Merge pull request #437 from mposolda/master

Improve PropertiesAuthenticationProvider to support retrieving user pass...
2014-05-29 16:10:11 +01:00 · 2014-05-29 16:10:11 +01:00 · 8573c13b8c
commit 8573c13b8c
parent 429f003578 db1c6e9afd
3 changed files with 58 additions and 18 deletions
--- a/examples/providers/authentication-properties/README.md
+++ b/examples/providers/authentication-properties/README.md
@ -1,20 +1,31 @@
 Example Authentication Provider based on property file values
 =============================================================

-* To deploy copy "target/authentication-properties-example.jar" to "standalone/deployments/auth-server.war/WEB-INF/lib" . Then edit "standalone/configuration/keycloak-server.json" and add this:
-````shell
-    "authentication": {
-        "properties": {
-            "propertiesFileLocation": "users.properties"
-        }
+* To deploy copy "target/authentication-properties-example.jar" to "standalone/deployments/auth-server.war/WEB-INF/lib" .
+
+* Then you can configure location of property file, from which will be users and their passwords retrieved. If you omit it and won't configure, provider will use default "users.properties" file bundled inside this example.
+So for custom location, edit "standalone/configuration/keycloak-server.json" and add this:
+````
+"authentication": {
+    "properties": {
+        "propertiesFileLocation": "/tmp/your-own-property-file.properties"
    }
+}
+````
+
+Assumption is that your file has format like:
+
+````
+username1=password1
+username2=password2
 ````

 * Then start (or restart)the server. Once started open the admin console, select your realm, then click on "Authentication" and then "Add provider" and select "properties" from the list.
 This will mean that realm will use PropertiesAuthenticationProvider for authentication.

-* Once you try to login to realm, you can login with username/password like "joe/password1" or "james/password2" . Once joe is authenticated,
+* Once you try to login to realm, you can login with username/password like "joe/password1" or "james/password2" (In case that you use default users.properties file) . Once joe is authenticated,
 you can see in Keycloak admin console in "Users" list that user "joe" was added to the list.

-* You can try to login as joe and then go to [http://localhost:8080/auth/realms/keycloak-admin/account/password](http://localhost:8080/auth/realms/keycloak-admin/account/password) and change the password.
-You will then be able to logout and login with new password because properties were updated. But this is just in memory-properties, so after server restart the password will be again "password1" .
+* You can try to login as joe and then go to [http://localhost:8080/auth/realms/demo/account/password](http://localhost:8080/auth/realms/demo/account/password) and change the password.
+You will then be able to logout and login with new password because properties were updated.
+WARNING: If you use default location, properties will be updated just in memory and won't survive server restart. So in this case, you will have again "joe" with password "password1" after restart.
--- a/examples/providers/authentication-properties/src/main/java/org/keycloak/examples/providers/authentication/PropertiesAuthenticationProvider.java
+++ b/examples/providers/authentication-properties/src/main/java/org/keycloak/examples/providers/authentication/PropertiesAuthenticationProvider.java
@ -62,7 +62,6 @@ public class PropertiesAuthenticationProvider implements AuthenticationProvider

    @Override
    public boolean updateCredential(RealmModel realm, Map<String, String> configuration, String username, String password) throws AuthenticationProviderException {
-        // Just update in memory (Won't survive restart)
        log.info("Going to update password for user " + username + " in PropertiesAuthenticationProvider");
        properties.put(username, password);
        return true;
--- a/examples/providers/authentication-properties/src/main/java/org/keycloak/examples/providers/authentication/PropertiesAuthenticationProviderFactory.java
+++ b/examples/providers/authentication-properties/src/main/java/org/keycloak/examples/providers/authentication/PropertiesAuthenticationProviderFactory.java
@ -1,7 +1,10 @@
 package org.keycloak.examples.providers.authentication;

+import java.io.FileInputStream;
+import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
+import java.io.OutputStream;
 import java.util.Properties;

 import org.jboss.logging.Logger;
@ -18,6 +21,7 @@ public class PropertiesAuthenticationProviderFactory implements AuthenticationPr
    private static final Logger log = Logger.getLogger(PropertiesAuthenticationProviderFactory.class);

    private Properties properties;
+    private String propsFileLocation;

    @Override
    public AuthenticationProvider create(ProviderSession providerSession) {
@ -26,17 +30,20 @@ public class PropertiesAuthenticationProviderFactory implements AuthenticationPr

    @Override
    public void init(Config.Scope config) {
-        String propsFileLocation = config.get("propertiesFileLocation");
-        if (propsFileLocation == null) {
-            throw new IllegalStateException("Properties file location is not configured in PropertiesAuthenticationProviderFactory");
-        } else {
-            log.info("Using properties file: " + propsFileLocation);
-        }
+        this.propsFileLocation = config.get("propertiesFileLocation");

-        this.properties = new Properties();
        InputStream propertiesStream = null;
+        this.properties = new Properties();
        try {
-            propertiesStream = getClass().getClassLoader().getResourceAsStream(propsFileLocation);
+            if (propsFileLocation == null) {
+                log.info("propertiesFileLocation not configured. Using default users.properties file from classpath.");
+                log.warn("Password updates won't be persisted!");
+                propertiesStream = getClass().getClassLoader().getResourceAsStream("users.properties");
+            } else {
+                log.info("Using properties file from location: " + propsFileLocation);
+                propertiesStream = new FileInputStream(propsFileLocation);
+            }
+
            this.properties.load(propertiesStream);
        } catch (IOException ioException) {
            throw new RuntimeException(ioException);
@ -53,6 +60,29 @@ public class PropertiesAuthenticationProviderFactory implements AuthenticationPr

    @Override
    public void close() {
+        // Update properties file now, just in case that we are using custom location from filesystem
+        if (propsFileLocation != null) {
+            storePasswords();
+        }
+    }
+
+    private void storePasswords() {
+        log.info("Going to store passwords back to file: " + propsFileLocation);
+        OutputStream propertiesStream = null;
+        try {
+            OutputStream stream = new FileOutputStream(propsFileLocation);
+            this.properties.store(stream, "User passwords");
+        } catch (IOException ioException) {
+            throw new RuntimeException(ioException);
+        } finally {
+            if (propertiesStream != null) {
+                try {
+                    propertiesStream.close();
+                } catch (IOException e) {
+                    log.error("Error when closing InputStream", e);
+                }
+            }
+        }
    }

    @Override