, String userLabel){
|
||||
warnAboutUsage();
|
||||
user.credentialManager().updateCredentialLabel(credentialId, userLabel);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead
|
||||
public boolean isValid(RealmModel realm, UserModel user, List<CredentialInput> inputs) {
|
||||
warnAboutUsage();
|
||||
return user.credentialManager().isValid(inputs);
|
||||
}
|
||||
|
||||
@Deprecated // Keep this up to and including Keycloak 19, then inline
|
||||
public static <T> Stream<T> getCredentialProviders(KeycloakSession session, Class<T> type) {
|
||||
// called via #onCache()
|
||||
// warnAboutUsage();
|
||||
return session.getKeycloakSessionFactory().getProviderFactoriesStream(CredentialProvider.class)
|
||||
.filter(f -> Types.supports(type, f, CredentialProviderFactory.class))
|
||||
.map(f -> (T) session.getProvider(CredentialProvider.class, f.getId()));
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead
|
||||
public boolean updateCredential(RealmModel realm, UserModel user, CredentialInput input) {
|
||||
warnAboutUsage();
|
||||
return user.credentialManager().updateCredential(input);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead
|
||||
public void disableCredentialType(RealmModel realm, UserModel user, String credentialType) {
|
||||
warnAboutUsage();
|
||||
user.credentialManager().disableCredentialType(credentialType);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead
|
||||
public Stream<String> getDisableableCredentialTypesStream(RealmModel realm, UserModel user) {
|
||||
warnAboutUsage();
|
||||
return user.credentialManager().getDisableableCredentialTypesStream();
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead
|
||||
public boolean isConfiguredFor(RealmModel realm, UserModel user, String type) {
|
||||
warnAboutUsage();
|
||||
return user.credentialManager().isConfiguredFor(type);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead
|
||||
public boolean isConfiguredLocally(RealmModel realm, UserModel user, String type) {
|
||||
warnAboutUsage();
|
||||
return user.credentialManager().isConfiguredLocally(type);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead
|
||||
public CredentialValidationOutput authenticate(KeycloakSession session, RealmModel realm, CredentialInput input) {
|
||||
warnAboutUsage();
|
||||
return session.users().getUserByCredential(realm, input);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated // Keep this up to and including Keycloak 19, then remove it together with the OnUserCache class
|
||||
public void onCache(RealmModel realm, CachedUserModel user, UserModel delegate) {
|
||||
// called by UserCacheSession#onCache, therefore don't warn here
|
||||
// warnAboutUsage();
|
||||
getCredentialProviders(session, OnUserCache.class).forEach(validator -> validator.onCache(realm, user, delegate));
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead
|
||||
public Stream<String> getConfiguredUserStorageCredentialTypesStream(RealmModel realm, UserModel user) {
|
||||
warnAboutUsage();
|
||||
return user.credentialManager().getConfiguredUserStorageCredentialTypesStream();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void close() {
|
||||
|
||||
}
|
||||
|
||||
private static void warnAboutUsage() {
|
||||
if (log.isEnabled(Logger.Level.WARN)) {
|
||||
// check if warning is enabled first before constructing the exception that is expensive to construct
|
||||
log.warn("Calls to session.userCredentialManager() now deprecated. Use user.userCredentialManager() instead!", new RuntimeException());
|
||||
}
|
||||
}
|
||||
|
||||
}
|
|
@ -1,27 +0,0 @@
|
|||
/*
|
||||
* Copyright 2022 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.services.legacysessionsupport;
|
||||
|
||||
import org.keycloak.models.LegacySessionSupportProvider;
|
||||
import org.keycloak.provider.ProviderFactory;
|
||||
|
||||
/**
|
||||
* @author Alexander Schwartz
|
||||
*/
|
||||
public interface LegacySessionSupportProviderFactory<T extends LegacySessionSupportProvider> extends ProviderFactory<T> {
|
||||
}
|
|
@ -1,54 +0,0 @@
|
|||
/*
|
||||
* Copyright 2022 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.services.legacysessionsupport;
|
||||
|
||||
import org.keycloak.Config;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.KeycloakSessionFactory;
|
||||
import org.keycloak.models.LegacySessionSupportProvider;
|
||||
|
||||
/**
|
||||
* @author Alexander Schwartz
|
||||
*/
|
||||
public class LegacySessionSupportProviderFactoryImpl implements LegacySessionSupportProviderFactory<LegacySessionSupportProvider> {
|
||||
|
||||
private static final String PROVIDER_ID = "default";
|
||||
|
||||
@Override
|
||||
public LegacySessionSupportProvider create(KeycloakSession session) {
|
||||
return new LegacySessionSupportProviderImpl(session);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void init(Config.Scope config) {
|
||||
}
|
||||
|
||||
@Override
|
||||
public void postInit(KeycloakSessionFactory factory) {
|
||||
}
|
||||
|
||||
@Override
|
||||
public void close() {
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getId() {
|
||||
return PROVIDER_ID;
|
||||
}
|
||||
|
||||
}
|
|
@ -1,49 +0,0 @@
|
|||
/*
|
||||
* Copyright 2022 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.services.legacysessionsupport;
|
||||
|
||||
import org.keycloak.credential.UserCredentialStoreManager;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.UserCredentialManager;
|
||||
import org.keycloak.models.LegacySessionSupportProvider;
|
||||
import org.keycloak.models.cache.UserCache;
|
||||
|
||||
/**
|
||||
* @author Alexander Schwartz
|
||||
*/
|
||||
public class LegacySessionSupportProviderImpl implements LegacySessionSupportProvider {
|
||||
|
||||
private final KeycloakSession session;
|
||||
|
||||
public LegacySessionSupportProviderImpl(KeycloakSession session) {
|
||||
this.session = session;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void close() {
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated
|
||||
public UserCredentialManager userCredentialManager() {
|
||||
// UserCacheSession calls session.userCredentialManager().onCache(), therefore can't trigger a warning here at the moment.
|
||||
return new UserCredentialStoreManager(session);
|
||||
}
|
||||
|
||||
}
|
|
@ -1,49 +0,0 @@
|
|||
/*
|
||||
* Copyright 2022 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.services.legacysessionsupport;
|
||||
|
||||
import org.keycloak.models.LegacySessionSupportProvider;
|
||||
import org.keycloak.provider.Provider;
|
||||
import org.keycloak.provider.Spi;
|
||||
|
||||
/**
|
||||
* @author Alexander Schwartz
|
||||
*/
|
||||
public class LegacySessionSupportSpi implements Spi {
|
||||
|
||||
@Override
|
||||
public boolean isInternal() {
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "legacy-session-support";
|
||||
}
|
||||
|
||||
@Override
|
||||
public Class<? extends Provider> getProviderClass() {
|
||||
return LegacySessionSupportProvider.class;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Class<? extends LegacySessionSupportProviderFactory> getProviderFactoryClass() {
|
||||
return LegacySessionSupportProviderFactory.class;
|
||||
}
|
||||
|
||||
}
|
|
@ -1,18 +0,0 @@
|
|||
#
|
||||
# Copyright 2023 Red Hat, Inc. and/or its affiliates
|
||||
# and other contributors as indicated by the @author tags.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
org.keycloak.services.legacysessionsupport.LegacySessionSupportSpi
|
|
@ -1,18 +0,0 @@
|
|||
#
|
||||
# Copyright 2022 Red Hat, Inc. and/or its affiliates
|
||||
# and other contributors as indicated by the @author tags.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
org.keycloak.services.legacysessionsupport.LegacySessionSupportProviderFactoryImpl
|
|
@ -1,33 +0,0 @@
|
|||
/*
|
||||
* Copyright 2022 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.models;
|
||||
|
||||
import org.keycloak.provider.Provider;
|
||||
|
||||
/**
|
||||
* Support for elements in Keycloak's session that are deprecated.
|
||||
* This allows the deprecated implementations to be moved to the legacy module.
|
||||
*
|
||||
* @author Alexander Schwartz
|
||||
*/
|
||||
public interface LegacySessionSupportProvider extends Provider {
|
||||
|
||||
@Deprecated
|
||||
UserCredentialManager userCredentialManager();
|
||||
|
||||
}
|
|
@ -1,169 +0,0 @@
|
|||
/*
|
||||
* Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.keycloak.models;
|
||||
|
||||
import org.keycloak.credential.CredentialInput;
|
||||
import org.keycloak.credential.CredentialModel;
|
||||
import org.keycloak.credential.UserCredentialStore;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.stream.Stream;
|
||||
|
||||
/**
|
||||
* Manage the credentials for a user.
|
||||
*
|
||||
* @deprecated Instead of this class, use {@link UserModel#credentialManager()} instead.
|
||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||
* @version $Revision: 1 $
|
||||
*/
|
||||
@Deprecated
|
||||
public interface UserCredentialManager extends UserCredentialStore {
|
||||
|
||||
/**
|
||||
* Validates list of credentials. Will call UserStorageProvider and UserFederationProviders first, then loop through
|
||||
* each CredentialProvider.
|
||||
*
|
||||
* @param realm
|
||||
* @param user
|
||||
* @param inputs
|
||||
* @return
|
||||
*/
|
||||
boolean isValid(RealmModel realm, UserModel user, List<CredentialInput> inputs);
|
||||
|
||||
/**
|
||||
* Validates list of credentials. Will call UserStorageProvider and UserFederationProviders first, then loop through
|
||||
* each CredentialProvider.
|
||||
*
|
||||
* @param realm
|
||||
* @param user
|
||||
* @param inputs
|
||||
* @return
|
||||
*/
|
||||
boolean isValid(RealmModel realm, UserModel user, CredentialInput... inputs);
|
||||
|
||||
/**
|
||||
* Updates a credential. Will call UserStorageProvider and UserFederationProviders first, then loop through
|
||||
* each CredentialProvider. Update is finished whenever any one provider returns true.
|
||||
*
|
||||
* @param realm
|
||||
* @param user
|
||||
* @return true if credential was successfully updated by UserStorage or any CredentialInputUpdater
|
||||
*/
|
||||
boolean updateCredential(RealmModel realm, UserModel user, CredentialInput input);
|
||||
|
||||
/**
|
||||
* Creates a credential from the credentialModel, by looping through the providers to find a match for the type
|
||||
* @param realm
|
||||
* @param user
|
||||
* @param model
|
||||
* @return
|
||||
*/
|
||||
CredentialModel createCredentialThroughProvider(RealmModel realm, UserModel user, CredentialModel model);
|
||||
|
||||
/**
|
||||
* Updates the credential label and invalidates the cache for the user.
|
||||
* @param realm
|
||||
* @param user
|
||||
* @param credentialId
|
||||
* @param userLabel
|
||||
*/
|
||||
void updateCredentialLabel(RealmModel realm, UserModel user, String credentialId, String userLabel);
|
||||
|
||||
/**
|
||||
* Calls disableCredential on UserStorageProvider and UserFederationProviders first, then loop through
|
||||
* each CredentialProvider.
|
||||
*
|
||||
* @param realm
|
||||
* @param user
|
||||
* @param credentialType
|
||||
*/
|
||||
void disableCredentialType(RealmModel realm, UserModel user, String credentialType);
|
||||
|
||||
/**
|
||||
* Obtains the credential types that can be disabled.
|
||||
* method.
|
||||
*
|
||||
* @param realm a reference to the realm.
|
||||
* @param user the user whose credentials are being searched.
|
||||
* @return a non-null {@link Stream} of credential types.
|
||||
*
|
||||
* @deprecated Use {@link UserModel#credentialManager()} and then call {@link SubjectCredentialManager#getDisableableCredentialTypesStream()}
|
||||
*/
|
||||
default Stream<String> getDisableableCredentialTypesStream(RealmModel realm, UserModel user) {
|
||||
return user.credentialManager().getDisableableCredentialTypesStream();
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks to see if user has credential type configured. Looks in UserStorageProvider or UserFederationProvider first,
|
||||
* then loops through each CredentialProvider.
|
||||
*
|
||||
* @param realm
|
||||
* @param user
|
||||
* @param type
|
||||
* @return
|
||||
*/
|
||||
boolean isConfiguredFor(RealmModel realm, UserModel user, String type);
|
||||
|
||||
/**
|
||||
* Only loops through each CredentialProvider to see if credential type is configured for the user.
|
||||
* This allows UserStorageProvider and UserFederationProvider isValid() implementations to punt to local storage
|
||||
* when validating a credential that has been overriden in Keycloak storage.
|
||||
*
|
||||
* @param realm
|
||||
* @param user
|
||||
* @param type
|
||||
* @return
|
||||
*/
|
||||
boolean isConfiguredLocally(RealmModel realm, UserModel user, String type);
|
||||
|
||||
/**
|
||||
* Given a CredentialInput, authenticate the user. This is used in the case where the credential must be processed
|
||||
* to determine and find the user. An example is Kerberos where the kerberos token might be validated and processed
|
||||
* by a variety of different storage providers.
|
||||
*
|
||||
*
|
||||
* @param session
|
||||
* @param realm
|
||||
* @param input
|
||||
* @return
|
||||
*/
|
||||
CredentialValidationOutput authenticate(KeycloakSession session, RealmModel realm, CredentialInput input);
|
||||
|
||||
/**
|
||||
* Obtains the credential types provided by the user storage where the specified user is stored. Examples of returned
|
||||
* values are "password", "otp", etc.
|
||||
* <p/>
|
||||
* This method will always return an empty stream for "local" users - i.e. users that are not backed by any user storage.
|
||||
*
|
||||
* @param realm a reference to the realm.
|
||||
* @param user a reference to the user.
|
||||
* @return a non-null {@link Stream} of credential types.
|
||||
*
|
||||
* @deprecated Use {@link UserModel#credentialManager()} and then call {@link SubjectCredentialManager#getConfiguredUserStorageCredentialTypesStream()}
|
||||
*/
|
||||
default Stream<String> getConfiguredUserStorageCredentialTypesStream(RealmModel realm, UserModel user) {
|
||||
return user.credentialManager().getConfiguredUserStorageCredentialTypesStream();
|
||||
}
|
||||
|
||||
/**
|
||||
* @deprecated This interface is no longer necessary, collection-based methods were removed from the parent interface
|
||||
* and therefore the parent interface can be used directly
|
||||
*/
|
||||
@Deprecated
|
||||
interface Streams extends UserCredentialManager, UserCredentialStore {
|
||||
}
|
||||
}
|
|
@ -33,8 +33,6 @@ import org.keycloak.models.sessions.infinispan.InfinispanAuthenticationSessionPr
|
|||
import org.keycloak.models.sessions.infinispan.InfinispanSingleUseObjectProviderFactory;
|
||||
import org.keycloak.models.sessions.infinispan.InfinispanUserLoginFailureProviderFactory;
|
||||
import org.keycloak.models.sessions.infinispan.InfinispanUserSessionProviderFactory;
|
||||
import org.keycloak.services.legacysessionsupport.LegacySessionSupportProviderFactory;
|
||||
import org.keycloak.services.legacysessionsupport.LegacySessionSupportSpi;
|
||||
import org.keycloak.sessions.AuthenticationSessionSpi;
|
||||
import org.keycloak.sessions.StickySessionEncoderProviderFactory;
|
||||
import org.keycloak.sessions.StickySessionEncoderSpi;
|
||||
|
@ -72,8 +70,6 @@ public class Infinispan extends KeycloakModelParameters {
|
|||
.add(PublicKeyStorageSpi.class)
|
||||
.add(CachePublicKeyProviderSpi.class)
|
||||
|
||||
.add(LegacySessionSupportSpi.class) // necessary as it will call session.userCredentialManager().onCache()
|
||||
|
||||
.build();
|
||||
|
||||
static final Set<Class<? extends ProviderFactory>> ALLOWED_FACTORIES = ImmutableSet.<Class<? extends ProviderFactory>>builder()
|
||||
|
@ -90,7 +86,6 @@ public class Infinispan extends KeycloakModelParameters {
|
|||
.add(TimerProviderFactory.class)
|
||||
.add(InfinispanPublicKeyStorageProviderFactory.class)
|
||||
.add(InfinispanCachePublicKeyProviderFactory.class)
|
||||
.add(LegacySessionSupportProviderFactory.class)
|
||||
.build();
|
||||
|
||||
@Override
|
||||
|
|
Loading…
Reference in a new issue