KEYCLOAK-1799 Download adapter JSON config with proper adapter
This commit is contained in:
mposolda
parent
2550d16127
commit
81f4c50574
5 changed files with 59 additions and 7 deletions
|
|
@ -1,7 +1,9 @@
|
||||||
package org.keycloak.authentication;
|
package org.keycloak.authentication;
|
||||||
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
|
import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.provider.ProviderConfigProperty;
|
import org.keycloak.provider.ProviderConfigProperty;
|
||||||
import org.keycloak.provider.ProviderFactory;
|
import org.keycloak.provider.ProviderFactory;
|
||||||
|
|
||||||
|
|
@ -33,4 +35,12 @@ public interface ClientAuthenticatorFactory extends ProviderFactory<ClientAuthen
|
||||||
*/
|
*/
|
||||||
List<ProviderConfigProperty> getConfigPropertiesPerClient();
|
List<ProviderConfigProperty> getConfigPropertiesPerClient();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get configuration, which needs to be used for adapter ( keycloak.json ) of particular client. Some implementations
|
||||||
|
* may return just template and user needs to edit the values according to his environment (For example fill the location of keystore file)
|
||||||
|
*
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
Map<String, Object> getAdapterConfiguration(ClientModel client);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,8 +1,10 @@
|
||||||
package org.keycloak.authentication.authenticators.client;
|
package org.keycloak.authentication.authenticators.client;
|
||||||
|
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
|
import java.util.HashMap;
|
||||||
import java.util.LinkedList;
|
import java.util.LinkedList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
import javax.ws.rs.core.HttpHeaders;
|
import javax.ws.rs.core.HttpHeaders;
|
||||||
import javax.ws.rs.core.MultivaluedMap;
|
import javax.ws.rs.core.MultivaluedMap;
|
||||||
|
|
@ -20,6 +22,7 @@ import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.provider.ProviderConfigProperty;
|
import org.keycloak.provider.ProviderConfigProperty;
|
||||||
|
import org.keycloak.representations.idm.CredentialRepresentation;
|
||||||
import org.keycloak.util.BasicAuthHelper;
|
import org.keycloak.util.BasicAuthHelper;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -148,6 +151,13 @@ public class ClientIdAndSecretAuthenticator extends AbstractClientAuthenticator
|
||||||
return Collections.emptyList();
|
return Collections.emptyList();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public Map<String, Object> getAdapterConfiguration(ClientModel client) {
|
||||||
|
Map<String, Object> result = new HashMap<>();
|
||||||
|
result.put(CredentialRepresentation.SECRET, client.getSecret());
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String getId() {
|
public String getId() {
|
||||||
return PROVIDER_ID;
|
return PROVIDER_ID;
|
||||||
|
|
|
||||||
|
|
@ -3,8 +3,10 @@ package org.keycloak.authentication.authenticators.client;
|
||||||
import java.security.PublicKey;
|
import java.security.PublicKey;
|
||||||
import java.security.cert.X509Certificate;
|
import java.security.cert.X509Certificate;
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
|
import java.util.HashMap;
|
||||||
import java.util.LinkedList;
|
import java.util.LinkedList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
import javax.ws.rs.core.MultivaluedMap;
|
import javax.ws.rs.core.MultivaluedMap;
|
||||||
import javax.ws.rs.core.Response;
|
import javax.ws.rs.core.Response;
|
||||||
|
|
@ -165,6 +167,21 @@ public class JWTClientAuthenticator extends AbstractClientAuthenticator {
|
||||||
return Collections.emptyList();
|
return Collections.emptyList();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public Map<String, Object> getAdapterConfiguration(ClientModel client) {
|
||||||
|
Map<String, Object> props = new HashMap<>();
|
||||||
|
props.put("client-keystore-file", "REPLACE WITH THE LOCATION OF YOUR KEYSTORE FILE");
|
||||||
|
props.put("client-keystore-type", "jks");
|
||||||
|
props.put("client-keystore-password", "REPLACE WITH THE KEYSTORE PASSWORD");
|
||||||
|
props.put("client-key-password", "REPLACE WITH THE KEY PASSWORD IN KEYSTORE");
|
||||||
|
props.put("client-key-alias", client.getClientId());
|
||||||
|
props.put("token-timeout", 10);
|
||||||
|
|
||||||
|
Map<String, Object> config = new HashMap<>();
|
||||||
|
config.put("jwt", props);
|
||||||
|
return config;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String getId() {
|
public String getId() {
|
||||||
return PROVIDER_ID;
|
return PROVIDER_ID;
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,8 @@ package org.keycloak.services.managers;
|
||||||
import org.codehaus.jackson.annotate.JsonProperty;
|
import org.codehaus.jackson.annotate.JsonProperty;
|
||||||
import org.codehaus.jackson.annotate.JsonPropertyOrder;
|
import org.codehaus.jackson.annotate.JsonPropertyOrder;
|
||||||
import org.jboss.logging.Logger;
|
import org.jboss.logging.Logger;
|
||||||
|
import org.keycloak.authentication.ClientAuthenticator;
|
||||||
|
import org.keycloak.authentication.ClientAuthenticatorFactory;
|
||||||
import org.keycloak.constants.ServiceAccountConstants;
|
import org.keycloak.constants.ServiceAccountConstants;
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.models.ProtocolMapperModel;
|
import org.keycloak.models.ProtocolMapperModel;
|
||||||
|
|
@ -156,7 +158,7 @@ public class ClientManager {
|
||||||
@JsonProperty("public-client")
|
@JsonProperty("public-client")
|
||||||
protected Boolean publicClient;
|
protected Boolean publicClient;
|
||||||
@JsonProperty("credentials")
|
@JsonProperty("credentials")
|
||||||
protected Map<String, String> credentials;
|
protected Map<String, Object> credentials;
|
||||||
|
|
||||||
public Boolean isUseResourceRoleMappings() {
|
public Boolean isUseResourceRoleMappings() {
|
||||||
return useResourceRoleMappings;
|
return useResourceRoleMappings;
|
||||||
|
|
@ -174,11 +176,11 @@ public class ClientManager {
|
||||||
this.resource = resource;
|
this.resource = resource;
|
||||||
}
|
}
|
||||||
|
|
||||||
public Map<String, String> getCredentials() {
|
public Map<String, Object> getCredentials() {
|
||||||
return credentials;
|
return credentials;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void setCredentials(Map<String, String> credentials) {
|
public void setCredentials(Map<String, Object> credentials) {
|
||||||
this.credentials = credentials;
|
this.credentials = credentials;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -214,10 +216,10 @@ public class ClientManager {
|
||||||
rep.setResource(clientModel.getClientId());
|
rep.setResource(clientModel.getClientId());
|
||||||
|
|
||||||
if (!clientModel.isBearerOnly() && !clientModel.isPublicClient()) {
|
if (!clientModel.isBearerOnly() && !clientModel.isPublicClient()) {
|
||||||
Map<String, String> creds = new HashMap<String, String>();
|
String clientAuthenticator = clientModel.getClientAuthenticatorType();
|
||||||
String cred = clientModel.getSecret();
|
ClientAuthenticatorFactory authenticator = (ClientAuthenticatorFactory) realmManager.getSession().getKeycloakSessionFactory().getProviderFactory(ClientAuthenticator.class, clientAuthenticator);
|
||||||
creds.put(CredentialRepresentation.SECRET, cred);
|
Map<String, Object> adapterConfig = authenticator.getAdapterConfiguration(clientModel);
|
||||||
rep.setCredentials(creds);
|
rep.setCredentials(adapterConfig);
|
||||||
}
|
}
|
||||||
|
|
||||||
return rep;
|
return rep;
|
||||||
|
|
|
||||||
|
|
@ -1,8 +1,10 @@
|
||||||
package org.keycloak.testsuite.forms;
|
package org.keycloak.testsuite.forms;
|
||||||
|
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
|
import java.util.HashMap;
|
||||||
import java.util.LinkedList;
|
import java.util.LinkedList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
import org.keycloak.authentication.AuthenticationFlowError;
|
import org.keycloak.authentication.AuthenticationFlowError;
|
||||||
import org.keycloak.authentication.ClientAuthenticationFlowContext;
|
import org.keycloak.authentication.ClientAuthenticationFlowContext;
|
||||||
|
|
@ -88,6 +90,17 @@ public class PassThroughClientAuthenticator extends AbstractClientAuthenticator
|
||||||
return clientConfigProperties;
|
return clientConfigProperties;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public Map<String, Object> getAdapterConfiguration(ClientModel client) {
|
||||||
|
Map<String, Object> props = new HashMap<>();
|
||||||
|
props.put("foo", "some foo value");
|
||||||
|
props.put("bar", true);
|
||||||
|
|
||||||
|
Map<String, Object> config = new HashMap<>();
|
||||||
|
config.put("dummy", props);
|
||||||
|
return config;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String getId() {
|
public String getId() {
|
||||||
return PROVIDER_ID;
|
return PROVIDER_ID;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue