From a43321c720c41e28d7703f028f2652f02c7a1e7b Mon Sep 17 00:00:00 2001 From: Alexander Schwartz Date: Tue, 17 May 2022 11:12:28 +0200 Subject: [PATCH] Moving logic to create service accounts in local storage only to legacy module --- .../main/java/org/keycloak/storage/UserStorageManager.java | 6 ++++++ .../java/org/keycloak/services/managers/ClientManager.java | 3 +-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/model/legacy-private/src/main/java/org/keycloak/storage/UserStorageManager.java b/model/legacy-private/src/main/java/org/keycloak/storage/UserStorageManager.java index dd0498a804..07e919ad7a 100755 --- a/model/legacy-private/src/main/java/org/keycloak/storage/UserStorageManager.java +++ b/model/legacy-private/src/main/java/org/keycloak/storage/UserStorageManager.java @@ -30,6 +30,7 @@ import java.util.concurrent.atomic.AtomicInteger; import java.util.stream.Stream; import org.jboss.logging.Logger; +import org.keycloak.common.constants.ServiceAccountConstants; import org.keycloak.common.util.reflections.Types; import org.keycloak.component.ComponentFactory; import org.keycloak.component.ComponentModel; @@ -267,6 +268,11 @@ public class UserStorageManager extends AbstractStorageManager provider.addUser(realm, username)) .filter(Objects::nonNull) diff --git a/services/src/main/java/org/keycloak/services/managers/ClientManager.java b/services/src/main/java/org/keycloak/services/managers/ClientManager.java index 0f8b16e0e7..8df85b93ec 100644 --- a/services/src/main/java/org/keycloak/services/managers/ClientManager.java +++ b/services/src/main/java/org/keycloak/services/managers/ClientManager.java @@ -159,8 +159,7 @@ public class ClientManager { String username = ServiceAccountConstants.SERVICE_ACCOUNT_USER_PREFIX + client.getClientId(); logger.debugf("Creating service account user '%s'", username); - // Don't use federation for service account user - UserModel user = realmManager.getSession().userLocalStorage().addUser(client.getRealm(), username); + UserModel user = realmManager.getSession().users().addUser(client.getRealm(), username); user.setEnabled(true); user.setServiceAccountClientLink(client.getId()); }