libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

rename some classes

Browse source
This commit is contained in:
Bill Burke 2014-02-21 10:16:12 -05:00
parent 4b1fc788cf
commit 9442601e42
37 changed files with 227 additions and 235 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
core/src/main/java/org/keycloak/SkeletonKeySession.java → core/src/main/java/org/keycloak/KeycloakAuthenticatedSession.java
View file

@ -1,7 +1,7 @@
package org.keycloak;
import org.keycloak.adapters.ResourceMetadata;
import org.keycloak.representations.SkeletonKeyToken;
import org.keycloak.representations.AccessToken;
import java.io.Serializable;
@ -9,21 +9,21 @@ import java.io.Serializable;
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class SkeletonKeySession implements Serializable {
public class KeycloakAuthenticatedSession implements Serializable {
protected String tokenString;
protected SkeletonKeyToken token;
protected AccessToken token;
protected transient ResourceMetadata metadata;
public SkeletonKeySession() {
public KeycloakAuthenticatedSession() {
}
public SkeletonKeySession(String tokenString, SkeletonKeyToken token, ResourceMetadata metadata) {
public KeycloakAuthenticatedSession(String tokenString, AccessToken token, ResourceMetadata metadata) {
this.tokenString = tokenString;
this.token = token;
this.metadata = metadata;
}
public SkeletonKeyToken getToken() {
public AccessToken getToken() {
return token;
}

6
core/src/main/java/org/keycloak/SkeletonKeyPrincipal.java → core/src/main/java/org/keycloak/KeycloakPrincipal.java
View file

@ -6,11 +6,11 @@ import java.security.Principal;
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class SkeletonKeyPrincipal implements Principal {
public class KeycloakPrincipal implements Principal {
protected String name;
protected String surrogate;
public SkeletonKeyPrincipal(String name, String surrogate) {
public KeycloakPrincipal(String name, String surrogate) {
this.name = name;
this.surrogate = surrogate;
}
@ -29,7 +29,7 @@ public class SkeletonKeyPrincipal implements Principal {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false;
SkeletonKeyPrincipal that = (SkeletonKeyPrincipal) o;
KeycloakPrincipal that = (KeycloakPrincipal) o;
if (!name.equals(that.name)) return false;
if (surrogate != null ? !surrogate.equals(that.surrogate) : that.surrogate != null) return false;

8
core/src/main/java/org/keycloak/RSATokenVerifier.java
View file

@ -2,7 +2,7 @@ package org.keycloak;
import org.keycloak.jose.jws.JWSInput;
import org.keycloak.jose.jws.crypto.RSAProvider;
import org.keycloak.representations.SkeletonKeyToken;
import org.keycloak.representations.AccessToken;
import java.io.IOException;
import java.security.PublicKey;
@ -13,7 +13,7 @@ import java.security.PublicKey;
*/
public class RSATokenVerifier {
public static SkeletonKeyToken verifyToken(String tokenString, PublicKey realmKey, String realm) throws VerificationException {
public static AccessToken verifyToken(String tokenString, PublicKey realmKey, String realm) throws VerificationException {
JWSInput input = new JWSInput(tokenString);
boolean verified = false;
try {
@ -23,9 +23,9 @@ public class RSATokenVerifier {
}
if (!verified) throw new VerificationException("Token signature not validated");
SkeletonKeyToken token = null;
AccessToken token = null;
try {
token = input.readJsonContent(SkeletonKeyToken.class);
token = input.readJsonContent(AccessToken.class);
} catch (IOException e) {
throw new VerificationException(e);
}

2
core/src/main/java/org/keycloak/representations/SkeletonKeyScope.java → core/src/main/java/org/keycloak/representations/AccessScope.java
View file

@ -9,5 +9,5 @@ import org.keycloak.util.MultivaluedHashMap;
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class SkeletonKeyScope extends MultivaluedHashMap<String, String> {
public class AccessScope extends MultivaluedHashMap<String, String> {
}

38
core/src/main/java/org/keycloak/representations/SkeletonKeyToken.java → core/src/main/java/org/keycloak/representations/AccessToken.java
View file

@ -12,7 +12,7 @@ import java.util.Set;
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class SkeletonKeyToken extends JsonWebToken {
public class AccessToken extends JsonWebToken {
public static class Access {
@JsonProperty("roles")
protected Set<String> roles;
@ -103,43 +103,43 @@ public class SkeletonKeyToken extends JsonWebToken {
}
@Override
public SkeletonKeyToken id(String id) {
return (SkeletonKeyToken) super.id(id);
public AccessToken id(String id) {
return (AccessToken) super.id(id);
}
@Override
public SkeletonKeyToken expiration(long expiration) {
return (SkeletonKeyToken) super.expiration(expiration);
public AccessToken expiration(long expiration) {
return (AccessToken) super.expiration(expiration);
}
@Override
public SkeletonKeyToken notBefore(long notBefore) {
return (SkeletonKeyToken) super.notBefore(notBefore);
public AccessToken notBefore(long notBefore) {
return (AccessToken) super.notBefore(notBefore);
}
@Override
public SkeletonKeyToken issuedAt(long issuedAt) {
return (SkeletonKeyToken) super.issuedAt(issuedAt);
public AccessToken issuedAt(long issuedAt) {
return (AccessToken) super.issuedAt(issuedAt);
}
@Override
public SkeletonKeyToken issuer(String issuer) {
return (SkeletonKeyToken) super.issuer(issuer);
public AccessToken issuer(String issuer) {
return (AccessToken) super.issuer(issuer);
}
@Override
public SkeletonKeyToken audience(String audience) {
return (SkeletonKeyToken) super.audience(audience);
public AccessToken audience(String audience) {
return (AccessToken) super.audience(audience);
}
@Override
public SkeletonKeyToken subject(String subject) {
return (SkeletonKeyToken) super.subject(subject);
public AccessToken subject(String subject) {
return (AccessToken) super.subject(subject);
}
@Override
public SkeletonKeyToken type(String type) {
return (SkeletonKeyToken) super.type(type);
public AccessToken type(String type) {
return (AccessToken) super.type(type);
}
public Set<String> getAllowedOrigins() {
@ -167,8 +167,8 @@ public class SkeletonKeyToken extends JsonWebToken {
}
@Override
public SkeletonKeyToken issuedFor(String issuedFor) {
return (SkeletonKeyToken)super.issuedFor(issuedFor);
public AccessToken issuedFor(String issuedFor) {
return (AccessToken)super.issuedFor(issuedFor);
}

8
core/src/main/java/org/keycloak/representations/adapters/config/BaseAdapterConfig.java
View file

@ -2,7 +2,7 @@ package org.keycloak.representations.adapters.config;
import org.codehaus.jackson.annotate.JsonProperty;
import org.codehaus.jackson.annotate.JsonPropertyOrder;
import org.keycloak.representations.SkeletonKeyScope;
import org.keycloak.representations.AccessScope;
import java.util.HashMap;
import java.util.Map;
@ -38,7 +38,7 @@ public class BaseAdapterConfig extends BaseRealmConfig {
@JsonProperty("credentials")
protected Map<String, String> credentials = new HashMap<String, String>();
@JsonProperty("scope")
protected SkeletonKeyScope scope;
protected AccessScope scope;
public boolean isUseResourceRoleMappings() {
@ -113,11 +113,11 @@ public class BaseAdapterConfig extends BaseRealmConfig {
this.credentials = credentials;
}
public SkeletonKeyScope getScope() {
public AccessScope getScope() {
return scope;
}
public void setScope(SkeletonKeyScope scope) {
public void setScope(AccessScope scope) {
this.scope = scope;
}
}

24
core/src/test/java/org/keycloak/RSAVerifierTest.java
View file

@ -8,7 +8,7 @@ import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import org.keycloak.jose.jws.JWSBuilder;
import org.keycloak.representations.SkeletonKeyToken;
import org.keycloak.representations.AccessToken;
import javax.security.auth.x500.X500Principal;
import java.io.IOException;
@ -35,7 +35,7 @@ public class RSAVerifierTest {
private static KeyPair badPair;
private static KeyPair clientPair;
private static X509Certificate[] clientCertificateChain;
private SkeletonKeyToken token;
private AccessToken token;
static {
if (Security.getProvider("BC") == null) Security.addProvider(new BouncyCastleProvider());
@ -69,7 +69,7 @@ public class RSAVerifierTest {
@Before
public void initTest() {
token = new SkeletonKeyToken();
token = new AccessToken();
token.subject("CN=Client")
.audience("domain")
.addAccess("service").addRole("admin");
@ -95,12 +95,12 @@ public class RSAVerifierTest {
String encoded = new JWSBuilder()
.jsonContent(token)
.rsa256(idpPair.getPrivate());
SkeletonKeyToken token = verifySkeletonKeyToken(encoded);
AccessToken token = verifySkeletonKeyToken(encoded);
Assert.assertTrue(token.getResourceAccess("service").getRoles().contains("admin"));
Assert.assertEquals("CN=Client", token.getSubject());
}
private SkeletonKeyToken verifySkeletonKeyToken(String encoded) throws VerificationException {
private AccessToken verifySkeletonKeyToken(String encoded) throws VerificationException {
return RSATokenVerifier.verifyToken(encoded, idpPair.getPublic(), "domain");
}
@ -135,7 +135,7 @@ public class RSAVerifierTest {
.jsonContent(token)
.rsa256(badPair.getPrivate());
SkeletonKeyToken v = null;
AccessToken v = null;
try {
v = verifySkeletonKeyToken(encoded);
Assert.fail();
@ -151,7 +151,7 @@ public class RSAVerifierTest {
.jsonContent(token)
.rsa256(idpPair.getPrivate());
SkeletonKeyToken v = null;
AccessToken v = null;
try {
v = verifySkeletonKeyToken(encoded);
} catch (VerificationException ignored) {
@ -167,7 +167,7 @@ public class RSAVerifierTest {
.jsonContent(token)
.rsa256(idpPair.getPrivate());
SkeletonKeyToken v = null;
AccessToken v = null;
try {
v = verifySkeletonKeyToken(encoded);
Assert.fail();
@ -184,7 +184,7 @@ public class RSAVerifierTest {
.jsonContent(token)
.rsa256(idpPair.getPrivate());
SkeletonKeyToken v = null;
AccessToken v = null;
try {
v = verifySkeletonKeyToken(encoded);
} catch (VerificationException ignored) {
@ -200,7 +200,7 @@ public class RSAVerifierTest {
.jsonContent(token)
.rsa256(idpPair.getPrivate());
SkeletonKeyToken v = null;
AccessToken v = null;
try {
v = verifySkeletonKeyToken(encoded);
Assert.fail();
@ -211,7 +211,7 @@ public class RSAVerifierTest {
@Test
public void testTokenAuth() throws Exception {
token = new SkeletonKeyToken();
token = new AccessToken();
token.subject("CN=Client")
.audience("domain")
.addAccess("service").addRole("admin").verifyCaller(true);
@ -220,7 +220,7 @@ public class RSAVerifierTest {
.jsonContent(token)
.rsa256(idpPair.getPrivate());
SkeletonKeyToken v = null;
AccessToken v = null;
try {
v = verifySkeletonKeyToken(encoded);
} catch (VerificationException ignored) {

18
core/src/test/java/org/keycloak/SkeletonKeyTokenTest.java
View file

@ -5,8 +5,8 @@ import org.junit.Test;
import org.keycloak.jose.jws.JWSBuilder;
import org.keycloak.jose.jws.JWSInput;
import org.keycloak.jose.jws.crypto.RSAProvider;
import org.keycloak.representations.SkeletonKeyScope;
import org.keycloak.representations.SkeletonKeyToken;
import org.keycloak.representations.AccessScope;
import org.keycloak.representations.AccessToken;
import org.keycloak.util.JsonSerialization;
import java.io.IOException;
@ -29,7 +29,7 @@ public class SkeletonKeyTokenTest {
public void run() {
for (int i = 0; i < 10000; i++) {
try {
SkeletonKeyScope scope = JsonSerialization.readValue(json.getBytes(), SkeletonKeyScope.class);
AccessScope scope = JsonSerialization.readValue(json.getBytes(), AccessScope.class);
} catch (IOException e) {
}
@ -39,7 +39,7 @@ public class SkeletonKeyTokenTest {
@Test
public void testScope() throws Exception {
SkeletonKeyScope scope2 = new SkeletonKeyScope();
AccessScope scope2 = new AccessScope();
scope2.add("one", "admin");
scope2.add("one", "buyer");
@ -69,7 +69,7 @@ public class SkeletonKeyTokenTest {
@Test
public void testToken() throws Exception {
SkeletonKeyToken token = new SkeletonKeyToken();
AccessToken token = new AccessToken();
token.id("111");
token.addAccess("foo").addRole("admin");
token.addAccess("bar").addRole("user");
@ -77,9 +77,9 @@ public class SkeletonKeyTokenTest {
String json = JsonSerialization.writeValueAsString(token);
System.out.println(json);
token = JsonSerialization.readValue(json, SkeletonKeyToken.class);
token = JsonSerialization.readValue(json, AccessToken.class);
Assert.assertEquals("111", token.getId());
SkeletonKeyToken.Access foo = token.getResourceAccess("foo");
AccessToken.Access foo = token.getResourceAccess("foo");
Assert.assertNotNull(foo);
Assert.assertTrue(foo.isUserInRole("admin"));
@ -87,7 +87,7 @@ public class SkeletonKeyTokenTest {
@Test
public void testRSA() throws Exception {
SkeletonKeyToken token = new SkeletonKeyToken();
AccessToken token = new AccessToken();
token.id("111");
token.addAccess("foo").addRole("admin");
token.addAccess("bar").addRole("user");
@ -102,7 +102,7 @@ public class SkeletonKeyTokenTest {
JWSInput input = new JWSInput(encoded);
token = input.readJsonContent(SkeletonKeyToken.class);
token = input.readJsonContent(AccessToken.class);
Assert.assertEquals("111", token.getId());
Assert.assertTrue(RSAProvider.verify(input, keyPair.getPublic()));
}

11
docbook/reference/en/en-US/modules/MigrationFromOlderVersions.xml
View file

@ -1,7 +1,16 @@
<chapter id="Migration_from_older_versions">
<title>Migration from older versions</title>
<sect1>
<title>Migrating from 1.0 Alpha 1 to 1.0 Alpha 2</title>
<title>Migrating from 1.0 Alpha 2 to Alpha 3</title>
<itemizedlist>
<listitem>
SkeletonKeyToken, SkeletonKeyScope, SkeletonKeyPrincipal, and SkeletonKeySession have been renamed to:
AccessToken, AccessScope, KeycloakPrincipal, and KeycloakAuthenticatedSession respectively.
</listitem>
</itemizedlist>
</sect1>
<sect1>
<title>Migrating from 1.0 Alpha 1 to Alpha 2</title>
<itemizedlist>
<listitem>
DB Schema has changed. We don't have any data migration utilities yet as of Alpha 2.

4
examples/demo-template/customer-app/src/main/java/org/keycloak/example/CustomerDatabaseClient.java
View file

@ -4,7 +4,7 @@ import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.keycloak.SkeletonKeySession;
import org.keycloak.KeycloakAuthenticatedSession;
import org.keycloak.adapters.HttpClientBuilder;
import org.keycloak.util.JsonSerialization;
@ -36,7 +36,7 @@ public class CustomerDatabaseClient {
}
public static List<String> getCustomers(HttpServletRequest req) throws Failure {
SkeletonKeySession session = (SkeletonKeySession) req.getAttribute(SkeletonKeySession.class.getName());
KeycloakAuthenticatedSession session = (KeycloakAuthenticatedSession) req.getAttribute(KeycloakAuthenticatedSession.class.getName());
HttpClient client = new HttpClientBuilder()
.trustStore(session.getMetadata().getTruststore())

4
examples/demo-template/product-app/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java
View file

@ -4,7 +4,7 @@ import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.keycloak.SkeletonKeySession;
import org.keycloak.KeycloakAuthenticatedSession;
import org.keycloak.adapters.HttpClientBuilder;
import org.keycloak.util.JsonSerialization;
@ -35,7 +35,7 @@ public class ProductDatabaseClient
}
public static List<String> getProducts(HttpServletRequest req) throws Failure {
SkeletonKeySession session = (SkeletonKeySession)req.getAttribute(SkeletonKeySession.class.getName());
KeycloakAuthenticatedSession session = (KeycloakAuthenticatedSession)req.getAttribute(KeycloakAuthenticatedSession.class.getName());
HttpClient client = new HttpClientBuilder()
.trustStore(session.getMetadata().getTruststore())
.hostnameVerification(HttpClientBuilder.HostnameVerificationPolicy.ANY).build();

4
integration/adapter-core/src/main/java/org/keycloak/adapters/config/AdapterConfigLoader.java
View file

@ -2,7 +2,7 @@ package org.keycloak.adapters.config;
import org.codehaus.jackson.map.ObjectMapper;
import org.codehaus.jackson.map.annotate.JsonSerialize;
import org.keycloak.representations.SkeletonKeyScope;
import org.keycloak.representations.AccessScope;
import org.keycloak.util.Base64Url;
import org.keycloak.util.EnvUtil;
import org.keycloak.util.JsonSerialization;
@ -128,7 +128,7 @@ public class AdapterConfigLoader {
}
}
protected String encodeScope(SkeletonKeyScope scope) {
protected String encodeScope(AccessScope scope) {
try {
byte[] scopeBytes = JsonSerialization.writeValueAsBytes(scope);
return Base64Url.encode(scopeBytes);

20
integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/AuthenticatedActionsValve.java
View file

@ -7,10 +7,10 @@ import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.catalina.valves.ValveBase;
import org.jboss.logging.Logger;
import org.keycloak.SkeletonKeySession;
import org.keycloak.KeycloakAuthenticatedSession;
import org.keycloak.adapters.AdapterConstants;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.adapters.config.AdapterConfig;
import org.keycloak.representations.SkeletonKeyToken;
import javax.management.ObjectName;
import javax.servlet.ServletException;
@ -45,7 +45,7 @@ public class AuthenticatedActionsValve extends ValveBase {
@Override
public void invoke(Request request, Response response) throws IOException, ServletException {
log.debugv("AuthenticatedActionsValve.invoke {0}", request.getRequestURI());
SkeletonKeySession session = getSkeletonKeySession(request);
KeycloakAuthenticatedSession session = getSkeletonKeySession(request);
if (corsRequest(request, response, session)) return;
String requestUri = request.getRequestURI();
if (requestUri.endsWith(AdapterConstants.K_QUERY_BEARER_TOKEN)) {
@ -55,17 +55,17 @@ public class AuthenticatedActionsValve extends ValveBase {
getNext().invoke(request, response);
}
public SkeletonKeySession getSkeletonKeySession(Request request) {
SkeletonKeySession skSession = (SkeletonKeySession) request.getAttribute(SkeletonKeySession.class.getName());
public KeycloakAuthenticatedSession getSkeletonKeySession(Request request) {
KeycloakAuthenticatedSession skSession = (KeycloakAuthenticatedSession) request.getAttribute(KeycloakAuthenticatedSession.class.getName());
if (skSession != null) return skSession;
Session session = request.getSessionInternal();
if (session != null) {
return (SkeletonKeySession) session.getNote(SkeletonKeySession.class.getName());
return (KeycloakAuthenticatedSession) session.getNote(KeycloakAuthenticatedSession.class.getName());
}
return null;
}
protected void queryBearerToken(Request request, Response response, SkeletonKeySession session) throws IOException, ServletException {
protected void queryBearerToken(Request request, Response response, KeycloakAuthenticatedSession session) throws IOException, ServletException {
log.debugv("queryBearerToken {0}", request.getRequestURI());
if (abortTokenResponse(request, response, session)) return;
response.setStatus(HttpServletResponse.SC_OK);
@ -75,7 +75,7 @@ public class AuthenticatedActionsValve extends ValveBase {
}
protected boolean abortTokenResponse(Request request, Response response, SkeletonKeySession session) throws IOException {
protected boolean abortTokenResponse(Request request, Response response, KeycloakAuthenticatedSession session) throws IOException {
if (session == null) {
log.debugv("session was null, sending back 401: {0}", request.getRequestURI());
response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
@ -92,13 +92,13 @@ public class AuthenticatedActionsValve extends ValveBase {
return false;
}
protected boolean corsRequest(Request request, Response response, SkeletonKeySession session) throws IOException {
protected boolean corsRequest(Request request, Response response, KeycloakAuthenticatedSession session) throws IOException {
if (!config.isCors()) return false;
log.debugv("CORS enabled + request.getRequestURI()");
String origin = request.getHeader("Origin");
log.debugv("Origin: {0} uri: {1}", origin, request.getRequestURI());
if (session != null && origin != null) {
SkeletonKeyToken token = session.getToken();
AccessToken token = session.getToken();
Set<String> allowedOrigins = token.getAllowedOrigins();
if (log.isDebugEnabled()) {
for (String a : allowedOrigins) log.debug(" " + a);

20
integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/CatalinaBearerTokenAuthenticator.java
View file

@ -2,12 +2,12 @@ package org.keycloak.adapters.as7;
import org.apache.catalina.connector.Request;
import org.jboss.logging.Logger;
import org.keycloak.KeycloakAuthenticatedSession;
import org.keycloak.KeycloakPrincipal;
import org.keycloak.RSATokenVerifier;
import org.keycloak.adapters.ResourceMetadata;
import org.keycloak.SkeletonKeyPrincipal;
import org.keycloak.SkeletonKeySession;
import org.keycloak.VerificationException;
import org.keycloak.representations.SkeletonKeyToken;
import org.keycloak.representations.AccessToken;
import javax.security.auth.login.LoginException;
import javax.servlet.http.HttpServletResponse;
@ -26,7 +26,7 @@ public class CatalinaBearerTokenAuthenticator {
protected boolean challenge;
protected Logger log = Logger.getLogger(CatalinaBearerTokenAuthenticator.class);
protected String tokenString;
protected SkeletonKeyToken token;
protected AccessToken token;
private Principal principal;
protected boolean useResourceRoleMappings;
@ -44,7 +44,7 @@ public class CatalinaBearerTokenAuthenticator {
return tokenString;
}
public SkeletonKeyToken getToken() {
public AccessToken getToken() {
return token;
}
@ -79,12 +79,12 @@ public class CatalinaBearerTokenAuthenticator {
boolean verifyCaller = false;
Set<String> roles = new HashSet<String>();
if (useResourceRoleMappings) {
SkeletonKeyToken.Access access = token.getResourceAccess(resourceMetadata.getResourceName());
AccessToken.Access access = token.getResourceAccess(resourceMetadata.getResourceName());
if (access != null) roles = access.getRoles();
verifyCaller = token.isVerifyCaller(resourceMetadata.getResourceName());
} else {
verifyCaller = token.isVerifyCaller();
SkeletonKeyToken.Access access = token.getRealmAccess();
AccessToken.Access access = token.getRealmAccess();
if (access != null) roles = access.getRoles();
}
String surrogate = null;
@ -102,12 +102,12 @@ public class CatalinaBearerTokenAuthenticator {
}
surrogate = chain[0].getSubjectX500Principal().getName();
}
SkeletonKeyPrincipal skeletonKeyPrincipal = new SkeletonKeyPrincipal(token.getSubject(), surrogate);
KeycloakPrincipal skeletonKeyPrincipal = new KeycloakPrincipal(token.getSubject(), surrogate);
principal = new CatalinaSecurityContextHelper().createPrincipal(request.getContext().getRealm(), skeletonKeyPrincipal, roles);
request.setUserPrincipal(principal);
request.setAuthType("OAUTH_BEARER");
SkeletonKeySession skSession = new SkeletonKeySession(tokenString, token, resourceMetadata);
request.setAttribute(SkeletonKeySession.class.getName(), skSession);
KeycloakAuthenticatedSession skSession = new KeycloakAuthenticatedSession(tokenString, token, resourceMetadata);
request.setAttribute(KeycloakAuthenticatedSession.class.getName(), skSession);
return true;
}

22
integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/KeycloakAuthenticatorValve.java
View file

@ -13,17 +13,17 @@ import org.apache.catalina.core.StandardContext;
import org.apache.catalina.deploy.LoginConfig;
import org.apache.catalina.realm.GenericPrincipal;
import org.jboss.logging.Logger;
import org.keycloak.KeycloakAuthenticatedSession;
import org.keycloak.KeycloakPrincipal;
import org.keycloak.adapters.AdapterConstants;
import org.keycloak.adapters.ResourceMetadata;
import org.keycloak.SkeletonKeyPrincipal;
import org.keycloak.SkeletonKeySession;
import org.keycloak.adapters.as7.config.CatalinaAdapterConfigLoader;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.adapters.config.AdapterConfig;
import org.keycloak.adapters.config.RealmConfiguration;
import org.keycloak.adapters.config.RealmConfigurationLoader;
import org.keycloak.jose.jws.JWSInput;
import org.keycloak.jose.jws.crypto.RSAProvider;
import org.keycloak.representations.SkeletonKeyToken;
import org.keycloak.representations.adapters.action.LogoutAction;
import org.keycloak.util.JsonSerialization;
import org.keycloak.util.StreamUtil;
@ -192,9 +192,9 @@ public class KeycloakAuthenticatorValve extends FormAuthenticator implements Lif
request.setAuthType("OAUTH");
Session session = request.getSessionInternal();
if (session != null) {
SkeletonKeySession skSession = (SkeletonKeySession) session.getNote(SkeletonKeySession.class.getName());
KeycloakAuthenticatedSession skSession = (KeycloakAuthenticatedSession) session.getNote(KeycloakAuthenticatedSession.class.getName());
if (skSession != null) {
request.setAttribute(SkeletonKeySession.class.getName(), skSession);
request.setAttribute(KeycloakAuthenticatedSession.class.getName(), skSession);
}
}
return true;
@ -219,22 +219,22 @@ public class KeycloakAuthenticatorValve extends FormAuthenticator implements Lif
} else {
if (!oauth.resolveCode(code)) return;
SkeletonKeyToken token = oauth.getToken();
AccessToken token = oauth.getToken();
Set<String> roles = new HashSet<String>();
if (adapterConfig.isUseResourceRoleMappings()) {
SkeletonKeyToken.Access access = token.getResourceAccess(resourceMetadata.getResourceName());
AccessToken.Access access = token.getResourceAccess(resourceMetadata.getResourceName());
if (access != null) roles.addAll(access.getRoles());
} else {
SkeletonKeyToken.Access access = token.getRealmAccess();
AccessToken.Access access = token.getRealmAccess();
if (access != null) roles.addAll(access.getRoles());
}
SkeletonKeyPrincipal skp = new SkeletonKeyPrincipal(token.getSubject(), null);
KeycloakPrincipal skp = new KeycloakPrincipal(token.getSubject(), null);
GenericPrincipal principal = new CatalinaSecurityContextHelper().createPrincipal(context.getRealm(), skp, roles);
Session session = request.getSessionInternal(true);
session.setPrincipal(principal);
session.setAuthType("OAUTH");
SkeletonKeySession skSession = new SkeletonKeySession(oauth.getTokenString(), token, realmConfiguration.getMetadata());
session.setNote(SkeletonKeySession.class.getName(), skSession);
KeycloakAuthenticatedSession skSession = new KeycloakAuthenticatedSession(oauth.getTokenString(), token, realmConfiguration.getMetadata());
session.setNote(KeycloakAuthenticatedSession.class.getName(), skSession);
String username = token.getSubject();
log.debug("userSessionManage.login: " + username);

6
integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/ServletOAuthLogin.java
View file

@ -5,8 +5,8 @@ import org.keycloak.RSATokenVerifier;
import org.keycloak.VerificationException;
import org.keycloak.adapters.TokenGrantRequest;
import org.keycloak.adapters.config.RealmConfiguration;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.AccessTokenResponse;
import org.keycloak.representations.SkeletonKeyToken;
import org.keycloak.util.KeycloakUriBuilder;
import javax.servlet.http.Cookie;
@ -28,7 +28,7 @@ public class ServletOAuthLogin {
protected RealmConfiguration realmInfo;
protected int redirectPort;
protected String tokenString;
protected SkeletonKeyToken token;
protected AccessToken token;
public ServletOAuthLogin(RealmConfiguration realmInfo, HttpServletRequest request, HttpServletResponse response, int redirectPort) {
this.request = request;
@ -41,7 +41,7 @@ public class ServletOAuthLogin {
return tokenString;
}
public SkeletonKeyToken getToken() {
public AccessToken getToken() {
return token;
}

16
integration/jaxrs-oauth-client/src/main/java/org/keycloak/jaxrs/JaxrsBearerTokenFilter.java
View file

@ -2,12 +2,12 @@ package org.keycloak.jaxrs;
import org.jboss.resteasy.logging.Logger;
import org.jboss.resteasy.spi.ResteasyProviderFactory;
import org.keycloak.KeycloakAuthenticatedSession;
import org.keycloak.KeycloakPrincipal;
import org.keycloak.RSATokenVerifier;
import org.keycloak.adapters.ResourceMetadata;
import org.keycloak.SkeletonKeyPrincipal;
import org.keycloak.SkeletonKeySession;
import org.keycloak.VerificationException;
import org.keycloak.representations.SkeletonKeyToken;
import org.keycloak.representations.AccessToken;
import javax.annotation.Priority;
import javax.ws.rs.Priorities;
@ -66,14 +66,14 @@ public class JaxrsBearerTokenFilter implements ContainerRequestFilter {
try {
SkeletonKeyToken token = RSATokenVerifier.verifyToken(tokenString, resourceMetadata.getRealmKey(), resourceMetadata.getRealm());
SkeletonKeySession skSession = new SkeletonKeySession(tokenString, token, resourceMetadata);
ResteasyProviderFactory.pushContext(SkeletonKeySession.class, skSession);
AccessToken token = RSATokenVerifier.verifyToken(tokenString, resourceMetadata.getRealmKey(), resourceMetadata.getRealm());
KeycloakAuthenticatedSession skSession = new KeycloakAuthenticatedSession(tokenString, token, resourceMetadata);
ResteasyProviderFactory.pushContext(KeycloakAuthenticatedSession.class, skSession);
String callerPrincipal = securityContext.getUserPrincipal() != null ? securityContext.getUserPrincipal().getName() : null;
final SkeletonKeyPrincipal principal = new SkeletonKeyPrincipal(token.getSubject(), callerPrincipal);
final KeycloakPrincipal principal = new KeycloakPrincipal(token.getSubject(), callerPrincipal);
final boolean isSecure = securityContext.isSecure();
final SkeletonKeyToken.Access access;
final AccessToken.Access access;
if (resourceMetadata.getResourceName() != null) {
access = token.getResourceAccess(resourceMetadata.getResourceName());
} else {

18
integration/undertow/src/main/java/org/keycloak/adapters/undertow/AuthenticatedActionsHandler.java
View file

@ -5,10 +5,10 @@ import io.undertow.server.HttpServerExchange;
import io.undertow.util.Headers;
import io.undertow.util.StatusCodes;
import org.jboss.logging.Logger;
import org.keycloak.SkeletonKeySession;
import org.keycloak.KeycloakAuthenticatedSession;
import org.keycloak.adapters.AdapterConstants;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.adapters.config.AdapterConfig;
import org.keycloak.representations.SkeletonKeyToken;
import javax.servlet.ServletException;
import java.io.IOException;
@ -38,7 +38,7 @@ public class AuthenticatedActionsHandler implements HttpHandler {
@Override
public void handleRequest(HttpServerExchange exchange) throws Exception {
log.debugv("AuthenticatedActionsValve.invoke {0}", exchange.getRequestURI());
SkeletonKeySession session = getSkeletonKeySession(exchange);
KeycloakAuthenticatedSession session = getSkeletonKeySession(exchange);
if (corsRequest(exchange, session)) return;
String requestUri = exchange.getRequestURI();
if (requestUri.endsWith(AdapterConstants.K_QUERY_BEARER_TOKEN)) {
@ -48,13 +48,13 @@ public class AuthenticatedActionsHandler implements HttpHandler {
next.handleRequest(exchange);
}
public SkeletonKeySession getSkeletonKeySession(HttpServerExchange exchange) {
SkeletonKeySession skSession = exchange.getAttachment(KeycloakAuthenticationMechanism.SKELETON_KEY_SESSION_ATTACHMENT_KEY);
public KeycloakAuthenticatedSession getSkeletonKeySession(HttpServerExchange exchange) {
KeycloakAuthenticatedSession skSession = exchange.getAttachment(KeycloakAuthenticationMechanism.SKELETON_KEY_SESSION_ATTACHMENT_KEY);
if (skSession != null) return skSession;
return null;
}
protected void queryBearerToken(HttpServerExchange exchange, SkeletonKeySession session) throws IOException, ServletException {
protected void queryBearerToken(HttpServerExchange exchange, KeycloakAuthenticatedSession session) throws IOException, ServletException {
log.debugv("queryBearerToken {0}",exchange.getRequestURI());
if (abortTokenResponse(exchange, session)) return;
exchange.setResponseCode(StatusCodes.OK);
@ -63,7 +63,7 @@ public class AuthenticatedActionsHandler implements HttpHandler {
exchange.endExchange();
}
protected boolean abortTokenResponse(HttpServerExchange exchange, SkeletonKeySession session) throws IOException {
protected boolean abortTokenResponse(HttpServerExchange exchange, KeycloakAuthenticatedSession session) throws IOException {
if (session == null) {
log.debugv("session was null, sending back 401: {0}",exchange.getRequestURI());
exchange.setResponseCode(StatusCodes.UNAUTHORIZED);
@ -83,13 +83,13 @@ public class AuthenticatedActionsHandler implements HttpHandler {
return false;
}
protected boolean corsRequest(HttpServerExchange exchange, SkeletonKeySession session) throws IOException {
protected boolean corsRequest(HttpServerExchange exchange, KeycloakAuthenticatedSession session) throws IOException {
if (!adapterConfig.isCors()) return false;
log.debugv("CORS enabled + request.getRequestURI()");
String origin = exchange.getRequestHeaders().getFirst("Origin");
log.debugv("Origin: {0} uri: {1}", origin, exchange.getRequestURI());
if (session != null && origin != null) {
SkeletonKeyToken token = session.getToken();
AccessToken token = session.getToken();
Set<String> allowedOrigins = token.getAllowedOrigins();
if (log.isDebugEnabled()) {
for (String a : allowedOrigins) log.debug(" " + a);

6
integration/undertow/src/main/java/org/keycloak/adapters/undertow/BearerTokenAuthenticator.java
View file

@ -7,7 +7,7 @@ import org.jboss.logging.Logger;
import org.keycloak.RSATokenVerifier;
import org.keycloak.adapters.ResourceMetadata;
import org.keycloak.VerificationException;
import org.keycloak.representations.SkeletonKeyToken;
import org.keycloak.representations.AccessToken;
import javax.security.cert.X509Certificate;
import java.util.HashSet;
@ -26,7 +26,7 @@ public class BearerTokenAuthenticator {
protected ResourceMetadata resourceMetadata;
protected Logger log = Logger.getLogger(BearerTokenAuthenticator.class);
protected String tokenString;
protected SkeletonKeyToken token;
protected AccessToken token;
protected boolean useResourceRoleMappings;
protected String surrogate;
protected KeycloakChallenge challenge;
@ -48,7 +48,7 @@ public class BearerTokenAuthenticator {
return tokenString;
}
public SkeletonKeyToken getToken() {
public AccessToken getToken() {
return token;
}

30
integration/undertow/src/main/java/org/keycloak/adapters/undertow/KeycloakAuthenticationMechanism.java
View file

@ -6,12 +6,12 @@ import io.undertow.security.idm.Account;
import io.undertow.server.HttpServerExchange;
import io.undertow.util.AttachmentKey;
import org.jboss.logging.Logger;
import org.keycloak.KeycloakAuthenticatedSession;
import org.keycloak.KeycloakPrincipal;
import org.keycloak.adapters.config.RealmConfiguration;
import org.keycloak.adapters.ResourceMetadata;
import org.keycloak.SkeletonKeyPrincipal;
import org.keycloak.SkeletonKeySession;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.adapters.config.AdapterConfig;
import org.keycloak.representations.SkeletonKeyToken;
import java.security.Principal;
import java.util.Collections;
@ -25,7 +25,7 @@ public class KeycloakAuthenticationMechanism implements AuthenticationMechanism
protected Logger log = Logger.getLogger(KeycloakAuthenticationMechanism.class);
public static final AttachmentKey<KeycloakChallenge> KEYCLOAK_CHALLENGE_ATTACHMENT_KEY = AttachmentKey.create(KeycloakChallenge.class);
public static final AttachmentKey<SkeletonKeySession> SKELETON_KEY_SESSION_ATTACHMENT_KEY = AttachmentKey.create(SkeletonKeySession.class);
public static final AttachmentKey<KeycloakAuthenticatedSession> SKELETON_KEY_SESSION_ATTACHMENT_KEY = AttachmentKey.create(KeycloakAuthenticatedSession.class);
protected ResourceMetadata resourceMetadata;
protected AdapterConfig adapterConfig;
@ -59,10 +59,10 @@ public class KeycloakAuthenticationMechanism implements AuthenticationMechanism
return AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
}
else if (outcome == AuthenticationMechanismOutcome.AUTHENTICATED) {
final SkeletonKeyToken token = bearer.getToken();
final AccessToken token = bearer.getToken();
String surrogate = bearer.getSurrogate();
SkeletonKeySession session = new SkeletonKeySession(bearer.getTokenString(), token, resourceMetadata);
SkeletonKeyPrincipal principal = completeAuthentication(securityContext, token, surrogate);
KeycloakAuthenticatedSession session = new KeycloakAuthenticatedSession(bearer.getTokenString(), token, resourceMetadata);
KeycloakPrincipal principal = completeAuthentication(securityContext, token, surrogate);
propagateBearer(exchange, session, principal);
return AuthenticationMechanismOutcome.AUTHENTICATED;
}
@ -82,8 +82,8 @@ public class KeycloakAuthenticationMechanism implements AuthenticationMechanism
return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
}
SkeletonKeySession session = new SkeletonKeySession(oauth.getTokenString(), oauth.getToken(), resourceMetadata);
SkeletonKeyPrincipal principal = completeAuthentication(securityContext, oauth.getToken(), null);
KeycloakAuthenticatedSession session = new KeycloakAuthenticatedSession(oauth.getTokenString(), oauth.getToken(), resourceMetadata);
KeycloakPrincipal principal = completeAuthentication(securityContext, oauth.getToken(), null);
propagateOauth(exchange, session, principal);
log.info("AUTHENTICATED");
return AuthenticationMechanismOutcome.AUTHENTICATED;
@ -97,14 +97,14 @@ public class KeycloakAuthenticationMechanism implements AuthenticationMechanism
return new BearerTokenAuthenticator(resourceMetadata, adapterConfig.isUseResourceRoleMappings());
}
protected SkeletonKeyPrincipal completeAuthentication(SecurityContext securityContext, SkeletonKeyToken token, String surrogate) {
final SkeletonKeyPrincipal skeletonKeyPrincipal = new SkeletonKeyPrincipal(token.getSubject(), surrogate);
protected KeycloakPrincipal completeAuthentication(SecurityContext securityContext, AccessToken token, String surrogate) {
final KeycloakPrincipal skeletonKeyPrincipal = new KeycloakPrincipal(token.getSubject(), surrogate);
Set<String> roles = null;
if (adapterConfig.isUseResourceRoleMappings()) {
SkeletonKeyToken.Access access = token.getResourceAccess(resourceMetadata.getResourceName());
AccessToken.Access access = token.getResourceAccess(resourceMetadata.getResourceName());
if (access != null) roles = access.getRoles();
} else {
SkeletonKeyToken.Access access = token.getRealmAccess();
AccessToken.Access access = token.getRealmAccess();
if (access != null) roles = access.getRoles();
}
if (roles == null) roles = Collections.emptySet();
@ -124,12 +124,12 @@ public class KeycloakAuthenticationMechanism implements AuthenticationMechanism
return skeletonKeyPrincipal;
}
protected void propagateBearer(HttpServerExchange exchange, SkeletonKeySession session, SkeletonKeyPrincipal principal) {
protected void propagateBearer(HttpServerExchange exchange, KeycloakAuthenticatedSession session, KeycloakPrincipal principal) {
exchange.putAttachment(SKELETON_KEY_SESSION_ATTACHMENT_KEY, session);
}
protected void propagateOauth(HttpServerExchange exchange, SkeletonKeySession session, SkeletonKeyPrincipal principal) {
protected void propagateOauth(HttpServerExchange exchange, KeycloakAuthenticatedSession session, KeycloakPrincipal principal) {
exchange.putAttachment(SKELETON_KEY_SESSION_ATTACHMENT_KEY, session);
}

6
integration/undertow/src/main/java/org/keycloak/adapters/undertow/OAuthAuthenticator.java
View file

@ -12,8 +12,8 @@ import org.keycloak.RSATokenVerifier;
import org.keycloak.adapters.config.RealmConfiguration;
import org.keycloak.VerificationException;
import org.keycloak.adapters.TokenGrantRequest;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.AccessTokenResponse;
import org.keycloak.representations.SkeletonKeyToken;
import org.keycloak.util.KeycloakUriBuilder;
import java.io.IOException;
@ -31,7 +31,7 @@ public class OAuthAuthenticator {
protected RealmConfiguration realmInfo;
protected int sslRedirectPort;
protected String tokenString;
protected SkeletonKeyToken token;
protected AccessToken token;
protected HttpServerExchange exchange;
protected KeycloakChallenge challenge;
@ -49,7 +49,7 @@ public class OAuthAuthenticator {
return tokenString;
}
public SkeletonKeyToken getToken() {
public AccessToken getToken() {
return token;
}

8
integration/undertow/src/main/java/org/keycloak/adapters/undertow/ServletAuthenticatedActionsHandler.java
View file

@ -4,7 +4,7 @@ import io.undertow.server.HandlerWrapper;
import io.undertow.server.HttpHandler;
import io.undertow.server.HttpServerExchange;
import io.undertow.servlet.handlers.ServletRequestContext;
import org.keycloak.SkeletonKeySession;
import org.keycloak.KeycloakAuthenticatedSession;
import org.keycloak.representations.adapters.config.AdapterConfig;
import javax.servlet.http.HttpServletRequest;
@ -34,15 +34,15 @@ public class ServletAuthenticatedActionsHandler extends AuthenticatedActionsHand
}
@Override
public SkeletonKeySession getSkeletonKeySession(HttpServerExchange exchange) {
SkeletonKeySession skSession = super.getSkeletonKeySession(exchange);
public KeycloakAuthenticatedSession getSkeletonKeySession(HttpServerExchange exchange) {
KeycloakAuthenticatedSession skSession = super.getSkeletonKeySession(exchange);
if (skSession != null) return skSession;
final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
HttpServletRequest req = (HttpServletRequest) servletRequestContext.getServletRequest();
HttpSession session = req.getSession(false);
if (session == null) return null;
return (SkeletonKeySession)session.getAttribute(SkeletonKeySession.class.getName());
return (KeycloakAuthenticatedSession)session.getAttribute(KeycloakAuthenticatedSession.class.getName());
}
}

14
integration/undertow/src/main/java/org/keycloak/adapters/undertow/ServletKeycloakAuthenticationMechanism.java
View file

@ -3,10 +3,10 @@ package org.keycloak.adapters.undertow;
import io.undertow.server.HttpServerExchange;
import io.undertow.servlet.api.ConfidentialPortManager;
import io.undertow.servlet.handlers.ServletRequestContext;
import org.keycloak.SkeletonKeyPrincipal;
import org.keycloak.KeycloakAuthenticatedSession;
import org.keycloak.KeycloakPrincipal;
import org.keycloak.adapters.config.RealmConfiguration;
import org.keycloak.adapters.ResourceMetadata;
import org.keycloak.SkeletonKeySession;
import org.keycloak.representations.adapters.config.AdapterConfig;
import javax.servlet.http.HttpServletRequest;
@ -39,21 +39,21 @@ public class ServletKeycloakAuthenticationMechanism extends KeycloakAuthenticati
}
@Override
protected void propagateBearer(HttpServerExchange exchange, SkeletonKeySession skSession, SkeletonKeyPrincipal principal) {
protected void propagateBearer(HttpServerExchange exchange, KeycloakAuthenticatedSession skSession, KeycloakPrincipal principal) {
super.propagateBearer(exchange, skSession, principal);
final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
HttpServletRequest req = (HttpServletRequest) servletRequestContext.getServletRequest();
req.setAttribute(SkeletonKeySession.class.getName(), skSession);
req.setAttribute(KeycloakAuthenticatedSession.class.getName(), skSession);
}
@Override
protected void propagateOauth(HttpServerExchange exchange, SkeletonKeySession skSession, SkeletonKeyPrincipal principal) {
protected void propagateOauth(HttpServerExchange exchange, KeycloakAuthenticatedSession skSession, KeycloakPrincipal principal) {
super.propagateBearer(exchange, skSession, principal);
final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
HttpServletRequest req = (HttpServletRequest) servletRequestContext.getServletRequest();
req.setAttribute(SkeletonKeySession.class.getName(), skSession);
req.setAttribute(KeycloakAuthenticatedSession.class.getName(), skSession);
HttpSession session = req.getSession(true);
session.setAttribute(SkeletonKeySession.class.getName(), skSession);
session.setAttribute(KeycloakAuthenticatedSession.class.getName(), skSession);
userSessionManagement.login(servletRequestContext.getDeployment().getSessionManager(), session, principal.getName());
}
}

8
integration/undertow/src/main/java/org/keycloak/adapters/undertow/ServletPropagateSessionHandler.java
View file

@ -5,7 +5,7 @@ import io.undertow.server.HttpHandler;
import io.undertow.server.HttpServerExchange;
import io.undertow.servlet.handlers.ServletRequestContext;
import org.jboss.logging.Logger;
import org.keycloak.SkeletonKeySession;
import org.keycloak.KeycloakAuthenticatedSession;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
@ -36,7 +36,7 @@ public class ServletPropagateSessionHandler implements HttpHandler {
log.info("handleRequest");
final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
HttpServletRequest req = (HttpServletRequest) servletRequestContext.getServletRequest();
SkeletonKeySession skSession = (SkeletonKeySession)req.getAttribute(SkeletonKeySession.class.getName());
KeycloakAuthenticatedSession skSession = (KeycloakAuthenticatedSession)req.getAttribute(KeycloakAuthenticatedSession.class.getName());
if (skSession != null) {
log.info("skSession is in request");
next.handleRequest(exchange);
@ -49,14 +49,14 @@ public class ServletPropagateSessionHandler implements HttpHandler {
next.handleRequest(exchange);
return;
}
skSession = (SkeletonKeySession)session.getAttribute(SkeletonKeySession.class.getName());
skSession = (KeycloakAuthenticatedSession)session.getAttribute(KeycloakAuthenticatedSession.class.getName());
if (skSession == null) {
log.info("skSession not in http session, nothing to propagate");
next.handleRequest(exchange);
return;
}
log.info("propagating");
req.setAttribute(SkeletonKeySession.class.getName(), skSession);
req.setAttribute(KeycloakAuthenticatedSession.class.getName(), skSession);
exchange.putAttachment(KeycloakAuthenticationMechanism.SKELETON_KEY_SESSION_ATTACHMENT_KEY, skSession);
next.handleRequest(exchange);
}

8
services/src/main/java/org/keycloak/services/managers/AccessCodeEntry.java
View file

@ -4,7 +4,7 @@ import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserModel.RequiredAction;
import org.keycloak.representations.SkeletonKeyToken;
import org.keycloak.representations.AccessToken;
import javax.ws.rs.core.MultivaluedHashMap;
import javax.ws.rs.core.MultivaluedMap;
@ -25,7 +25,7 @@ public class AccessCodeEntry {
protected long expiration;
protected RealmModel realm;
protected SkeletonKeyToken token;
protected AccessToken token;
protected UserModel user;
protected Set<RequiredAction> requiredActions;
protected UserModel client;
@ -64,11 +64,11 @@ public class AccessCodeEntry {
this.expiration = expiration;
}
public SkeletonKeyToken getToken() {
public AccessToken getToken() {
return token;
}
public void setToken(SkeletonKeyToken token) {
public void setToken(AccessToken token) {
this.token = token;
}

5
services/src/main/java/org/keycloak/services/managers/ApplicationManager.java
View file

@ -9,15 +9,11 @@ import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserModel;
import org.keycloak.representations.SkeletonKeyScope;
import org.keycloak.representations.adapters.config.BaseAdapterConfig;
import org.keycloak.representations.adapters.config.BaseRealmConfig;
import org.keycloak.representations.idm.ApplicationRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.ScopeMappingRepresentation;
import org.keycloak.representations.idm.UserRoleMappingRepresentation;
import org.keycloak.services.resources.flows.Urls;
import java.net.URI;
import java.util.HashSet;
@ -26,7 +22,6 @@ import java.util.List;
import java.util.Set;
import java.util.Map;
import java.util.HashMap;
import java.util.UUID;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>

18
services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java
View file

@ -12,7 +12,7 @@ import org.keycloak.models.RequiredCredentialModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.representations.SkeletonKeyToken;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.services.resources.AccountService;
import org.keycloak.services.resources.admin.AdminService;
@ -40,8 +40,8 @@ public class AuthenticationManager {
public static final String FORM_USERNAME = "username";
public static final String KEYCLOAK_IDENTITY_COOKIE = "KEYCLOAK_IDENTITY";
public SkeletonKeyToken createIdentityToken(RealmModel realm, UserModel user) {
SkeletonKeyToken token = new SkeletonKeyToken();
public AccessToken createIdentityToken(RealmModel realm, UserModel user) {
AccessToken token = new AccessToken();
token.id(KeycloakModelUtils.generateId());
token.issuedNow();
token.subject(user.getId());
@ -73,7 +73,7 @@ public class AuthenticationManager {
}
protected NewCookie createLoginCookie(RealmModel realm, UserModel user, UserModel client, String cookieName, String cookiePath) {
SkeletonKeyToken identityToken = createIdentityToken(realm, user);
AccessToken identityToken = createIdentityToken(realm, user);
if (client != null) {
identityToken.issuedFor(client.getLoginName());
}
@ -168,7 +168,7 @@ public class AuthenticationManager {
String tokenString = cookie.getValue();
try {
SkeletonKeyToken token = RSATokenVerifier.verifyToken(tokenString, realm.getPublicKey(), realm.getName());
AccessToken token = RSATokenVerifier.verifyToken(tokenString, realm.getPublicKey(), realm.getName());
if (!token.isActive()) {
logger.debug("identity cookie expired");
expireIdentityCookie(realm, uriInfo);
@ -217,7 +217,7 @@ public class AuthenticationManager {
try {
SkeletonKeyToken token = RSATokenVerifier.verifyToken(tokenString, realm.getPublicKey(), realm.getName());
AccessToken token = RSATokenVerifier.verifyToken(tokenString, realm.getPublicKey(), realm.getName());
if (!token.isActive()) {
throw new NotAuthorizedException("token_expired");
}
@ -330,15 +330,15 @@ public class AuthenticationManager {
}
public static class Auth {
private SkeletonKeyToken token;
private AccessToken token;
private UserModel user;
private UserModel client;
public Auth(SkeletonKeyToken token) {
public Auth(AccessToken token) {
this.token = token;
}
public SkeletonKeyToken getToken() {
public AccessToken getToken() {
return token;
}

36
services/src/main/java/org/keycloak/services/managers/TokenManager.java
View file

@ -7,8 +7,8 @@ import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.representations.SkeletonKeyScope;
import org.keycloak.representations.SkeletonKeyToken;
import org.keycloak.representations.AccessScope;
import org.keycloak.representations.AccessToken;
import org.keycloak.util.Base64Url;
import org.keycloak.util.JsonSerialization;
@ -44,7 +44,7 @@ public class TokenManager {
return accessCodeMap.remove(key);
}
protected boolean desiresScope(SkeletonKeyScope scope, String key, String roleName) {
protected boolean desiresScope(AccessScope scope, String key, String roleName) {
if (scope == null || scope.isEmpty()) return true;
List<String> val = scope.get(key);
if (val == null) return false;
@ -52,12 +52,12 @@ public class TokenManager {
}
protected boolean desiresScopeGroup(SkeletonKeyScope scope, String key) {
protected boolean desiresScopeGroup(AccessScope scope, String key) {
if (scope == null || scope.isEmpty()) return true;
return scope.containsKey(key);
}
protected boolean isEmpty(SkeletonKeyScope scope) {
protected boolean isEmpty(AccessScope scope) {
return scope == null || scope.isEmpty();
}
@ -79,7 +79,7 @@ public class TokenManager {
public AccessCodeEntry createAccessCode(String scopeParam, String state, String redirect, RealmModel realm, UserModel client, UserModel user) {
AccessCodeEntry code = new AccessCodeEntry();
SkeletonKeyScope scopeMap = null;
AccessScope scopeMap = null;
if (scopeParam != null) scopeMap = decodeScope(scopeParam);
List<RoleModel> realmRolesRequested = code.getRealmRolesRequested();
MultivaluedMap<String, RoleModel> resourceRolesRequested = code.getResourceRolesRequested();
@ -131,8 +131,8 @@ public class TokenManager {
return code;
}
protected SkeletonKeyToken initToken(RealmModel realm, UserModel client, UserModel user) {
SkeletonKeyToken token = new SkeletonKeyToken();
protected AccessToken initToken(RealmModel realm, UserModel client, UserModel user) {
AccessToken token = new AccessToken();
token.id(KeycloakModelUtils.generateId());
token.subject(user.getId());
token.audience(realm.getName());
@ -148,12 +148,12 @@ public class TokenManager {
return token;
}
protected void addComposites(SkeletonKeyToken token, RoleModel role) {
SkeletonKeyToken.Access access = null;
protected void addComposites(AccessToken token, RoleModel role) {
AccessToken.Access access = null;
if (role.getContainer() instanceof RealmModel) {
access = token.getRealmAccess();
if (token.getRealmAccess() == null) {
access = new SkeletonKeyToken.Access();
access = new AccessToken.Access();
token.setRealmAccess(access);
} else if (token.getRealmAccess().getRoles() != null && token.getRealmAccess().isUserInRole(role.getName()))
return;
@ -178,7 +178,7 @@ public class TokenManager {
protected void createToken(AccessCodeEntry accessCodeEntry, RealmModel realm, UserModel client, UserModel user) {
SkeletonKeyToken token = initToken(realm, client, user);
AccessToken token = initToken(realm, client, user);
if (accessCodeEntry.getRealmRolesRequested().size() > 0) {
for (RoleModel role : accessCodeEntry.getRealmRolesRequested()) {
@ -196,7 +196,7 @@ public class TokenManager {
accessCodeEntry.setToken(token);
}
public String encodeScope(SkeletonKeyScope scope) {
public String encodeScope(AccessScope scope) {
String token = null;
try {
token = JsonSerialization.writeValueAsString(scope);
@ -206,11 +206,11 @@ public class TokenManager {
return Base64Url.encode(token.getBytes());
}
public SkeletonKeyScope decodeScope(String scopeParam) {
SkeletonKeyScope scope = null;
public AccessScope decodeScope(String scopeParam) {
AccessScope scope = null;
byte[] bytes = Base64Url.decode(scopeParam);
try {
scope = JsonSerialization.readValue(bytes, SkeletonKeyScope.class);
scope = JsonSerialization.readValue(bytes, AccessScope.class);
} catch (IOException e) {
throw new RuntimeException(e);
}
@ -218,8 +218,8 @@ public class TokenManager {
}
public SkeletonKeyToken createAccessToken(RealmModel realm, UserModel user) {
SkeletonKeyToken token = new SkeletonKeyToken();
public AccessToken createAccessToken(RealmModel realm, UserModel user) {
AccessToken token = new AccessToken();
token.id(KeycloakModelUtils.generateId());
token.issuedNow();
token.subject(user.getId());

4
services/src/main/java/org/keycloak/services/resources/AccountService.java
View file

@ -32,7 +32,7 @@ import org.keycloak.jose.jws.JWSInput;
import org.keycloak.jose.jws.crypto.RSAProvider;
import org.keycloak.models.*;
import org.keycloak.models.utils.TimeBasedOTP;
import org.keycloak.representations.SkeletonKeyToken;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.services.managers.AccessCodeEntry;
import org.keycloak.services.managers.AuthenticationManager;
@ -390,7 +390,7 @@ public class AccountService {
}
}
SkeletonKeyToken.Access access = auth.getToken().getResourceAccess(application.getName());
AccessToken.Access access = auth.getToken().getResourceAccess(application.getName());
if (access != null) {
if (access.isUserInRole(Constants.ACCOUNT_MANAGE_ROLE) || (role != null && access.isUserInRole(role))) {
return true;

11
services/src/main/java/org/keycloak/services/resources/TokenService.java
View file

@ -15,9 +15,8 @@ import org.keycloak.models.RequiredCredentialModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserModel.RequiredAction;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.AccessTokenResponse;
import org.keycloak.representations.SkeletonKeyToken;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.services.managers.AccessCodeEntry;
import org.keycloak.services.managers.AuthenticationManager;
@ -154,7 +153,7 @@ public class TokenService {
}
tokenManager = new TokenManager();
SkeletonKeyToken token = authManager.createIdentityToken(realm, user);
AccessToken token = authManager.createIdentityToken(realm, user);
String encoded = tokenManager.encodeToken(realm, token);
AccessTokenResponse res = accessTokenResponse(token, encoded);
return Response.ok(res, MediaType.APPLICATION_JSON_TYPE).build();
@ -186,7 +185,7 @@ public class TokenService {
if (authManager.authenticateForm(realm, user, form) != AuthenticationStatus.SUCCESS) {
throw new NotAuthorizedException("Auth failed");
}
SkeletonKeyToken token = tokenManager.createAccessToken(realm, user);
AccessToken token = tokenManager.createAccessToken(realm, user);
String encoded = tokenManager.encodeToken(realm, token);
AccessTokenResponse res = accessTokenResponse(token, encoded);
return Response.ok(res, MediaType.APPLICATION_JSON_TYPE).build();
@ -433,13 +432,13 @@ public class TokenService {
return Cors.add(request, Response.ok(res)).allowedOrigins(client).allowedMethods("POST").build();
}
protected AccessTokenResponse accessTokenResponse(PrivateKey privateKey, SkeletonKeyToken token) {
protected AccessTokenResponse accessTokenResponse(PrivateKey privateKey, AccessToken token) {
String encodedToken = new JWSBuilder().jsonContent(token).rsa256(privateKey);
return accessTokenResponse(token, encodedToken);
}
protected AccessTokenResponse accessTokenResponse(SkeletonKeyToken token, String encodedToken) {
protected AccessTokenResponse accessTokenResponse(AccessToken token, String encodedToken) {
AccessTokenResponse res = new AccessTokenResponse();
res.setToken(encodedToken);
res.setTokenType("bearer");

11
testsuite/integration/src/test/java/org/keycloak/testsuite/OAuthClient.java
View file

@ -38,11 +38,11 @@ import org.json.JSONObject;
import org.junit.Assert;
import org.keycloak.RSATokenVerifier;
import org.keycloak.VerificationException;
import org.keycloak.representations.AccessScope;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.util.BasicAuthHelper;
import org.keycloak.util.JsonSerialization;
import org.keycloak.representations.SkeletonKeyScope;
import org.keycloak.representations.SkeletonKeyToken;
import org.keycloak.util.Base64Url;
import org.openqa.selenium.By;
import org.openqa.selenium.WebDriver;
@ -51,7 +51,6 @@ import javax.ws.rs.core.UriBuilder;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URISyntaxException;
import java.nio.charset.Charset;
import java.security.PublicKey;
import java.util.HashMap;
import java.util.LinkedList;
@ -77,7 +76,7 @@ public class OAuthClient {
private String redirectUri = "http://localhost:8081/app/auth";
private SkeletonKeyScope scope;
private AccessScope scope;
private String state;
@ -163,7 +162,7 @@ public class OAuthClient {
}
}
public SkeletonKeyToken verifyToken(String token) {
public AccessToken verifyToken(String token) {
try {
return RSATokenVerifier.verifyToken(token, realmPublicKey, realm);
} catch (VerificationException e) {
@ -268,7 +267,7 @@ public class OAuthClient {
public OAuthClient addScope(String resource, String... roles) {
if (scope == null) {
scope = new SkeletonKeyScope();
scope = new AccessScope();
}
scope.addAll(resource, roles);
return this;

17
testsuite/integration/src/test/java/org/keycloak/testsuite/composites/CompositeImportRoleTest.java
View file

@ -25,14 +25,9 @@ import org.junit.Assert;
import org.junit.ClassRule;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.models.ApplicationModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserModel;
import org.keycloak.representations.SkeletonKeyToken;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.services.managers.ApplicationManager;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.testsuite.ApplicationServlet;
import org.keycloak.testsuite.OAuthClient;
@ -93,7 +88,7 @@ public class CompositeImportRoleTest {
Assert.assertEquals("bearer", response.getTokenType());
SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken());
AccessToken token = oauth.verifyToken(response.getAccessToken());
Assert.assertEquals("APP_COMPOSITE_USER", oauth.getProfile(response.getAccessToken()).getUsername());
@ -118,7 +113,7 @@ public class CompositeImportRoleTest {
Assert.assertEquals("bearer", response.getTokenType());
SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken());
AccessToken token = oauth.verifyToken(response.getAccessToken());
Assert.assertEquals("REALM_APP_COMPOSITE_USER", oauth.getProfile(response.getAccessToken()).getUsername());
@ -142,7 +137,7 @@ public class CompositeImportRoleTest {
Assert.assertEquals("bearer", response.getTokenType());
SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken());
AccessToken token = oauth.verifyToken(response.getAccessToken());
Assert.assertEquals("REALM_COMPOSITE_1_USER", oauth.getProfile(response.getAccessToken()).getUsername());
@ -165,7 +160,7 @@ public class CompositeImportRoleTest {
Assert.assertEquals("bearer", response.getTokenType());
SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken());
AccessToken token = oauth.verifyToken(response.getAccessToken());
Assert.assertEquals("REALM_COMPOSITE_1_USER", oauth.getProfile(response.getAccessToken()).getUsername());
@ -187,7 +182,7 @@ public class CompositeImportRoleTest {
Assert.assertEquals("bearer", response.getTokenType());
SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken());
AccessToken token = oauth.verifyToken(response.getAccessToken());
Assert.assertEquals("REALM_ROLE_1_USER", oauth.getProfile(response.getAccessToken()).getUsername());

12
testsuite/integration/src/test/java/org/keycloak/testsuite/composites/CompositeRoleTest.java
View file

@ -30,7 +30,7 @@ import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserModel;
import org.keycloak.representations.SkeletonKeyToken;
import org.keycloak.representations.AccessToken;
import org.keycloak.services.managers.ApplicationManager;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.testsuite.ApplicationServlet;
@ -164,7 +164,7 @@ public class CompositeRoleTest {
Assert.assertEquals("bearer", response.getTokenType());
SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken());
AccessToken token = oauth.verifyToken(response.getAccessToken());
Assert.assertEquals("APP_COMPOSITE_USER", oauth.getProfile(response.getAccessToken()).getUsername());
@ -189,7 +189,7 @@ public class CompositeRoleTest {
Assert.assertEquals("bearer", response.getTokenType());
SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken());
AccessToken token = oauth.verifyToken(response.getAccessToken());
Assert.assertEquals("REALM_APP_COMPOSITE_USER", oauth.getProfile(response.getAccessToken()).getUsername());
@ -213,7 +213,7 @@ public class CompositeRoleTest {
Assert.assertEquals("bearer", response.getTokenType());
SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken());
AccessToken token = oauth.verifyToken(response.getAccessToken());
Assert.assertEquals("REALM_COMPOSITE_1_USER", oauth.getProfile(response.getAccessToken()).getUsername());
@ -236,7 +236,7 @@ public class CompositeRoleTest {
Assert.assertEquals("bearer", response.getTokenType());
SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken());
AccessToken token = oauth.verifyToken(response.getAccessToken());
Assert.assertEquals("REALM_COMPOSITE_1_USER", oauth.getProfile(response.getAccessToken()).getUsername());
@ -258,7 +258,7 @@ public class CompositeRoleTest {
Assert.assertEquals("bearer", response.getTokenType());
SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken());
AccessToken token = oauth.verifyToken(response.getAccessToken());
Assert.assertEquals("REALM_ROLE_1_USER", oauth.getProfile(response.getAccessToken()).getUsername());

4
testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java Normal file → Executable file
View file

@ -25,7 +25,7 @@ import org.junit.Assert;
import org.junit.ClassRule;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.representations.SkeletonKeyToken;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.OAuthClient;
import org.keycloak.testsuite.OAuthClient.AccessTokenResponse;
@ -68,7 +68,7 @@ public class AccessTokenTest {
Assert.assertEquals("bearer", response.getTokenType());
SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken());
AccessToken token = oauth.verifyToken(response.getAccessToken());
UserRepresentation user = oauth.getProfile(response.getAccessToken());

15
testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/OAuthGrantTest.java
View file

@ -25,11 +25,10 @@ import java.io.IOException;
import java.util.Map;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.ClassRule;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.representations.SkeletonKeyToken;
import org.keycloak.representations.AccessToken;
import org.keycloak.testsuite.OAuthClient;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.pages.OAuthGrantPage;
@ -78,13 +77,13 @@ public class OAuthGrantTest {
Assert.assertTrue(oauth.getCurrentQuery().containsKey("code"));
OAuthClient.AccessTokenResponse accessToken = oauth.doAccessTokenRequest(oauth.getCurrentQuery().get("code"), "password");
SkeletonKeyToken token = oauth.verifyToken(accessToken.getAccessToken());
AccessToken token = oauth.verifyToken(accessToken.getAccessToken());
SkeletonKeyToken.Access realmAccess = token.getRealmAccess();
AccessToken.Access realmAccess = token.getRealmAccess();
Assert.assertEquals(1, realmAccess.getRoles().size());
Assert.assertTrue(realmAccess.isUserInRole("user"));
Map<String,SkeletonKeyToken.Access> resourceAccess = token.getResourceAccess();
Map<String,AccessToken.Access> resourceAccess = token.getResourceAccess();
Assert.assertEquals(1, resourceAccess.size());
Assert.assertEquals(1, resourceAccess.get("test-app").getRoles().size());
Assert.assertTrue(resourceAccess.get("test-app").isUserInRole("customer-user"));
@ -104,12 +103,12 @@ public class OAuthGrantTest {
Assert.assertTrue(oauth.getCurrentQuery().containsKey("code"));
OAuthClient.AccessTokenResponse accessToken = oauth.doAccessTokenRequest(oauth.getCurrentQuery().get("code"), "password");
SkeletonKeyToken token = oauth.verifyToken(accessToken.getAccessToken());
AccessToken token = oauth.verifyToken(accessToken.getAccessToken());
SkeletonKeyToken.Access realmAccess = token.getRealmAccess();
AccessToken.Access realmAccess = token.getRealmAccess();
Assert.assertNull(realmAccess);
Map<String,SkeletonKeyToken.Access> resourceAccess = token.getResourceAccess();
Map<String,AccessToken.Access> resourceAccess = token.getResourceAccess();
Assert.assertEquals(1, resourceAccess.size());
Assert.assertEquals(1, resourceAccess.get("test-app").getRoles().size());
Assert.assertTrue(resourceAccess.get("test-app").isUserInRole("customer-user"));

3
testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/OAuthRedirectUriTest.java
View file

@ -27,19 +27,16 @@ import org.junit.Rule;
import org.junit.Test;
import org.keycloak.models.ApplicationModel;
import org.keycloak.models.RealmModel;
import org.keycloak.representations.SkeletonKeyToken;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.testsuite.OAuthClient;
import org.keycloak.testsuite.pages.ErrorPage;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.pages.OAuthGrantPage;
import org.keycloak.testsuite.rule.KeycloakRule;
import org.keycloak.testsuite.rule.WebResource;
import org.keycloak.testsuite.rule.WebRule;
import org.openqa.selenium.WebDriver;
import java.io.IOException;
import java.util.Map;
/**
* @author <a href="mailto:vrockai@redhat.com">Viliam Rockai</a>

5
testsuite/integration/src/test/java/org/keycloak/testsuite/social/SocialLoginTest.java
View file

@ -27,7 +27,7 @@ import org.junit.ClassRule;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.models.RealmModel;
import org.keycloak.representations.SkeletonKeyToken;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.testsuite.DummySocialServlet;
@ -37,7 +37,6 @@ import org.keycloak.testsuite.pages.AppPage;
import org.keycloak.testsuite.pages.AppPage.RequestType;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.pages.LoginUpdateProfilePage;
import org.keycloak.testsuite.pages.RegisterPage;
import org.keycloak.testsuite.rule.KeycloakRule;
import org.keycloak.testsuite.rule.KeycloakRule.KeycloakSetup;
import org.keycloak.testsuite.rule.WebResource;
@ -105,7 +104,7 @@ public class SocialLoginTest {
AccessTokenResponse response = oauth.doAccessTokenRequest(oauth.getCurrentQuery().get("code"), "password");
SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken());
AccessToken token = oauth.verifyToken(response.getAccessToken());
Assert.assertEquals(36, token.getSubject().length());
UserRepresentation profile = oauth.getProfile(response.getAccessToken());