diff --git a/core/src/main/java/org/keycloak/SkeletonKeySession.java b/core/src/main/java/org/keycloak/KeycloakAuthenticatedSession.java similarity index 60% rename from core/src/main/java/org/keycloak/SkeletonKeySession.java rename to core/src/main/java/org/keycloak/KeycloakAuthenticatedSession.java index 83e87e95d3..33c87d9ac8 100755 --- a/core/src/main/java/org/keycloak/SkeletonKeySession.java +++ b/core/src/main/java/org/keycloak/KeycloakAuthenticatedSession.java @@ -1,7 +1,7 @@ package org.keycloak; import org.keycloak.adapters.ResourceMetadata; -import org.keycloak.representations.SkeletonKeyToken; +import org.keycloak.representations.AccessToken; import java.io.Serializable; @@ -9,21 +9,21 @@ import java.io.Serializable; * @author Bill Burke * @version $Revision: 1 $ */ -public class SkeletonKeySession implements Serializable { +public class KeycloakAuthenticatedSession implements Serializable { protected String tokenString; - protected SkeletonKeyToken token; + protected AccessToken token; protected transient ResourceMetadata metadata; - public SkeletonKeySession() { + public KeycloakAuthenticatedSession() { } - public SkeletonKeySession(String tokenString, SkeletonKeyToken token, ResourceMetadata metadata) { + public KeycloakAuthenticatedSession(String tokenString, AccessToken token, ResourceMetadata metadata) { this.tokenString = tokenString; this.token = token; this.metadata = metadata; } - public SkeletonKeyToken getToken() { + public AccessToken getToken() { return token; } diff --git a/core/src/main/java/org/keycloak/SkeletonKeyPrincipal.java b/core/src/main/java/org/keycloak/KeycloakPrincipal.java similarity index 81% rename from core/src/main/java/org/keycloak/SkeletonKeyPrincipal.java rename to core/src/main/java/org/keycloak/KeycloakPrincipal.java index eeb4e522f5..07a9322d9c 100755 --- a/core/src/main/java/org/keycloak/SkeletonKeyPrincipal.java +++ b/core/src/main/java/org/keycloak/KeycloakPrincipal.java @@ -6,11 +6,11 @@ import java.security.Principal; * @author Bill Burke * @version $Revision: 1 $ */ -public class SkeletonKeyPrincipal implements Principal { +public class KeycloakPrincipal implements Principal { protected String name; protected String surrogate; - public SkeletonKeyPrincipal(String name, String surrogate) { + public KeycloakPrincipal(String name, String surrogate) { this.name = name; this.surrogate = surrogate; } @@ -29,7 +29,7 @@ public class SkeletonKeyPrincipal implements Principal { if (this == o) return true; if (o == null || getClass() != o.getClass()) return false; - SkeletonKeyPrincipal that = (SkeletonKeyPrincipal) o; + KeycloakPrincipal that = (KeycloakPrincipal) o; if (!name.equals(that.name)) return false; if (surrogate != null ? !surrogate.equals(that.surrogate) : that.surrogate != null) return false; diff --git a/core/src/main/java/org/keycloak/RSATokenVerifier.java b/core/src/main/java/org/keycloak/RSATokenVerifier.java index f4d68960d3..5e5d25b1e5 100755 --- a/core/src/main/java/org/keycloak/RSATokenVerifier.java +++ b/core/src/main/java/org/keycloak/RSATokenVerifier.java @@ -2,7 +2,7 @@ package org.keycloak; import org.keycloak.jose.jws.JWSInput; import org.keycloak.jose.jws.crypto.RSAProvider; -import org.keycloak.representations.SkeletonKeyToken; +import org.keycloak.representations.AccessToken; import java.io.IOException; import java.security.PublicKey; @@ -13,7 +13,7 @@ import java.security.PublicKey; */ public class RSATokenVerifier { - public static SkeletonKeyToken verifyToken(String tokenString, PublicKey realmKey, String realm) throws VerificationException { + public static AccessToken verifyToken(String tokenString, PublicKey realmKey, String realm) throws VerificationException { JWSInput input = new JWSInput(tokenString); boolean verified = false; try { @@ -23,9 +23,9 @@ public class RSATokenVerifier { } if (!verified) throw new VerificationException("Token signature not validated"); - SkeletonKeyToken token = null; + AccessToken token = null; try { - token = input.readJsonContent(SkeletonKeyToken.class); + token = input.readJsonContent(AccessToken.class); } catch (IOException e) { throw new VerificationException(e); } diff --git a/core/src/main/java/org/keycloak/representations/SkeletonKeyScope.java b/core/src/main/java/org/keycloak/representations/AccessScope.java similarity index 74% rename from core/src/main/java/org/keycloak/representations/SkeletonKeyScope.java rename to core/src/main/java/org/keycloak/representations/AccessScope.java index d721dddf98..eb228b91e1 100755 --- a/core/src/main/java/org/keycloak/representations/SkeletonKeyScope.java +++ b/core/src/main/java/org/keycloak/representations/AccessScope.java @@ -9,5 +9,5 @@ import org.keycloak.util.MultivaluedHashMap; * @author Bill Burke * @version $Revision: 1 $ */ -public class SkeletonKeyScope extends MultivaluedHashMap { +public class AccessScope extends MultivaluedHashMap { } diff --git a/core/src/main/java/org/keycloak/representations/SkeletonKeyToken.java b/core/src/main/java/org/keycloak/representations/AccessToken.java similarity index 74% rename from core/src/main/java/org/keycloak/representations/SkeletonKeyToken.java rename to core/src/main/java/org/keycloak/representations/AccessToken.java index 8744f617a7..fd93257b99 100755 --- a/core/src/main/java/org/keycloak/representations/SkeletonKeyToken.java +++ b/core/src/main/java/org/keycloak/representations/AccessToken.java @@ -12,7 +12,7 @@ import java.util.Set; * @author Bill Burke * @version $Revision: 1 $ */ -public class SkeletonKeyToken extends JsonWebToken { +public class AccessToken extends JsonWebToken { public static class Access { @JsonProperty("roles") protected Set roles; @@ -103,43 +103,43 @@ public class SkeletonKeyToken extends JsonWebToken { } @Override - public SkeletonKeyToken id(String id) { - return (SkeletonKeyToken) super.id(id); + public AccessToken id(String id) { + return (AccessToken) super.id(id); } @Override - public SkeletonKeyToken expiration(long expiration) { - return (SkeletonKeyToken) super.expiration(expiration); + public AccessToken expiration(long expiration) { + return (AccessToken) super.expiration(expiration); } @Override - public SkeletonKeyToken notBefore(long notBefore) { - return (SkeletonKeyToken) super.notBefore(notBefore); + public AccessToken notBefore(long notBefore) { + return (AccessToken) super.notBefore(notBefore); } @Override - public SkeletonKeyToken issuedAt(long issuedAt) { - return (SkeletonKeyToken) super.issuedAt(issuedAt); + public AccessToken issuedAt(long issuedAt) { + return (AccessToken) super.issuedAt(issuedAt); } @Override - public SkeletonKeyToken issuer(String issuer) { - return (SkeletonKeyToken) super.issuer(issuer); + public AccessToken issuer(String issuer) { + return (AccessToken) super.issuer(issuer); } @Override - public SkeletonKeyToken audience(String audience) { - return (SkeletonKeyToken) super.audience(audience); + public AccessToken audience(String audience) { + return (AccessToken) super.audience(audience); } @Override - public SkeletonKeyToken subject(String subject) { - return (SkeletonKeyToken) super.subject(subject); + public AccessToken subject(String subject) { + return (AccessToken) super.subject(subject); } @Override - public SkeletonKeyToken type(String type) { - return (SkeletonKeyToken) super.type(type); + public AccessToken type(String type) { + return (AccessToken) super.type(type); } public Set getAllowedOrigins() { @@ -167,8 +167,8 @@ public class SkeletonKeyToken extends JsonWebToken { } @Override - public SkeletonKeyToken issuedFor(String issuedFor) { - return (SkeletonKeyToken)super.issuedFor(issuedFor); + public AccessToken issuedFor(String issuedFor) { + return (AccessToken)super.issuedFor(issuedFor); } diff --git a/core/src/main/java/org/keycloak/representations/adapters/config/BaseAdapterConfig.java b/core/src/main/java/org/keycloak/representations/adapters/config/BaseAdapterConfig.java index 1e2ffa782c..808e46adbb 100755 --- a/core/src/main/java/org/keycloak/representations/adapters/config/BaseAdapterConfig.java +++ b/core/src/main/java/org/keycloak/representations/adapters/config/BaseAdapterConfig.java @@ -2,7 +2,7 @@ package org.keycloak.representations.adapters.config; import org.codehaus.jackson.annotate.JsonProperty; import org.codehaus.jackson.annotate.JsonPropertyOrder; -import org.keycloak.representations.SkeletonKeyScope; +import org.keycloak.representations.AccessScope; import java.util.HashMap; import java.util.Map; @@ -38,7 +38,7 @@ public class BaseAdapterConfig extends BaseRealmConfig { @JsonProperty("credentials") protected Map credentials = new HashMap(); @JsonProperty("scope") - protected SkeletonKeyScope scope; + protected AccessScope scope; public boolean isUseResourceRoleMappings() { @@ -113,11 +113,11 @@ public class BaseAdapterConfig extends BaseRealmConfig { this.credentials = credentials; } - public SkeletonKeyScope getScope() { + public AccessScope getScope() { return scope; } - public void setScope(SkeletonKeyScope scope) { + public void setScope(AccessScope scope) { this.scope = scope; } } diff --git a/core/src/test/java/org/keycloak/RSAVerifierTest.java b/core/src/test/java/org/keycloak/RSAVerifierTest.java index 546cf70b01..b9e2848537 100755 --- a/core/src/test/java/org/keycloak/RSAVerifierTest.java +++ b/core/src/test/java/org/keycloak/RSAVerifierTest.java @@ -8,7 +8,7 @@ import org.junit.Before; import org.junit.BeforeClass; import org.junit.Test; import org.keycloak.jose.jws.JWSBuilder; -import org.keycloak.representations.SkeletonKeyToken; +import org.keycloak.representations.AccessToken; import javax.security.auth.x500.X500Principal; import java.io.IOException; @@ -35,7 +35,7 @@ public class RSAVerifierTest { private static KeyPair badPair; private static KeyPair clientPair; private static X509Certificate[] clientCertificateChain; - private SkeletonKeyToken token; + private AccessToken token; static { if (Security.getProvider("BC") == null) Security.addProvider(new BouncyCastleProvider()); @@ -69,7 +69,7 @@ public class RSAVerifierTest { @Before public void initTest() { - token = new SkeletonKeyToken(); + token = new AccessToken(); token.subject("CN=Client") .audience("domain") .addAccess("service").addRole("admin"); @@ -95,12 +95,12 @@ public class RSAVerifierTest { String encoded = new JWSBuilder() .jsonContent(token) .rsa256(idpPair.getPrivate()); - SkeletonKeyToken token = verifySkeletonKeyToken(encoded); + AccessToken token = verifySkeletonKeyToken(encoded); Assert.assertTrue(token.getResourceAccess("service").getRoles().contains("admin")); Assert.assertEquals("CN=Client", token.getSubject()); } - private SkeletonKeyToken verifySkeletonKeyToken(String encoded) throws VerificationException { + private AccessToken verifySkeletonKeyToken(String encoded) throws VerificationException { return RSATokenVerifier.verifyToken(encoded, idpPair.getPublic(), "domain"); } @@ -135,7 +135,7 @@ public class RSAVerifierTest { .jsonContent(token) .rsa256(badPair.getPrivate()); - SkeletonKeyToken v = null; + AccessToken v = null; try { v = verifySkeletonKeyToken(encoded); Assert.fail(); @@ -151,7 +151,7 @@ public class RSAVerifierTest { .jsonContent(token) .rsa256(idpPair.getPrivate()); - SkeletonKeyToken v = null; + AccessToken v = null; try { v = verifySkeletonKeyToken(encoded); } catch (VerificationException ignored) { @@ -167,7 +167,7 @@ public class RSAVerifierTest { .jsonContent(token) .rsa256(idpPair.getPrivate()); - SkeletonKeyToken v = null; + AccessToken v = null; try { v = verifySkeletonKeyToken(encoded); Assert.fail(); @@ -184,7 +184,7 @@ public class RSAVerifierTest { .jsonContent(token) .rsa256(idpPair.getPrivate()); - SkeletonKeyToken v = null; + AccessToken v = null; try { v = verifySkeletonKeyToken(encoded); } catch (VerificationException ignored) { @@ -200,7 +200,7 @@ public class RSAVerifierTest { .jsonContent(token) .rsa256(idpPair.getPrivate()); - SkeletonKeyToken v = null; + AccessToken v = null; try { v = verifySkeletonKeyToken(encoded); Assert.fail(); @@ -211,7 +211,7 @@ public class RSAVerifierTest { @Test public void testTokenAuth() throws Exception { - token = new SkeletonKeyToken(); + token = new AccessToken(); token.subject("CN=Client") .audience("domain") .addAccess("service").addRole("admin").verifyCaller(true); @@ -220,7 +220,7 @@ public class RSAVerifierTest { .jsonContent(token) .rsa256(idpPair.getPrivate()); - SkeletonKeyToken v = null; + AccessToken v = null; try { v = verifySkeletonKeyToken(encoded); } catch (VerificationException ignored) { diff --git a/core/src/test/java/org/keycloak/SkeletonKeyTokenTest.java b/core/src/test/java/org/keycloak/SkeletonKeyTokenTest.java index f016b4855f..9717b203a1 100755 --- a/core/src/test/java/org/keycloak/SkeletonKeyTokenTest.java +++ b/core/src/test/java/org/keycloak/SkeletonKeyTokenTest.java @@ -5,8 +5,8 @@ import org.junit.Test; import org.keycloak.jose.jws.JWSBuilder; import org.keycloak.jose.jws.JWSInput; import org.keycloak.jose.jws.crypto.RSAProvider; -import org.keycloak.representations.SkeletonKeyScope; -import org.keycloak.representations.SkeletonKeyToken; +import org.keycloak.representations.AccessScope; +import org.keycloak.representations.AccessToken; import org.keycloak.util.JsonSerialization; import java.io.IOException; @@ -29,7 +29,7 @@ public class SkeletonKeyTokenTest { public void run() { for (int i = 0; i < 10000; i++) { try { - SkeletonKeyScope scope = JsonSerialization.readValue(json.getBytes(), SkeletonKeyScope.class); + AccessScope scope = JsonSerialization.readValue(json.getBytes(), AccessScope.class); } catch (IOException e) { } @@ -39,7 +39,7 @@ public class SkeletonKeyTokenTest { @Test public void testScope() throws Exception { - SkeletonKeyScope scope2 = new SkeletonKeyScope(); + AccessScope scope2 = new AccessScope(); scope2.add("one", "admin"); scope2.add("one", "buyer"); @@ -69,7 +69,7 @@ public class SkeletonKeyTokenTest { @Test public void testToken() throws Exception { - SkeletonKeyToken token = new SkeletonKeyToken(); + AccessToken token = new AccessToken(); token.id("111"); token.addAccess("foo").addRole("admin"); token.addAccess("bar").addRole("user"); @@ -77,9 +77,9 @@ public class SkeletonKeyTokenTest { String json = JsonSerialization.writeValueAsString(token); System.out.println(json); - token = JsonSerialization.readValue(json, SkeletonKeyToken.class); + token = JsonSerialization.readValue(json, AccessToken.class); Assert.assertEquals("111", token.getId()); - SkeletonKeyToken.Access foo = token.getResourceAccess("foo"); + AccessToken.Access foo = token.getResourceAccess("foo"); Assert.assertNotNull(foo); Assert.assertTrue(foo.isUserInRole("admin")); @@ -87,7 +87,7 @@ public class SkeletonKeyTokenTest { @Test public void testRSA() throws Exception { - SkeletonKeyToken token = new SkeletonKeyToken(); + AccessToken token = new AccessToken(); token.id("111"); token.addAccess("foo").addRole("admin"); token.addAccess("bar").addRole("user"); @@ -102,7 +102,7 @@ public class SkeletonKeyTokenTest { JWSInput input = new JWSInput(encoded); - token = input.readJsonContent(SkeletonKeyToken.class); + token = input.readJsonContent(AccessToken.class); Assert.assertEquals("111", token.getId()); Assert.assertTrue(RSAProvider.verify(input, keyPair.getPublic())); } diff --git a/docbook/reference/en/en-US/modules/MigrationFromOlderVersions.xml b/docbook/reference/en/en-US/modules/MigrationFromOlderVersions.xml index f94df455f7..8830a7f434 100755 --- a/docbook/reference/en/en-US/modules/MigrationFromOlderVersions.xml +++ b/docbook/reference/en/en-US/modules/MigrationFromOlderVersions.xml @@ -1,7 +1,16 @@ Migration from older versions - Migrating from 1.0 Alpha 1 to 1.0 Alpha 2 + Migrating from 1.0 Alpha 2 to Alpha 3 + + + SkeletonKeyToken, SkeletonKeyScope, SkeletonKeyPrincipal, and SkeletonKeySession have been renamed to: + AccessToken, AccessScope, KeycloakPrincipal, and KeycloakAuthenticatedSession respectively. + + + + + Migrating from 1.0 Alpha 1 to Alpha 2 DB Schema has changed. We don't have any data migration utilities yet as of Alpha 2. diff --git a/examples/demo-template/customer-app/src/main/java/org/keycloak/example/CustomerDatabaseClient.java b/examples/demo-template/customer-app/src/main/java/org/keycloak/example/CustomerDatabaseClient.java index e4f2172f79..196579da59 100755 --- a/examples/demo-template/customer-app/src/main/java/org/keycloak/example/CustomerDatabaseClient.java +++ b/examples/demo-template/customer-app/src/main/java/org/keycloak/example/CustomerDatabaseClient.java @@ -4,7 +4,7 @@ import org.apache.http.HttpEntity; import org.apache.http.HttpResponse; import org.apache.http.client.HttpClient; import org.apache.http.client.methods.HttpGet; -import org.keycloak.SkeletonKeySession; +import org.keycloak.KeycloakAuthenticatedSession; import org.keycloak.adapters.HttpClientBuilder; import org.keycloak.util.JsonSerialization; @@ -36,7 +36,7 @@ public class CustomerDatabaseClient { } public static List getCustomers(HttpServletRequest req) throws Failure { - SkeletonKeySession session = (SkeletonKeySession) req.getAttribute(SkeletonKeySession.class.getName()); + KeycloakAuthenticatedSession session = (KeycloakAuthenticatedSession) req.getAttribute(KeycloakAuthenticatedSession.class.getName()); HttpClient client = new HttpClientBuilder() .trustStore(session.getMetadata().getTruststore()) diff --git a/examples/demo-template/product-app/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java b/examples/demo-template/product-app/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java index 0d529a3a88..5991f634cc 100755 --- a/examples/demo-template/product-app/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java +++ b/examples/demo-template/product-app/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java @@ -4,7 +4,7 @@ import org.apache.http.HttpEntity; import org.apache.http.HttpResponse; import org.apache.http.client.HttpClient; import org.apache.http.client.methods.HttpGet; -import org.keycloak.SkeletonKeySession; +import org.keycloak.KeycloakAuthenticatedSession; import org.keycloak.adapters.HttpClientBuilder; import org.keycloak.util.JsonSerialization; @@ -35,7 +35,7 @@ public class ProductDatabaseClient } public static List getProducts(HttpServletRequest req) throws Failure { - SkeletonKeySession session = (SkeletonKeySession)req.getAttribute(SkeletonKeySession.class.getName()); + KeycloakAuthenticatedSession session = (KeycloakAuthenticatedSession)req.getAttribute(KeycloakAuthenticatedSession.class.getName()); HttpClient client = new HttpClientBuilder() .trustStore(session.getMetadata().getTruststore()) .hostnameVerification(HttpClientBuilder.HostnameVerificationPolicy.ANY).build(); diff --git a/integration/adapter-core/src/main/java/org/keycloak/adapters/config/AdapterConfigLoader.java b/integration/adapter-core/src/main/java/org/keycloak/adapters/config/AdapterConfigLoader.java index 8733ff9e38..95a3ddaadf 100755 --- a/integration/adapter-core/src/main/java/org/keycloak/adapters/config/AdapterConfigLoader.java +++ b/integration/adapter-core/src/main/java/org/keycloak/adapters/config/AdapterConfigLoader.java @@ -2,7 +2,7 @@ package org.keycloak.adapters.config; import org.codehaus.jackson.map.ObjectMapper; import org.codehaus.jackson.map.annotate.JsonSerialize; -import org.keycloak.representations.SkeletonKeyScope; +import org.keycloak.representations.AccessScope; import org.keycloak.util.Base64Url; import org.keycloak.util.EnvUtil; import org.keycloak.util.JsonSerialization; @@ -128,7 +128,7 @@ public class AdapterConfigLoader { } } - protected String encodeScope(SkeletonKeyScope scope) { + protected String encodeScope(AccessScope scope) { try { byte[] scopeBytes = JsonSerialization.writeValueAsBytes(scope); return Base64Url.encode(scopeBytes); diff --git a/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/AuthenticatedActionsValve.java b/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/AuthenticatedActionsValve.java index 6ae9fb3544..bbaf6b2e0f 100755 --- a/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/AuthenticatedActionsValve.java +++ b/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/AuthenticatedActionsValve.java @@ -7,10 +7,10 @@ import org.apache.catalina.connector.Request; import org.apache.catalina.connector.Response; import org.apache.catalina.valves.ValveBase; import org.jboss.logging.Logger; -import org.keycloak.SkeletonKeySession; +import org.keycloak.KeycloakAuthenticatedSession; import org.keycloak.adapters.AdapterConstants; +import org.keycloak.representations.AccessToken; import org.keycloak.representations.adapters.config.AdapterConfig; -import org.keycloak.representations.SkeletonKeyToken; import javax.management.ObjectName; import javax.servlet.ServletException; @@ -45,7 +45,7 @@ public class AuthenticatedActionsValve extends ValveBase { @Override public void invoke(Request request, Response response) throws IOException, ServletException { log.debugv("AuthenticatedActionsValve.invoke {0}", request.getRequestURI()); - SkeletonKeySession session = getSkeletonKeySession(request); + KeycloakAuthenticatedSession session = getSkeletonKeySession(request); if (corsRequest(request, response, session)) return; String requestUri = request.getRequestURI(); if (requestUri.endsWith(AdapterConstants.K_QUERY_BEARER_TOKEN)) { @@ -55,17 +55,17 @@ public class AuthenticatedActionsValve extends ValveBase { getNext().invoke(request, response); } - public SkeletonKeySession getSkeletonKeySession(Request request) { - SkeletonKeySession skSession = (SkeletonKeySession) request.getAttribute(SkeletonKeySession.class.getName()); + public KeycloakAuthenticatedSession getSkeletonKeySession(Request request) { + KeycloakAuthenticatedSession skSession = (KeycloakAuthenticatedSession) request.getAttribute(KeycloakAuthenticatedSession.class.getName()); if (skSession != null) return skSession; Session session = request.getSessionInternal(); if (session != null) { - return (SkeletonKeySession) session.getNote(SkeletonKeySession.class.getName()); + return (KeycloakAuthenticatedSession) session.getNote(KeycloakAuthenticatedSession.class.getName()); } return null; } - protected void queryBearerToken(Request request, Response response, SkeletonKeySession session) throws IOException, ServletException { + protected void queryBearerToken(Request request, Response response, KeycloakAuthenticatedSession session) throws IOException, ServletException { log.debugv("queryBearerToken {0}", request.getRequestURI()); if (abortTokenResponse(request, response, session)) return; response.setStatus(HttpServletResponse.SC_OK); @@ -75,7 +75,7 @@ public class AuthenticatedActionsValve extends ValveBase { } - protected boolean abortTokenResponse(Request request, Response response, SkeletonKeySession session) throws IOException { + protected boolean abortTokenResponse(Request request, Response response, KeycloakAuthenticatedSession session) throws IOException { if (session == null) { log.debugv("session was null, sending back 401: {0}", request.getRequestURI()); response.sendError(HttpServletResponse.SC_UNAUTHORIZED); @@ -92,13 +92,13 @@ public class AuthenticatedActionsValve extends ValveBase { return false; } - protected boolean corsRequest(Request request, Response response, SkeletonKeySession session) throws IOException { + protected boolean corsRequest(Request request, Response response, KeycloakAuthenticatedSession session) throws IOException { if (!config.isCors()) return false; log.debugv("CORS enabled + request.getRequestURI()"); String origin = request.getHeader("Origin"); log.debugv("Origin: {0} uri: {1}", origin, request.getRequestURI()); if (session != null && origin != null) { - SkeletonKeyToken token = session.getToken(); + AccessToken token = session.getToken(); Set allowedOrigins = token.getAllowedOrigins(); if (log.isDebugEnabled()) { for (String a : allowedOrigins) log.debug(" " + a); diff --git a/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/CatalinaBearerTokenAuthenticator.java b/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/CatalinaBearerTokenAuthenticator.java index 65db6939a4..86933f06de 100755 --- a/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/CatalinaBearerTokenAuthenticator.java +++ b/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/CatalinaBearerTokenAuthenticator.java @@ -2,12 +2,12 @@ package org.keycloak.adapters.as7; import org.apache.catalina.connector.Request; import org.jboss.logging.Logger; +import org.keycloak.KeycloakAuthenticatedSession; +import org.keycloak.KeycloakPrincipal; import org.keycloak.RSATokenVerifier; import org.keycloak.adapters.ResourceMetadata; -import org.keycloak.SkeletonKeyPrincipal; -import org.keycloak.SkeletonKeySession; import org.keycloak.VerificationException; -import org.keycloak.representations.SkeletonKeyToken; +import org.keycloak.representations.AccessToken; import javax.security.auth.login.LoginException; import javax.servlet.http.HttpServletResponse; @@ -26,7 +26,7 @@ public class CatalinaBearerTokenAuthenticator { protected boolean challenge; protected Logger log = Logger.getLogger(CatalinaBearerTokenAuthenticator.class); protected String tokenString; - protected SkeletonKeyToken token; + protected AccessToken token; private Principal principal; protected boolean useResourceRoleMappings; @@ -44,7 +44,7 @@ public class CatalinaBearerTokenAuthenticator { return tokenString; } - public SkeletonKeyToken getToken() { + public AccessToken getToken() { return token; } @@ -79,12 +79,12 @@ public class CatalinaBearerTokenAuthenticator { boolean verifyCaller = false; Set roles = new HashSet(); if (useResourceRoleMappings) { - SkeletonKeyToken.Access access = token.getResourceAccess(resourceMetadata.getResourceName()); + AccessToken.Access access = token.getResourceAccess(resourceMetadata.getResourceName()); if (access != null) roles = access.getRoles(); verifyCaller = token.isVerifyCaller(resourceMetadata.getResourceName()); } else { verifyCaller = token.isVerifyCaller(); - SkeletonKeyToken.Access access = token.getRealmAccess(); + AccessToken.Access access = token.getRealmAccess(); if (access != null) roles = access.getRoles(); } String surrogate = null; @@ -102,12 +102,12 @@ public class CatalinaBearerTokenAuthenticator { } surrogate = chain[0].getSubjectX500Principal().getName(); } - SkeletonKeyPrincipal skeletonKeyPrincipal = new SkeletonKeyPrincipal(token.getSubject(), surrogate); + KeycloakPrincipal skeletonKeyPrincipal = new KeycloakPrincipal(token.getSubject(), surrogate); principal = new CatalinaSecurityContextHelper().createPrincipal(request.getContext().getRealm(), skeletonKeyPrincipal, roles); request.setUserPrincipal(principal); request.setAuthType("OAUTH_BEARER"); - SkeletonKeySession skSession = new SkeletonKeySession(tokenString, token, resourceMetadata); - request.setAttribute(SkeletonKeySession.class.getName(), skSession); + KeycloakAuthenticatedSession skSession = new KeycloakAuthenticatedSession(tokenString, token, resourceMetadata); + request.setAttribute(KeycloakAuthenticatedSession.class.getName(), skSession); return true; } diff --git a/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/KeycloakAuthenticatorValve.java b/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/KeycloakAuthenticatorValve.java index 58bc6c97f9..23fb2bd59d 100755 --- a/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/KeycloakAuthenticatorValve.java +++ b/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/KeycloakAuthenticatorValve.java @@ -13,17 +13,17 @@ import org.apache.catalina.core.StandardContext; import org.apache.catalina.deploy.LoginConfig; import org.apache.catalina.realm.GenericPrincipal; import org.jboss.logging.Logger; +import org.keycloak.KeycloakAuthenticatedSession; +import org.keycloak.KeycloakPrincipal; import org.keycloak.adapters.AdapterConstants; import org.keycloak.adapters.ResourceMetadata; -import org.keycloak.SkeletonKeyPrincipal; -import org.keycloak.SkeletonKeySession; import org.keycloak.adapters.as7.config.CatalinaAdapterConfigLoader; +import org.keycloak.representations.AccessToken; import org.keycloak.representations.adapters.config.AdapterConfig; import org.keycloak.adapters.config.RealmConfiguration; import org.keycloak.adapters.config.RealmConfigurationLoader; import org.keycloak.jose.jws.JWSInput; import org.keycloak.jose.jws.crypto.RSAProvider; -import org.keycloak.representations.SkeletonKeyToken; import org.keycloak.representations.adapters.action.LogoutAction; import org.keycloak.util.JsonSerialization; import org.keycloak.util.StreamUtil; @@ -192,9 +192,9 @@ public class KeycloakAuthenticatorValve extends FormAuthenticator implements Lif request.setAuthType("OAUTH"); Session session = request.getSessionInternal(); if (session != null) { - SkeletonKeySession skSession = (SkeletonKeySession) session.getNote(SkeletonKeySession.class.getName()); + KeycloakAuthenticatedSession skSession = (KeycloakAuthenticatedSession) session.getNote(KeycloakAuthenticatedSession.class.getName()); if (skSession != null) { - request.setAttribute(SkeletonKeySession.class.getName(), skSession); + request.setAttribute(KeycloakAuthenticatedSession.class.getName(), skSession); } } return true; @@ -219,22 +219,22 @@ public class KeycloakAuthenticatorValve extends FormAuthenticator implements Lif } else { if (!oauth.resolveCode(code)) return; - SkeletonKeyToken token = oauth.getToken(); + AccessToken token = oauth.getToken(); Set roles = new HashSet(); if (adapterConfig.isUseResourceRoleMappings()) { - SkeletonKeyToken.Access access = token.getResourceAccess(resourceMetadata.getResourceName()); + AccessToken.Access access = token.getResourceAccess(resourceMetadata.getResourceName()); if (access != null) roles.addAll(access.getRoles()); } else { - SkeletonKeyToken.Access access = token.getRealmAccess(); + AccessToken.Access access = token.getRealmAccess(); if (access != null) roles.addAll(access.getRoles()); } - SkeletonKeyPrincipal skp = new SkeletonKeyPrincipal(token.getSubject(), null); + KeycloakPrincipal skp = new KeycloakPrincipal(token.getSubject(), null); GenericPrincipal principal = new CatalinaSecurityContextHelper().createPrincipal(context.getRealm(), skp, roles); Session session = request.getSessionInternal(true); session.setPrincipal(principal); session.setAuthType("OAUTH"); - SkeletonKeySession skSession = new SkeletonKeySession(oauth.getTokenString(), token, realmConfiguration.getMetadata()); - session.setNote(SkeletonKeySession.class.getName(), skSession); + KeycloakAuthenticatedSession skSession = new KeycloakAuthenticatedSession(oauth.getTokenString(), token, realmConfiguration.getMetadata()); + session.setNote(KeycloakAuthenticatedSession.class.getName(), skSession); String username = token.getSubject(); log.debug("userSessionManage.login: " + username); diff --git a/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/ServletOAuthLogin.java b/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/ServletOAuthLogin.java index 89314053f5..a2b3c30858 100755 --- a/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/ServletOAuthLogin.java +++ b/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/ServletOAuthLogin.java @@ -5,8 +5,8 @@ import org.keycloak.RSATokenVerifier; import org.keycloak.VerificationException; import org.keycloak.adapters.TokenGrantRequest; import org.keycloak.adapters.config.RealmConfiguration; +import org.keycloak.representations.AccessToken; import org.keycloak.representations.AccessTokenResponse; -import org.keycloak.representations.SkeletonKeyToken; import org.keycloak.util.KeycloakUriBuilder; import javax.servlet.http.Cookie; @@ -28,7 +28,7 @@ public class ServletOAuthLogin { protected RealmConfiguration realmInfo; protected int redirectPort; protected String tokenString; - protected SkeletonKeyToken token; + protected AccessToken token; public ServletOAuthLogin(RealmConfiguration realmInfo, HttpServletRequest request, HttpServletResponse response, int redirectPort) { this.request = request; @@ -41,7 +41,7 @@ public class ServletOAuthLogin { return tokenString; } - public SkeletonKeyToken getToken() { + public AccessToken getToken() { return token; } diff --git a/integration/jaxrs-oauth-client/src/main/java/org/keycloak/jaxrs/JaxrsBearerTokenFilter.java b/integration/jaxrs-oauth-client/src/main/java/org/keycloak/jaxrs/JaxrsBearerTokenFilter.java index 4461f24139..6e226365cc 100755 --- a/integration/jaxrs-oauth-client/src/main/java/org/keycloak/jaxrs/JaxrsBearerTokenFilter.java +++ b/integration/jaxrs-oauth-client/src/main/java/org/keycloak/jaxrs/JaxrsBearerTokenFilter.java @@ -2,12 +2,12 @@ package org.keycloak.jaxrs; import org.jboss.resteasy.logging.Logger; import org.jboss.resteasy.spi.ResteasyProviderFactory; +import org.keycloak.KeycloakAuthenticatedSession; +import org.keycloak.KeycloakPrincipal; import org.keycloak.RSATokenVerifier; import org.keycloak.adapters.ResourceMetadata; -import org.keycloak.SkeletonKeyPrincipal; -import org.keycloak.SkeletonKeySession; import org.keycloak.VerificationException; -import org.keycloak.representations.SkeletonKeyToken; +import org.keycloak.representations.AccessToken; import javax.annotation.Priority; import javax.ws.rs.Priorities; @@ -66,14 +66,14 @@ public class JaxrsBearerTokenFilter implements ContainerRequestFilter { try { - SkeletonKeyToken token = RSATokenVerifier.verifyToken(tokenString, resourceMetadata.getRealmKey(), resourceMetadata.getRealm()); - SkeletonKeySession skSession = new SkeletonKeySession(tokenString, token, resourceMetadata); - ResteasyProviderFactory.pushContext(SkeletonKeySession.class, skSession); + AccessToken token = RSATokenVerifier.verifyToken(tokenString, resourceMetadata.getRealmKey(), resourceMetadata.getRealm()); + KeycloakAuthenticatedSession skSession = new KeycloakAuthenticatedSession(tokenString, token, resourceMetadata); + ResteasyProviderFactory.pushContext(KeycloakAuthenticatedSession.class, skSession); String callerPrincipal = securityContext.getUserPrincipal() != null ? securityContext.getUserPrincipal().getName() : null; - final SkeletonKeyPrincipal principal = new SkeletonKeyPrincipal(token.getSubject(), callerPrincipal); + final KeycloakPrincipal principal = new KeycloakPrincipal(token.getSubject(), callerPrincipal); final boolean isSecure = securityContext.isSecure(); - final SkeletonKeyToken.Access access; + final AccessToken.Access access; if (resourceMetadata.getResourceName() != null) { access = token.getResourceAccess(resourceMetadata.getResourceName()); } else { diff --git a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/AuthenticatedActionsHandler.java b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/AuthenticatedActionsHandler.java index cc590fb8f7..23732836de 100755 --- a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/AuthenticatedActionsHandler.java +++ b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/AuthenticatedActionsHandler.java @@ -5,10 +5,10 @@ import io.undertow.server.HttpServerExchange; import io.undertow.util.Headers; import io.undertow.util.StatusCodes; import org.jboss.logging.Logger; -import org.keycloak.SkeletonKeySession; +import org.keycloak.KeycloakAuthenticatedSession; import org.keycloak.adapters.AdapterConstants; +import org.keycloak.representations.AccessToken; import org.keycloak.representations.adapters.config.AdapterConfig; -import org.keycloak.representations.SkeletonKeyToken; import javax.servlet.ServletException; import java.io.IOException; @@ -38,7 +38,7 @@ public class AuthenticatedActionsHandler implements HttpHandler { @Override public void handleRequest(HttpServerExchange exchange) throws Exception { log.debugv("AuthenticatedActionsValve.invoke {0}", exchange.getRequestURI()); - SkeletonKeySession session = getSkeletonKeySession(exchange); + KeycloakAuthenticatedSession session = getSkeletonKeySession(exchange); if (corsRequest(exchange, session)) return; String requestUri = exchange.getRequestURI(); if (requestUri.endsWith(AdapterConstants.K_QUERY_BEARER_TOKEN)) { @@ -48,13 +48,13 @@ public class AuthenticatedActionsHandler implements HttpHandler { next.handleRequest(exchange); } - public SkeletonKeySession getSkeletonKeySession(HttpServerExchange exchange) { - SkeletonKeySession skSession = exchange.getAttachment(KeycloakAuthenticationMechanism.SKELETON_KEY_SESSION_ATTACHMENT_KEY); + public KeycloakAuthenticatedSession getSkeletonKeySession(HttpServerExchange exchange) { + KeycloakAuthenticatedSession skSession = exchange.getAttachment(KeycloakAuthenticationMechanism.SKELETON_KEY_SESSION_ATTACHMENT_KEY); if (skSession != null) return skSession; return null; } - protected void queryBearerToken(HttpServerExchange exchange, SkeletonKeySession session) throws IOException, ServletException { + protected void queryBearerToken(HttpServerExchange exchange, KeycloakAuthenticatedSession session) throws IOException, ServletException { log.debugv("queryBearerToken {0}",exchange.getRequestURI()); if (abortTokenResponse(exchange, session)) return; exchange.setResponseCode(StatusCodes.OK); @@ -63,7 +63,7 @@ public class AuthenticatedActionsHandler implements HttpHandler { exchange.endExchange(); } - protected boolean abortTokenResponse(HttpServerExchange exchange, SkeletonKeySession session) throws IOException { + protected boolean abortTokenResponse(HttpServerExchange exchange, KeycloakAuthenticatedSession session) throws IOException { if (session == null) { log.debugv("session was null, sending back 401: {0}",exchange.getRequestURI()); exchange.setResponseCode(StatusCodes.UNAUTHORIZED); @@ -83,13 +83,13 @@ public class AuthenticatedActionsHandler implements HttpHandler { return false; } - protected boolean corsRequest(HttpServerExchange exchange, SkeletonKeySession session) throws IOException { + protected boolean corsRequest(HttpServerExchange exchange, KeycloakAuthenticatedSession session) throws IOException { if (!adapterConfig.isCors()) return false; log.debugv("CORS enabled + request.getRequestURI()"); String origin = exchange.getRequestHeaders().getFirst("Origin"); log.debugv("Origin: {0} uri: {1}", origin, exchange.getRequestURI()); if (session != null && origin != null) { - SkeletonKeyToken token = session.getToken(); + AccessToken token = session.getToken(); Set allowedOrigins = token.getAllowedOrigins(); if (log.isDebugEnabled()) { for (String a : allowedOrigins) log.debug(" " + a); diff --git a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/BearerTokenAuthenticator.java b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/BearerTokenAuthenticator.java index 978b382dfc..865c138620 100755 --- a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/BearerTokenAuthenticator.java +++ b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/BearerTokenAuthenticator.java @@ -7,7 +7,7 @@ import org.jboss.logging.Logger; import org.keycloak.RSATokenVerifier; import org.keycloak.adapters.ResourceMetadata; import org.keycloak.VerificationException; -import org.keycloak.representations.SkeletonKeyToken; +import org.keycloak.representations.AccessToken; import javax.security.cert.X509Certificate; import java.util.HashSet; @@ -26,7 +26,7 @@ public class BearerTokenAuthenticator { protected ResourceMetadata resourceMetadata; protected Logger log = Logger.getLogger(BearerTokenAuthenticator.class); protected String tokenString; - protected SkeletonKeyToken token; + protected AccessToken token; protected boolean useResourceRoleMappings; protected String surrogate; protected KeycloakChallenge challenge; @@ -48,7 +48,7 @@ public class BearerTokenAuthenticator { return tokenString; } - public SkeletonKeyToken getToken() { + public AccessToken getToken() { return token; } diff --git a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/KeycloakAuthenticationMechanism.java b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/KeycloakAuthenticationMechanism.java index 8f0df9d780..a113150cd7 100755 --- a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/KeycloakAuthenticationMechanism.java +++ b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/KeycloakAuthenticationMechanism.java @@ -6,12 +6,12 @@ import io.undertow.security.idm.Account; import io.undertow.server.HttpServerExchange; import io.undertow.util.AttachmentKey; import org.jboss.logging.Logger; +import org.keycloak.KeycloakAuthenticatedSession; +import org.keycloak.KeycloakPrincipal; import org.keycloak.adapters.config.RealmConfiguration; import org.keycloak.adapters.ResourceMetadata; -import org.keycloak.SkeletonKeyPrincipal; -import org.keycloak.SkeletonKeySession; +import org.keycloak.representations.AccessToken; import org.keycloak.representations.adapters.config.AdapterConfig; -import org.keycloak.representations.SkeletonKeyToken; import java.security.Principal; import java.util.Collections; @@ -25,7 +25,7 @@ public class KeycloakAuthenticationMechanism implements AuthenticationMechanism protected Logger log = Logger.getLogger(KeycloakAuthenticationMechanism.class); public static final AttachmentKey KEYCLOAK_CHALLENGE_ATTACHMENT_KEY = AttachmentKey.create(KeycloakChallenge.class); - public static final AttachmentKey SKELETON_KEY_SESSION_ATTACHMENT_KEY = AttachmentKey.create(SkeletonKeySession.class); + public static final AttachmentKey SKELETON_KEY_SESSION_ATTACHMENT_KEY = AttachmentKey.create(KeycloakAuthenticatedSession.class); protected ResourceMetadata resourceMetadata; protected AdapterConfig adapterConfig; @@ -59,10 +59,10 @@ public class KeycloakAuthenticationMechanism implements AuthenticationMechanism return AuthenticationMechanismOutcome.NOT_AUTHENTICATED; } else if (outcome == AuthenticationMechanismOutcome.AUTHENTICATED) { - final SkeletonKeyToken token = bearer.getToken(); + final AccessToken token = bearer.getToken(); String surrogate = bearer.getSurrogate(); - SkeletonKeySession session = new SkeletonKeySession(bearer.getTokenString(), token, resourceMetadata); - SkeletonKeyPrincipal principal = completeAuthentication(securityContext, token, surrogate); + KeycloakAuthenticatedSession session = new KeycloakAuthenticatedSession(bearer.getTokenString(), token, resourceMetadata); + KeycloakPrincipal principal = completeAuthentication(securityContext, token, surrogate); propagateBearer(exchange, session, principal); return AuthenticationMechanismOutcome.AUTHENTICATED; } @@ -82,8 +82,8 @@ public class KeycloakAuthenticationMechanism implements AuthenticationMechanism return AuthenticationMechanismOutcome.NOT_ATTEMPTED; } - SkeletonKeySession session = new SkeletonKeySession(oauth.getTokenString(), oauth.getToken(), resourceMetadata); - SkeletonKeyPrincipal principal = completeAuthentication(securityContext, oauth.getToken(), null); + KeycloakAuthenticatedSession session = new KeycloakAuthenticatedSession(oauth.getTokenString(), oauth.getToken(), resourceMetadata); + KeycloakPrincipal principal = completeAuthentication(securityContext, oauth.getToken(), null); propagateOauth(exchange, session, principal); log.info("AUTHENTICATED"); return AuthenticationMechanismOutcome.AUTHENTICATED; @@ -97,14 +97,14 @@ public class KeycloakAuthenticationMechanism implements AuthenticationMechanism return new BearerTokenAuthenticator(resourceMetadata, adapterConfig.isUseResourceRoleMappings()); } - protected SkeletonKeyPrincipal completeAuthentication(SecurityContext securityContext, SkeletonKeyToken token, String surrogate) { - final SkeletonKeyPrincipal skeletonKeyPrincipal = new SkeletonKeyPrincipal(token.getSubject(), surrogate); + protected KeycloakPrincipal completeAuthentication(SecurityContext securityContext, AccessToken token, String surrogate) { + final KeycloakPrincipal skeletonKeyPrincipal = new KeycloakPrincipal(token.getSubject(), surrogate); Set roles = null; if (adapterConfig.isUseResourceRoleMappings()) { - SkeletonKeyToken.Access access = token.getResourceAccess(resourceMetadata.getResourceName()); + AccessToken.Access access = token.getResourceAccess(resourceMetadata.getResourceName()); if (access != null) roles = access.getRoles(); } else { - SkeletonKeyToken.Access access = token.getRealmAccess(); + AccessToken.Access access = token.getRealmAccess(); if (access != null) roles = access.getRoles(); } if (roles == null) roles = Collections.emptySet(); @@ -124,12 +124,12 @@ public class KeycloakAuthenticationMechanism implements AuthenticationMechanism return skeletonKeyPrincipal; } - protected void propagateBearer(HttpServerExchange exchange, SkeletonKeySession session, SkeletonKeyPrincipal principal) { + protected void propagateBearer(HttpServerExchange exchange, KeycloakAuthenticatedSession session, KeycloakPrincipal principal) { exchange.putAttachment(SKELETON_KEY_SESSION_ATTACHMENT_KEY, session); } - protected void propagateOauth(HttpServerExchange exchange, SkeletonKeySession session, SkeletonKeyPrincipal principal) { + protected void propagateOauth(HttpServerExchange exchange, KeycloakAuthenticatedSession session, KeycloakPrincipal principal) { exchange.putAttachment(SKELETON_KEY_SESSION_ATTACHMENT_KEY, session); } diff --git a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/OAuthAuthenticator.java b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/OAuthAuthenticator.java index 9bf321a085..6205e171bf 100755 --- a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/OAuthAuthenticator.java +++ b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/OAuthAuthenticator.java @@ -12,8 +12,8 @@ import org.keycloak.RSATokenVerifier; import org.keycloak.adapters.config.RealmConfiguration; import org.keycloak.VerificationException; import org.keycloak.adapters.TokenGrantRequest; +import org.keycloak.representations.AccessToken; import org.keycloak.representations.AccessTokenResponse; -import org.keycloak.representations.SkeletonKeyToken; import org.keycloak.util.KeycloakUriBuilder; import java.io.IOException; @@ -31,7 +31,7 @@ public class OAuthAuthenticator { protected RealmConfiguration realmInfo; protected int sslRedirectPort; protected String tokenString; - protected SkeletonKeyToken token; + protected AccessToken token; protected HttpServerExchange exchange; protected KeycloakChallenge challenge; @@ -49,7 +49,7 @@ public class OAuthAuthenticator { return tokenString; } - public SkeletonKeyToken getToken() { + public AccessToken getToken() { return token; } diff --git a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/ServletAuthenticatedActionsHandler.java b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/ServletAuthenticatedActionsHandler.java index 63eea05294..a09bd48e85 100755 --- a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/ServletAuthenticatedActionsHandler.java +++ b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/ServletAuthenticatedActionsHandler.java @@ -4,7 +4,7 @@ import io.undertow.server.HandlerWrapper; import io.undertow.server.HttpHandler; import io.undertow.server.HttpServerExchange; import io.undertow.servlet.handlers.ServletRequestContext; -import org.keycloak.SkeletonKeySession; +import org.keycloak.KeycloakAuthenticatedSession; import org.keycloak.representations.adapters.config.AdapterConfig; import javax.servlet.http.HttpServletRequest; @@ -34,15 +34,15 @@ public class ServletAuthenticatedActionsHandler extends AuthenticatedActionsHand } @Override - public SkeletonKeySession getSkeletonKeySession(HttpServerExchange exchange) { - SkeletonKeySession skSession = super.getSkeletonKeySession(exchange); + public KeycloakAuthenticatedSession getSkeletonKeySession(HttpServerExchange exchange) { + KeycloakAuthenticatedSession skSession = super.getSkeletonKeySession(exchange); if (skSession != null) return skSession; final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); HttpServletRequest req = (HttpServletRequest) servletRequestContext.getServletRequest(); HttpSession session = req.getSession(false); if (session == null) return null; - return (SkeletonKeySession)session.getAttribute(SkeletonKeySession.class.getName()); + return (KeycloakAuthenticatedSession)session.getAttribute(KeycloakAuthenticatedSession.class.getName()); } } diff --git a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/ServletKeycloakAuthenticationMechanism.java b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/ServletKeycloakAuthenticationMechanism.java index 89f8719c92..0645084159 100755 --- a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/ServletKeycloakAuthenticationMechanism.java +++ b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/ServletKeycloakAuthenticationMechanism.java @@ -3,10 +3,10 @@ package org.keycloak.adapters.undertow; import io.undertow.server.HttpServerExchange; import io.undertow.servlet.api.ConfidentialPortManager; import io.undertow.servlet.handlers.ServletRequestContext; -import org.keycloak.SkeletonKeyPrincipal; +import org.keycloak.KeycloakAuthenticatedSession; +import org.keycloak.KeycloakPrincipal; import org.keycloak.adapters.config.RealmConfiguration; import org.keycloak.adapters.ResourceMetadata; -import org.keycloak.SkeletonKeySession; import org.keycloak.representations.adapters.config.AdapterConfig; import javax.servlet.http.HttpServletRequest; @@ -39,21 +39,21 @@ public class ServletKeycloakAuthenticationMechanism extends KeycloakAuthenticati } @Override - protected void propagateBearer(HttpServerExchange exchange, SkeletonKeySession skSession, SkeletonKeyPrincipal principal) { + protected void propagateBearer(HttpServerExchange exchange, KeycloakAuthenticatedSession skSession, KeycloakPrincipal principal) { super.propagateBearer(exchange, skSession, principal); final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); HttpServletRequest req = (HttpServletRequest) servletRequestContext.getServletRequest(); - req.setAttribute(SkeletonKeySession.class.getName(), skSession); + req.setAttribute(KeycloakAuthenticatedSession.class.getName(), skSession); } @Override - protected void propagateOauth(HttpServerExchange exchange, SkeletonKeySession skSession, SkeletonKeyPrincipal principal) { + protected void propagateOauth(HttpServerExchange exchange, KeycloakAuthenticatedSession skSession, KeycloakPrincipal principal) { super.propagateBearer(exchange, skSession, principal); final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); HttpServletRequest req = (HttpServletRequest) servletRequestContext.getServletRequest(); - req.setAttribute(SkeletonKeySession.class.getName(), skSession); + req.setAttribute(KeycloakAuthenticatedSession.class.getName(), skSession); HttpSession session = req.getSession(true); - session.setAttribute(SkeletonKeySession.class.getName(), skSession); + session.setAttribute(KeycloakAuthenticatedSession.class.getName(), skSession); userSessionManagement.login(servletRequestContext.getDeployment().getSessionManager(), session, principal.getName()); } } diff --git a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/ServletPropagateSessionHandler.java b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/ServletPropagateSessionHandler.java index b8a25d3a18..608f8671ff 100755 --- a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/ServletPropagateSessionHandler.java +++ b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/ServletPropagateSessionHandler.java @@ -5,7 +5,7 @@ import io.undertow.server.HttpHandler; import io.undertow.server.HttpServerExchange; import io.undertow.servlet.handlers.ServletRequestContext; import org.jboss.logging.Logger; -import org.keycloak.SkeletonKeySession; +import org.keycloak.KeycloakAuthenticatedSession; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpSession; @@ -36,7 +36,7 @@ public class ServletPropagateSessionHandler implements HttpHandler { log.info("handleRequest"); final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); HttpServletRequest req = (HttpServletRequest) servletRequestContext.getServletRequest(); - SkeletonKeySession skSession = (SkeletonKeySession)req.getAttribute(SkeletonKeySession.class.getName()); + KeycloakAuthenticatedSession skSession = (KeycloakAuthenticatedSession)req.getAttribute(KeycloakAuthenticatedSession.class.getName()); if (skSession != null) { log.info("skSession is in request"); next.handleRequest(exchange); @@ -49,14 +49,14 @@ public class ServletPropagateSessionHandler implements HttpHandler { next.handleRequest(exchange); return; } - skSession = (SkeletonKeySession)session.getAttribute(SkeletonKeySession.class.getName()); + skSession = (KeycloakAuthenticatedSession)session.getAttribute(KeycloakAuthenticatedSession.class.getName()); if (skSession == null) { log.info("skSession not in http session, nothing to propagate"); next.handleRequest(exchange); return; } log.info("propagating"); - req.setAttribute(SkeletonKeySession.class.getName(), skSession); + req.setAttribute(KeycloakAuthenticatedSession.class.getName(), skSession); exchange.putAttachment(KeycloakAuthenticationMechanism.SKELETON_KEY_SESSION_ATTACHMENT_KEY, skSession); next.handleRequest(exchange); } diff --git a/services/src/main/java/org/keycloak/services/managers/AccessCodeEntry.java b/services/src/main/java/org/keycloak/services/managers/AccessCodeEntry.java index 07bebe3398..e3268cf06a 100755 --- a/services/src/main/java/org/keycloak/services/managers/AccessCodeEntry.java +++ b/services/src/main/java/org/keycloak/services/managers/AccessCodeEntry.java @@ -4,7 +4,7 @@ import org.keycloak.models.RealmModel; import org.keycloak.models.RoleModel; import org.keycloak.models.UserModel; import org.keycloak.models.UserModel.RequiredAction; -import org.keycloak.representations.SkeletonKeyToken; +import org.keycloak.representations.AccessToken; import javax.ws.rs.core.MultivaluedHashMap; import javax.ws.rs.core.MultivaluedMap; @@ -25,7 +25,7 @@ public class AccessCodeEntry { protected long expiration; protected RealmModel realm; - protected SkeletonKeyToken token; + protected AccessToken token; protected UserModel user; protected Set requiredActions; protected UserModel client; @@ -64,11 +64,11 @@ public class AccessCodeEntry { this.expiration = expiration; } - public SkeletonKeyToken getToken() { + public AccessToken getToken() { return token; } - public void setToken(SkeletonKeyToken token) { + public void setToken(AccessToken token) { this.token = token; } diff --git a/services/src/main/java/org/keycloak/services/managers/ApplicationManager.java b/services/src/main/java/org/keycloak/services/managers/ApplicationManager.java index bfa7ebf8ce..55642a2f63 100755 --- a/services/src/main/java/org/keycloak/services/managers/ApplicationManager.java +++ b/services/src/main/java/org/keycloak/services/managers/ApplicationManager.java @@ -9,15 +9,11 @@ import org.keycloak.models.RealmModel; import org.keycloak.models.RoleModel; import org.keycloak.models.UserCredentialModel; import org.keycloak.models.UserModel; -import org.keycloak.representations.SkeletonKeyScope; -import org.keycloak.representations.adapters.config.BaseAdapterConfig; import org.keycloak.representations.adapters.config.BaseRealmConfig; import org.keycloak.representations.idm.ApplicationRepresentation; import org.keycloak.representations.idm.CredentialRepresentation; -import org.keycloak.representations.idm.RoleRepresentation; import org.keycloak.representations.idm.ScopeMappingRepresentation; import org.keycloak.representations.idm.UserRoleMappingRepresentation; -import org.keycloak.services.resources.flows.Urls; import java.net.URI; import java.util.HashSet; @@ -26,7 +22,6 @@ import java.util.List; import java.util.Set; import java.util.Map; import java.util.HashMap; -import java.util.UUID; /** * @author Bill Burke diff --git a/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java b/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java index 4008fa1692..7d48d3e8b4 100755 --- a/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java +++ b/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java @@ -12,7 +12,7 @@ import org.keycloak.models.RequiredCredentialModel; import org.keycloak.models.RoleModel; import org.keycloak.models.UserModel; import org.keycloak.models.utils.KeycloakModelUtils; -import org.keycloak.representations.SkeletonKeyToken; +import org.keycloak.representations.AccessToken; import org.keycloak.representations.idm.CredentialRepresentation; import org.keycloak.services.resources.AccountService; import org.keycloak.services.resources.admin.AdminService; @@ -40,8 +40,8 @@ public class AuthenticationManager { public static final String FORM_USERNAME = "username"; public static final String KEYCLOAK_IDENTITY_COOKIE = "KEYCLOAK_IDENTITY"; - public SkeletonKeyToken createIdentityToken(RealmModel realm, UserModel user) { - SkeletonKeyToken token = new SkeletonKeyToken(); + public AccessToken createIdentityToken(RealmModel realm, UserModel user) { + AccessToken token = new AccessToken(); token.id(KeycloakModelUtils.generateId()); token.issuedNow(); token.subject(user.getId()); @@ -73,7 +73,7 @@ public class AuthenticationManager { } protected NewCookie createLoginCookie(RealmModel realm, UserModel user, UserModel client, String cookieName, String cookiePath) { - SkeletonKeyToken identityToken = createIdentityToken(realm, user); + AccessToken identityToken = createIdentityToken(realm, user); if (client != null) { identityToken.issuedFor(client.getLoginName()); } @@ -168,7 +168,7 @@ public class AuthenticationManager { String tokenString = cookie.getValue(); try { - SkeletonKeyToken token = RSATokenVerifier.verifyToken(tokenString, realm.getPublicKey(), realm.getName()); + AccessToken token = RSATokenVerifier.verifyToken(tokenString, realm.getPublicKey(), realm.getName()); if (!token.isActive()) { logger.debug("identity cookie expired"); expireIdentityCookie(realm, uriInfo); @@ -217,7 +217,7 @@ public class AuthenticationManager { try { - SkeletonKeyToken token = RSATokenVerifier.verifyToken(tokenString, realm.getPublicKey(), realm.getName()); + AccessToken token = RSATokenVerifier.verifyToken(tokenString, realm.getPublicKey(), realm.getName()); if (!token.isActive()) { throw new NotAuthorizedException("token_expired"); } @@ -330,15 +330,15 @@ public class AuthenticationManager { } public static class Auth { - private SkeletonKeyToken token; + private AccessToken token; private UserModel user; private UserModel client; - public Auth(SkeletonKeyToken token) { + public Auth(AccessToken token) { this.token = token; } - public SkeletonKeyToken getToken() { + public AccessToken getToken() { return token; } diff --git a/services/src/main/java/org/keycloak/services/managers/TokenManager.java b/services/src/main/java/org/keycloak/services/managers/TokenManager.java index 48644b0859..f6555a015d 100755 --- a/services/src/main/java/org/keycloak/services/managers/TokenManager.java +++ b/services/src/main/java/org/keycloak/services/managers/TokenManager.java @@ -7,8 +7,8 @@ import org.keycloak.models.RealmModel; import org.keycloak.models.RoleModel; import org.keycloak.models.UserModel; import org.keycloak.models.utils.KeycloakModelUtils; -import org.keycloak.representations.SkeletonKeyScope; -import org.keycloak.representations.SkeletonKeyToken; +import org.keycloak.representations.AccessScope; +import org.keycloak.representations.AccessToken; import org.keycloak.util.Base64Url; import org.keycloak.util.JsonSerialization; @@ -44,7 +44,7 @@ public class TokenManager { return accessCodeMap.remove(key); } - protected boolean desiresScope(SkeletonKeyScope scope, String key, String roleName) { + protected boolean desiresScope(AccessScope scope, String key, String roleName) { if (scope == null || scope.isEmpty()) return true; List val = scope.get(key); if (val == null) return false; @@ -52,12 +52,12 @@ public class TokenManager { } - protected boolean desiresScopeGroup(SkeletonKeyScope scope, String key) { + protected boolean desiresScopeGroup(AccessScope scope, String key) { if (scope == null || scope.isEmpty()) return true; return scope.containsKey(key); } - protected boolean isEmpty(SkeletonKeyScope scope) { + protected boolean isEmpty(AccessScope scope) { return scope == null || scope.isEmpty(); } @@ -79,7 +79,7 @@ public class TokenManager { public AccessCodeEntry createAccessCode(String scopeParam, String state, String redirect, RealmModel realm, UserModel client, UserModel user) { AccessCodeEntry code = new AccessCodeEntry(); - SkeletonKeyScope scopeMap = null; + AccessScope scopeMap = null; if (scopeParam != null) scopeMap = decodeScope(scopeParam); List realmRolesRequested = code.getRealmRolesRequested(); MultivaluedMap resourceRolesRequested = code.getResourceRolesRequested(); @@ -131,8 +131,8 @@ public class TokenManager { return code; } - protected SkeletonKeyToken initToken(RealmModel realm, UserModel client, UserModel user) { - SkeletonKeyToken token = new SkeletonKeyToken(); + protected AccessToken initToken(RealmModel realm, UserModel client, UserModel user) { + AccessToken token = new AccessToken(); token.id(KeycloakModelUtils.generateId()); token.subject(user.getId()); token.audience(realm.getName()); @@ -148,12 +148,12 @@ public class TokenManager { return token; } - protected void addComposites(SkeletonKeyToken token, RoleModel role) { - SkeletonKeyToken.Access access = null; + protected void addComposites(AccessToken token, RoleModel role) { + AccessToken.Access access = null; if (role.getContainer() instanceof RealmModel) { access = token.getRealmAccess(); if (token.getRealmAccess() == null) { - access = new SkeletonKeyToken.Access(); + access = new AccessToken.Access(); token.setRealmAccess(access); } else if (token.getRealmAccess().getRoles() != null && token.getRealmAccess().isUserInRole(role.getName())) return; @@ -178,7 +178,7 @@ public class TokenManager { protected void createToken(AccessCodeEntry accessCodeEntry, RealmModel realm, UserModel client, UserModel user) { - SkeletonKeyToken token = initToken(realm, client, user); + AccessToken token = initToken(realm, client, user); if (accessCodeEntry.getRealmRolesRequested().size() > 0) { for (RoleModel role : accessCodeEntry.getRealmRolesRequested()) { @@ -196,7 +196,7 @@ public class TokenManager { accessCodeEntry.setToken(token); } - public String encodeScope(SkeletonKeyScope scope) { + public String encodeScope(AccessScope scope) { String token = null; try { token = JsonSerialization.writeValueAsString(scope); @@ -206,11 +206,11 @@ public class TokenManager { return Base64Url.encode(token.getBytes()); } - public SkeletonKeyScope decodeScope(String scopeParam) { - SkeletonKeyScope scope = null; + public AccessScope decodeScope(String scopeParam) { + AccessScope scope = null; byte[] bytes = Base64Url.decode(scopeParam); try { - scope = JsonSerialization.readValue(bytes, SkeletonKeyScope.class); + scope = JsonSerialization.readValue(bytes, AccessScope.class); } catch (IOException e) { throw new RuntimeException(e); } @@ -218,8 +218,8 @@ public class TokenManager { } - public SkeletonKeyToken createAccessToken(RealmModel realm, UserModel user) { - SkeletonKeyToken token = new SkeletonKeyToken(); + public AccessToken createAccessToken(RealmModel realm, UserModel user) { + AccessToken token = new AccessToken(); token.id(KeycloakModelUtils.generateId()); token.issuedNow(); token.subject(user.getId()); diff --git a/services/src/main/java/org/keycloak/services/resources/AccountService.java b/services/src/main/java/org/keycloak/services/resources/AccountService.java index 7ceddc9337..12c167ab63 100755 --- a/services/src/main/java/org/keycloak/services/resources/AccountService.java +++ b/services/src/main/java/org/keycloak/services/resources/AccountService.java @@ -32,7 +32,7 @@ import org.keycloak.jose.jws.JWSInput; import org.keycloak.jose.jws.crypto.RSAProvider; import org.keycloak.models.*; import org.keycloak.models.utils.TimeBasedOTP; -import org.keycloak.representations.SkeletonKeyToken; +import org.keycloak.representations.AccessToken; import org.keycloak.representations.idm.CredentialRepresentation; import org.keycloak.services.managers.AccessCodeEntry; import org.keycloak.services.managers.AuthenticationManager; @@ -390,7 +390,7 @@ public class AccountService { } } - SkeletonKeyToken.Access access = auth.getToken().getResourceAccess(application.getName()); + AccessToken.Access access = auth.getToken().getResourceAccess(application.getName()); if (access != null) { if (access.isUserInRole(Constants.ACCOUNT_MANAGE_ROLE) || (role != null && access.isUserInRole(role))) { return true; diff --git a/services/src/main/java/org/keycloak/services/resources/TokenService.java b/services/src/main/java/org/keycloak/services/resources/TokenService.java index f543a13a2b..9c82014c82 100755 --- a/services/src/main/java/org/keycloak/services/resources/TokenService.java +++ b/services/src/main/java/org/keycloak/services/resources/TokenService.java @@ -15,9 +15,8 @@ import org.keycloak.models.RequiredCredentialModel; import org.keycloak.models.RoleModel; import org.keycloak.models.UserCredentialModel; import org.keycloak.models.UserModel; -import org.keycloak.models.UserModel.RequiredAction; +import org.keycloak.representations.AccessToken; import org.keycloak.representations.AccessTokenResponse; -import org.keycloak.representations.SkeletonKeyToken; import org.keycloak.representations.idm.CredentialRepresentation; import org.keycloak.services.managers.AccessCodeEntry; import org.keycloak.services.managers.AuthenticationManager; @@ -154,7 +153,7 @@ public class TokenService { } tokenManager = new TokenManager(); - SkeletonKeyToken token = authManager.createIdentityToken(realm, user); + AccessToken token = authManager.createIdentityToken(realm, user); String encoded = tokenManager.encodeToken(realm, token); AccessTokenResponse res = accessTokenResponse(token, encoded); return Response.ok(res, MediaType.APPLICATION_JSON_TYPE).build(); @@ -186,7 +185,7 @@ public class TokenService { if (authManager.authenticateForm(realm, user, form) != AuthenticationStatus.SUCCESS) { throw new NotAuthorizedException("Auth failed"); } - SkeletonKeyToken token = tokenManager.createAccessToken(realm, user); + AccessToken token = tokenManager.createAccessToken(realm, user); String encoded = tokenManager.encodeToken(realm, token); AccessTokenResponse res = accessTokenResponse(token, encoded); return Response.ok(res, MediaType.APPLICATION_JSON_TYPE).build(); @@ -433,13 +432,13 @@ public class TokenService { return Cors.add(request, Response.ok(res)).allowedOrigins(client).allowedMethods("POST").build(); } - protected AccessTokenResponse accessTokenResponse(PrivateKey privateKey, SkeletonKeyToken token) { + protected AccessTokenResponse accessTokenResponse(PrivateKey privateKey, AccessToken token) { String encodedToken = new JWSBuilder().jsonContent(token).rsa256(privateKey); return accessTokenResponse(token, encodedToken); } - protected AccessTokenResponse accessTokenResponse(SkeletonKeyToken token, String encodedToken) { + protected AccessTokenResponse accessTokenResponse(AccessToken token, String encodedToken) { AccessTokenResponse res = new AccessTokenResponse(); res.setToken(encodedToken); res.setTokenType("bearer"); diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/OAuthClient.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/OAuthClient.java index f9897e5466..a213b72ac6 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/OAuthClient.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/OAuthClient.java @@ -38,11 +38,11 @@ import org.json.JSONObject; import org.junit.Assert; import org.keycloak.RSATokenVerifier; import org.keycloak.VerificationException; +import org.keycloak.representations.AccessScope; +import org.keycloak.representations.AccessToken; import org.keycloak.representations.idm.UserRepresentation; import org.keycloak.util.BasicAuthHelper; import org.keycloak.util.JsonSerialization; -import org.keycloak.representations.SkeletonKeyScope; -import org.keycloak.representations.SkeletonKeyToken; import org.keycloak.util.Base64Url; import org.openqa.selenium.By; import org.openqa.selenium.WebDriver; @@ -51,7 +51,6 @@ import javax.ws.rs.core.UriBuilder; import java.io.UnsupportedEncodingException; import java.net.URI; import java.net.URISyntaxException; -import java.nio.charset.Charset; import java.security.PublicKey; import java.util.HashMap; import java.util.LinkedList; @@ -77,7 +76,7 @@ public class OAuthClient { private String redirectUri = "http://localhost:8081/app/auth"; - private SkeletonKeyScope scope; + private AccessScope scope; private String state; @@ -163,7 +162,7 @@ public class OAuthClient { } } - public SkeletonKeyToken verifyToken(String token) { + public AccessToken verifyToken(String token) { try { return RSATokenVerifier.verifyToken(token, realmPublicKey, realm); } catch (VerificationException e) { @@ -268,7 +267,7 @@ public class OAuthClient { public OAuthClient addScope(String resource, String... roles) { if (scope == null) { - scope = new SkeletonKeyScope(); + scope = new AccessScope(); } scope.addAll(resource, roles); return this; diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/composites/CompositeImportRoleTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/composites/CompositeImportRoleTest.java index ff91229976..59a4c5ecb8 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/composites/CompositeImportRoleTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/composites/CompositeImportRoleTest.java @@ -25,14 +25,9 @@ import org.junit.Assert; import org.junit.ClassRule; import org.junit.Rule; import org.junit.Test; -import org.keycloak.models.ApplicationModel; import org.keycloak.models.RealmModel; -import org.keycloak.models.RoleModel; -import org.keycloak.models.UserCredentialModel; -import org.keycloak.models.UserModel; -import org.keycloak.representations.SkeletonKeyToken; +import org.keycloak.representations.AccessToken; import org.keycloak.representations.idm.RealmRepresentation; -import org.keycloak.services.managers.ApplicationManager; import org.keycloak.services.managers.RealmManager; import org.keycloak.testsuite.ApplicationServlet; import org.keycloak.testsuite.OAuthClient; @@ -93,7 +88,7 @@ public class CompositeImportRoleTest { Assert.assertEquals("bearer", response.getTokenType()); - SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken()); + AccessToken token = oauth.verifyToken(response.getAccessToken()); Assert.assertEquals("APP_COMPOSITE_USER", oauth.getProfile(response.getAccessToken()).getUsername()); @@ -118,7 +113,7 @@ public class CompositeImportRoleTest { Assert.assertEquals("bearer", response.getTokenType()); - SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken()); + AccessToken token = oauth.verifyToken(response.getAccessToken()); Assert.assertEquals("REALM_APP_COMPOSITE_USER", oauth.getProfile(response.getAccessToken()).getUsername()); @@ -142,7 +137,7 @@ public class CompositeImportRoleTest { Assert.assertEquals("bearer", response.getTokenType()); - SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken()); + AccessToken token = oauth.verifyToken(response.getAccessToken()); Assert.assertEquals("REALM_COMPOSITE_1_USER", oauth.getProfile(response.getAccessToken()).getUsername()); @@ -165,7 +160,7 @@ public class CompositeImportRoleTest { Assert.assertEquals("bearer", response.getTokenType()); - SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken()); + AccessToken token = oauth.verifyToken(response.getAccessToken()); Assert.assertEquals("REALM_COMPOSITE_1_USER", oauth.getProfile(response.getAccessToken()).getUsername()); @@ -187,7 +182,7 @@ public class CompositeImportRoleTest { Assert.assertEquals("bearer", response.getTokenType()); - SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken()); + AccessToken token = oauth.verifyToken(response.getAccessToken()); Assert.assertEquals("REALM_ROLE_1_USER", oauth.getProfile(response.getAccessToken()).getUsername()); diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/composites/CompositeRoleTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/composites/CompositeRoleTest.java index 45162be5dc..adc8bf54c9 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/composites/CompositeRoleTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/composites/CompositeRoleTest.java @@ -30,7 +30,7 @@ import org.keycloak.models.RealmModel; import org.keycloak.models.RoleModel; import org.keycloak.models.UserCredentialModel; import org.keycloak.models.UserModel; -import org.keycloak.representations.SkeletonKeyToken; +import org.keycloak.representations.AccessToken; import org.keycloak.services.managers.ApplicationManager; import org.keycloak.services.managers.RealmManager; import org.keycloak.testsuite.ApplicationServlet; @@ -164,7 +164,7 @@ public class CompositeRoleTest { Assert.assertEquals("bearer", response.getTokenType()); - SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken()); + AccessToken token = oauth.verifyToken(response.getAccessToken()); Assert.assertEquals("APP_COMPOSITE_USER", oauth.getProfile(response.getAccessToken()).getUsername()); @@ -189,7 +189,7 @@ public class CompositeRoleTest { Assert.assertEquals("bearer", response.getTokenType()); - SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken()); + AccessToken token = oauth.verifyToken(response.getAccessToken()); Assert.assertEquals("REALM_APP_COMPOSITE_USER", oauth.getProfile(response.getAccessToken()).getUsername()); @@ -213,7 +213,7 @@ public class CompositeRoleTest { Assert.assertEquals("bearer", response.getTokenType()); - SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken()); + AccessToken token = oauth.verifyToken(response.getAccessToken()); Assert.assertEquals("REALM_COMPOSITE_1_USER", oauth.getProfile(response.getAccessToken()).getUsername()); @@ -236,7 +236,7 @@ public class CompositeRoleTest { Assert.assertEquals("bearer", response.getTokenType()); - SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken()); + AccessToken token = oauth.verifyToken(response.getAccessToken()); Assert.assertEquals("REALM_COMPOSITE_1_USER", oauth.getProfile(response.getAccessToken()).getUsername()); @@ -258,7 +258,7 @@ public class CompositeRoleTest { Assert.assertEquals("bearer", response.getTokenType()); - SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken()); + AccessToken token = oauth.verifyToken(response.getAccessToken()); Assert.assertEquals("REALM_ROLE_1_USER", oauth.getProfile(response.getAccessToken()).getUsername()); diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java old mode 100644 new mode 100755 index 99aad8282b..964a7d3a56 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java @@ -25,7 +25,7 @@ import org.junit.Assert; import org.junit.ClassRule; import org.junit.Rule; import org.junit.Test; -import org.keycloak.representations.SkeletonKeyToken; +import org.keycloak.representations.AccessToken; import org.keycloak.representations.idm.UserRepresentation; import org.keycloak.testsuite.OAuthClient; import org.keycloak.testsuite.OAuthClient.AccessTokenResponse; @@ -68,7 +68,7 @@ public class AccessTokenTest { Assert.assertEquals("bearer", response.getTokenType()); - SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken()); + AccessToken token = oauth.verifyToken(response.getAccessToken()); UserRepresentation user = oauth.getProfile(response.getAccessToken()); diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/OAuthGrantTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/OAuthGrantTest.java index e5d7ef6ee3..d7e39a8a27 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/OAuthGrantTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/OAuthGrantTest.java @@ -25,11 +25,10 @@ import java.io.IOException; import java.util.Map; import org.junit.Assert; -import org.junit.BeforeClass; import org.junit.ClassRule; import org.junit.Rule; import org.junit.Test; -import org.keycloak.representations.SkeletonKeyToken; +import org.keycloak.representations.AccessToken; import org.keycloak.testsuite.OAuthClient; import org.keycloak.testsuite.pages.LoginPage; import org.keycloak.testsuite.pages.OAuthGrantPage; @@ -78,13 +77,13 @@ public class OAuthGrantTest { Assert.assertTrue(oauth.getCurrentQuery().containsKey("code")); OAuthClient.AccessTokenResponse accessToken = oauth.doAccessTokenRequest(oauth.getCurrentQuery().get("code"), "password"); - SkeletonKeyToken token = oauth.verifyToken(accessToken.getAccessToken()); + AccessToken token = oauth.verifyToken(accessToken.getAccessToken()); - SkeletonKeyToken.Access realmAccess = token.getRealmAccess(); + AccessToken.Access realmAccess = token.getRealmAccess(); Assert.assertEquals(1, realmAccess.getRoles().size()); Assert.assertTrue(realmAccess.isUserInRole("user")); - Map resourceAccess = token.getResourceAccess(); + Map resourceAccess = token.getResourceAccess(); Assert.assertEquals(1, resourceAccess.size()); Assert.assertEquals(1, resourceAccess.get("test-app").getRoles().size()); Assert.assertTrue(resourceAccess.get("test-app").isUserInRole("customer-user")); @@ -104,12 +103,12 @@ public class OAuthGrantTest { Assert.assertTrue(oauth.getCurrentQuery().containsKey("code")); OAuthClient.AccessTokenResponse accessToken = oauth.doAccessTokenRequest(oauth.getCurrentQuery().get("code"), "password"); - SkeletonKeyToken token = oauth.verifyToken(accessToken.getAccessToken()); + AccessToken token = oauth.verifyToken(accessToken.getAccessToken()); - SkeletonKeyToken.Access realmAccess = token.getRealmAccess(); + AccessToken.Access realmAccess = token.getRealmAccess(); Assert.assertNull(realmAccess); - Map resourceAccess = token.getResourceAccess(); + Map resourceAccess = token.getResourceAccess(); Assert.assertEquals(1, resourceAccess.size()); Assert.assertEquals(1, resourceAccess.get("test-app").getRoles().size()); Assert.assertTrue(resourceAccess.get("test-app").isUserInRole("customer-user")); diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/OAuthRedirectUriTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/OAuthRedirectUriTest.java index 5762c9d635..ee60bd5b90 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/OAuthRedirectUriTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/OAuthRedirectUriTest.java @@ -27,19 +27,16 @@ import org.junit.Rule; import org.junit.Test; import org.keycloak.models.ApplicationModel; import org.keycloak.models.RealmModel; -import org.keycloak.representations.SkeletonKeyToken; import org.keycloak.services.managers.RealmManager; import org.keycloak.testsuite.OAuthClient; import org.keycloak.testsuite.pages.ErrorPage; import org.keycloak.testsuite.pages.LoginPage; -import org.keycloak.testsuite.pages.OAuthGrantPage; import org.keycloak.testsuite.rule.KeycloakRule; import org.keycloak.testsuite.rule.WebResource; import org.keycloak.testsuite.rule.WebRule; import org.openqa.selenium.WebDriver; import java.io.IOException; -import java.util.Map; /** * @author Viliam Rockai diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/social/SocialLoginTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/social/SocialLoginTest.java index 95d59be4b7..7f4e17ad57 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/social/SocialLoginTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/social/SocialLoginTest.java @@ -27,7 +27,7 @@ import org.junit.ClassRule; import org.junit.Rule; import org.junit.Test; import org.keycloak.models.RealmModel; -import org.keycloak.representations.SkeletonKeyToken; +import org.keycloak.representations.AccessToken; import org.keycloak.representations.idm.UserRepresentation; import org.keycloak.services.managers.RealmManager; import org.keycloak.testsuite.DummySocialServlet; @@ -37,7 +37,6 @@ import org.keycloak.testsuite.pages.AppPage; import org.keycloak.testsuite.pages.AppPage.RequestType; import org.keycloak.testsuite.pages.LoginPage; import org.keycloak.testsuite.pages.LoginUpdateProfilePage; -import org.keycloak.testsuite.pages.RegisterPage; import org.keycloak.testsuite.rule.KeycloakRule; import org.keycloak.testsuite.rule.KeycloakRule.KeycloakSetup; import org.keycloak.testsuite.rule.WebResource; @@ -105,7 +104,7 @@ public class SocialLoginTest { AccessTokenResponse response = oauth.doAccessTokenRequest(oauth.getCurrentQuery().get("code"), "password"); - SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken()); + AccessToken token = oauth.verifyToken(response.getAccessToken()); Assert.assertEquals(36, token.getSubject().length()); UserRepresentation profile = oauth.getProfile(response.getAccessToken());