From 798846df6f4b579458c9cd4d0e1eb93a9dbb36c9 Mon Sep 17 00:00:00 2001 From: Alexander Schwartz Date: Mon, 18 Sep 2023 11:04:02 +0200 Subject: [PATCH] Remove legacy code which isn't used anymore and was deprecated for some time (#23264) Closes #23263 --- .../cache/infinispan/UserCacheSession.java | 2 - .../UserCredentialStoreManager.java | 210 ------------------ .../LegacySessionSupportProviderFactory.java | 27 --- ...gacySessionSupportProviderFactoryImpl.java | 54 ----- .../LegacySessionSupportProviderImpl.java | 49 ---- .../LegacySessionSupportSpi.java | 49 ---- .../services/org.keycloak.provider.Spi | 18 -- ...upport.LegacySessionSupportProviderFactory | 18 -- .../models/LegacySessionSupportProvider.java | 33 --- .../models/UserCredentialManager.java | 169 -------------- .../model/parameters/Infinispan.java | 5 - 11 files changed, 634 deletions(-) delete mode 100644 model/legacy-services/src/main/java/org/keycloak/credential/UserCredentialStoreManager.java delete mode 100644 model/legacy-services/src/main/java/org/keycloak/services/legacysessionsupport/LegacySessionSupportProviderFactory.java delete mode 100644 model/legacy-services/src/main/java/org/keycloak/services/legacysessionsupport/LegacySessionSupportProviderFactoryImpl.java delete mode 100644 model/legacy-services/src/main/java/org/keycloak/services/legacysessionsupport/LegacySessionSupportProviderImpl.java delete mode 100644 model/legacy-services/src/main/java/org/keycloak/services/legacysessionsupport/LegacySessionSupportSpi.java delete mode 100644 model/legacy-services/src/main/resources/META-INF/services/org.keycloak.provider.Spi delete mode 100644 model/legacy-services/src/main/resources/META-INF/services/org.keycloak.services.legacysessionsupport.LegacySessionSupportProviderFactory delete mode 100644 model/legacy/src/main/java/org/keycloak/models/LegacySessionSupportProvider.java delete mode 100644 model/legacy/src/main/java/org/keycloak/models/UserCredentialManager.java diff --git a/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/UserCacheSession.java b/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/UserCacheSession.java index 557fc82ec9..cdf0656750 100755 --- a/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/UserCacheSession.java +++ b/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/UserCacheSession.java @@ -23,7 +23,6 @@ import org.keycloak.credential.CredentialInput; import org.keycloak.models.ClientScopeModel; import org.keycloak.models.CredentialValidationOutput; import org.keycloak.models.IdentityProviderModel; -import org.keycloak.models.LegacySessionSupportProvider; import org.keycloak.models.cache.infinispan.events.InvalidationEvent; import org.keycloak.common.constants.ServiceAccountConstants; import org.keycloak.component.ComponentModel; @@ -377,7 +376,6 @@ public class UserCacheSession implements UserCache, OnCreateComponent, OnUpdateC private void onCache(RealmModel realm, UserAdapter adapter, UserModel delegate) { ((OnUserCache)getDelegate()).onCache(realm, adapter, delegate); - ((OnUserCache) session.getProvider(LegacySessionSupportProvider.class).userCredentialManager()).onCache(realm, adapter, delegate); } @Override diff --git a/model/legacy-services/src/main/java/org/keycloak/credential/UserCredentialStoreManager.java b/model/legacy-services/src/main/java/org/keycloak/credential/UserCredentialStoreManager.java deleted file mode 100644 index 97c3bcb5b4..0000000000 --- a/model/legacy-services/src/main/java/org/keycloak/credential/UserCredentialStoreManager.java +++ /dev/null @@ -1,210 +0,0 @@ -/* - * Copyright 2016 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.keycloak.credential; - -import org.jboss.logging.Logger; -import org.keycloak.common.util.reflections.Types; -import org.keycloak.models.CredentialValidationOutput; -import org.keycloak.models.KeycloakSession; -import org.keycloak.models.RealmModel; -import org.keycloak.models.UserCredentialManager; -import org.keycloak.models.UserModel; -import org.keycloak.models.cache.CachedUserModel; -import org.keycloak.models.cache.OnUserCache; - -import java.util.Arrays; -import java.util.List; -import java.util.stream.Stream; - -/** - * @author Bill Burke - * @version $Revision: 1 $ - */ -@Deprecated -public class UserCredentialStoreManager implements UserCredentialManager, OnUserCache { - - private final static Logger log = Logger.getLogger(UserCredentialStoreManager.class); - - private final KeycloakSession session; - - public UserCredentialStoreManager(KeycloakSession session) { - this.session = session; - } - - @Override - @Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead - public void updateCredential(RealmModel realm, UserModel user, CredentialModel cred) { - warnAboutUsage(); - user.credentialManager().updateStoredCredential(cred); - } - - @Override - @Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead - public CredentialModel createCredential(RealmModel realm, UserModel user, CredentialModel cred) { - warnAboutUsage(); - return user.credentialManager().createStoredCredential(cred); - } - - @Override - @Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead - public boolean removeStoredCredential(RealmModel realm, UserModel user, String id) { - warnAboutUsage(); - return user.credentialManager().removeStoredCredentialById(id); - } - - @Override - @Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead - public CredentialModel getStoredCredentialById(RealmModel realm, UserModel user, String id) { - warnAboutUsage(); - return user.credentialManager().getStoredCredentialById(id); - } - - @Override - @Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead - public Stream getStoredCredentialsStream(RealmModel realm, UserModel user) { - warnAboutUsage(); - return user.credentialManager().getStoredCredentialsStream(); - } - - @Override - @Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead - public Stream getStoredCredentialsByTypeStream(RealmModel realm, UserModel user, String type) { - warnAboutUsage(); - return user.credentialManager().getStoredCredentialsByTypeStream(type); - } - - @Override - @Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead - public CredentialModel getStoredCredentialByNameAndType(RealmModel realm, UserModel user, String name, String type) { - warnAboutUsage(); - return user.credentialManager().getStoredCredentialByNameAndType(name, type); - } - - @Override - @Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead - public boolean moveCredentialTo(RealmModel realm, UserModel user, String id, String newPreviousCredentialId){ - warnAboutUsage(); - return user.credentialManager().moveStoredCredentialTo(id, newPreviousCredentialId); - } - - @Override - @Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead - public boolean isValid(RealmModel realm, UserModel user, CredentialInput... inputs) { - warnAboutUsage(); - return isValid(realm, user, Arrays.asList(inputs)); - } - - @Override - @Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead - public CredentialModel createCredentialThroughProvider(RealmModel realm, UserModel user, CredentialModel model){ - warnAboutUsage(); - return user.credentialManager().createCredentialThroughProvider(model); - } - - @Override - @Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead - public void updateCredentialLabel(RealmModel realm, UserModel user, String credentialId, String userLabel){ - warnAboutUsage(); - user.credentialManager().updateCredentialLabel(credentialId, userLabel); - } - - @Override - @Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead - public boolean isValid(RealmModel realm, UserModel user, List inputs) { - warnAboutUsage(); - return user.credentialManager().isValid(inputs); - } - - @Deprecated // Keep this up to and including Keycloak 19, then inline - public static Stream getCredentialProviders(KeycloakSession session, Class type) { - // called via #onCache() - // warnAboutUsage(); - return session.getKeycloakSessionFactory().getProviderFactoriesStream(CredentialProvider.class) - .filter(f -> Types.supports(type, f, CredentialProviderFactory.class)) - .map(f -> (T) session.getProvider(CredentialProvider.class, f.getId())); - } - - @Override - @Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead - public boolean updateCredential(RealmModel realm, UserModel user, CredentialInput input) { - warnAboutUsage(); - return user.credentialManager().updateCredential(input); - } - - @Override - @Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead - public void disableCredentialType(RealmModel realm, UserModel user, String credentialType) { - warnAboutUsage(); - user.credentialManager().disableCredentialType(credentialType); - } - - @Override - @Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead - public Stream getDisableableCredentialTypesStream(RealmModel realm, UserModel user) { - warnAboutUsage(); - return user.credentialManager().getDisableableCredentialTypesStream(); - } - - @Override - @Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead - public boolean isConfiguredFor(RealmModel realm, UserModel user, String type) { - warnAboutUsage(); - return user.credentialManager().isConfiguredFor(type); - } - - @Override - @Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead - public boolean isConfiguredLocally(RealmModel realm, UserModel user, String type) { - warnAboutUsage(); - return user.credentialManager().isConfiguredLocally(type); - } - - @Override - @Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead - public CredentialValidationOutput authenticate(KeycloakSession session, RealmModel realm, CredentialInput input) { - warnAboutUsage(); - return session.users().getUserByCredential(realm, input); - } - - @Override - @Deprecated // Keep this up to and including Keycloak 19, then remove it together with the OnUserCache class - public void onCache(RealmModel realm, CachedUserModel user, UserModel delegate) { - // called by UserCacheSession#onCache, therefore don't warn here - // warnAboutUsage(); - getCredentialProviders(session, OnUserCache.class).forEach(validator -> validator.onCache(realm, user, delegate)); - } - - @Override - @Deprecated // Keep this up to and including Keycloak 19, the use methods on user.userCredentialManager() instead - public Stream getConfiguredUserStorageCredentialTypesStream(RealmModel realm, UserModel user) { - warnAboutUsage(); - return user.credentialManager().getConfiguredUserStorageCredentialTypesStream(); - } - - @Override - public void close() { - - } - - private static void warnAboutUsage() { - if (log.isEnabled(Logger.Level.WARN)) { - // check if warning is enabled first before constructing the exception that is expensive to construct - log.warn("Calls to session.userCredentialManager() now deprecated. Use user.userCredentialManager() instead!", new RuntimeException()); - } - } - -} diff --git a/model/legacy-services/src/main/java/org/keycloak/services/legacysessionsupport/LegacySessionSupportProviderFactory.java b/model/legacy-services/src/main/java/org/keycloak/services/legacysessionsupport/LegacySessionSupportProviderFactory.java deleted file mode 100644 index b8248a0e70..0000000000 --- a/model/legacy-services/src/main/java/org/keycloak/services/legacysessionsupport/LegacySessionSupportProviderFactory.java +++ /dev/null @@ -1,27 +0,0 @@ -/* - * Copyright 2022 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.keycloak.services.legacysessionsupport; - -import org.keycloak.models.LegacySessionSupportProvider; -import org.keycloak.provider.ProviderFactory; - -/** - * @author Alexander Schwartz - */ -public interface LegacySessionSupportProviderFactory extends ProviderFactory { -} diff --git a/model/legacy-services/src/main/java/org/keycloak/services/legacysessionsupport/LegacySessionSupportProviderFactoryImpl.java b/model/legacy-services/src/main/java/org/keycloak/services/legacysessionsupport/LegacySessionSupportProviderFactoryImpl.java deleted file mode 100644 index 2e3845e557..0000000000 --- a/model/legacy-services/src/main/java/org/keycloak/services/legacysessionsupport/LegacySessionSupportProviderFactoryImpl.java +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Copyright 2022 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.keycloak.services.legacysessionsupport; - -import org.keycloak.Config; -import org.keycloak.models.KeycloakSession; -import org.keycloak.models.KeycloakSessionFactory; -import org.keycloak.models.LegacySessionSupportProvider; - -/** - * @author Alexander Schwartz - */ -public class LegacySessionSupportProviderFactoryImpl implements LegacySessionSupportProviderFactory { - - private static final String PROVIDER_ID = "default"; - - @Override - public LegacySessionSupportProvider create(KeycloakSession session) { - return new LegacySessionSupportProviderImpl(session); - } - - @Override - public void init(Config.Scope config) { - } - - @Override - public void postInit(KeycloakSessionFactory factory) { - } - - @Override - public void close() { - } - - @Override - public String getId() { - return PROVIDER_ID; - } - -} diff --git a/model/legacy-services/src/main/java/org/keycloak/services/legacysessionsupport/LegacySessionSupportProviderImpl.java b/model/legacy-services/src/main/java/org/keycloak/services/legacysessionsupport/LegacySessionSupportProviderImpl.java deleted file mode 100644 index 73860a0145..0000000000 --- a/model/legacy-services/src/main/java/org/keycloak/services/legacysessionsupport/LegacySessionSupportProviderImpl.java +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright 2022 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.keycloak.services.legacysessionsupport; - -import org.keycloak.credential.UserCredentialStoreManager; -import org.keycloak.models.KeycloakSession; -import org.keycloak.models.UserCredentialManager; -import org.keycloak.models.LegacySessionSupportProvider; -import org.keycloak.models.cache.UserCache; - -/** - * @author Alexander Schwartz - */ -public class LegacySessionSupportProviderImpl implements LegacySessionSupportProvider { - - private final KeycloakSession session; - - public LegacySessionSupportProviderImpl(KeycloakSession session) { - this.session = session; - } - - @Override - public void close() { - - } - - @Override - @Deprecated - public UserCredentialManager userCredentialManager() { - // UserCacheSession calls session.userCredentialManager().onCache(), therefore can't trigger a warning here at the moment. - return new UserCredentialStoreManager(session); - } - -} diff --git a/model/legacy-services/src/main/java/org/keycloak/services/legacysessionsupport/LegacySessionSupportSpi.java b/model/legacy-services/src/main/java/org/keycloak/services/legacysessionsupport/LegacySessionSupportSpi.java deleted file mode 100644 index 2a97c0df4c..0000000000 --- a/model/legacy-services/src/main/java/org/keycloak/services/legacysessionsupport/LegacySessionSupportSpi.java +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright 2022 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.keycloak.services.legacysessionsupport; - -import org.keycloak.models.LegacySessionSupportProvider; -import org.keycloak.provider.Provider; -import org.keycloak.provider.Spi; - -/** - * @author Alexander Schwartz - */ -public class LegacySessionSupportSpi implements Spi { - - @Override - public boolean isInternal() { - return true; - } - - @Override - public String getName() { - return "legacy-session-support"; - } - - @Override - public Class getProviderClass() { - return LegacySessionSupportProvider.class; - } - - @Override - public Class getProviderFactoryClass() { - return LegacySessionSupportProviderFactory.class; - } - -} diff --git a/model/legacy-services/src/main/resources/META-INF/services/org.keycloak.provider.Spi b/model/legacy-services/src/main/resources/META-INF/services/org.keycloak.provider.Spi deleted file mode 100644 index eb71290fb7..0000000000 --- a/model/legacy-services/src/main/resources/META-INF/services/org.keycloak.provider.Spi +++ /dev/null @@ -1,18 +0,0 @@ -# -# Copyright 2023 Red Hat, Inc. and/or its affiliates -# and other contributors as indicated by the @author tags. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -org.keycloak.services.legacysessionsupport.LegacySessionSupportSpi \ No newline at end of file diff --git a/model/legacy-services/src/main/resources/META-INF/services/org.keycloak.services.legacysessionsupport.LegacySessionSupportProviderFactory b/model/legacy-services/src/main/resources/META-INF/services/org.keycloak.services.legacysessionsupport.LegacySessionSupportProviderFactory deleted file mode 100644 index 182d5fb380..0000000000 --- a/model/legacy-services/src/main/resources/META-INF/services/org.keycloak.services.legacysessionsupport.LegacySessionSupportProviderFactory +++ /dev/null @@ -1,18 +0,0 @@ -# -# Copyright 2022 Red Hat, Inc. and/or its affiliates -# and other contributors as indicated by the @author tags. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -org.keycloak.services.legacysessionsupport.LegacySessionSupportProviderFactoryImpl \ No newline at end of file diff --git a/model/legacy/src/main/java/org/keycloak/models/LegacySessionSupportProvider.java b/model/legacy/src/main/java/org/keycloak/models/LegacySessionSupportProvider.java deleted file mode 100644 index d1de386bfd..0000000000 --- a/model/legacy/src/main/java/org/keycloak/models/LegacySessionSupportProvider.java +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright 2022 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.keycloak.models; - -import org.keycloak.provider.Provider; - -/** - * Support for elements in Keycloak's session that are deprecated. - * This allows the deprecated implementations to be moved to the legacy module. - * - * @author Alexander Schwartz - */ -public interface LegacySessionSupportProvider extends Provider { - - @Deprecated - UserCredentialManager userCredentialManager(); - -} diff --git a/model/legacy/src/main/java/org/keycloak/models/UserCredentialManager.java b/model/legacy/src/main/java/org/keycloak/models/UserCredentialManager.java deleted file mode 100644 index 3e66f52145..0000000000 --- a/model/legacy/src/main/java/org/keycloak/models/UserCredentialManager.java +++ /dev/null @@ -1,169 +0,0 @@ -/* - * Copyright 2016 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.keycloak.models; - -import org.keycloak.credential.CredentialInput; -import org.keycloak.credential.CredentialModel; -import org.keycloak.credential.UserCredentialStore; - -import java.util.List; -import java.util.stream.Stream; - -/** - * Manage the credentials for a user. - * - * @deprecated Instead of this class, use {@link UserModel#credentialManager()} instead. - * @author Bill Burke - * @version $Revision: 1 $ - */ -@Deprecated -public interface UserCredentialManager extends UserCredentialStore { - - /** - * Validates list of credentials. Will call UserStorageProvider and UserFederationProviders first, then loop through - * each CredentialProvider. - * - * @param realm - * @param user - * @param inputs - * @return - */ - boolean isValid(RealmModel realm, UserModel user, List inputs); - - /** - * Validates list of credentials. Will call UserStorageProvider and UserFederationProviders first, then loop through - * each CredentialProvider. - * - * @param realm - * @param user - * @param inputs - * @return - */ - boolean isValid(RealmModel realm, UserModel user, CredentialInput... inputs); - - /** - * Updates a credential. Will call UserStorageProvider and UserFederationProviders first, then loop through - * each CredentialProvider. Update is finished whenever any one provider returns true. - * - * @param realm - * @param user - * @return true if credential was successfully updated by UserStorage or any CredentialInputUpdater - */ - boolean updateCredential(RealmModel realm, UserModel user, CredentialInput input); - - /** - * Creates a credential from the credentialModel, by looping through the providers to find a match for the type - * @param realm - * @param user - * @param model - * @return - */ - CredentialModel createCredentialThroughProvider(RealmModel realm, UserModel user, CredentialModel model); - - /** - * Updates the credential label and invalidates the cache for the user. - * @param realm - * @param user - * @param credentialId - * @param userLabel - */ - void updateCredentialLabel(RealmModel realm, UserModel user, String credentialId, String userLabel); - - /** - * Calls disableCredential on UserStorageProvider and UserFederationProviders first, then loop through - * each CredentialProvider. - * - * @param realm - * @param user - * @param credentialType - */ - void disableCredentialType(RealmModel realm, UserModel user, String credentialType); - - /** - * Obtains the credential types that can be disabled. - * method. - * - * @param realm a reference to the realm. - * @param user the user whose credentials are being searched. - * @return a non-null {@link Stream} of credential types. - * - * @deprecated Use {@link UserModel#credentialManager()} and then call {@link SubjectCredentialManager#getDisableableCredentialTypesStream()} - */ - default Stream getDisableableCredentialTypesStream(RealmModel realm, UserModel user) { - return user.credentialManager().getDisableableCredentialTypesStream(); - } - - /** - * Checks to see if user has credential type configured. Looks in UserStorageProvider or UserFederationProvider first, - * then loops through each CredentialProvider. - * - * @param realm - * @param user - * @param type - * @return - */ - boolean isConfiguredFor(RealmModel realm, UserModel user, String type); - - /** - * Only loops through each CredentialProvider to see if credential type is configured for the user. - * This allows UserStorageProvider and UserFederationProvider isValid() implementations to punt to local storage - * when validating a credential that has been overriden in Keycloak storage. - * - * @param realm - * @param user - * @param type - * @return - */ - boolean isConfiguredLocally(RealmModel realm, UserModel user, String type); - - /** - * Given a CredentialInput, authenticate the user. This is used in the case where the credential must be processed - * to determine and find the user. An example is Kerberos where the kerberos token might be validated and processed - * by a variety of different storage providers. - * - * - * @param session - * @param realm - * @param input - * @return - */ - CredentialValidationOutput authenticate(KeycloakSession session, RealmModel realm, CredentialInput input); - - /** - * Obtains the credential types provided by the user storage where the specified user is stored. Examples of returned - * values are "password", "otp", etc. - *

- * This method will always return an empty stream for "local" users - i.e. users that are not backed by any user storage. - * - * @param realm a reference to the realm. - * @param user a reference to the user. - * @return a non-null {@link Stream} of credential types. - * - * @deprecated Use {@link UserModel#credentialManager()} and then call {@link SubjectCredentialManager#getConfiguredUserStorageCredentialTypesStream()} - */ - default Stream getConfiguredUserStorageCredentialTypesStream(RealmModel realm, UserModel user) { - return user.credentialManager().getConfiguredUserStorageCredentialTypesStream(); - } - - /** - * @deprecated This interface is no longer necessary, collection-based methods were removed from the parent interface - * and therefore the parent interface can be used directly - */ - @Deprecated - interface Streams extends UserCredentialManager, UserCredentialStore { - } -} diff --git a/testsuite/model/src/test/java/org/keycloak/testsuite/model/parameters/Infinispan.java b/testsuite/model/src/test/java/org/keycloak/testsuite/model/parameters/Infinispan.java index 54b3235689..cc15ca41a8 100644 --- a/testsuite/model/src/test/java/org/keycloak/testsuite/model/parameters/Infinispan.java +++ b/testsuite/model/src/test/java/org/keycloak/testsuite/model/parameters/Infinispan.java @@ -33,8 +33,6 @@ import org.keycloak.models.sessions.infinispan.InfinispanAuthenticationSessionPr import org.keycloak.models.sessions.infinispan.InfinispanSingleUseObjectProviderFactory; import org.keycloak.models.sessions.infinispan.InfinispanUserLoginFailureProviderFactory; import org.keycloak.models.sessions.infinispan.InfinispanUserSessionProviderFactory; -import org.keycloak.services.legacysessionsupport.LegacySessionSupportProviderFactory; -import org.keycloak.services.legacysessionsupport.LegacySessionSupportSpi; import org.keycloak.sessions.AuthenticationSessionSpi; import org.keycloak.sessions.StickySessionEncoderProviderFactory; import org.keycloak.sessions.StickySessionEncoderSpi; @@ -72,8 +70,6 @@ public class Infinispan extends KeycloakModelParameters { .add(PublicKeyStorageSpi.class) .add(CachePublicKeyProviderSpi.class) - .add(LegacySessionSupportSpi.class) // necessary as it will call session.userCredentialManager().onCache() - .build(); static final Set> ALLOWED_FACTORIES = ImmutableSet.>builder() @@ -90,7 +86,6 @@ public class Infinispan extends KeycloakModelParameters { .add(TimerProviderFactory.class) .add(InfinispanPublicKeyStorageProviderFactory.class) .add(InfinispanCachePublicKeyProviderFactory.class) - .add(LegacySessionSupportProviderFactory.class) .build(); @Override