KEYCLOAK-4099
This commit is contained in:
Bill Burke
parent
227900f288
commit
89e6f93fa4
4 changed files with 1465 additions and 73 deletions
|
|
@ -23,6 +23,7 @@ import java.util.Comparator;
|
|||
* @version $Revision: 1 $
|
||||
*/
|
||||
public class PrioritizedComponentModel extends ComponentModel {
|
||||
public static final String PRIORITY = "priority";
|
||||
public static Comparator<ComponentModel> comparator = new Comparator<ComponentModel>() {
|
||||
@Override
|
||||
public int compare(ComponentModel o1, ComponentModel o2) {
|
||||
|
|
@ -38,7 +39,7 @@ public class PrioritizedComponentModel extends ComponentModel {
|
|||
}
|
||||
|
||||
public static int parsePriority(ComponentModel component) {
|
||||
String priority = component.getConfig().getFirst("priority");
|
||||
String priority = component.getConfig().getFirst(PRIORITY);
|
||||
if (priority == null) return 0;
|
||||
return Integer.valueOf(priority);
|
||||
|
||||
|
|
|
|||
|
|
@ -28,6 +28,17 @@ import org.keycloak.component.PrioritizedComponentModel;
|
|||
*/
|
||||
public class UserStorageProviderModel extends PrioritizedComponentModel {
|
||||
|
||||
public static final String CACHE_POLICY = "cachePolicy";
|
||||
public static final String MAX_LIFESPAN = "maxLifespan";
|
||||
public static final String EVICTION_HOUR = "evictionHour";
|
||||
public static final String EVICTION_MINUTE = "evictionMinute";
|
||||
public static final String EVICTION_DAY = "evictionDay";
|
||||
public static final String CACHE_INVALID_BEFORE = "cacheInvalidBefore";
|
||||
public static final String IMPORT_ENABLED = "importEnabled";
|
||||
public static final String FULL_SYNC_PERIOD = "fullSyncPeriod";
|
||||
public static final String CHANGED_SYNC_PERIOD = "changedSyncPeriod";
|
||||
public static final String LAST_SYNC = "lastSync";
|
||||
|
||||
public static enum CachePolicy {
|
||||
NO_CACHE,
|
||||
DEFAULT,
|
||||
|
|
@ -57,7 +68,7 @@ public class UserStorageProviderModel extends PrioritizedComponentModel {
|
|||
|
||||
public CachePolicy getCachePolicy() {
|
||||
if (cachePolicy == null) {
|
||||
String str = getConfig().getFirst("cachePolicy");
|
||||
String str = getConfig().getFirst(CACHE_POLICY);
|
||||
if (str == null) return null;
|
||||
cachePolicy = CachePolicy.valueOf(str);
|
||||
}
|
||||
|
|
@ -67,16 +78,16 @@ public class UserStorageProviderModel extends PrioritizedComponentModel {
|
|||
public void setCachePolicy(CachePolicy cachePolicy) {
|
||||
this.cachePolicy = cachePolicy;
|
||||
if (cachePolicy == null) {
|
||||
getConfig().remove("cachePolicy");
|
||||
getConfig().remove(CACHE_POLICY);
|
||||
|
||||
} else {
|
||||
getConfig().putSingle("cachePolicy", cachePolicy.name());
|
||||
getConfig().putSingle(CACHE_POLICY, cachePolicy.name());
|
||||
}
|
||||
}
|
||||
|
||||
public long getMaxLifespan() {
|
||||
if (maxLifespan < 0) {
|
||||
String str = getConfig().getFirst("maxLifespan");
|
||||
String str = getConfig().getFirst(MAX_LIFESPAN);
|
||||
if (str == null) return -1;
|
||||
maxLifespan = Long.valueOf(str);
|
||||
}
|
||||
|
|
@ -85,12 +96,12 @@ public class UserStorageProviderModel extends PrioritizedComponentModel {
|
|||
|
||||
public void setMaxLifespan(long maxLifespan) {
|
||||
this.maxLifespan = maxLifespan;
|
||||
getConfig().putSingle("maxLifespan", Long.toString(maxLifespan));
|
||||
getConfig().putSingle(MAX_LIFESPAN, Long.toString(maxLifespan));
|
||||
}
|
||||
|
||||
public int getEvictionHour() {
|
||||
if (evictionHour < 0) {
|
||||
String str = getConfig().getFirst("evictionHour");
|
||||
String str = getConfig().getFirst(EVICTION_HOUR);
|
||||
if (str == null) return -1;
|
||||
evictionHour = Integer.valueOf(str);
|
||||
}
|
||||
|
|
@ -100,12 +111,12 @@ public class UserStorageProviderModel extends PrioritizedComponentModel {
|
|||
public void setEvictionHour(int evictionHour) {
|
||||
if (evictionHour > 23 || evictionHour < 0) throw new IllegalArgumentException("Must be between 0 and 23");
|
||||
this.evictionHour = evictionHour;
|
||||
getConfig().putSingle("evictionHour", Integer.toString(evictionHour));
|
||||
getConfig().putSingle(EVICTION_HOUR, Integer.toString(evictionHour));
|
||||
}
|
||||
|
||||
public int getEvictionMinute() {
|
||||
if (evictionMinute < 0) {
|
||||
String str = getConfig().getFirst("evictionMinute");
|
||||
String str = getConfig().getFirst(EVICTION_MINUTE);
|
||||
if (str == null) return -1;
|
||||
evictionMinute = Integer.valueOf(str);
|
||||
}
|
||||
|
|
@ -115,12 +126,12 @@ public class UserStorageProviderModel extends PrioritizedComponentModel {
|
|||
public void setEvictionMinute(int evictionMinute) {
|
||||
if (evictionMinute > 59 || evictionMinute < 0) throw new IllegalArgumentException("Must be between 0 and 59");
|
||||
this.evictionMinute = evictionMinute;
|
||||
getConfig().putSingle("evictionMinute", Integer.toString(evictionMinute));
|
||||
getConfig().putSingle(EVICTION_MINUTE, Integer.toString(evictionMinute));
|
||||
}
|
||||
|
||||
public int getEvictionDay() {
|
||||
if (evictionDay < 0) {
|
||||
String str = getConfig().getFirst("evictionDay");
|
||||
String str = getConfig().getFirst(EVICTION_DAY);
|
||||
if (str == null) return -1;
|
||||
evictionDay = Integer.valueOf(str);
|
||||
}
|
||||
|
|
@ -130,12 +141,12 @@ public class UserStorageProviderModel extends PrioritizedComponentModel {
|
|||
public void setEvictionDay(int evictionDay) {
|
||||
if (evictionDay > 7 || evictionDay < 1) throw new IllegalArgumentException("Must be between 1 and 7");
|
||||
this.evictionDay = evictionDay;
|
||||
getConfig().putSingle("evictionDay", Integer.toString(evictionDay));
|
||||
getConfig().putSingle(EVICTION_DAY, Integer.toString(evictionDay));
|
||||
}
|
||||
|
||||
public long getCacheInvalidBefore() {
|
||||
if (cacheInvalidBefore < 0) {
|
||||
String str = getConfig().getFirst("cacheInvalidBefore");
|
||||
String str = getConfig().getFirst(CACHE_INVALID_BEFORE);
|
||||
if (str == null) return -1;
|
||||
cacheInvalidBefore = Long.valueOf(str);
|
||||
}
|
||||
|
|
@ -144,12 +155,12 @@ public class UserStorageProviderModel extends PrioritizedComponentModel {
|
|||
|
||||
public void setCacheInvalidBefore(long cacheInvalidBefore) {
|
||||
this.cacheInvalidBefore = cacheInvalidBefore;
|
||||
getConfig().putSingle("cacheInvalidBefore", Long.toString(cacheInvalidBefore));
|
||||
getConfig().putSingle(CACHE_INVALID_BEFORE, Long.toString(cacheInvalidBefore));
|
||||
}
|
||||
|
||||
public boolean isImportEnabled() {
|
||||
if (importEnabled == null) {
|
||||
String val = getConfig().getFirst("importEnabled");
|
||||
String val = getConfig().getFirst(IMPORT_ENABLED);
|
||||
if (val == null) {
|
||||
importEnabled = true;
|
||||
} else {
|
||||
|
|
@ -164,12 +175,12 @@ public class UserStorageProviderModel extends PrioritizedComponentModel {
|
|||
|
||||
public void setImportEnabled(boolean flag) {
|
||||
importEnabled = flag;
|
||||
getConfig().putSingle("importEnabled", Boolean.toString(flag));
|
||||
getConfig().putSingle(IMPORT_ENABLED, Boolean.toString(flag));
|
||||
}
|
||||
|
||||
public int getFullSyncPeriod() {
|
||||
if (fullSyncPeriod == null) {
|
||||
String val = getConfig().getFirst("fullSyncPeriod");
|
||||
String val = getConfig().getFirst(FULL_SYNC_PERIOD);
|
||||
if (val == null) {
|
||||
fullSyncPeriod = -1;
|
||||
} else {
|
||||
|
|
@ -181,12 +192,12 @@ public class UserStorageProviderModel extends PrioritizedComponentModel {
|
|||
|
||||
public void setFullSyncPeriod(int fullSyncPeriod) {
|
||||
this.fullSyncPeriod = fullSyncPeriod;
|
||||
getConfig().putSingle("fullSyncPeriod", Integer.toString(fullSyncPeriod));
|
||||
getConfig().putSingle(FULL_SYNC_PERIOD, Integer.toString(fullSyncPeriod));
|
||||
}
|
||||
|
||||
public int getChangedSyncPeriod() {
|
||||
if (changedSyncPeriod == null) {
|
||||
String val = getConfig().getFirst("changedSyncPeriod");
|
||||
String val = getConfig().getFirst(CHANGED_SYNC_PERIOD);
|
||||
if (val == null) {
|
||||
changedSyncPeriod = -1;
|
||||
} else {
|
||||
|
|
@ -198,12 +209,12 @@ public class UserStorageProviderModel extends PrioritizedComponentModel {
|
|||
|
||||
public void setChangedSyncPeriod(int changedSyncPeriod) {
|
||||
this.changedSyncPeriod = changedSyncPeriod;
|
||||
getConfig().putSingle("changedSyncPeriod", Integer.toString(changedSyncPeriod));
|
||||
getConfig().putSingle(CHANGED_SYNC_PERIOD, Integer.toString(changedSyncPeriod));
|
||||
}
|
||||
|
||||
public int getLastSync() {
|
||||
if (lastSync == null) {
|
||||
String val = getConfig().getFirst("lastSync");
|
||||
String val = getConfig().getFirst(LAST_SYNC);
|
||||
if (val == null) {
|
||||
lastSync = 0;
|
||||
} else {
|
||||
|
|
@ -215,6 +226,6 @@ public class UserStorageProviderModel extends PrioritizedComponentModel {
|
|||
|
||||
public void setLastSync(int lastSync) {
|
||||
this.lastSync = lastSync;
|
||||
getConfig().putSingle("lastSync", Integer.toString(lastSync));
|
||||
getConfig().putSingle(LAST_SYNC, Integer.toString(lastSync));
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -19,9 +19,14 @@ package org.keycloak.testsuite.migration;
|
|||
import java.util.HashSet;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.admin.client.resource.RealmResource;
|
||||
import org.keycloak.common.constants.KerberosConstants;
|
||||
import org.keycloak.component.PrioritizedComponentModel;
|
||||
import org.keycloak.keys.KeyProvider;
|
||||
import org.keycloak.models.LDAPConstants;
|
||||
import org.keycloak.representations.idm.ComponentRepresentation;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.storage.UserStorageProvider;
|
||||
import org.keycloak.storage.UserStorageProviderModel;
|
||||
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||
import org.keycloak.testsuite.arquillian.migration.Migration;
|
||||
|
||||
|
|
@ -55,7 +60,9 @@ import static org.keycloak.testsuite.auth.page.AuthRealm.MASTER;
|
|||
public class MigrationTest extends AbstractKeycloakTest {
|
||||
|
||||
public static final String MIGRATION = "Migration";
|
||||
public static final String MIGRATION2 = "Migration2";
|
||||
private RealmResource migrationRealm;
|
||||
private RealmResource migrationRealm2;
|
||||
private RealmResource masterRealm;
|
||||
|
||||
@Override
|
||||
|
|
@ -66,6 +73,7 @@ public class MigrationTest extends AbstractKeycloakTest {
|
|||
@Before
|
||||
public void beforeMigrationTest() {
|
||||
migrationRealm = adminClient.realms().realm(MIGRATION);
|
||||
migrationRealm2 = adminClient.realms().realm(MIGRATION2);
|
||||
masterRealm = adminClient.realms().realm(MASTER);
|
||||
|
||||
//add migration realm to testRealmReps to make the migration removed after test
|
||||
|
|
@ -81,6 +89,7 @@ public class MigrationTest extends AbstractKeycloakTest {
|
|||
testMigrationTo2_2_0();
|
||||
testMigrationTo2_3_0();
|
||||
testMigrationTo2_5_0();
|
||||
testLdapKerberosMigration_2_5_0();
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -95,7 +104,7 @@ public class MigrationTest extends AbstractKeycloakTest {
|
|||
//master realm
|
||||
assertNames(masterRealm.roles().list(), "offline_access", "uma_authorization", "create-realm", "master-test-realm-role", "admin");
|
||||
assertNames(masterRealm.clients().findAll(), "admin-cli", "security-admin-console", "broker", "account",
|
||||
"master-realm", "master-test-client", "Migration-realm");
|
||||
"master-realm", "master-test-client", "Migration-realm", "Migration2-realm");
|
||||
String id = masterRealm.clients().findByClientId("master-test-client").get(0).getId();
|
||||
assertNames(masterRealm.clients().get(id).roles().list(), "master-test-client-role");
|
||||
assertNames(masterRealm.users().search("", 0, 5), "admin", "master-test-user");
|
||||
|
|
@ -171,6 +180,40 @@ public class MigrationTest extends AbstractKeycloakTest {
|
|||
//https://github.com/keycloak/keycloak/pull/3630
|
||||
testDuplicateEmailSupport(masterRealm, migrationRealm);
|
||||
}
|
||||
|
||||
private void testLdapKerberosMigration_2_5_0() {
|
||||
RealmRepresentation realmRep = migrationRealm2.toRepresentation();
|
||||
List<ComponentRepresentation> components = migrationRealm2.components().query(realmRep.getId(), UserStorageProvider.class.getName());
|
||||
assertEquals(2, components.size());
|
||||
boolean testedLdap = false;
|
||||
boolean testedKerberos = false;
|
||||
|
||||
for (ComponentRepresentation component : components) {
|
||||
if (component.getName().equals("ldap-provider")) {
|
||||
assertEquals("2", component.getConfig().getFirst(PrioritizedComponentModel.PRIORITY));
|
||||
assertEquals("READ_ONLY", component.getConfig().getFirst(LDAPConstants.EDIT_MODE));
|
||||
assertEquals("true", component.getConfig().getFirst(LDAPConstants.SYNC_REGISTRATIONS));
|
||||
assertEquals(LDAPConstants.VENDOR_RHDS, component.getConfig().getFirst(LDAPConstants.VENDOR));
|
||||
assertEquals("uid", component.getConfig().getFirst(LDAPConstants.USERNAME_LDAP_ATTRIBUTE));
|
||||
assertEquals("uid", component.getConfig().getFirst(LDAPConstants.RDN_LDAP_ATTRIBUTE));
|
||||
assertEquals("nsuniqueid", component.getConfig().getFirst(LDAPConstants.UUID_LDAP_ATTRIBUTE));
|
||||
assertEquals("inetOrgPerson, organizationalPerson", component.getConfig().getFirst(LDAPConstants.USER_OBJECT_CLASSES));
|
||||
assertEquals("http://localhost", component.getConfig().getFirst(LDAPConstants.CONNECTION_URL));
|
||||
assertEquals("dn", component.getConfig().getFirst(LDAPConstants.USERS_DN));
|
||||
assertEquals(LDAPConstants.AUTH_TYPE_NONE, component.getConfig().getFirst(LDAPConstants.AUTH_TYPE));
|
||||
assertEquals("true", component.getConfig().getFirst(KerberosConstants.ALLOW_KERBEROS_AUTHENTICATION));
|
||||
assertEquals("realm", component.getConfig().getFirst(KerberosConstants.KERBEROS_REALM));
|
||||
assertEquals("principal", component.getConfig().getFirst(KerberosConstants.SERVER_PRINCIPAL));
|
||||
assertEquals("keytab", component.getConfig().getFirst(KerberosConstants.KEYTAB));
|
||||
testedLdap = true;
|
||||
} else if (component.getName().equals("kerberos-provider")) {
|
||||
assertEquals("3", component.getConfig().getFirst(PrioritizedComponentModel.PRIORITY));
|
||||
assertEquals("realm", component.getConfig().getFirst(KerberosConstants.KERBEROS_REALM));
|
||||
assertEquals("principal", component.getConfig().getFirst(KerberosConstants.SERVER_PRINCIPAL));
|
||||
assertEquals("keytab", component.getConfig().getFirst(KerberosConstants.KEYTAB));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private void testAuthorizationServices(RealmResource... realms) {
|
||||
for (RealmResource realm : realms) {
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load diff
Loading…
Reference in a new issue