AS 7.1.1.Final / EAP 6.4 compatibility

This commit is contained in:
Marko Strukelj 2015-04-23 14:07:06 +02:00
parent 748ed30b47
commit 91bf50eb6c
36 changed files with 360 additions and 455 deletions

View file

@ -17,7 +17,6 @@
<include>org/keycloak/keycloak-core/**</include>
<include>org/keycloak/keycloak-adapter-core/**</include>
<include>org/keycloak/keycloak-jboss-adapter-core/**</include>
<include>org/keycloak/keycloak-undertow-adapter/**</include>
<include>org/keycloak/keycloak-as7-adapter/**</include>
<include>org/keycloak/keycloak-as7-subsystem/**</include>
</includes>

View file

@ -11,15 +11,14 @@
<fileSet>
<directory>${project.build.directory}/unpacked</directory>
<includes>
<include>net/iharder/base64/**</include>
<include>org/bouncycastle/**</include>
<include>net/iharder/base64/**</include>
<include>org/apache/httpcomponents/**</include>
<include>org/keycloak/keycloak-core/**</include>
<include>org/keycloak/keycloak-adapter-core/**</include>
<include>org/keycloak/keycloak-jboss-adapter-core/**</include>
<include>org/keycloak/keycloak-undertow-adapter/**</include>
<include>org/keycloak/keycloak-as7-adapter/**</include>
<include>org/keycloak/keycloak-subsystem/**</include>
<include>org/keycloak/keycloak-as7-subsystem/**</include>
</includes>
<excludes>
<exclude>**/*.war</exclude>

View file

@ -31,14 +31,6 @@
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<source>${maven.compiler.source}</source>
<target>${maven.compiler.target}</target>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>

View file

@ -15,8 +15,9 @@
* the License.
*/
package org.keycloak.subsystem.extension;
package org.keycloak.subsystem.as7;
import org.jboss.as.controller.AbstractAddStepHandler;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
@ -24,6 +25,8 @@ import org.jboss.as.controller.ServiceVerificationHandler;
import org.jboss.dmr.ModelNode;
import org.jboss.msc.service.ServiceController;
import java.util.Collection;
import java.util.LinkedList;
import java.util.List;
/**
@ -31,15 +34,28 @@ import java.util.List;
*
* @author Stan Silvert ssilvert@redhat.com (C) 2014 Red Hat Inc.
*/
public class CredentialAddHandler extends AbstractAddStepHandlerWithAttributes {
public class CredentialAddHandler extends AbstractAddStepHandler {
public CredentialAddHandler(AttributeDefinition... attributes) {
super(attributes);
protected Collection<AttributeDefinition> attributes = new LinkedList<>();
public CredentialAddHandler(AttributeDefinition... attrs) {
for (AttributeDefinition attr : attrs) {
attributes.add(attr);
}
}
@Override
protected void populateModel(ModelNode operation, ModelNode model) throws OperationFailedException {
if (attributes != null) {
for (AttributeDefinition attr : attributes) {
attr.validateAndSet(operation, model);
}
}
}
@Override
protected void performRuntime(OperationContext context, ModelNode operation, ModelNode model, ServiceVerificationHandler verificationHandler, List<ServiceController<?>> newControllers) throws OperationFailedException {
KeycloakAdapterConfigService ckService = KeycloakAdapterConfigService.find(context);
KeycloakAdapterConfigService ckService = KeycloakAdapterConfigService.getInstance();
ckService.addCredential(operation, context.resolveExpressions(model));
}

View file

@ -14,20 +14,19 @@
* License for the specific language governing permissions and limitations under
* the License.
*/
package org.keycloak.subsystem.extension;
package org.keycloak.subsystem.as7;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.PathElement;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.SimpleResourceDefinition;
import org.jboss.as.controller.descriptions.ModelDescriptionConstants;
import org.jboss.as.controller.operations.common.GenericSubsystemDescribeHandler;
import org.jboss.as.controller.operations.validation.StringLengthValidator;
import org.jboss.as.controller.registry.ManagementResourceRegistration;
import org.jboss.as.controller.registry.OperationEntry;
import org.jboss.dmr.ModelType;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.DESCRIBE;
/**
* Defines attributes and operations for a credential.
*
@ -39,7 +38,6 @@ public class CredentialDefinition extends SimpleResourceDefinition {
protected static final AttributeDefinition VALUE =
new SimpleAttributeDefinitionBuilder("value", ModelType.STRING, false)
.setXmlName("value")
.setAllowExpression(true)
.setValidator(new StringLengthValidator(1, Integer.MAX_VALUE, false, true))
.build();
@ -54,8 +52,7 @@ public class CredentialDefinition extends SimpleResourceDefinition {
@Override
public void registerOperations(ManagementResourceRegistration resourceRegistration) {
super.registerOperations(resourceRegistration);
resourceRegistration.registerOperationHandler(DESCRIBE, GenericSubsystemDescribeHandler.INSTANCE, GenericSubsystemDescribeHandler.INSTANCE, false, OperationEntry.EntryType.PRIVATE);
//resourceRegistration.registerOperationHandler(GenericSubsystemDescribeHandler.DEFINITION, GenericSubsystemDescribeHandler.INSTANCE);
resourceRegistration.registerOperationHandler(ModelDescriptionConstants.DESCRIBE, GenericSubsystemDescribeHandler.INSTANCE, GenericSubsystemDescribeHandler.INSTANCE, false, OperationEntry.EntryType.PRIVATE);
}
@Override

View file

@ -15,7 +15,7 @@
* the License.
*/
package org.keycloak.subsystem.extension;
package org.keycloak.subsystem.as7;
import org.jboss.as.controller.AbstractWriteAttributeHandler;
import org.jboss.as.controller.OperationContext;
@ -33,7 +33,7 @@ public class CredentialReadWriteAttributeHandler extends AbstractWriteAttributeH
protected boolean applyUpdateToRuntime(OperationContext context, ModelNode operation, String attributeName,
ModelNode resolvedValue, ModelNode currentValue, AbstractWriteAttributeHandler.HandbackHolder<KeycloakAdapterConfigService> hh) throws OperationFailedException {
KeycloakAdapterConfigService ckService = KeycloakAdapterConfigService.find(context);
KeycloakAdapterConfigService ckService = KeycloakAdapterConfigService.getInstance();
ckService.updateCredential(operation, attributeName, resolvedValue);
hh.setHandback(ckService);

View file

@ -15,7 +15,7 @@
* the License.
*/
package org.keycloak.subsystem.extension;
package org.keycloak.subsystem.as7;
import org.jboss.as.controller.AbstractRemoveStepHandler;
import org.jboss.as.controller.OperationContext;
@ -35,7 +35,7 @@ public final class CredentialRemoveHandler extends AbstractRemoveStepHandler {
@Override
protected void performRuntime(OperationContext context, ModelNode operation, ModelNode model) throws OperationFailedException {
KeycloakAdapterConfigService ckService = KeycloakAdapterConfigService.find(context);
KeycloakAdapterConfigService ckService = KeycloakAdapterConfigService.getInstance();
ckService.removeCredential(operation);
}

View file

@ -15,13 +15,12 @@
* the License.
*/
package org.keycloak.subsystem.extension;
package org.keycloak.subsystem.as7;
import org.jboss.as.server.deployment.DeploymentPhaseContext;
import org.jboss.as.server.deployment.DeploymentUnit;
import org.jboss.as.server.deployment.DeploymentUnitProcessingException;
import org.jboss.as.server.deployment.DeploymentUnitProcessor;
import org.jboss.as.server.deployment.Phase;
import org.jboss.as.web.deployment.WarMetaData;
import org.jboss.logging.Logger;
import org.jboss.metadata.javaee.spec.ParamValueMetaData;
@ -29,7 +28,7 @@ import org.jboss.metadata.web.jboss.JBossWebMetaData;
import org.jboss.metadata.web.jboss.ValveMetaData;
import org.jboss.metadata.web.spec.LoginConfigMetaData;
import org.keycloak.adapters.jbossweb.KeycloakAuthenticatorValve;
import org.keycloak.subsystem.logging.KeycloakLogger;
import org.keycloak.subsystem.as7.logging.KeycloakLogger;
import java.util.ArrayList;
import java.util.List;
@ -47,38 +46,47 @@ public class KeycloakAdapterConfigDeploymentProcessor implements DeploymentUnitP
// two places to avoid dependency between Keycloak Subsystem and Keyclaok Undertow Integration.
public static final String AUTH_DATA_PARAM_NAME = "org.keycloak.json.adapterConfig";
public static final Phase PHASE = Phase.INSTALL;
// needs to run before INSTALL_WAR_DEPLOYMENT so that valves are added.
public static final int PRIORITY = Phase.INSTALL_WAR_DEPLOYMENT - 1;
@Override
public void deploy(DeploymentPhaseContext phaseContext) throws DeploymentUnitProcessingException {
DeploymentUnit deploymentUnit = phaseContext.getDeploymentUnit();
// not sure if we need this yet, keeping here just in case
protected void addSecurityDomain(DeploymentUnit deploymentUnit, KeycloakAdapterConfigService service) {
String deploymentName = deploymentUnit.getName();
KeycloakAdapterConfigService service = KeycloakAdapterConfigService.find(phaseContext.getServiceRegistry());
//log.info("********* CHECK KEYCLOAK DEPLOYMENT: " + deploymentName);
if (service.isKeycloakDeployment(deploymentName)) {
addKeycloakAuthData(phaseContext, deploymentName, service);
if (!service.isSecureDeployment(deploymentName)) {
return;
}
// else check to see if KEYCLOAK is specified as login config
WarMetaData warMetaData = deploymentUnit.getAttachment(WarMetaData.ATTACHMENT_KEY);
if (warMetaData == null) return;
JBossWebMetaData webMetaData = warMetaData.getMergedJBossWebMetaData();
if (webMetaData == null) return;
LoginConfigMetaData loginConfig = webMetaData.getLoginConfig();
if (loginConfig != null && "KEYCLOAK".equalsIgnoreCase(loginConfig.getAuthMethod())) {
addValve(webMetaData);
}
if (loginConfig == null || !loginConfig.getAuthMethod().equalsIgnoreCase("KEYCLOAK")) {
return;
}
private void addKeycloakAuthData(DeploymentPhaseContext phaseContext, String deploymentName, KeycloakAdapterConfigService service) {
webMetaData.setSecurityDomain("keycloak");
}
@Override
public void deploy(DeploymentPhaseContext phaseContext) throws DeploymentUnitProcessingException {
DeploymentUnit deploymentUnit = phaseContext.getDeploymentUnit();
String deploymentName = deploymentUnit.getName();
KeycloakAdapterConfigService service = KeycloakAdapterConfigService.getInstance();
if (service.isSecureDeployment(deploymentName)) {
addKeycloakAuthData(phaseContext, deploymentName, service);
}
// FYI, Undertow Extension will find deployments that have auth-method set to KEYCLOAK
// todo notsure if we need this
// addSecurityDomain(deploymentUnit, service);
}
private void addKeycloakAuthData(DeploymentPhaseContext phaseContext, String deploymentName, KeycloakAdapterConfigService service) throws DeploymentUnitProcessingException {
DeploymentUnit deploymentUnit = phaseContext.getDeploymentUnit();
WarMetaData warMetaData = deploymentUnit.getAttachment(WarMetaData.ATTACHMENT_KEY);
if (warMetaData == null) {
throw new DeploymentUnitProcessingException("WarMetaData not found for " + deploymentName + ". Make sure you have specified a WAR as your secure-deployment in the Keycloak subsystem.");
}
addJSONData(service.getJSON(deploymentName), warMetaData);
JBossWebMetaData webMetaData = warMetaData.getMergedJBossWebMetaData();
@ -86,6 +94,7 @@ public class KeycloakAdapterConfigDeploymentProcessor implements DeploymentUnitP
webMetaData = new JBossWebMetaData();
warMetaData.setMergedJBossWebMetaData(webMetaData);
}
addValve(webMetaData);
LoginConfigMetaData loginConfig = webMetaData.getLoginConfig();

View file

@ -15,19 +15,11 @@
* the License.
*/
package org.keycloak.subsystem.extension;
package org.keycloak.subsystem.as7;
import org.jboss.as.controller.OperationContext;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.Property;
import org.jboss.logging.Logger;
import org.jboss.msc.service.Service;
import org.jboss.msc.service.ServiceController;
import org.jboss.msc.service.ServiceName;
import org.jboss.msc.service.ServiceRegistry;
import org.jboss.msc.service.StartContext;
import org.jboss.msc.service.StartException;
import org.jboss.msc.service.StopContext;
import java.util.HashMap;
import java.util.Map;
@ -40,36 +32,23 @@ import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.ADD
*
* @author Stan Silvert ssilvert@redhat.com (C) 2013 Red Hat Inc.
*/
public final class KeycloakAdapterConfigService implements Service<KeycloakAdapterConfigService> {
public final class KeycloakAdapterConfigService {
protected Logger log = Logger.getLogger(KeycloakAdapterConfigService.class);
private static final String CREDENTIALS_JSON_NAME = "credentials";
// Right now this is used as a service, but I'm not sure it really needs to be implemented that way.
// It's also a singleton serving the entire subsystem, but the INSTANCE variable is currently only
// used during initialization of the subsystem.
public static final ServiceName SERVICE_NAME = ServiceName.JBOSS.append("KeycloakAdapterConfigService");
public static final KeycloakAdapterConfigService INSTANCE = new KeycloakAdapterConfigService();
private static final KeycloakAdapterConfigService INSTANCE = new KeycloakAdapterConfigService();
public static KeycloakAdapterConfigService getInstance() {
return INSTANCE;
}
private final Map<String, ModelNode> realms = new HashMap<String, ModelNode>();
// keycloak-secured deployments
private final Map<String, ModelNode> secureDeployments = new HashMap<String, ModelNode>();
private Map<String, ModelNode> realms = new HashMap<String, ModelNode>();
private Map<String, ModelNode> deployments = new HashMap<String, ModelNode>();
private KeycloakAdapterConfigService() {
}
@Override
public void start(StartContext sc) throws StartException {
}
@Override
public void stop(StopContext sc) {
}
@Override
public KeycloakAdapterConfigService getValue() throws IllegalStateException, IllegalArgumentException {
return this;
}
public void addRealm(ModelNode operation, ModelNode model) {
@ -87,16 +66,16 @@ public final class KeycloakAdapterConfigService implements Service<KeycloakAdapt
public void addSecureDeployment(ModelNode operation, ModelNode model) {
ModelNode deployment = model.clone();
this.deployments.put(deploymentNameFromOp(operation), deployment);
this.secureDeployments.put(deploymentNameFromOp(operation), deployment);
}
public void updateSecureDeployment(ModelNode operation, String attrName, ModelNode resolvedValue) {
ModelNode deployment = this.deployments.get(deploymentNameFromOp(operation));
ModelNode deployment = this.secureDeployments.get(deploymentNameFromOp(operation));
deployment.get(attrName).set(resolvedValue);
}
public void removeSecureDeployment(ModelNode operation) {
this.deployments.remove(deploymentNameFromOp(operation));
this.secureDeployments.remove(deploymentNameFromOp(operation));
}
public void addCredential(ModelNode operation, ModelNode model) {
@ -108,7 +87,7 @@ public final class KeycloakAdapterConfigService implements Service<KeycloakAdapt
String credentialName = credentialNameFromOp(operation);
credentials.get(credentialName).set(model.get("value").asString());
ModelNode deployment = this.deployments.get(deploymentNameFromOp(operation));
ModelNode deployment = this.secureDeployments.get(deploymentNameFromOp(operation));
deployment.get(CREDENTIALS_JSON_NAME).set(credentials);
}
@ -133,7 +112,7 @@ public final class KeycloakAdapterConfigService implements Service<KeycloakAdapt
}
private ModelNode credentialsFromOp(ModelNode operation) {
ModelNode deployment = this.deployments.get(deploymentNameFromOp(operation));
ModelNode deployment = this.secureDeployments.get(deploymentNameFromOp(operation));
return deployment.get(CREDENTIALS_JSON_NAME);
}
@ -164,13 +143,13 @@ public final class KeycloakAdapterConfigService implements Service<KeycloakAdapt
}
public String getRealmName(String deploymentName) {
ModelNode deployment = this.deployments.get(deploymentName);
ModelNode deployment = this.secureDeployments.get(deploymentName);
return deployment.get(RealmDefinition.TAG_NAME).asString();
}
public String getJSON(String deploymentName) {
ModelNode deployment = this.deployments.get(deploymentName);
ModelNode deployment = this.secureDeployments.get(deploymentName);
String realmName = deployment.get(RealmDefinition.TAG_NAME).asString();
ModelNode realm = this.realms.get(realmName);
@ -193,22 +172,9 @@ public final class KeycloakAdapterConfigService implements Service<KeycloakAdapt
}
}
public boolean isKeycloakDeployment(String deploymentName) {
public boolean isSecureDeployment(String deploymentName) {
//log.info("********* CHECK KEYCLOAK DEPLOYMENT: deployments.size()" + deployments.size());
return this.deployments.containsKey(deploymentName);
}
static KeycloakAdapterConfigService find(ServiceRegistry registry) {
ServiceController<?> container = registry.getService(KeycloakAdapterConfigService.SERVICE_NAME);
if (container != null) {
KeycloakAdapterConfigService service = (KeycloakAdapterConfigService)container.getValue();
return service;
}
return null;
}
static KeycloakAdapterConfigService find(OperationContext context) {
return find(context.getServiceRegistry(true));
return this.secureDeployments.containsKey(deploymentName);
}
}

View file

@ -15,7 +15,7 @@
* the License.
*/
package org.keycloak.subsystem.extension;
package org.keycloak.subsystem.as7;
import org.jboss.as.server.deployment.Attachments;
import org.jboss.as.server.deployment.DeploymentPhaseContext;
@ -32,32 +32,33 @@ import org.jboss.modules.ModuleLoader;
*
* @author Stan Silvert ssilvert@redhat.com (C) 2013 Red Hat Inc.
*/
public class KeycloakDependencyProcessor implements DeploymentUnitProcessor {
public abstract class KeycloakDependencyProcessor implements DeploymentUnitProcessor {
private static final ModuleIdentifier KEYCLOAK_AS7_ADAPTER = ModuleIdentifier.create("org.keycloak.keycloak-as7-adapter");
private static final ModuleIdentifier KEYCLOAK_CORE_ADAPTER = ModuleIdentifier.create("org.keycloak.keycloak-adapter-core");
private static final ModuleIdentifier KEYCLOAK_JBOSS_CORE_ADAPTER = ModuleIdentifier.create("org.keycloak.keycloak-jboss-adapter-core");
private static final ModuleIdentifier KEYCLOAK_CORE_ADAPTER = ModuleIdentifier.create("org.keycloak.keycloak-adapter-core");
private static final ModuleIdentifier KEYCLOAK_CORE = ModuleIdentifier.create("org.keycloak.keycloak-core");
//private static final ModuleIdentifier APACHE_HTTPCOMPONENTS = ModuleIdentifier.create("org.apache.httpcomponents");
@Override
public void deploy(DeploymentPhaseContext phaseContext) throws DeploymentUnitProcessingException {
final DeploymentUnit deploymentUnit = phaseContext.getDeploymentUnit();
addModules(deploymentUnit);
}
// Next phase, need to detect if this is a Keycloak deployment. If not, don't add the modules.
private void addModules(DeploymentUnit deploymentUnit) {
final ModuleSpecification moduleSpecification = deploymentUnit.getAttachment(Attachments.MODULE_SPECIFICATION);
final ModuleLoader moduleLoader = Module.getBootModuleLoader();
addCommonModules(moduleSpecification, moduleLoader);
addPlatformSpecificModules(moduleSpecification, moduleLoader);
}
moduleSpecification.addSystemDependency(new ModuleDependency(moduleLoader, KEYCLOAK_AS7_ADAPTER, false, false, true, false));
private void addCommonModules(ModuleSpecification moduleSpecification, ModuleLoader moduleLoader) {
// ModuleDependency(ModuleLoader moduleLoader, ModuleIdentifier identifier, boolean optional, boolean export, boolean importServices, boolean userSpecified)
moduleSpecification.addSystemDependency(new ModuleDependency(moduleLoader, KEYCLOAK_JBOSS_CORE_ADAPTER, false, false, false, false));
moduleSpecification.addSystemDependency(new ModuleDependency(moduleLoader, KEYCLOAK_CORE_ADAPTER, false, false, false, false));
moduleSpecification.addSystemDependency(new ModuleDependency(moduleLoader, KEYCLOAK_CORE, false, false, false, false));
//moduleSpecification.addSystemDependency(new ModuleDependency(moduleLoader, APACHE_HTTPCOMPONENTS, false, false, true, false));
}
abstract protected void addPlatformSpecificModules(ModuleSpecification moduleSpecification, ModuleLoader moduleLoader);
@Override
public void undeploy(DeploymentUnit du) {

View file

@ -0,0 +1,19 @@
package org.keycloak.subsystem.as7;
import org.jboss.as.server.deployment.module.ModuleDependency;
import org.jboss.as.server.deployment.module.ModuleSpecification;
import org.jboss.modules.ModuleIdentifier;
import org.jboss.modules.ModuleLoader;
/**
* @author <a href="mailto:marko.strukelj@gmail.com">Marko Strukelj</a>
*/
public class KeycloakDependencyProcessorAS7 extends KeycloakDependencyProcessor {
private static final ModuleIdentifier KEYCLOAK_AS7_ADAPTER = ModuleIdentifier.create("org.keycloak.keycloak-as7-adapter");
@Override
protected void addPlatformSpecificModules(ModuleSpecification moduleSpecification, ModuleLoader moduleLoader) {
// ModuleDependency(ModuleLoader moduleLoader, ModuleIdentifier identifier, boolean optional, boolean export, boolean importServices, boolean userSpecified)
moduleSpecification.addSystemDependency(new ModuleDependency(moduleLoader, KEYCLOAK_AS7_ADAPTER, false, false, true, false));
}}

View file

@ -14,7 +14,7 @@
* License for the specific language governing permissions and limitations under
* the License.
*/
package org.keycloak.subsystem.extension;
package org.keycloak.subsystem.as7;
import org.jboss.as.controller.Extension;
import org.jboss.as.controller.ExtensionContext;
@ -24,7 +24,7 @@ import org.jboss.as.controller.SubsystemRegistration;
import org.jboss.as.controller.descriptions.StandardResourceDescriptionResolver;
import org.jboss.as.controller.parsing.ExtensionParsingContext;
import org.jboss.as.controller.registry.ManagementResourceRegistration;
import org.keycloak.subsystem.logging.KeycloakLogger;
import org.keycloak.subsystem.as7.logging.KeycloakLogger;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.SUBSYSTEM;
@ -37,20 +37,20 @@ import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.SUB
public class KeycloakExtension implements Extension {
public static final String SUBSYSTEM_NAME = "keycloak";
public static final String NAMESPACE = "urn:jboss:domain:keycloak:1.0";
public static final String NAMESPACE = "urn:jboss:domain:keycloak:1.1";
private static final KeycloakSubsystemParser PARSER = new KeycloakSubsystemParser();
static final PathElement PATH_SUBSYSTEM = PathElement.pathElement(SUBSYSTEM, SUBSYSTEM_NAME);
private static final String RESOURCE_NAME = KeycloakExtension.class.getPackage().getName() + ".LocalDescriptions";
private static final int MANAGEMENT_API_MAJOR_VERSION = 1;
private static final int MANAGEMENT_API_MINOR_VERSION = 0;
private static final int MANAGEMENT_API_MICRO_VERSION = 0;
protected static final PathElement SUBSYSTEM_PATH = PathElement.pathElement(SUBSYSTEM, SUBSYSTEM_NAME);
private static final int MGMT_API_VERSION_MAJOR = 1;
private static final int MGMT_API_VERSION_MINOR = 1;
static final PathElement SUBSYSTEM_PATH = PathElement.pathElement(SUBSYSTEM, SUBSYSTEM_NAME);
private static final ResourceDefinition KEYCLOAK_SUBSYSTEM_RESOURCE = new KeycloakSubsystemDefinition();
static final RealmDefinition REALM_DEFINITION = new RealmDefinition();
static final SecureDeploymentDefinition SECURE_DEPLOYMENT_DEFINITION = new SecureDeploymentDefinition();
static final CredentialDefinition CREDENTIAL_DEFINITION = new CredentialDefinition();
static StandardResourceDescriptionResolver getResourceDescriptionResolver(final String... keyPrefix) {
public static StandardResourceDescriptionResolver getResourceDescriptionResolver(final String... keyPrefix) {
StringBuilder prefix = new StringBuilder(SUBSYSTEM_NAME);
for (String kp : keyPrefix) {
prefix.append('.').append(kp);
@ -72,11 +72,10 @@ public class KeycloakExtension implements Extension {
@Override
public void initialize(final ExtensionContext context) {
KeycloakLogger.ROOT_LOGGER.debug("Activating Keycloak Extension");
final SubsystemRegistration subsystem = context.registerSubsystem(SUBSYSTEM_NAME, MANAGEMENT_API_MAJOR_VERSION,
MANAGEMENT_API_MINOR_VERSION);
final SubsystemRegistration subsystem = context.registerSubsystem(SUBSYSTEM_NAME, MGMT_API_VERSION_MAJOR, MGMT_API_VERSION_MINOR);
ManagementResourceRegistration registration = subsystem.registerSubsystemModel(KEYCLOAK_SUBSYSTEM_RESOURCE);
ManagementResourceRegistration realmRegistration = registration.registerSubModel(REALM_DEFINITION);
registration.registerSubModel(REALM_DEFINITION);
ManagementResourceRegistration secureDeploymentRegistration = registration.registerSubModel(SECURE_DEPLOYMENT_DEFINITION);
secureDeploymentRegistration.registerSubModel(CREDENTIAL_DEFINITION);

View file

@ -14,7 +14,8 @@
* License for the specific language governing permissions and limitations under
* the License.
*/
package org.keycloak.subsystem.extension;
package org.keycloak.subsystem.as7;
import org.jboss.as.controller.AbstractBoottimeAddStepHandler;
import org.jboss.as.controller.OperationContext;
@ -24,6 +25,7 @@ import org.jboss.as.server.AbstractDeploymentChainStep;
import org.jboss.as.server.DeploymentProcessorTarget;
import org.jboss.as.server.deployment.Phase;
import org.jboss.dmr.ModelNode;
import org.jboss.msc.service.ServiceController;
import java.util.List;
@ -37,40 +39,22 @@ class KeycloakSubsystemAdd extends AbstractBoottimeAddStepHandler {
static final KeycloakSubsystemAdd INSTANCE = new KeycloakSubsystemAdd();
@Override
protected void populateModel(ModelNode operation, ModelNode model) throws OperationFailedException {
model.setEmptyObject();
}
@Override
protected void performBoottime(final OperationContext context, ModelNode operation, final ModelNode model, ServiceVerificationHandler verificationHandler, List<ServiceController<?>> newControllers) {
context.addStep(new AbstractDeploymentChainStep() {
@Override
protected void execute(DeploymentProcessorTarget processorTarget) {
processorTarget.addDeploymentProcessor(Phase.DEPENDENCIES, 0, new KeycloakDependencyProcessor());
processorTarget.addDeploymentProcessor(KeycloakAdapterConfigDeploymentProcessor.PHASE,
KeycloakAdapterConfigDeploymentProcessor.PRIORITY,
processorTarget.addDeploymentProcessor(Phase.DEPENDENCIES, 0, new KeycloakDependencyProcessorAS7());
processorTarget.addDeploymentProcessor(
Phase.POST_MODULE, // PHASE
Phase.POST_MODULE_VALIDATOR_FACTORY - 1, // PRIORITY
new KeycloakAdapterConfigDeploymentProcessor());
}
}, OperationContext.Stage.RUNTIME);
}
@Override
protected void performRuntime(OperationContext context, ModelNode operation, ModelNode model, ServiceVerificationHandler verificationHandler, List<ServiceController<?>> newControllers) throws OperationFailedException {
super.performRuntime(context, operation, model, verificationHandler, newControllers);
ServiceController<KeycloakAdapterConfigService> controller = context.getServiceTarget()
.addService(KeycloakAdapterConfigService.SERVICE_NAME, KeycloakAdapterConfigService.INSTANCE)
.addListener(verificationHandler)
.setInitialMode(ServiceController.Mode.ACTIVE)
.install();
newControllers.add(controller);
}
@Override
protected boolean requiresRuntimeVerification() {
return false;
protected void populateModel(ModelNode operation, ModelNode model) throws OperationFailedException {
model.setEmptyObject();
}
}

View file

@ -15,9 +15,8 @@
* the License.
*/
package org.keycloak.subsystem.extension;
package org.keycloak.subsystem.as7;
import org.jboss.as.controller.PathElement;
import org.jboss.as.controller.ReloadRequiredRemoveStepHandler;
import org.jboss.as.controller.SimpleResourceDefinition;
import org.jboss.as.controller.descriptions.ModelDescriptionConstants;
@ -25,8 +24,6 @@ import org.jboss.as.controller.operations.common.GenericSubsystemDescribeHandler
import org.jboss.as.controller.registry.ManagementResourceRegistration;
import org.jboss.as.controller.registry.OperationEntry;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.DESCRIBE;
/**
* Definition of subsystem=keycloak.
*
@ -34,7 +31,7 @@ import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.DES
*/
public class KeycloakSubsystemDefinition extends SimpleResourceDefinition {
protected KeycloakSubsystemDefinition() {
super(PathElement.pathElement(ModelDescriptionConstants.SUBSYSTEM, KeycloakExtension.SUBSYSTEM_NAME),
super(KeycloakExtension.SUBSYSTEM_PATH,
KeycloakExtension.getResourceDescriptionResolver("subsystem"),
KeycloakSubsystemAdd.INSTANCE,
ReloadRequiredRemoveStepHandler.INSTANCE
@ -44,8 +41,7 @@ public class KeycloakSubsystemDefinition extends SimpleResourceDefinition {
@Override
public void registerOperations(ManagementResourceRegistration resourceRegistration) {
super.registerOperations(resourceRegistration);
resourceRegistration.registerOperationHandler(DESCRIBE, GenericSubsystemDescribeHandler.INSTANCE, GenericSubsystemDescribeHandler.INSTANCE, false, OperationEntry.EntryType.PRIVATE);
//resourceRegistration.registerOperationHandler(GenericSubsystemDescribeHandler.DEFINITION, GenericSubsystemDescribeHandler.INSTANCE);
resourceRegistration.registerOperationHandler(ModelDescriptionConstants.DESCRIBE, GenericSubsystemDescribeHandler.INSTANCE, GenericSubsystemDescribeHandler.INSTANCE, false, OperationEntry.EntryType.PRIVATE);
}
}

View file

@ -14,7 +14,7 @@
* License for the specific language governing permissions and limitations under
* the License.
*/
package org.keycloak.subsystem.extension;
package org.keycloak.subsystem.as7;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.PathAddress;

View file

@ -15,7 +15,7 @@
* the License.
*/
package org.keycloak.subsystem.extension;
package org.keycloak.subsystem.as7;
import org.jboss.as.controller.AbstractAddStepHandler;
import org.jboss.as.controller.AttributeDefinition;
@ -27,9 +27,6 @@ import org.jboss.msc.service.ServiceController;
import java.util.List;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.ADD;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.OP;
/**
* Add a new realm.
*
@ -43,11 +40,6 @@ public final class RealmAddHandler extends AbstractAddStepHandler {
@Override
protected void populateModel(ModelNode operation, ModelNode model) throws OperationFailedException {
// TODO: localize exception. get id number
if (!operation.get(OP).asString().equals(ADD)) {
throw new OperationFailedException("Unexpected operation for add realm. operation=" + operation.toString());
}
for (AttributeDefinition attrib : RealmDefinition.ALL_ATTRIBUTES) {
attrib.validateAndSet(operation, model);
}
@ -60,7 +52,7 @@ public final class RealmAddHandler extends AbstractAddStepHandler {
@Override
protected void performRuntime(OperationContext context, ModelNode operation, ModelNode model, ServiceVerificationHandler verificationHandler, List<ServiceController<?>> newControllers) throws OperationFailedException {
KeycloakAdapterConfigService ckService = KeycloakAdapterConfigService.find(context);
KeycloakAdapterConfigService ckService = KeycloakAdapterConfigService.getInstance();
ckService.addRealm(operation, context.resolveExpressions(model));
}
}

View file

@ -14,12 +14,13 @@
* License for the specific language governing permissions and limitations under
* the License.
*/
package org.keycloak.subsystem.extension;
package org.keycloak.subsystem.as7;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.PathElement;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleResourceDefinition;
import org.jboss.as.controller.descriptions.ModelDescriptionConstants;
import org.jboss.as.controller.operations.common.GenericSubsystemDescribeHandler;
import org.jboss.as.controller.registry.ManagementResourceRegistration;
import org.jboss.as.controller.registry.OperationEntry;
@ -29,14 +30,12 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.DESCRIBE;
/**
* Defines attributes and operations for the Realm
*
* @author Stan Silvert ssilvert@redhat.com (C) 2013 Red Hat Inc.
*/
public class RealmDefinition extends SimpleResourceDefinition {
class RealmDefinition extends SimpleResourceDefinition {
public static final String TAG_NAME = "realm";
@ -70,8 +69,7 @@ public class RealmDefinition extends SimpleResourceDefinition {
@Override
public void registerOperations(ManagementResourceRegistration resourceRegistration) {
super.registerOperations(resourceRegistration);
resourceRegistration.registerOperationHandler(DESCRIBE, GenericSubsystemDescribeHandler.INSTANCE, GenericSubsystemDescribeHandler.INSTANCE, false, OperationEntry.EntryType.PRIVATE);
//resourceRegistration.registerOperationHandler(GenericSubsystemDescribeHandler.DEFINITION, GenericSubsystemDescribeHandler.INSTANCE);
resourceRegistration.registerOperationHandler(ModelDescriptionConstants.DESCRIBE, GenericSubsystemDescribeHandler.INSTANCE, GenericSubsystemDescribeHandler.INSTANCE, false, OperationEntry.EntryType.PRIVATE);
}
@Override

View file

@ -15,7 +15,7 @@
* the License.
*/
package org.keycloak.subsystem.extension;
package org.keycloak.subsystem.as7;
import org.jboss.as.controller.AbstractRemoveStepHandler;
import org.jboss.as.controller.OperationContext;
@ -27,7 +27,7 @@ import org.jboss.dmr.ModelNode;
*
* @author Stan Silvert ssilvert@redhat.com (C) 2013 Red Hat Inc.
*/
public final class RealmRemoveHandler extends AbstractRemoveStepHandler {
final class RealmRemoveHandler extends AbstractRemoveStepHandler {
public static RealmRemoveHandler INSTANCE = new RealmRemoveHandler();
@ -35,7 +35,7 @@ public final class RealmRemoveHandler extends AbstractRemoveStepHandler {
@Override
protected void performRuntime(OperationContext context, ModelNode operation, ModelNode model) throws OperationFailedException {
KeycloakAdapterConfigService ckService = KeycloakAdapterConfigService.find(context);
KeycloakAdapterConfigService ckService = KeycloakAdapterConfigService.getInstance();
ckService.removeRealm(operation);
}
}

View file

@ -15,7 +15,7 @@
* the License.
*/
package org.keycloak.subsystem.extension;
package org.keycloak.subsystem.as7;
import org.jboss.as.controller.AbstractWriteAttributeHandler;
import org.jboss.as.controller.AttributeDefinition;
@ -30,11 +30,7 @@ import java.util.List;
*
* @author Stan Silvert ssilvert@redhat.com (C) 2013 Red Hat Inc.
*/
public class RealmWriteAttributeHandler extends AbstractWriteAttributeHandler<KeycloakAdapterConfigService> {
public RealmWriteAttributeHandler(List<AttributeDefinition> definitions) {
this(definitions.toArray(new AttributeDefinition[definitions.size()]));
}
class RealmWriteAttributeHandler extends AbstractWriteAttributeHandler<KeycloakAdapterConfigService> {
public RealmWriteAttributeHandler(AttributeDefinition... definitions) {
super(definitions);
@ -43,7 +39,7 @@ public class RealmWriteAttributeHandler extends AbstractWriteAttributeHandler<Ke
@Override
protected boolean applyUpdateToRuntime(OperationContext context, ModelNode operation, String attributeName,
ModelNode resolvedValue, ModelNode currentValue, HandbackHolder<KeycloakAdapterConfigService> hh) throws OperationFailedException {
KeycloakAdapterConfigService ckService = KeycloakAdapterConfigService.find(context);
KeycloakAdapterConfigService ckService = KeycloakAdapterConfigService.getInstance();
ckService.updateRealm(operation, attributeName, resolvedValue);
hh.setHandback(ckService);

View file

@ -15,7 +15,7 @@
* the License.
*/
package org.keycloak.subsystem.extension;
package org.keycloak.subsystem.as7;
import org.jboss.as.controller.AbstractAddStepHandler;
import org.jboss.as.controller.AttributeDefinition;
@ -27,27 +27,20 @@ import org.jboss.msc.service.ServiceController;
import java.util.List;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.ADD;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.OP;
/**
* Add a deployment to a realm.
*
* @author Stan Silvert ssilvert@redhat.com (C) 2013 Red Hat Inc.
*/
public final class SecureDeploymentAddHandler extends AbstractAddStepHandler {
final class SecureDeploymentAddHandler extends AbstractAddStepHandler {
public static SecureDeploymentAddHandler INSTANCE = new SecureDeploymentAddHandler();
private SecureDeploymentAddHandler() {}
private SecureDeploymentAddHandler() {
}
@Override
protected void populateModel(ModelNode operation, ModelNode model) throws OperationFailedException {
// TODO: localize exception. get id number
if (!operation.get(OP).asString().equals(ADD)) {
throw new OperationFailedException("Unexpected operation for add secure deployment. operation=" + operation.toString());
}
for (AttributeDefinition attr : SecureDeploymentDefinition.ALL_ATTRIBUTES) {
attr.validateAndSet(operation, model);
}
@ -55,7 +48,7 @@ public final class SecureDeploymentAddHandler extends AbstractAddStepHandler {
@Override
protected void performRuntime(OperationContext context, ModelNode operation, ModelNode model, ServiceVerificationHandler verificationHandler, List<ServiceController<?>> newControllers) throws OperationFailedException {
KeycloakAdapterConfigService ckService = KeycloakAdapterConfigService.find(context);
KeycloakAdapterConfigService ckService = KeycloakAdapterConfigService.getInstance();
ckService.addSecureDeployment(operation, context.resolveExpressions(model));
}
}

View file

@ -14,13 +14,14 @@
* License for the specific language governing permissions and limitations under
* the License.
*/
package org.keycloak.subsystem.extension;
package org.keycloak.subsystem.as7;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.PathElement;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.SimpleResourceDefinition;
import org.jboss.as.controller.descriptions.ModelDescriptionConstants;
import org.jboss.as.controller.operations.common.GenericSubsystemDescribeHandler;
import org.jboss.as.controller.operations.validation.StringLengthValidator;
import org.jboss.as.controller.registry.ManagementResourceRegistration;
@ -33,14 +34,12 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.DESCRIBE;
/**
* Defines attributes and operations for a secure-deployment.
*
* @author Stan Silvert ssilvert@redhat.com (C) 2013 Red Hat Inc.
*/
public class SecureDeploymentDefinition extends SimpleResourceDefinition {
class SecureDeploymentDefinition extends SimpleResourceDefinition {
public static final String TAG_NAME = "secure-deployment";
@ -116,8 +115,7 @@ public class SecureDeploymentDefinition extends SimpleResourceDefinition {
@Override
public void registerOperations(ManagementResourceRegistration resourceRegistration) {
super.registerOperations(resourceRegistration);
resourceRegistration.registerOperationHandler(DESCRIBE, GenericSubsystemDescribeHandler.INSTANCE, GenericSubsystemDescribeHandler.INSTANCE, false, OperationEntry.EntryType.PRIVATE);
//resourceRegistration.registerOperationHandler(GenericSubsystemDescribeHandler.DEFINITION, GenericSubsystemDescribeHandler.INSTANCE);
resourceRegistration.registerOperationHandler(ModelDescriptionConstants.DESCRIBE, GenericSubsystemDescribeHandler.INSTANCE, GenericSubsystemDescribeHandler.INSTANCE, false, OperationEntry.EntryType.PRIVATE);
}
@Override

View file

@ -15,7 +15,7 @@
* the License.
*/
package org.keycloak.subsystem.extension;
package org.keycloak.subsystem.as7;
import org.jboss.as.controller.AbstractRemoveStepHandler;
import org.jboss.as.controller.OperationContext;
@ -27,7 +27,7 @@ import org.jboss.dmr.ModelNode;
*
* @author Stan Silvert ssilvert@redhat.com (C) 2013 Red Hat Inc.
*/
public final class SecureDeploymentRemoveHandler extends AbstractRemoveStepHandler {
final class SecureDeploymentRemoveHandler extends AbstractRemoveStepHandler {
public static SecureDeploymentRemoveHandler INSTANCE = new SecureDeploymentRemoveHandler();
@ -35,7 +35,7 @@ public final class SecureDeploymentRemoveHandler extends AbstractRemoveStepHandl
@Override
protected void performRuntime(OperationContext context, ModelNode operation, ModelNode model) throws OperationFailedException {
KeycloakAdapterConfigService ckService = KeycloakAdapterConfigService.find(context);
KeycloakAdapterConfigService ckService = KeycloakAdapterConfigService.getInstance();
ckService.removeSecureDeployment(operation);
}
}

View file

@ -15,7 +15,7 @@
* the License.
*/
package org.keycloak.subsystem.extension;
package org.keycloak.subsystem.as7;
import org.jboss.as.controller.AbstractWriteAttributeHandler;
import org.jboss.as.controller.AttributeDefinition;
@ -31,7 +31,7 @@ import java.util.List;
*
* @author Stan Silvert ssilvert@redhat.com (C) 2013 Red Hat Inc.
*/
public class SecureDeploymentWriteAttributeHandler extends AbstractWriteAttributeHandler<KeycloakAdapterConfigService> {
class SecureDeploymentWriteAttributeHandler extends AbstractWriteAttributeHandler<KeycloakAdapterConfigService> {
public SecureDeploymentWriteAttributeHandler(List<SimpleAttributeDefinition> definitions) {
this(definitions.toArray(new AttributeDefinition[definitions.size()]));
@ -44,7 +44,7 @@ public class SecureDeploymentWriteAttributeHandler extends AbstractWriteAttribut
@Override
protected boolean applyUpdateToRuntime(OperationContext context, ModelNode operation, String attributeName,
ModelNode resolvedValue, ModelNode currentValue, HandbackHolder<KeycloakAdapterConfigService> hh) throws OperationFailedException {
KeycloakAdapterConfigService ckService = KeycloakAdapterConfigService.find(context);
KeycloakAdapterConfigService ckService = KeycloakAdapterConfigService.getInstance();
hh.setHandback(ckService);
ckService.updateSecureDeployment(operation, attributeName, resolvedValue);
return false;

View file

@ -14,7 +14,7 @@
* License for the specific language governing permissions and limitations under
* the License.
*/
package org.keycloak.subsystem.extension;
package org.keycloak.subsystem.as7;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
@ -31,7 +31,7 @@ import java.util.List;
*
* @author Stan Silvert ssilvert@redhat.com (C) 2013 Red Hat Inc.
*/
public class SharedAttributeDefinitons {
class SharedAttributeDefinitons {
protected static final SimpleAttributeDefinition REALM_PUBLIC_KEY =
new SimpleAttributeDefinitionBuilder("realm-public-key", ModelType.STRING, true)
@ -120,7 +120,6 @@ public class SharedAttributeDefinitons {
.build();
protected static final SimpleAttributeDefinition CORS_ALLOWED_METHODS =
new SimpleAttributeDefinitionBuilder("cors-allowed-methods", ModelType.STRING, true)
.setXmlName("cors-allowed-methods")
.setAllowExpression(true)
.setValidator(new StringLengthValidator(1, Integer.MAX_VALUE, true, true))
.build();
@ -168,6 +167,7 @@ public class SharedAttributeDefinitons {
.build();
protected static final List<SimpleAttributeDefinition> ATTRIBUTES = new ArrayList<SimpleAttributeDefinition>();
static {
ATTRIBUTES.add(REALM_PUBLIC_KEY);
@ -209,7 +209,7 @@ public class SharedAttributeDefinitons {
if (isSet(attributes, SSL_REQUIRED) && attributes.get(SSL_REQUIRED.getName()).asString().equals("none")) {
return true;
}
//TODO, look into alternatives & requires properties on AttributeDefinition
return isSet(attributes, TRUSTSTORE) && isSet(attributes, TRUSTSTORE_PASSWORD);
}

View file

@ -1,4 +1,4 @@
package org.keycloak.subsystem.extension;
package org.keycloak.subsystem.as7;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.descriptions.ModelDescriptionConstants;

View file

@ -14,7 +14,7 @@
* License for the specific language governing permissions and limitations under
* the License.
*/
package org.keycloak.subsystem.logging;
package org.keycloak.subsystem.as7.logging;
import org.jboss.logging.BasicLogger;
import org.jboss.logging.LogMessage;

View file

@ -14,7 +14,7 @@
* License for the specific language governing permissions and limitations under
* the License.
*/
package org.keycloak.subsystem.logging;
package org.keycloak.subsystem.as7.logging;
import org.jboss.logging.MessageBundle;
import org.jboss.logging.Messages;

View file

@ -0,0 +1 @@
org.keycloak.subsystem.as7.KeycloakExtension

View file

@ -0,0 +1,105 @@
<?xml version="1.0" encoding="UTF-8"?>
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
targetNamespace="urn:jboss:domain:keycloak:1.1"
xmlns="urn:jboss:domain:keycloak:1.1"
elementFormDefault="qualified"
attributeFormDefault="unqualified"
version="1.0">
<!-- The subsystem root element -->
<xs:element name="subsystem" type="subsystem-type"/>
<xs:complexType name="subsystem-type">
<xs:annotation>
<xs:documentation>
<![CDATA[
The Keycloak adapter subsystem, used to register deployments managed by Keycloak
]]>
</xs:documentation>
</xs:annotation>
<xs:choice minOccurs="0" maxOccurs="unbounded">
<xs:element name="realm" maxOccurs="unbounded" minOccurs="0" type="realm-type"/>
<xs:element name="secure-deployment" maxOccurs="unbounded" minOccurs="0" type="secure-deployment-type"/>
</xs:choice>
</xs:complexType>
<xs:complexType name="realm-type">
<xs:all>
<xs:element name="cors-allowed-headers" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="client-keystore-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="client-keystore" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="truststore" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="truststore-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="enable-cors" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
<xs:element name="allow-any-hostname" type="xs:boolean" minOccurs="0" maxOccurs="1" />
<xs:element name="client-key-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="connection-pool-size" type="xs:integer" minOccurs="0" maxOccurs="1"/>
<xs:element name="cors-max-age" type="xs:integer" minOccurs="0" maxOccurs="1"/>
<xs:element name="auth-server-url" type="xs:string" minOccurs="1" maxOccurs="1"/>
<xs:element name="expose-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
<xs:element name="disable-trust-manager" type="xs:boolean" minOccurs="0" maxOccurs="1" />
<xs:element name="ssl-required" type="xs:string" minOccurs="0" maxOccurs="1" />
<xs:element name="cors-allowed-methods" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="realm-public-key" type="xs:string" minOccurs="1" maxOccurs="1"/>
<xs:element name="auth-server-url-for-backend-requests" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="always-refresh-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
<xs:element name="register-node-at-startup" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
<xs:element name="register-node-period" type="xs:integer" minOccurs="0" maxOccurs="1"/>
<xs:element name="token-store" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="principal-attribute" type="xs:string" minOccurs="0" maxOccurs="1"/>
</xs:all>
<xs:attribute name="name" type="xs:string" use="required">
<xs:annotation>
<xs:documentation>The name of the realm.</xs:documentation>
</xs:annotation>
</xs:attribute>
</xs:complexType>
<xs:complexType name="secure-deployment-type">
<xs:all>
<xs:element name="client-keystore-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="client-keystore" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="enable-cors" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
<xs:element name="allow-any-hostname" type="xs:boolean" minOccurs="0" maxOccurs="1" />
<xs:element name="use-resource-role-mappings" type="xs:boolean" minOccurs="0" maxOccurs="1" />
<xs:element name="cors-max-age" type="xs:integer" minOccurs="0" maxOccurs="1"/>
<xs:element name="auth-server-url" type="xs:string" minOccurs="1" maxOccurs="1"/>
<xs:element name="realm" type="xs:string" minOccurs="1" maxOccurs="1"/>
<xs:element name="disable-trust-manager" type="xs:boolean" minOccurs="0" maxOccurs="1" />
<xs:element name="cors-allowed-methods" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="bearer-only" type="xs:boolean" minOccurs="0" maxOccurs="1" />
<xs:element name="cors-allowed-headers" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="resource" type="xs:string" minOccurs="0" maxOccurs="1" />
<xs:element name="truststore" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="truststore-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="client-key-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="public-client" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
<xs:element name="connection-pool-size" type="xs:integer" minOccurs="0" maxOccurs="1"/>
<xs:element name="expose-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
<xs:element name="ssl-required" type="xs:string" minOccurs="0" maxOccurs="1" />
<xs:element name="realm-public-key" type="xs:string" minOccurs="1" maxOccurs="1"/>
<xs:element name="credential" type="credential-type" minOccurs="1" maxOccurs="1"/>
<xs:element name="auth-server-url-for-backend-requests" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="always-refresh-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
<xs:element name="register-node-at-startup" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
<xs:element name="register-node-period" type="xs:integer" minOccurs="0" maxOccurs="1"/>
<xs:element name="token-store" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="principal-attribute" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="enable-basic-auth" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
</xs:all>
<xs:attribute name="name" type="xs:string" use="required">
<xs:annotation>
<xs:documentation>The name of the realm.</xs:documentation>
</xs:annotation>
</xs:attribute>
</xs:complexType>
<xs:complexType name="credential-type">
<xs:simpleContent>
<xs:extension base="xs:string">
<xs:attribute name="name" type="xs:string" />
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:schema>

View file

@ -14,7 +14,7 @@
* License for the specific language governing permissions and limitations under
* the License.
*/
package org.keycloak.subsystem.extension;
package org.keycloak.subsystem.as7;
import org.jboss.dmr.ModelNode;

View file

@ -1,57 +0,0 @@
package org.keycloak.subsystem.extension;
import org.jboss.as.controller.AbstractAddStepHandler;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.dmr.ModelNode;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class AbstractAddStepHandlerWithAttributes extends AbstractAddStepHandler {
protected Collection<? extends AttributeDefinition> attributes;
public AbstractAddStepHandlerWithAttributes(){ //default constructor to preserve backward compatibility
}
public AbstractAddStepHandlerWithAttributes(Collection<? extends AttributeDefinition> attributes) {
this.attributes = attributes;
}
/**
* Constructs add handler
*
* @param attributes for which model will be populated
*/
public AbstractAddStepHandlerWithAttributes(AttributeDefinition... attributes) {
if (attributes.length > 0) {
this.attributes = Arrays.asList(attributes);
} else {
this.attributes = Collections.emptySet();
}
}
/**
* Populate the given node in the persistent configuration model based on the values in the given operation.
*
* @param operation the operation
* @param model persistent configuration model node that corresponds to the address of {@code operation}
*
* @throws org.jboss.as.controller.OperationFailedException if {@code operation} is invalid or populating the model otherwise fails
*/
protected void populateModel(final ModelNode operation, final ModelNode model) throws OperationFailedException {
if (attributes != null) {
for (AttributeDefinition attr : attributes) {
attr.validateAndSet(operation, model);
}
}
}
}

View file

@ -1 +0,0 @@
org.keycloak.subsystem.extension.KeycloakExtension

View file

@ -1,95 +0,0 @@
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
targetNamespace="urn:jboss:domain:keycloak:1.0"
xmlns="urn:jboss:domain:keycloak:1.0"
elementFormDefault="qualified"
attributeFormDefault="unqualified"
version="1.1">
<!-- The subsystem root element -->
<xs:element name="subsystem" type="subsystemType"/>
<xs:complexType name="subsystemType">
<xs:annotation>
<xs:documentation>
<![CDATA[
The Keycloak subsystem, used to register deployments managed by Keycloak
]]>
</xs:documentation>
</xs:annotation>
<xs:element name="realm" maxOccurs="unbounded" minOccurs="0" type="realm-type"/>
<xs:element name="realm" maxOccurs="unbounded" minOccurs="0" type="secure-deployment-type"/>
</xs:complexType>
<xs:complexType name="realm-type">
<xs:attribute name="name" type="xs:string" use="required">
<xs:annotation>
<xs:documentation>The name of the realm.</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:complexContent>
<xs:extension base="override-element-type">
</xs:extension>
</xs:complexContent>
</xs:complexType>
<xs:complexType name="secure-deployment-type">
<xs:attribute name="name" type="xs:string" use="required">
<xs:annotation>
<xs:documentation>The name of the deployment.</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:complexContent>
<xs:extension base="override-element-type">
<xs:element name="realm" type="xs:string" minOccurs="0" maxOccurs="1" use="required"/>
<xs:element name="resource" type="xs:string" minOccurs="0" maxOccurs="1" use="required"/>
<xs:element name="use-resource-role-mappings" type="xs:boolean" minOccurs="0" maxOccurs="1" />
<xs:element name="bearer-only" type="xs:boolean" minOccurs="0" maxOccurs="1" />
<xs:element name="credential" maxOccurs="unbounded" minOccurs="0" type="xs:credential-type"/>
<xs:element name="enable-basic-auth" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
</xs:extension>
</xs:complexContent>
</xs:complexType>
<xs:complexType name="credential-type">
<xs:attribute name="name" type="xs:string" use="required">
<xs:annotation>
<xs:documentation>The name of the credential.</xs:documentation>
</xs:annotation>
</xs:attribute>
</xs:complexType>
<xs:complexType name="override-element-type">
<xs:annotation>
<xs:documentation>
<![CDATA[
These elements can be declared at the realm level and overridden at the secure-deployment level.
]]>
</xs:documentation>
</xs:annotation>
<xs:element name="realm-public-key" type="xs:string" minOccurs="1" maxOccurs="1" use="required"/>
<xs:element name="auth-url" type="xs:string" minOccurs="1" maxOccurs="1" use="required"/>
<xs:element name="code-url" type="xs:string" minOccurs="1" maxOccurs="1" use="required"/>
<xs:element name="ssl-required" type="xs:string" minOccurs="0" maxOccurs="1" />
<xs:element name="allow-any-hostname" type="xs:boolean" minOccurs="0" maxOccurs="1" />
<xs:element name="disable-trust-manager" type="xs:boolean" minOccurs="0" maxOccurs="1" />
<xs:element name="truststore" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="truststore-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="connection-pool-size" type="xs:integer" minOccurs="0" maxOccurs="1"/>
<xs:element name="enable-cors" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
<xs:element name="client-keystore" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="client-keystore-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="client-key-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="cors-max-age" type="xs:integer" minOccurs="0" maxOccurs="1"/>
<xs:element name="cors-allowed-headers" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="cors-allowed-methods" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="expose-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
<xs:element name="auth-server-url-for-backend-requests" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="always-refresh-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
<xs:element name="register-node-at-startup" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
<xs:element name="register-node-period" type="xs:integer" minOccurs="0" maxOccurs="1"/>
<xs:element name="token-store" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="principal-attribute" type="xs:string" minOccurs="0" maxOccurs="1"/>
</xs:complexType>
</xs:schema>

View file

@ -23,7 +23,7 @@
<module>jetty</module>
<module>undertow</module>
<module>wildfly</module>
<module>keycloak-as7-subsystem</module>
<module>as7-subsystem</module>
<module>js</module>
<module>installed</module>
<module>admin-client</module>

76
pom.xml
View file

@ -52,7 +52,12 @@
<wildfly.version>9.0.0.CR1</wildfly.version>
<wildfly.core.version>1.0.0.CR1</wildfly.core.version>
<wildfly.build-tools.version>1.0.0.Alpha8</wildfly.build-tools.version>
<jboss.version>7.1.1.Final</jboss.version>
<!-- this is EAP 6.4 alpha, publicly available -->
<jboss.version>7.5.0.Final-redhat-15</jboss.version>
<!--jboss.version>7.1.1.Final</jboss.version-->
<servlet.api.30.version>1.0.2.Final</servlet.api.30.version>
<google.zxing.version>2.2</google.zxing.version>
<google.client.version>1.14.1-beta</google.client.version>
@ -1248,44 +1253,6 @@
<artifactId>liquibase-maven-plugin</artifactId>
<version>${liquibase.version}</version>
</plugin>
<!--plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>buildnumber-maven-plugin</artifactId>
<version>1.3</version>
</plugin>
<plugin>
<groupId>org.apache.felix</groupId>
<artifactId>maven-bundle-plugin</artifactId>
<version>2.3.7</version>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>build-helper-maven-plugin</artifactId>
<version>1.7</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-resources-plugin</artifactId>
<version>2.6</version>
<configuration>
<encoding>${project.build.sourceEncoding}</encoding>
<nonFilteredFileExtensions>
<nonFilteredFileExtension>jar</nonFilteredFileExtension>
<nonFilteredFileExtension>war</nonFilteredFileExtension>
<nonFilteredFileExtension>ear</nonFilteredFileExtension>
<nonFilteredFileExtension>pdf</nonFilteredFileExtension>
<nonFilteredFileExtension>swf</nonFilteredFileExtension>
<nonFilteredFileExtension>zip</nonFilteredFileExtension>
<nonFilteredFileExtension>bz2</nonFilteredFileExtension>
<nonFilteredFileExtension>gz</nonFilteredFileExtension>
<nonFilteredFileExtension>acp</nonFilteredFileExtension>
<nonFilteredFileExtension>bin</nonFilteredFileExtension>
<nonFilteredFileExtension>odt</nonFilteredFileExtension>
<nonFilteredFileExtension>doc</nonFilteredFileExtension>
<nonFilteredFileExtension>xls</nonFilteredFileExtension>
</nonFilteredFileExtensions>
</configuration>
</plugin-->
<plugin>
<groupId>org.wildfly.build</groupId>
<artifactId>wildfly-feature-pack-build-maven-plugin</artifactId>
@ -1301,6 +1268,37 @@
</build>
<profiles>
<!-- Configure the JBoss Early Access Maven repository -->
<profile>
<id>jboss-earlyaccess-repository</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<repositories>
<repository>
<id>jboss-earlyaccess-repository</id>
<url>http://maven.repository.redhat.com/earlyaccess/all/</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
</repositories>
<pluginRepositories>
<pluginRepository>
<id>jboss-earlyaccess-plugin-repository</id>
<url>http://maven.repository.redhat.com/earlyaccess/all/</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>false</enabled>
</snapshots>
</pluginRepository>
</pluginRepositories>
</profile>
<profile>
<id>distribution</id>
<modules>