libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

KEYCLOAK-11994 Fix minor warnings in module in adapters/oidc/adapter-core

Browse source
This commit is contained in:
Andrei Arlou 2019-11-10 21:44:23 +03:00 committed by Stian Thorgersen
parent 066cdb7dec
commit 7f1de02ca0
10 changed files with 23 additions and 42 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java
View file

@ -50,7 +50,7 @@ public class BasicAuthRequestAuthenticator extends BearerTokenRequestAuthenticat
public AuthOutcome authenticate(HttpFacade exchange) { public AuthOutcome authenticate(HttpFacade exchange) {
List<String> authHeaders = exchange.getRequest().getHeaders("Authorization"); List<String> authHeaders = exchange.getRequest().getHeaders("Authorization");
if (authHeaders == null || authHeaders.size() == 0) { if (authHeaders == null || authHeaders.isEmpty()) {
challenge = challengeResponse(exchange, OIDCAuthenticationError.Reason.NO_AUTHORIZATION_HEADER, null, null); challenge = challengeResponse(exchange, OIDCAuthenticationError.Reason.NO_AUTHORIZATION_HEADER, null, null);
return AuthOutcome.NOT_ATTEMPTED; return AuthOutcome.NOT_ATTEMPTED;
} }
@ -58,7 +58,7 @@ public class BasicAuthRequestAuthenticator extends BearerTokenRequestAuthenticat
tokenString = null; tokenString = null;
for (String authHeader : authHeaders) { for (String authHeader : authHeaders) {
String[] split = authHeader.trim().split("\\s+"); String[] split = authHeader.trim().split("\\s+");
if (split == null || split.length != 2) continue; if (split.length != 2) continue;
if (!split[0].equalsIgnoreCase("Basic")) continue; if (!split[0].equalsIgnoreCase("Basic")) continue;
tokenString = split[1]; tokenString = split[1];
} }

8
adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BearerTokenRequestAuthenticator.java
View file

@ -63,7 +63,7 @@ public class BearerTokenRequestAuthenticator {
public AuthOutcome authenticate(HttpFacade exchange) { public AuthOutcome authenticate(HttpFacade exchange) {
List<String> authHeaders = exchange.getRequest().getHeaders("Authorization"); List<String> authHeaders = exchange.getRequest().getHeaders("Authorization");
if (authHeaders == null || authHeaders.size() == 0) { if (authHeaders == null || authHeaders.isEmpty()) {
challenge = challengeResponse(exchange, OIDCAuthenticationError.Reason.NO_BEARER_TOKEN, null, null); challenge = challengeResponse(exchange, OIDCAuthenticationError.Reason.NO_BEARER_TOKEN, null, null);
return AuthOutcome.NOT_ATTEMPTED; return AuthOutcome.NOT_ATTEMPTED;
} }
@ -71,13 +71,13 @@ public class BearerTokenRequestAuthenticator {
tokenString = null; tokenString = null;
for (String authHeader : authHeaders) { for (String authHeader : authHeaders) {
String[] split = authHeader.trim().split("\\s+"); String[] split = authHeader.trim().split("\\s+");
if (split == null || split.length != 2) continue; if (split.length != 2) continue;
if (split[0].equalsIgnoreCase("Bearer")) { if (split[0].equalsIgnoreCase("Bearer")) {
tokenString = split[1]; tokenString = split[1];
log.debugf("Found [%d] values in authorization header, selecting the first value for Bearer.", (Integer) authHeaders.size()); log.debugf("Found [%d] values in authorization header, selecting the first value for Bearer.", (Integer) authHeaders.size());
break; break;
}; }
} }
if (tokenString == null) { if (tokenString == null) {
@ -119,7 +119,7 @@ public class BearerTokenRequestAuthenticator {
} }
surrogate = null; surrogate = null;
if (verifyCaller) { if (verifyCaller) {
if (token.getTrustedCertificates() == null || token.getTrustedCertificates().size() == 0) { if (token.getTrustedCertificates() == null || token.getTrustedCertificates().isEmpty()) {
log.warn("No trusted certificates in token"); log.warn("No trusted certificates in token");
challenge = clientCertChallenge(); challenge = clientCertChallenge();
return AuthOutcome.FAILED; return AuthOutcome.FAILED;

5
adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authentication/ClientCredentialsProviderUtils.java
View file

@ -24,7 +24,6 @@ import org.jboss.logging.Logger;
import org.keycloak.adapters.KeycloakDeployment; import org.keycloak.adapters.KeycloakDeployment;
import java.util.HashMap; import java.util.HashMap;
import java.util.Iterator;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.ServiceConfigurationError; import java.util.ServiceConfigurationError;
@ -74,10 +73,8 @@ public class ClientCredentialsProviderUtils {
} }
private static void loadAuthenticators(Map<String, ClientCredentialsProvider> authenticators, ClassLoader classLoader) { private static void loadAuthenticators(Map<String, ClientCredentialsProvider> authenticators, ClassLoader classLoader) {
Iterator<ClientCredentialsProvider> iterator = ServiceLoader.load(ClientCredentialsProvider.class, classLoader).iterator(); for (ClientCredentialsProvider authenticator : ServiceLoader.load(ClientCredentialsProvider.class, classLoader)) {
while (iterator.hasNext()) {
try { try {
ClientCredentialsProvider authenticator = iterator.next();
logger.debugf("Loaded clientCredentialsProvider %s", authenticator.getId()); logger.debugf("Loaded clientCredentialsProvider %s", authenticator.getId());
authenticators.put(authenticator.getId(), authenticator); authenticators.put(authenticator.getId(), authenticator);
} catch (ServiceConfigurationError e) { } catch (ServiceConfigurationError e) {

2
adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authentication/JWTClientCredentialsProvider.java
View file

@ -70,7 +70,7 @@ public class JWTClientCredentialsProvider implements ClientCredentialsProvider {
@Override @Override
public void init(KeycloakDeployment deployment, Object config) { public void init(KeycloakDeployment deployment, Object config) {
if (config == null || !(config instanceof Map)) { if (!(config instanceof Map)) {
throw new RuntimeException("Configuration of jwt credentials is missing or incorrect for client '" + deployment.getResourceName() + "'. Check your adapter configuration"); throw new RuntimeException("Configuration of jwt credentials is missing or incorrect for client '" + deployment.getResourceName() + "'. Check your adapter configuration");
} }

10
adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authentication/JWTClientSecretCredentialsProvider.java
View file

@ -1,6 +1,6 @@
package org.keycloak.adapters.authentication; package org.keycloak.adapters.authentication;
import java.io.UnsupportedEncodingException; import java.nio.charset.StandardCharsets;
import java.util.Map; import java.util.Map;
import javax.crypto.SecretKey; import javax.crypto.SecretKey;
@ -35,7 +35,7 @@ public class JWTClientSecretCredentialsProvider implements ClientCredentialsProv
@Override @Override
public void init(KeycloakDeployment deployment, Object config) { public void init(KeycloakDeployment deployment, Object config) {
if (config == null || !(config instanceof Map)) { if (!(config instanceof Map)) {
throw new RuntimeException("Configuration of jwt credentials by client secret is missing or incorrect for client '" + deployment.getResourceName() + "'. Check your adapter configuration"); throw new RuntimeException("Configuration of jwt credentials by client secret is missing or incorrect for client '" + deployment.getResourceName() + "'. Check your adapter configuration");
} }
@ -60,11 +60,7 @@ public class JWTClientSecretCredentialsProvider implements ClientCredentialsProv
// The HMAC (Hash-based Message Authentication Code) is calculated using the octets of the UTF-8 representation of the client_secret as the shared key. // The HMAC (Hash-based Message Authentication Code) is calculated using the octets of the UTF-8 representation of the client_secret as the shared key.
// Use "HmacSHA256" consulting <a href="https://docs.oracle.com/javase/jp/8/docs/api/javax/crypto/Mac.html">java8 api</a> // Use "HmacSHA256" consulting <a href="https://docs.oracle.com/javase/jp/8/docs/api/javax/crypto/Mac.html">java8 api</a>
// because it must be implemented in every java platform. // because it must be implemented in every java platform.
try { clientSecret = new SecretKeySpec(clientSecretString.getBytes(StandardCharsets.UTF_8), "HmacSHA256");
clientSecret = new SecretKeySpec(clientSecretString.getBytes("UTF-8"), "HmacSHA256");
} catch (UnsupportedEncodingException e) {
throw new RuntimeException("Failed to create secret key spec due to unsupported encoding.");
}
} }
public String createSignedRequestToken(String clientId, String realmInfoUrl) { public String createSignedRequestToken(String clientId, String realmInfoUrl) {

6
adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/PolicyEnforcer.java
View file

@ -21,7 +21,6 @@ import java.util.Arrays;
import java.util.Collection; import java.util.Collection;
import java.util.Collections; import java.util.Collections;
import java.util.HashMap; import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashMap; import java.util.LinkedHashMap;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
@ -131,11 +130,8 @@ public class PolicyEnforcer {
} }
private void loadClaimInformationPointProviders(ServiceLoader<ClaimInformationPointProviderFactory> loader) { private void loadClaimInformationPointProviders(ServiceLoader<ClaimInformationPointProviderFactory> loader) {
Iterator<ClaimInformationPointProviderFactory> iterator = loader.iterator();
while (iterator.hasNext()) {
ClaimInformationPointProviderFactory factory = iterator.next();
for (ClaimInformationPointProviderFactory factory : loader) {
factory.init(this); factory.init(this);
claimInformationPointProviderFactories.put(factory.getName(), factory); claimInformationPointProviderFactories.put(factory.getName(), factory);

6
adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/cip/ClaimsInformationPointProvider.java
View file

@ -19,7 +19,6 @@ package org.keycloak.adapters.authorization.cip;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Collection; import java.util.Collection;
import java.util.HashMap; import java.util.HashMap;
import java.util.Iterator;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Map.Entry; import java.util.Map.Entry;
@ -51,10 +50,9 @@ public class ClaimsInformationPointProvider implements ClaimInformationPointProv
if (claimValue instanceof String) { if (claimValue instanceof String) {
values = getValues(claimValue.toString(), httpFacade); values = getValues(claimValue.toString(), httpFacade);
} else if (claimValue instanceof Collection) { } else if (claimValue instanceof Collection) {
Iterator iterator = Collection.class.cast(claimValue).iterator();
while (iterator.hasNext()) { for (Object value : Collection.class.cast(claimValue)) {
List<String> resolvedValues = getValues(iterator.next().toString(), httpFacade); List<String> resolvedValues = getValues(value.toString(), httpFacade);
if (!resolvedValues.isEmpty()) { if (!resolvedValues.isEmpty()) {
values.addAll(resolvedValues); values.addAll(resolvedValues);

10
adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/cip/HttpClaimInformationPointProvider.java
View file

@ -164,10 +164,9 @@ public class HttpClaimInformationPointProvider implements ClaimInformationPointP
if (value instanceof Collection) { if (value instanceof Collection) {
Collection values = Collection.class.cast(value); Collection values = Collection.class.cast(value);
Iterator iterator = values.iterator();
while (iterator.hasNext()) { for (Object item : values) {
headerValues.addAll(PlaceHolders.resolve(iterator.next().toString(), httpFacade)); headerValues.addAll(PlaceHolders.resolve(item.toString(), httpFacade));
} }
} else { } else {
headerValues.addAll(PlaceHolders.resolve(value.toString(), httpFacade)); headerValues.addAll(PlaceHolders.resolve(value.toString(), httpFacade));
@ -192,10 +191,9 @@ public class HttpClaimInformationPointProvider implements ClaimInformationPointP
if (value instanceof Collection) { if (value instanceof Collection) {
Collection values = Collection.class.cast(value); Collection values = Collection.class.cast(value);
Iterator iterator = values.iterator();
while (iterator.hasNext()) { for (Object item : values) {
paramValues.addAll(PlaceHolders.resolve(iterator.next().toString(), httpFacade)); paramValues.addAll(PlaceHolders.resolve(item.toString(), httpFacade));
} }
} else { } else {
paramValues.addAll(PlaceHolders.resolve(value.toString(), httpFacade)); paramValues.addAll(PlaceHolders.resolve(value.toString(), httpFacade));

5
adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/util/JsonUtils.java
View file

@ -18,7 +18,6 @@ package org.keycloak.adapters.authorization.util;
import java.io.IOException; import java.io.IOException;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Iterator;
import java.util.List; import java.util.List;
import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.JsonNode;
@ -37,10 +36,8 @@ public class JsonUtils {
List<String> values = new ArrayList<>(); List<String> values = new ArrayList<>();
if (jsonNode.isArray()) { if (jsonNode.isArray()) {
Iterator<JsonNode> iterator = jsonNode.iterator();
while (iterator.hasNext()) { for (JsonNode node : jsonNode) {
JsonNode node = iterator.next();
String value; String value;
if (node.isObject()) { if (node.isObject()) {

9
adapters/oidc/adapter-core/src/test/java/org/keycloak/adapters/KeycloakDeploymentBuilderTest.java
View file

@ -28,7 +28,6 @@ import org.keycloak.common.enums.RelativeUrlsUsed;
import org.keycloak.common.enums.SslRequired; import org.keycloak.common.enums.SslRequired;
import org.keycloak.common.util.PemUtils; import org.keycloak.common.util.PemUtils;
import org.keycloak.enums.TokenStore; import org.keycloak.enums.TokenStore;
import org.keycloak.protocol.oidc.representations.OIDCConfigurationRepresentation;
import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertFalse;
@ -42,7 +41,7 @@ import static org.junit.Assert.assertTrue;
public class KeycloakDeploymentBuilderTest { public class KeycloakDeploymentBuilderTest {
@Test @Test
public void load() throws Exception { public void load() {
KeycloakDeployment deployment = KeycloakDeploymentBuilder.build(getClass().getResourceAsStream("/keycloak.json")); KeycloakDeployment deployment = KeycloakDeploymentBuilder.build(getClass().getResourceAsStream("/keycloak.json"));
assertEquals("demo", deployment.getRealm()); assertEquals("demo", deployment.getRealm());
assertEquals("customer-portal", deployment.getResourceName()); assertEquals("customer-portal", deployment.getResourceName());
@ -81,7 +80,7 @@ public class KeycloakDeploymentBuilderTest {
} }
@Test @Test
public void loadNoClientCredentials() throws Exception { public void loadNoClientCredentials() {
KeycloakDeployment deployment = KeycloakDeploymentBuilder.build(getClass().getResourceAsStream("/keycloak-no-credentials.json")); KeycloakDeployment deployment = KeycloakDeploymentBuilder.build(getClass().getResourceAsStream("/keycloak-no-credentials.json"));
assertEquals(ClientIdAndSecretCredentialsProvider.PROVIDER_ID, deployment.getClientAuthenticator().getId()); assertEquals(ClientIdAndSecretCredentialsProvider.PROVIDER_ID, deployment.getClientAuthenticator().getId());
@ -91,13 +90,13 @@ public class KeycloakDeploymentBuilderTest {
} }
@Test @Test
public void loadJwtCredentials() throws Exception { public void loadJwtCredentials() {
KeycloakDeployment deployment = KeycloakDeploymentBuilder.build(getClass().getResourceAsStream("/keycloak-jwt.json")); KeycloakDeployment deployment = KeycloakDeploymentBuilder.build(getClass().getResourceAsStream("/keycloak-jwt.json"));
assertEquals(JWTClientCredentialsProvider.PROVIDER_ID, deployment.getClientAuthenticator().getId()); assertEquals(JWTClientCredentialsProvider.PROVIDER_ID, deployment.getClientAuthenticator().getId());
} }
@Test @Test
public void loadSecretJwtCredentials() throws Exception { public void loadSecretJwtCredentials() {
KeycloakDeployment deployment = KeycloakDeploymentBuilder.build(getClass().getResourceAsStream("/keycloak-secret-jwt.json")); KeycloakDeployment deployment = KeycloakDeploymentBuilder.build(getClass().getResourceAsStream("/keycloak-secret-jwt.json"));
assertEquals(JWTClientSecretCredentialsProvider.PROVIDER_ID, deployment.getClientAuthenticator().getId()); assertEquals(JWTClientSecretCredentialsProvider.PROVIDER_ID, deployment.getClientAuthenticator().getId());
} }