diff --git a/examples/providers/authentication-properties/README.md b/examples/providers/authentication-properties/README.md index b55db4c6b3..a40d6464ff 100644 --- a/examples/providers/authentication-properties/README.md +++ b/examples/providers/authentication-properties/README.md @@ -1,20 +1,31 @@ Example Authentication Provider based on property file values ============================================================= -* To deploy copy "target/authentication-properties-example.jar" to "standalone/deployments/auth-server.war/WEB-INF/lib" . Then edit "standalone/configuration/keycloak-server.json" and add this: -````shell - "authentication": { - "properties": { - "propertiesFileLocation": "users.properties" - } +* To deploy copy "target/authentication-properties-example.jar" to "standalone/deployments/auth-server.war/WEB-INF/lib" . + +* Then you can configure location of property file, from which will be users and their passwords retrieved. If you omit it and won't configure, provider will use default "users.properties" file bundled inside this example. +So for custom location, edit "standalone/configuration/keycloak-server.json" and add this: +```` +"authentication": { + "properties": { + "propertiesFileLocation": "/tmp/your-own-property-file.properties" } +} +```` + +Assumption is that your file has format like: + +```` +username1=password1 +username2=password2 ```` * Then start (or restart)the server. Once started open the admin console, select your realm, then click on "Authentication" and then "Add provider" and select "properties" from the list. This will mean that realm will use PropertiesAuthenticationProvider for authentication. -* Once you try to login to realm, you can login with username/password like "joe/password1" or "james/password2" . Once joe is authenticated, +* Once you try to login to realm, you can login with username/password like "joe/password1" or "james/password2" (In case that you use default users.properties file) . Once joe is authenticated, you can see in Keycloak admin console in "Users" list that user "joe" was added to the list. -* You can try to login as joe and then go to [http://localhost:8080/auth/realms/keycloak-admin/account/password](http://localhost:8080/auth/realms/keycloak-admin/account/password) and change the password. -You will then be able to logout and login with new password because properties were updated. But this is just in memory-properties, so after server restart the password will be again "password1" . +* You can try to login as joe and then go to [http://localhost:8080/auth/realms/demo/account/password](http://localhost:8080/auth/realms/demo/account/password) and change the password. +You will then be able to logout and login with new password because properties were updated. +WARNING: If you use default location, properties will be updated just in memory and won't survive server restart. So in this case, you will have again "joe" with password "password1" after restart. diff --git a/examples/providers/authentication-properties/src/main/java/org/keycloak/examples/providers/authentication/PropertiesAuthenticationProvider.java b/examples/providers/authentication-properties/src/main/java/org/keycloak/examples/providers/authentication/PropertiesAuthenticationProvider.java index 87d0b8e064..da10eddfce 100644 --- a/examples/providers/authentication-properties/src/main/java/org/keycloak/examples/providers/authentication/PropertiesAuthenticationProvider.java +++ b/examples/providers/authentication-properties/src/main/java/org/keycloak/examples/providers/authentication/PropertiesAuthenticationProvider.java @@ -62,7 +62,6 @@ public class PropertiesAuthenticationProvider implements AuthenticationProvider @Override public boolean updateCredential(RealmModel realm, Map configuration, String username, String password) throws AuthenticationProviderException { - // Just update in memory (Won't survive restart) log.info("Going to update password for user " + username + " in PropertiesAuthenticationProvider"); properties.put(username, password); return true; diff --git a/examples/providers/authentication-properties/src/main/java/org/keycloak/examples/providers/authentication/PropertiesAuthenticationProviderFactory.java b/examples/providers/authentication-properties/src/main/java/org/keycloak/examples/providers/authentication/PropertiesAuthenticationProviderFactory.java index b0aef64a84..a62cf51468 100644 --- a/examples/providers/authentication-properties/src/main/java/org/keycloak/examples/providers/authentication/PropertiesAuthenticationProviderFactory.java +++ b/examples/providers/authentication-properties/src/main/java/org/keycloak/examples/providers/authentication/PropertiesAuthenticationProviderFactory.java @@ -1,7 +1,10 @@ package org.keycloak.examples.providers.authentication; +import java.io.FileInputStream; +import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; +import java.io.OutputStream; import java.util.Properties; import org.jboss.logging.Logger; @@ -18,6 +21,7 @@ public class PropertiesAuthenticationProviderFactory implements AuthenticationPr private static final Logger log = Logger.getLogger(PropertiesAuthenticationProviderFactory.class); private Properties properties; + private String propsFileLocation; @Override public AuthenticationProvider create(ProviderSession providerSession) { @@ -26,17 +30,20 @@ public class PropertiesAuthenticationProviderFactory implements AuthenticationPr @Override public void init(Config.Scope config) { - String propsFileLocation = config.get("propertiesFileLocation"); - if (propsFileLocation == null) { - throw new IllegalStateException("Properties file location is not configured in PropertiesAuthenticationProviderFactory"); - } else { - log.info("Using properties file: " + propsFileLocation); - } + this.propsFileLocation = config.get("propertiesFileLocation"); - this.properties = new Properties(); InputStream propertiesStream = null; + this.properties = new Properties(); try { - propertiesStream = getClass().getClassLoader().getResourceAsStream(propsFileLocation); + if (propsFileLocation == null) { + log.info("propertiesFileLocation not configured. Using default users.properties file from classpath."); + log.warn("Password updates won't be persisted!"); + propertiesStream = getClass().getClassLoader().getResourceAsStream("users.properties"); + } else { + log.info("Using properties file from location: " + propsFileLocation); + propertiesStream = new FileInputStream(propsFileLocation); + } + this.properties.load(propertiesStream); } catch (IOException ioException) { throw new RuntimeException(ioException); @@ -53,6 +60,29 @@ public class PropertiesAuthenticationProviderFactory implements AuthenticationPr @Override public void close() { + // Update properties file now, just in case that we are using custom location from filesystem + if (propsFileLocation != null) { + storePasswords(); + } + } + + private void storePasswords() { + log.info("Going to store passwords back to file: " + propsFileLocation); + OutputStream propertiesStream = null; + try { + OutputStream stream = new FileOutputStream(propsFileLocation); + this.properties.store(stream, "User passwords"); + } catch (IOException ioException) { + throw new RuntimeException(ioException); + } finally { + if (propertiesStream != null) { + try { + propertiesStream.close(); + } catch (IOException e) { + log.error("Error when closing InputStream", e); + } + } + } } @Override