From a81d03213d85696b6fcaaef97c203ebfc738978b Mon Sep 17 00:00:00 2001 From: Bill Burke Date: Sat, 10 Aug 2013 12:43:55 -0400 Subject: [PATCH] refactor --- ...on.java => ApplicationRepresentation.java} | 10 +- .../idm/RealmRepresentation.java | 49 +++-- .../example/demo/DemoApplication.java | 3 +- .../main/resources/META-INF/persistence.xml | 2 +- .../main/resources/META-INF/testrealm.json | 4 +- .../main/webapp/saas/admin/js/controllers.js | 185 +++++++----------- .../src/main/webapp/saas/admin/js/services.js | 2 +- .../admin/lib/angular/angular-scenario.js | 2 +- .../webapp/saas/admin/lib/angular/angular.js | 2 +- .../main/webapp/saas/admin/partials/menu.html | 4 +- .../saas/admin/partials/realm-detail.html | 3 +- .../saas/admin/partials/realm-menu.html | 2 +- .../as7/OAuthAuthenticationServerValve.java | 2 +- .../managers/AuthenticationManager.java | 2 +- .../services/managers/RealmManager.java | 52 +++-- .../managers/ResourceAdminManager.java | 8 +- .../services/managers/ResourceManager.java | 33 ++-- .../services/managers/TokenManager.java | 12 +- ...sourceModel.java => ApplicationModel.java} | 2 +- .../keycloak/services/models/RealmModel.java | 19 +- ...ceAdapter.java => ApplicationAdapter.java} | 11 +- .../models/picketlink/RealmAdapter.java | 150 ++++++++++---- ...ResourceData.java => ApplicationData.java} | 6 +- ...urceEntity.java => ApplicationEntity.java} | 4 +- ...redApplicationCredentialRelationship.java} | 2 +- .../resources/KeycloakApplication.java | 4 +- ...Resource.java => ApplicationResource.java} | 30 ++- ...esource.java => ApplicationsResource.java} | 37 ++-- .../resources/admin/RealmAdminResource.java | 28 +-- .../resources/admin/RealmsAdminResource.java | 13 +- .../java/org/keycloak/test/AdapterTest.java | 10 +- .../java/org/keycloak/test/ImportTest.java | 10 +- .../keycloak/test/InstallationManager.java | 3 +- .../test/resources/META-INF/persistence.xml | 2 +- .../src/test/resources/testrealm-demo.json | 4 +- services/src/test/resources/testrealm.json | 4 +- 36 files changed, 375 insertions(+), 341 deletions(-) rename core/src/main/java/org/keycloak/representations/idm/{ResourceRepresentation.java => ApplicationRepresentation.java} (92%) rename services/src/main/java/org/keycloak/services/models/{ResourceModel.java => ApplicationModel.java} (91%) rename services/src/main/java/org/keycloak/services/models/picketlink/{ResourceAdapter.java => ApplicationAdapter.java} (92%) rename services/src/main/java/org/keycloak/services/models/picketlink/mappings/{ResourceData.java => ApplicationData.java} (89%) rename services/src/main/java/org/keycloak/services/models/picketlink/mappings/{ResourceEntity.java => ApplicationEntity.java} (92%) rename services/src/main/java/org/keycloak/services/models/picketlink/relationships/{ResourceRequiredCredentialRelationship.java => RequiredApplicationCredentialRelationship.java} (61%) rename services/src/main/java/org/keycloak/services/resources/admin/{RealmResourceResource.java => ApplicationResource.java} (59%) rename services/src/main/java/org/keycloak/services/resources/admin/{RealmResourcesResource.java => ApplicationsResource.java} (60%) diff --git a/core/src/main/java/org/keycloak/representations/idm/ResourceRepresentation.java b/core/src/main/java/org/keycloak/representations/idm/ApplicationRepresentation.java similarity index 92% rename from core/src/main/java/org/keycloak/representations/idm/ResourceRepresentation.java rename to core/src/main/java/org/keycloak/representations/idm/ApplicationRepresentation.java index 2f4596e4fd..0e83bb658e 100755 --- a/core/src/main/java/org/keycloak/representations/idm/ResourceRepresentation.java +++ b/core/src/main/java/org/keycloak/representations/idm/ApplicationRepresentation.java @@ -1,15 +1,13 @@ package org.keycloak.representations.idm; import java.util.ArrayList; -import java.util.HashSet; import java.util.List; -import java.util.Set; /** * @author Bill Burke * @version $Revision: 1 $ */ -public class ResourceRepresentation { +public class ApplicationRepresentation { protected String self; // link protected String id; protected String name; @@ -70,14 +68,14 @@ public class ResourceRepresentation { this.roles = roles; } - public ResourceRepresentation role(RoleRepresentation role) { + public ApplicationRepresentation role(RoleRepresentation role) { if (this.roles == null) this.roles = new ArrayList(); this.roles.add(role); return this; } - public ResourceRepresentation role(String role, String description) { + public ApplicationRepresentation role(String role, String description) { if (this.roles == null) this.roles = new ArrayList(); this.roles.add(new RoleRepresentation(role, description)); return this; @@ -123,7 +121,7 @@ public class ResourceRepresentation { this.credentials = credentials; } - public ResourceRepresentation credential(String type, String value) { + public ApplicationRepresentation credential(String type, String value) { if (this.credentials == null) credentials = new ArrayList(); CredentialRepresentation cred = new CredentialRepresentation(); cred.setType(type); diff --git a/core/src/main/java/org/keycloak/representations/idm/RealmRepresentation.java b/core/src/main/java/org/keycloak/representations/idm/RealmRepresentation.java index 53fb2c74e8..e2e5f4811a 100755 --- a/core/src/main/java/org/keycloak/representations/idm/RealmRepresentation.java +++ b/core/src/main/java/org/keycloak/representations/idm/RealmRepresentation.java @@ -17,16 +17,17 @@ public class RealmRepresentation { protected boolean enabled; protected boolean sslNotRequired; protected boolean cookieLoginAllowed; + protected boolean registrationAllowed; protected String privateKey; protected String publicKey; protected List roles; - protected List requiredCredentials; - protected List requiredResourceCredentials; - protected List requiredOAuthClientCredentials; + protected Set requiredCredentials; + protected Set requiredApplicationCredentials; + protected Set requiredOAuthClientCredentials; protected List users; protected List roleMappings; protected List scopeMappings; - protected List resources; + protected List applications; public String getSelf() { @@ -57,14 +58,14 @@ public class RealmRepresentation { return users; } - public List getResources() { - return resources; + public List getApplications() { + return applications; } - public ResourceRepresentation resource(String name) { - ResourceRepresentation resource = new ResourceRepresentation(); - if (resources == null) resources = new ArrayList(); - resources.add(resource); + public ApplicationRepresentation resource(String name) { + ApplicationRepresentation resource = new ApplicationRepresentation(); + if (applications == null) applications = new ArrayList(); + applications.add(resource); resource.setName(name); return resource; } @@ -81,8 +82,8 @@ public class RealmRepresentation { return user; } - public void setResources(List resources) { - this.resources = resources; + public void setApplications(List applications) { + this.applications = applications; } public boolean isEnabled() { @@ -141,27 +142,27 @@ public class RealmRepresentation { return mapping; } - public List getRequiredCredentials() { + public Set getRequiredCredentials() { return requiredCredentials; } - public void setRequiredCredentials(List requiredCredentials) { + public void setRequiredCredentials(Set requiredCredentials) { this.requiredCredentials = requiredCredentials; } - public List getRequiredResourceCredentials() { - return requiredResourceCredentials; + public Set getRequiredApplicationCredentials() { + return requiredApplicationCredentials; } - public void setRequiredResourceCredentials(List requiredResourceCredentials) { - this.requiredResourceCredentials = requiredResourceCredentials; + public void setRequiredApplicationCredentials(Set requiredApplicationCredentials) { + this.requiredApplicationCredentials = requiredApplicationCredentials; } - public List getRequiredOAuthClientCredentials() { + public Set getRequiredOAuthClientCredentials() { return requiredOAuthClientCredentials; } - public void setRequiredOAuthClientCredentials(List requiredOAuthClientCredentials) { + public void setRequiredOAuthClientCredentials(Set requiredOAuthClientCredentials) { this.requiredOAuthClientCredentials = requiredOAuthClientCredentials; } @@ -196,4 +197,12 @@ public class RealmRepresentation { public void setPublicKey(String publicKey) { this.publicKey = publicKey; } + + public boolean isRegistrationAllowed() { + return registrationAllowed; + } + + public void setRegistrationAllowed(boolean registrationAllowed) { + this.registrationAllowed = registrationAllowed; + } } diff --git a/examples/as7-eap-demo/server/src/main/java/org/keycloak/example/demo/DemoApplication.java b/examples/as7-eap-demo/server/src/main/java/org/keycloak/example/demo/DemoApplication.java index eab7b1e78c..faf899e60b 100755 --- a/examples/as7-eap-demo/server/src/main/java/org/keycloak/example/demo/DemoApplication.java +++ b/examples/as7-eap-demo/server/src/main/java/org/keycloak/example/demo/DemoApplication.java @@ -1,6 +1,7 @@ package org.keycloak.example.demo; import org.jboss.resteasy.jwt.JsonSerialization; +import org.keycloak.representations.idm.CredentialRepresentation; import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.services.managers.RealmManager; import org.keycloak.services.models.KeycloakSession; @@ -40,7 +41,7 @@ public class DemoApplication extends KeycloakApplication { defaultRealm.setCookieLoginAllowed(true); defaultRealm.setRegistrationAllowed(true); manager.generateRealmKeys(defaultRealm); - defaultRealm.addRequiredCredential(RequiredCredentialModel.PASSWORD); + defaultRealm.addRequiredCredential(CredentialRepresentation.PASSWORD); defaultRealm.addRole(SaasService.REALM_CREATOR_ROLE); RealmRepresentation rep = loadJson("META-INF/testrealm.json"); diff --git a/examples/as7-eap-demo/server/src/main/resources/META-INF/persistence.xml b/examples/as7-eap-demo/server/src/main/resources/META-INF/persistence.xml index e0dc722aba..ad40046847 100755 --- a/examples/as7-eap-demo/server/src/main/resources/META-INF/persistence.xml +++ b/examples/as7-eap-demo/server/src/main/resources/META-INF/persistence.xml @@ -19,7 +19,7 @@ org.picketlink.idm.jpa.model.sample.simple.OTPCredentialTypeEntity org.picketlink.idm.jpa.model.sample.simple.AttributeTypeEntity org.keycloak.services.models.picketlink.mappings.RealmEntity - org.keycloak.services.models.picketlink.mappings.ResourceEntity + org.keycloak.services.models.picketlink.mappings.ApplicationEntity true diff --git a/examples/as7-eap-demo/server/src/main/resources/META-INF/testrealm.json b/examples/as7-eap-demo/server/src/main/resources/META-INF/testrealm.json index 63f93fcab0..2fa8a91bab 100755 --- a/examples/as7-eap-demo/server/src/main/resources/META-INF/testrealm.json +++ b/examples/as7-eap-demo/server/src/main/resources/META-INF/testrealm.json @@ -8,7 +8,7 @@ "privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=", "publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB", "requiredCredentials": [ "password" ], - "requiredResourceCredentials": [ "password" ], + "requiredApplicationCredentials": [ "password" ], "requiredOAuthClientCredentials": [ "password" ], "users" : [ { @@ -57,7 +57,7 @@ "roles": ["user"] } ], - "resources": [ + "applications": [ { "name": "customer-portal", "enabled": true, diff --git a/examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/controllers.js b/examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/controllers.js index b60633d316..b01fd77524 100755 --- a/examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/controllers.js +++ b/examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/controllers.js @@ -27,25 +27,9 @@ module.controller('GlobalCtrl', function($scope, $http, Auth, Current, $location $http.get('/auth-server/rest/saas/admin/realms').success(function(data) { Current.realms = data; - var count = 0; - var showrealm = false; - var id = null; - for (var key in data) { - if (count > 0) { - showrealm = false; - break; - } - id = key; - showrealm = true; - count++; - } - - if (showrealm) { - console.log('default redirect to realm: ' + id); - Current.realm = Current.realms[id]; - $location.url("/realms/" + id); - } else { - //console.log('not redirecting'); + if (data.length > 0) { + Current.realm = data[0]; + $location.url("/realms/" + Current.realm.id); } }); }); @@ -58,49 +42,58 @@ module.controller('RealmListCtrl', function($scope, Realm, Current) { module.controller('RealmDropdownCtrl', function($scope, Realm, Current, Auth, $location) { // Current.realms = Realm.get(); $scope.current = Current; + if (Current.realms.length > 0) { + console.log('[0]: ' + current.realms[0].realm); + } $scope.changeRealm = function() { - for (var id in Current.realms) { - var val = Current.realms[id]; - if (val == Current.realm) { - $location.url("/realms/" + id); - break; - } - } + $location.url("/realms/" + $scope.current.realm.id); }; $scope.showNav = function() { - var show = false; - for (var key in Current.realms) { - if (typeof Current.realms[key] != "function") { - if (Current.realms[key] == Current.realm) { - $scope.currentRealmId = key; - } - show = true; - } - } + var show = Current.realms.length > 0; + console.log('Show dropdown? ' + show); return Auth.loggedIn && show; } }); -module.controller('RealmDetailCtrl', function($scope, Current, Realm, realm, $location, Dialog, Notifications) { - $scope.realm = angular.copy(realm); +module.controller('RealmDetailCtrl', function($scope, Current, Realm, realm, $http, $location, Dialog, Notifications) { $scope.createRealm = !realm.id; if ($scope.createRealm) { - $scope.realm.enabled = true; - $scope.realm.requireSsl = true; - $scope.realm.cookieLoginAllowed = true; - $scope.realm.tokenLifespan = 300; - $scope.realm.tokenLifespanUnit = 'SECONDS'; - $scope.realm.accessCodeLifespan = 300; - $scope.realm.accessCodeLifespanUnit = 'SECONDS'; - $scope.realm.requiredCredentials = ['password']; + $scope.realm = { + enabled: true, + requireSsl: true, + cookieLoginAllowed: true, + tokenLifespan: 300, + tokenLifespanUnit: 'SECONDS', + accessCodeLifespan: 300, + accessCodeLifespanUnit: 'SECONDS', + requiredCredentials: ['password'] + + }; } else { - $scope.realm.name = realm.realm; - $scope.realm.requireSsl = !$scope.realm.sslNotRequired; + if (Current.realm == null || Current.realm.id != realm.id) { + for (var i = 0; i < Current.realms.length; i++) { + if (realm.id == Current.realms[i].id) { + Current.realm = Current.realms[i]; + break; + } + } + } + if (Current.realm == null || Current.realm.id != realm.id) { + console.log('should be unreachable'); + return; + } + $scope.realm = angular.copy(realm); + $scope.realm.requireSsl = !realm.sslNotRequired; $scope.realm.tokenLifespanUnit = 'SECONDS'; - $scope.realm.acessCodeLifespanUnit = 'SECONDS'; + $scope.realm.accessCodeLifespanUnit = 'SECONDS'; + } + var oldCopy = angular.copy($scope.realm); + + + $scope.userCredentialOptions = { 'multiple' : true, 'simple_tags' : true, @@ -110,93 +103,47 @@ module.controller('RealmDetailCtrl', function($scope, Current, Realm, realm, $lo $scope.changed = $scope.create; $scope.$watch('realm', function() { - if (!angular.equals($scope.realm, realm)) { + if (!angular.equals($scope.realm, oldCopy)) { $scope.changed = true; } }, true); - $scope.addRole = function() { - if ($scope.newRole) { - if ($scope.realm.roles) { - for ( var i = 0; i < $scope.realm.roles.length; i++) { - if ($scope.realm.roles[i] == $scope.newRole) { - Notifications.warn("Role already exists"); - $scope.newRole = null; - return; - } - } - } - - if (!$scope.realm.roles) { - $scope.realm.roles = []; - } - - $scope.realm.roles.push($scope.newRole); - $scope.newRole = null; - } - } - - $scope.removeRole = function(role) { - Dialog.confirmDelete(role, 'role', function() { - var i = $scope.realm.roles.indexOf(role); - if (i > -1) { - $scope.realm.roles.splice(i, 1); - } - - if ($scope.realm.initialRoles) { - $scope.removeInitialRole(role); - } - }); - }; - - $scope.addInitialRole = function() { - if ($scope.newInitialRole) { - if (!$scope.realm.initialRoles) { - $scope.realm.initialRoles = []; - } - - $scope.realm.initialRoles.push($scope.newInitialRole); - $scope.newInitialRole = null; - } - } - - $scope.removeInitialRole = function(role) { - var i = $scope.realm.initialRoles.indexOf(role); - if (i > -1) { - $scope.realm.initialRoles.splice(i, 1); - } - }; - $scope.save = function() { if ($scope.realmForm.$valid) { - var realmCopy = { - realm: $scope.realm.name, - enabled: $scope.realm.enabled, - cookieLoginAllowed: $scope.realm.cookieLoginAllowed, - sslNotRequired: !$scope.realm.requireSsl, - tokenLifespan: $scope.realm.tokenLifespan, - accessCodeLifespan: $scope.realm.accessCodeLifespan, - requiredCredentials: $scope.realm.requiredCredentials - - }; - + var realmCopy = angular.copy($scope.realm); + realmCopy.sslNotRequired = !realmCopy.requireSsl; + delete realmCopy["requireSsl"]; + delete realmCopy["tokenLifespanUnit"]; + delete realmCopy["accessCodeLifespanUnit"]; if ($scope.createRealm) { Realm.save(realmCopy, function(data, headers) { + console.log('creating new realm'); var l = headers().location; var id = l.substring(l.lastIndexOf("/") + 1); - - var data = Realm.get(function() { + var data = Realm.query(function() { Current.realms = data; - Current.realm = Current.realms[id]; + for (var i = 0; i < Current.realms.length; i++) { + if (Current.realms[i].id == id) { + Current.realm = Current.realms[i]; + } + } }); $location.url("/realms/" + id); Notifications.success("Created realm"); }); } else { + console.log('updating realm...'); Realm.update(realmCopy, function() { - Current.realms = Realm.get(); - $scope.changed = false; - realm = angular.copy($scope.realm); + var id = realmCopy.id; + var data = Realm.query(function() { + Current.realms = data; + for (var i = 0; i < Current.realms.length; i++) { + if (Current.realms[i].id == id) { + Current.realm = Current.realms[i]; + } + } + }); + $location.url("/realms/" + id); Notifications.success("Saved changes to realm"); }); } @@ -206,7 +153,7 @@ module.controller('RealmDetailCtrl', function($scope, Current, Realm, realm, $lo }; $scope.reset = function() { - $scope.realm = angular.copy(realm); + $scope.realm = angular.copy(oldCopy); $scope.changed = false; $scope.realmForm.showErrors = false; }; diff --git a/examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/services.js b/examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/services.js index 4d542353c5..b3cd88f479 100755 --- a/examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/services.js +++ b/examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/services.js @@ -132,7 +132,7 @@ module.factory('Role', function($resource) { }); module.factory('Application', function($resource) { - return $resource('/auth-server/rest/saas/admin/realms/:realm/resources/:id', { + return $resource('/auth-server/rest/saas/admin/realms/:realm/applications/:id', { realm : '@realm', id : '@id' }, { diff --git a/examples/as7-eap-demo/server/src/main/webapp/saas/admin/lib/angular/angular-scenario.js b/examples/as7-eap-demo/server/src/main/webapp/saas/admin/lib/angular/angular-scenario.js index f0e5c7d510..65e1a3eef6 100755 --- a/examples/as7-eap-demo/server/src/main/webapp/saas/admin/lib/angular/angular-scenario.js +++ b/examples/as7-eap-demo/server/src/main/webapp/saas/admin/lib/angular/angular-scenario.js @@ -22574,7 +22574,7 @@ var ngSubmitDirective = ngDirective(function(scope, element, attrs) { * @description * Fetches, compiles and includes an external HTML fragment. * - * Keep in mind that Same Origin Policy applies to included resources + * Keep in mind that Same Origin Policy applies to included applications * (e.g. ngInclude won't work for cross-domain requests on all browsers and for * file:// access on some browsers). * diff --git a/examples/as7-eap-demo/server/src/main/webapp/saas/admin/lib/angular/angular.js b/examples/as7-eap-demo/server/src/main/webapp/saas/admin/lib/angular/angular.js index a860c8594f..ccebef3be6 100755 --- a/examples/as7-eap-demo/server/src/main/webapp/saas/admin/lib/angular/angular.js +++ b/examples/as7-eap-demo/server/src/main/webapp/saas/admin/lib/angular/angular.js @@ -13168,7 +13168,7 @@ var ngSubmitDirective = ngDirective(function(scope, element, attrs) { * @description * Fetches, compiles and includes an external HTML fragment. * - * Keep in mind that Same Origin Policy applies to included resources + * Keep in mind that Same Origin Policy applies to included applications * (e.g. ngInclude won't work for cross-domain requests on all browsers and for * file:// access on some browsers). * diff --git a/examples/as7-eap-demo/server/src/main/webapp/saas/admin/partials/menu.html b/examples/as7-eap-demo/server/src/main/webapp/saas/admin/partials/menu.html index e12ec4aeb7..e10cd0cd37 100755 --- a/examples/as7-eap-demo/server/src/main/webapp/saas/admin/partials/menu.html +++ b/examples/as7-eap-demo/server/src/main/webapp/saas/admin/partials/menu.html @@ -5,9 +5,9 @@ diff --git a/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/OAuthAuthenticationServerValve.java b/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/OAuthAuthenticationServerValve.java index 66621dfe3e..d51c79ddd9 100755 --- a/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/OAuthAuthenticationServerValve.java +++ b/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/OAuthAuthenticationServerValve.java @@ -447,7 +447,7 @@ public class OAuthAuthenticationServerValve extends FormAuthenticator implements userSessionManagement.logout(username); request.setUserPrincipal(null); request.setAuthType(null); - // logout user on all declared authenticated resources + // logout user on all declared authenticated applications logoutResources(username, admin); redirectToWelcomePage(request, response); } diff --git a/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java b/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java index 705a7aba78..7ecc27a245 100755 --- a/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java +++ b/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java @@ -206,7 +206,7 @@ public class AuthenticationManager { List requiredCredentials = null; if (realm.hasRole(user, RealmManager.RESOURCE_ROLE)) { - requiredCredentials = realm.getRequiredResourceCredentials(); + requiredCredentials = realm.getRequiredApplicationCredentials(); } else if (realm.hasRole(user, RealmManager.IDENTITY_REQUESTER_ROLE)) { requiredCredentials = realm.getRequiredOAuthClientCredentials(); } else { diff --git a/services/src/main/java/org/keycloak/services/managers/RealmManager.java b/services/src/main/java/org/keycloak/services/managers/RealmManager.java index 4eaa529d55..ce311aa91b 100755 --- a/services/src/main/java/org/keycloak/services/managers/RealmManager.java +++ b/services/src/main/java/org/keycloak/services/managers/RealmManager.java @@ -1,21 +1,14 @@ package org.keycloak.services.managers; -import org.keycloak.representations.idm.CredentialRepresentation; -import org.keycloak.representations.idm.RealmRepresentation; -import org.keycloak.representations.idm.ResourceRepresentation; -import org.keycloak.representations.idm.RoleMappingRepresentation; -import org.keycloak.representations.idm.RoleRepresentation; -import org.keycloak.representations.idm.ScopeMappingRepresentation; -import org.keycloak.representations.idm.UserRepresentation; +import org.jboss.resteasy.logging.Logger; +import org.keycloak.representations.idm.*; +import org.keycloak.representations.idm.ApplicationRepresentation; import org.keycloak.services.models.*; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.NoSuchAlgorithmException; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; +import java.util.*; import java.util.concurrent.atomic.AtomicLong; /** @@ -25,6 +18,7 @@ import java.util.concurrent.atomic.AtomicLong; * @version $Revision: 1 $ */ public class RealmManager { + protected static final Logger logger = Logger.getLogger(RealmManager.class); private static AtomicLong counter = new AtomicLong(1); public static final String RESOURCE_ROLE = "KEYCLOAK_RESOURCE"; public static final String IDENTITY_REQUESTER_ROLE = "KEYCLOAK_IDENTITY_REQUESTER"; @@ -72,6 +66,26 @@ public class RealmManager { realm.setPublicKey(keyPair.getPublic()); } + public void updateRealm(RealmRepresentation rep, RealmModel realm) { + if (rep.getRealm() != null) realm.setName(rep.getRealm()); + realm.setEnabled(rep.isEnabled()); + realm.setCookieLoginAllowed(rep.isCookieLoginAllowed()); + realm.setRegistrationAllowed(rep.isRegistrationAllowed()); + realm.setSslNotRequired((rep.isSslNotRequired())); + realm.setAccessCodeLifespan(rep.getAccessCodeLifespan()); + realm.setTokenLifespan(rep.getTokenLifespan()); + if (rep.getRequiredOAuthClientCredentials() != null) { + realm.updateRequiredOAuthClientCredentials(rep.getRequiredOAuthClientCredentials()); + } + if (rep.getRequiredCredentials() != null) { + logger.info("updating required credentials"); + realm.updateRequiredCredentials(rep.getRequiredCredentials()); + } + if (rep.getRequiredApplicationCredentials() != null) { + realm.updateRequiredApplicationCredentials(rep.getRequiredApplicationCredentials()); + } + } + public RealmModel importRealm(RealmRepresentation rep, UserModel realmCreator) { //verifyRealmRepresentation(rep); RealmModel realm = createRealm(rep.getRealm()); @@ -103,7 +117,7 @@ public class RealmManager { } } - if (rep.getRequiredResourceCredentials() != null) { + if (rep.getRequiredApplicationCredentials() != null) { for (String requiredCred : rep.getRequiredCredentials()) { addResourceRequiredCredential(newRealm, requiredCred); } @@ -130,7 +144,7 @@ public class RealmManager { } } - if (rep.getResources() != null) { + if (rep.getApplications() != null) { createResources(rep, newRealm); } @@ -201,7 +215,7 @@ public class RealmManager { protected void createResources(RealmRepresentation rep, RealmModel realm) { RoleModel loginRole = realm.getRole(RealmManager.RESOURCE_ROLE); ResourceManager manager = new ResourceManager(this); - for (ResourceRepresentation resourceRep : rep.getResources()) { + for (ApplicationRepresentation resourceRep : rep.getApplications()) { manager.createResource(realm, loginRole, resourceRep); } } @@ -226,21 +240,21 @@ public class RealmManager { rep.setAccessCodeLifespan(realm.getAccessCodeLifespan()); List requiredCredentialModels = realm.getRequiredCredentials(); if (requiredCredentialModels.size() > 0) { - rep.setRequiredCredentials(new ArrayList()); + rep.setRequiredCredentials(new HashSet()); for (RequiredCredentialModel cred : requiredCredentialModels) { rep.getRequiredCredentials().add(cred.getType()); } } - List requiredResourceCredentialModels = realm.getRequiredResourceCredentials(); + List requiredResourceCredentialModels = realm.getRequiredApplicationCredentials(); if (requiredResourceCredentialModels.size() > 0) { - rep.setRequiredResourceCredentials(new ArrayList()); + rep.setRequiredApplicationCredentials(new HashSet()); for (RequiredCredentialModel cred : requiredResourceCredentialModels) { - rep.getRequiredResourceCredentials().add(cred.getType()); + rep.getRequiredApplicationCredentials().add(cred.getType()); } } List requiredOAuthCredentialModels = realm.getRequiredOAuthClientCredentials(); if (requiredOAuthCredentialModels.size() > 0) { - rep.setRequiredOAuthClientCredentials(new ArrayList()); + rep.setRequiredOAuthClientCredentials(new HashSet()); for (RequiredCredentialModel cred : requiredOAuthCredentialModels) { rep.getRequiredOAuthClientCredentials().add(cred.getType()); } diff --git a/services/src/main/java/org/keycloak/services/managers/ResourceAdminManager.java b/services/src/main/java/org/keycloak/services/managers/ResourceAdminManager.java index 0f1760c4fe..fb1d342f81 100755 --- a/services/src/main/java/org/keycloak/services/managers/ResourceAdminManager.java +++ b/services/src/main/java/org/keycloak/services/managers/ResourceAdminManager.java @@ -6,7 +6,7 @@ import org.jboss.resteasy.logging.Logger; import org.keycloak.TokenIdGenerator; import org.keycloak.representations.idm.admin.LogoutAction; import org.keycloak.services.models.RealmModel; -import org.keycloak.services.models.ResourceModel; +import org.keycloak.services.models.ApplicationModel; import javax.ws.rs.client.Entity; import javax.ws.rs.core.Form; @@ -29,14 +29,14 @@ public class ResourceAdminManager { .disableTrustManager() // todo fix this, should have a trust manager or a good default .build(); - List resources = realm.getResources(); + List resources = realm.getApplications(); logger.info("logging out " + resources.size() + " resoures."); - for (ResourceModel resource : resources) { + for (ApplicationModel resource : resources) { logoutResource(realm, resource, user, client); } } - protected boolean logoutResource(RealmModel realm, ResourceModel resource, String user, ResteasyClient client) { + protected boolean logoutResource(RealmModel realm, ApplicationModel resource, String user, ResteasyClient client) { LogoutAction adminAction = new LogoutAction(TokenIdGenerator.generateId(), System.currentTimeMillis() / 1000 + 30, resource.getName(), user); String token = new TokenManager().encodeToken(realm, adminAction); Form form = new Form(); diff --git a/services/src/main/java/org/keycloak/services/managers/ResourceManager.java b/services/src/main/java/org/keycloak/services/managers/ResourceManager.java index e1c2ebbd21..85c2a7a42a 100755 --- a/services/src/main/java/org/keycloak/services/managers/ResourceManager.java +++ b/services/src/main/java/org/keycloak/services/managers/ResourceManager.java @@ -1,18 +1,13 @@ package org.keycloak.services.managers; -import org.keycloak.representations.idm.CredentialRepresentation; -import org.keycloak.representations.idm.ResourceRepresentation; -import org.keycloak.representations.idm.RoleMappingRepresentation; -import org.keycloak.representations.idm.RoleRepresentation; -import org.keycloak.representations.idm.ScopeMappingRepresentation; +import org.keycloak.representations.idm.*; +import org.keycloak.representations.idm.ApplicationRepresentation; import org.keycloak.services.models.RealmModel; -import org.keycloak.services.models.ResourceModel; +import org.keycloak.services.models.ApplicationModel; import org.keycloak.services.models.RoleModel; import org.keycloak.services.models.UserCredentialModel; import org.keycloak.services.models.UserModel; -import java.util.List; - /** * @author Bill Burke * @version $Revision: 1 $ @@ -25,8 +20,8 @@ public class ResourceManager { this.realmManager = realmManager; } - public ResourceModel createResource(RealmModel realm, RoleModel loginRole, ResourceRepresentation resourceRep) { - ResourceModel resource = realm.addResource(resourceRep.getName()); + public ApplicationModel createResource(RealmModel realm, RoleModel loginRole, ApplicationRepresentation resourceRep) { + ApplicationModel resource = realm.addApplication(resourceRep.getName()); resource.setEnabled(resourceRep.isEnabled()); resource.setManagementUrl(resourceRep.getAdminUrl()); resource.setSurrogateAuthRequired(resourceRep.isSurrogateAuthRequired()); @@ -78,12 +73,12 @@ public class ResourceManager { return resource; } - public ResourceModel createResource(RealmModel realm, ResourceRepresentation resourceRep) { + public ApplicationModel createResource(RealmModel realm, ApplicationRepresentation resourceRep) { RoleModel loginRole = realm.getRole(RealmManager.RESOURCE_ROLE); return createResource(realm, loginRole, resourceRep); } - public void updateResource(ResourceRepresentation rep, ResourceModel resource) { + public void updateResource(ApplicationRepresentation rep, ApplicationModel resource) { resource.setName(rep.getName()); resource.setEnabled(rep.isEnabled()); resource.setManagementUrl(rep.getAdminUrl()); @@ -92,13 +87,13 @@ public class ResourceManager { } - public ResourceRepresentation toRepresentation(ResourceModel resourceModel) { - ResourceRepresentation rep = new ResourceRepresentation(); - rep.setId(resourceModel.getId()); - rep.setName(resourceModel.getName()); - rep.setEnabled(resourceModel.isEnabled()); - rep.setAdminUrl(resourceModel.getManagementUrl()); - rep.setSurrogateAuthRequired(resourceModel.isSurrogateAuthRequired()); + public ApplicationRepresentation toRepresentation(ApplicationModel applicationModel) { + ApplicationRepresentation rep = new ApplicationRepresentation(); + rep.setId(applicationModel.getId()); + rep.setName(applicationModel.getName()); + rep.setEnabled(applicationModel.isEnabled()); + rep.setAdminUrl(applicationModel.getManagementUrl()); + rep.setSurrogateAuthRequired(applicationModel.isSurrogateAuthRequired()); return rep; } diff --git a/services/src/main/java/org/keycloak/services/managers/TokenManager.java b/services/src/main/java/org/keycloak/services/managers/TokenManager.java index 6072c51c3e..9557cb76ae 100755 --- a/services/src/main/java/org/keycloak/services/managers/TokenManager.java +++ b/services/src/main/java/org/keycloak/services/managers/TokenManager.java @@ -6,7 +6,7 @@ import org.jboss.resteasy.jwt.JsonSerialization; import org.keycloak.representations.SkeletonKeyScope; import org.keycloak.representations.SkeletonKeyToken; import org.keycloak.services.models.RealmModel; -import org.keycloak.services.models.ResourceModel; +import org.keycloak.services.models.ApplicationModel; import org.keycloak.services.models.RoleModel; import org.keycloak.services.models.UserModel; @@ -66,7 +66,7 @@ public class TokenManager { } } } - for (ResourceModel resource : realm.getResources()) { + for (ApplicationModel resource : realm.getApplications()) { Set mapping = resource.getRoleMappings(user); if (mapping != null && mapping.size() > 0 && (scopeMap == null || scopeMap.containsKey(resource.getName()))) { Set scope = resource.getScope(client); @@ -131,9 +131,9 @@ public class TokenManager { } if (accessCodeEntry.getResourceRolesRequested().size() > 0) { - Map resourceMap = realm.getResourceNameMap(); + Map resourceMap = realm.getResourceNameMap(); for (String resourceName : accessCodeEntry.getResourceRolesRequested().keySet()) { - ResourceModel resource = resourceMap.get(resourceName); + ApplicationModel resource = resourceMap.get(resourceName); SkeletonKeyToken.Access access = token.addAccess(resourceName).verifyCaller(resource.isSurrogateAuthRequired()); for (RoleModel role : accessCodeEntry.getResourceRolesRequested().get(resourceName)) { access.addRole(role.getName()); @@ -166,7 +166,7 @@ public class TokenManager { public SkeletonKeyToken createAccessToken(RealmModel realm, UserModel user) { - List resources = realm.getResources(); + List resources = realm.getApplications(); SkeletonKeyToken token = new SkeletonKeyToken(); token.id(RealmManager.generateId()); token.issuedNow(); @@ -186,7 +186,7 @@ public class TokenManager { token.setRealmAccess(access); } if (resources != null) { - for (ResourceModel resource : resources) { + for (ApplicationModel resource : resources) { Set mapping = resource.getRoleMappings(user); if (mapping == null) continue; SkeletonKeyToken.Access access = token.addAccess(resource.getName()) diff --git a/services/src/main/java/org/keycloak/services/models/ResourceModel.java b/services/src/main/java/org/keycloak/services/models/ApplicationModel.java similarity index 91% rename from services/src/main/java/org/keycloak/services/models/ResourceModel.java rename to services/src/main/java/org/keycloak/services/models/ApplicationModel.java index e5cffc9476..72640f4503 100755 --- a/services/src/main/java/org/keycloak/services/models/ResourceModel.java +++ b/services/src/main/java/org/keycloak/services/models/ApplicationModel.java @@ -7,7 +7,7 @@ import java.util.Set; * @author Bill Burke * @version $Revision: 1 $ */ -public interface ResourceModel { +public interface ApplicationModel { void updateResource(); UserModel getResourceUser(); diff --git a/services/src/main/java/org/keycloak/services/models/RealmModel.java b/services/src/main/java/org/keycloak/services/models/RealmModel.java index f63b942b62..b2a504dcf0 100755 --- a/services/src/main/java/org/keycloak/services/models/RealmModel.java +++ b/services/src/main/java/org/keycloak/services/models/RealmModel.java @@ -61,7 +61,6 @@ public interface RealmModel { List getRequiredCredentials(); - void addRequiredCredential(RequiredCredentialModel cred); void addRequiredCredential(String cred); boolean validatePassword(UserModel user, String password); @@ -80,11 +79,11 @@ public interface RealmModel { List getRoles(); - Map getResourceNameMap(); + Map getResourceNameMap(); - List getResources(); + List getApplications(); - ResourceModel addResource(String name); + ApplicationModel addApplication(String name); boolean hasRole(UserModel user, RoleModel role); @@ -102,19 +101,23 @@ public interface RealmModel { RoleModel getRoleById(String id); - void addRequiredResourceCredential(RequiredCredentialModel cred); - List getRequiredResourceCredentials(); + List getRequiredApplicationCredentials(); - void addRequiredOAuthClientCredential(RequiredCredentialModel cred); List getRequiredOAuthClientCredentials(); boolean hasRole(UserModel user, String role); - ResourceModel getResourceById(String id); + ApplicationModel getApplicationById(String id); void addRequiredOAuthClientCredential(String type); void addRequiredResourceCredential(String type); + + void updateRequiredCredentials(Set creds); + + void updateRequiredOAuthClientCredentials(Set creds); + + void updateRequiredApplicationCredentials(Set creds); } diff --git a/services/src/main/java/org/keycloak/services/models/picketlink/ResourceAdapter.java b/services/src/main/java/org/keycloak/services/models/picketlink/ApplicationAdapter.java similarity index 92% rename from services/src/main/java/org/keycloak/services/models/picketlink/ResourceAdapter.java rename to services/src/main/java/org/keycloak/services/models/picketlink/ApplicationAdapter.java index 77d620aca5..24fcce40f6 100755 --- a/services/src/main/java/org/keycloak/services/models/picketlink/ResourceAdapter.java +++ b/services/src/main/java/org/keycloak/services/models/picketlink/ApplicationAdapter.java @@ -1,10 +1,9 @@ package org.keycloak.services.models.picketlink; -import org.keycloak.services.models.ResourceModel; +import org.keycloak.services.models.ApplicationModel; import org.keycloak.services.models.RoleModel; import org.keycloak.services.models.UserModel; -import org.keycloak.services.models.picketlink.mappings.ResourceData; -import org.keycloak.services.models.picketlink.relationships.ResourceRelationship; +import org.keycloak.services.models.picketlink.mappings.ApplicationData; import org.keycloak.services.models.picketlink.relationships.ScopeRelationship; import org.picketlink.idm.IdentityManager; import org.picketlink.idm.PartitionManager; @@ -24,14 +23,14 @@ import java.util.Set; * @author Bill Burke * @version $Revision: 1 $ */ -public class ResourceAdapter implements ResourceModel { - protected ResourceData resource; +public class ApplicationAdapter implements ApplicationModel { + protected ApplicationData resource; protected RealmAdapter realm; protected IdentityManager idm; protected PartitionManager partitionManager; protected RelationshipManager relationshipManager; - public ResourceAdapter(ResourceData resource, RealmAdapter realm, PartitionManager partitionManager) { + public ApplicationAdapter(ApplicationData resource, RealmAdapter realm, PartitionManager partitionManager) { this.resource = resource; this.realm = realm; this.partitionManager = partitionManager; diff --git a/services/src/main/java/org/keycloak/services/models/picketlink/RealmAdapter.java b/services/src/main/java/org/keycloak/services/models/picketlink/RealmAdapter.java index 86100f092d..0885b97fbd 100755 --- a/services/src/main/java/org/keycloak/services/models/picketlink/RealmAdapter.java +++ b/services/src/main/java/org/keycloak/services/models/picketlink/RealmAdapter.java @@ -1,24 +1,21 @@ package org.keycloak.services.models.picketlink; import org.bouncycastle.openssl.PEMWriter; +import org.jboss.resteasy.logging.Logger; import org.jboss.resteasy.security.PemUtils; import org.keycloak.representations.idm.CredentialRepresentation; import org.keycloak.services.managers.RealmManager; import org.keycloak.services.models.KeycloakSession; import org.keycloak.services.models.RealmModel; import org.keycloak.services.models.RequiredCredentialModel; -import org.keycloak.services.models.ResourceModel; +import org.keycloak.services.models.ApplicationModel; import org.keycloak.services.models.RoleModel; import org.keycloak.services.models.UserCredentialModel; import org.keycloak.services.models.UserModel; import org.keycloak.services.models.picketlink.mappings.RealmData; -import org.keycloak.services.models.picketlink.mappings.ResourceData; -import org.keycloak.services.models.picketlink.relationships.OAuthClientRequiredCredentialRelationship; -import org.keycloak.services.models.picketlink.relationships.RealmAdminRelationship; -import org.keycloak.services.models.picketlink.relationships.RequiredCredentialRelationship; -import org.keycloak.services.models.picketlink.relationships.ResourceRelationship; -import org.keycloak.services.models.picketlink.relationships.ResourceRequiredCredentialRelationship; -import org.keycloak.services.models.picketlink.relationships.ScopeRelationship; +import org.keycloak.services.models.picketlink.mappings.ApplicationData; +import org.keycloak.services.models.picketlink.relationships.*; +import org.keycloak.services.models.picketlink.relationships.RequiredApplicationCredentialRelationship; import org.picketlink.idm.IdentityManager; import org.picketlink.idm.PartitionManager; import org.picketlink.idm.RelationshipManager; @@ -55,6 +52,7 @@ import java.util.Set; * @version $Revision: 1 $ */ public class RealmAdapter implements RealmModel { + protected static final Logger logger = Logger.getLogger(RealmManager.class); protected RealmData realm; protected volatile transient PublicKey publicKey; @@ -251,28 +249,34 @@ public class RealmAdapter implements RealmModel { @Override public List getRequiredCredentials() { - RelationshipQuery query = getRelationshipManager().createRelationshipQuery(RequiredCredentialRelationship.class); - query.setParameter(RequiredCredentialRelationship.REALM, realm.getName()); - List results = query.getResultList(); + List results = getRequiredCredentialRelationships(); return getRequiredCredentialModels(results); } + protected List getRequiredCredentialRelationships() { + RelationshipQuery query = getRelationshipManager().createRelationshipQuery(RequiredCredentialRelationship.class); + query.setParameter(RequiredCredentialRelationship.REALM, realm.getName()); + return query.getResultList(); + } - @Override - public void addRequiredResourceCredential(RequiredCredentialModel cred) { - ResourceRequiredCredentialRelationship relationship = new ResourceRequiredCredentialRelationship(); + + public void addRequiredApplicationCredential(RequiredCredentialModel cred) { + RequiredApplicationCredentialRelationship relationship = new RequiredApplicationCredentialRelationship(); addRequiredCredential(cred, relationship); } @Override - public List getRequiredResourceCredentials() { - RelationshipQuery query = getRelationshipManager().createRelationshipQuery(ResourceRequiredCredentialRelationship.class); - query.setParameter(ResourceRequiredCredentialRelationship.REALM, realm.getName()); - List results = query.getResultList(); + public List getRequiredApplicationCredentials() { + List results = getResourceRequiredCredentialRelationships(); return getRequiredCredentialModels(results); } - @Override + protected List getResourceRequiredCredentialRelationships() { + RelationshipQuery query = getRelationshipManager().createRelationshipQuery(RequiredApplicationCredentialRelationship.class); + query.setParameter(RequiredApplicationCredentialRelationship.REALM, realm.getName()); + return query.getResultList(); + } + public void addRequiredOAuthClientCredential(RequiredCredentialModel cred) { OAuthClientRequiredCredentialRelationship relationship = new OAuthClientRequiredCredentialRelationship(); addRequiredCredential(cred, relationship); @@ -280,15 +284,16 @@ public class RealmAdapter implements RealmModel { @Override public List getRequiredOAuthClientCredentials() { - RelationshipQuery query = getRelationshipManager().createRelationshipQuery(OAuthClientRequiredCredentialRelationship.class); - query.setParameter(ResourceRequiredCredentialRelationship.REALM, realm.getName()); - List results = query.getResultList(); + List results = getOAuthClientRequiredCredentialRelationships(); return getRequiredCredentialModels(results); } + protected List getOAuthClientRequiredCredentialRelationships() { + RelationshipQuery query = getRelationshipManager().createRelationshipQuery(OAuthClientRequiredCredentialRelationship.class); + query.setParameter(RequiredApplicationCredentialRelationship.REALM, realm.getName()); + return query.getResultList(); + } - - @Override public void addRequiredCredential(RequiredCredentialModel cred) { RequiredCredentialRelationship relationship = new RequiredCredentialRelationship(); addRequiredCredential(cred, relationship); @@ -316,6 +321,65 @@ public class RealmAdapter implements RealmModel { getRelationshipManager().add(relationship); } + @Override + public void updateRequiredCredentials(Set creds) { + List relationships = getRequiredCredentialRelationships(); + RelationshipManager rm = getRelationshipManager(); + Set already = new HashSet(); + for (RequiredCredentialRelationship rel : relationships) { + if (!creds.contains(rel.getCredentialType())) { + rm.remove(rel); + } else { + already.add(rel.getCredentialType()); + } + } + for (String cred : creds) { + logger.info("updating cred: " + cred); + if (!already.contains(cred)) { + addRequiredCredential(cred); + } + } + } + + @Override + public void updateRequiredOAuthClientCredentials(Set creds) { + List relationships = getOAuthClientRequiredCredentialRelationships(); + RelationshipManager rm = getRelationshipManager(); + Set already = new HashSet(); + for (RequiredCredentialRelationship rel : relationships) { + if (!creds.contains(rel.getCredentialType())) { + rm.remove(rel); + } else { + already.add(rel.getCredentialType()); + } + } + for (String cred : creds) { + if (!already.contains(cred)) { + addRequiredOAuthClientCredential(cred); + } + } + } + + @Override + public void updateRequiredApplicationCredentials(Set creds) { + List relationships = getResourceRequiredCredentialRelationships(); + RelationshipManager rm = getRelationshipManager(); + Set already = new HashSet(); + for (RequiredCredentialRelationship rel : relationships) { + if (!creds.contains(rel.getCredentialType())) { + rm.remove(rel); + } else { + already.add(rel.getCredentialType()); + } + } + for (String cred : creds) { + if (!already.contains(cred)) { + addRequiredResourceCredential(cred); + } + } + } + + @Override public void addRequiredCredential(String type) { RequiredCredentialModel model = initRequiredCredentialModel(type); @@ -331,7 +395,7 @@ public class RealmAdapter implements RealmModel { @Override public void addRequiredResourceCredential(String type) { RequiredCredentialModel model = initRequiredCredentialModel(type); - addRequiredResourceCredential(model); + addRequiredApplicationCredential(model); } protected RequiredCredentialModel initRequiredCredentialModel(String type) { @@ -444,9 +508,9 @@ public class RealmAdapter implements RealmModel { * @return */ @Override - public Map getResourceNameMap() { - Map resourceMap = new HashMap(); - for (ResourceModel resource : getResources()) { + public Map getResourceNameMap() { + Map resourceMap = new HashMap(); + for (ApplicationModel resource : getApplications()) { resourceMap.put(resource.getName(), resource); } return resourceMap; @@ -458,27 +522,27 @@ public class RealmAdapter implements RealmModel { * @return */ @Override - public ResourceModel getResourceById(String id) { + public ApplicationModel getApplicationById(String id) { RelationshipQuery query = getRelationshipManager().createRelationshipQuery(ResourceRelationship.class); query.setParameter(ResourceRelationship.REALM, realm.getName()); query.setParameter(ResourceRelationship.RESOURCE, id); List results = query.getResultList(); if (results.size() == 0) return null; - ResourceData resource = partitionManager.getPartition(ResourceData.class, id); - ResourceModel model = new ResourceAdapter(resource, this, partitionManager); + ApplicationData resource = partitionManager.getPartition(ApplicationData.class, id); + ApplicationModel model = new ApplicationAdapter(resource, this, partitionManager); return model; } @Override - public List getResources() { + public List getApplications() { RelationshipQuery query = getRelationshipManager().createRelationshipQuery(ResourceRelationship.class); query.setParameter(ResourceRelationship.REALM, realm.getName()); List results = query.getResultList(); - List resources = new ArrayList(); + List resources = new ArrayList(); for (ResourceRelationship relationship : results) { - ResourceData resource = partitionManager.getPartition(ResourceData.class, relationship.getResource()); - ResourceModel model = new ResourceAdapter(resource, this, partitionManager); + ApplicationData resource = partitionManager.getPartition(ApplicationData.class, relationship.getResource()); + ApplicationModel model = new ApplicationAdapter(resource, this, partitionManager); resources.add(model); } @@ -486,19 +550,19 @@ public class RealmAdapter implements RealmModel { } @Override - public ResourceModel addResource(String name) { - ResourceData resourceData = new ResourceData(RealmManager.generateId()); + public ApplicationModel addApplication(String name) { + ApplicationData applicationData = new ApplicationData(RealmManager.generateId()); User resourceUser = new User(name); idm.add(resourceUser); - resourceData.setResourceUser(resourceUser); - resourceData.setResourceName(name); - resourceData.setResourceUser(resourceUser); - partitionManager.add(resourceData); + applicationData.setResourceUser(resourceUser); + applicationData.setResourceName(name); + applicationData.setResourceUser(resourceUser); + partitionManager.add(applicationData); ResourceRelationship resourceRelationship = new ResourceRelationship(); resourceRelationship.setRealm(realm.getName()); - resourceRelationship.setResource(resourceData.getName()); + resourceRelationship.setResource(applicationData.getName()); getRelationshipManager().add(resourceRelationship); - ResourceModel resource = new ResourceAdapter(resourceData, this, partitionManager); + ApplicationModel resource = new ApplicationAdapter(applicationData, this, partitionManager); resource.addRole("*"); resource.addScope(new UserAdapter(resourceUser, idm), "*"); return resource; diff --git a/services/src/main/java/org/keycloak/services/models/picketlink/mappings/ResourceData.java b/services/src/main/java/org/keycloak/services/models/picketlink/mappings/ApplicationData.java similarity index 89% rename from services/src/main/java/org/keycloak/services/models/picketlink/mappings/ResourceData.java rename to services/src/main/java/org/keycloak/services/models/picketlink/mappings/ApplicationData.java index 2a025722ec..9157ae39dd 100755 --- a/services/src/main/java/org/keycloak/services/models/picketlink/mappings/ResourceData.java +++ b/services/src/main/java/org/keycloak/services/models/picketlink/mappings/ApplicationData.java @@ -9,17 +9,17 @@ import org.picketlink.idm.model.sample.User; * @author Bill Burke * @version $Revision: 1 $ */ -public class ResourceData extends AbstractPartition { +public class ApplicationData extends AbstractPartition { private String resourceName; private boolean enabled; private boolean surrogateAuthRequired; private String managementUrl; private User resourceUser; - public ResourceData() { + public ApplicationData() { super(null); } - public ResourceData(String name) { + public ApplicationData(String name) { super(name); } diff --git a/services/src/main/java/org/keycloak/services/models/picketlink/mappings/ResourceEntity.java b/services/src/main/java/org/keycloak/services/models/picketlink/mappings/ApplicationEntity.java similarity index 92% rename from services/src/main/java/org/keycloak/services/models/picketlink/mappings/ResourceEntity.java rename to services/src/main/java/org/keycloak/services/models/picketlink/mappings/ApplicationEntity.java index a2d43f8d23..c3aa79648d 100755 --- a/services/src/main/java/org/keycloak/services/models/picketlink/mappings/ResourceEntity.java +++ b/services/src/main/java/org/keycloak/services/models/picketlink/mappings/ApplicationEntity.java @@ -15,9 +15,9 @@ import java.io.Serializable; * @author Bill Burke * @version $Revision: 1 $ */ -@IdentityManaged(ResourceData.class) +@IdentityManaged(ApplicationData.class) @Entity -public class ResourceEntity implements Serializable { +public class ApplicationEntity implements Serializable { @OneToOne @Id @OwnerReference diff --git a/services/src/main/java/org/keycloak/services/models/picketlink/relationships/ResourceRequiredCredentialRelationship.java b/services/src/main/java/org/keycloak/services/models/picketlink/relationships/RequiredApplicationCredentialRelationship.java similarity index 61% rename from services/src/main/java/org/keycloak/services/models/picketlink/relationships/ResourceRequiredCredentialRelationship.java rename to services/src/main/java/org/keycloak/services/models/picketlink/relationships/RequiredApplicationCredentialRelationship.java index 5df352ef02..aa28ee5a1a 100755 --- a/services/src/main/java/org/keycloak/services/models/picketlink/relationships/ResourceRequiredCredentialRelationship.java +++ b/services/src/main/java/org/keycloak/services/models/picketlink/relationships/RequiredApplicationCredentialRelationship.java @@ -4,5 +4,5 @@ package org.keycloak.services.models.picketlink.relationships; * @author Bill Burke * @version $Revision: 1 $ */ -public class ResourceRequiredCredentialRelationship extends RequiredCredentialRelationship { +public class RequiredApplicationCredentialRelationship extends RequiredCredentialRelationship { } diff --git a/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java b/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java index c16e420796..980487c0cf 100755 --- a/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java +++ b/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java @@ -6,8 +6,8 @@ import org.keycloak.services.managers.TokenManager; import org.keycloak.services.models.KeycloakSessionFactory; import org.keycloak.services.models.picketlink.PicketlinkKeycloakSession; import org.keycloak.services.models.picketlink.PicketlinkKeycloakSessionFactory; +import org.keycloak.services.models.picketlink.mappings.ApplicationEntity; import org.keycloak.services.models.picketlink.mappings.RealmEntity; -import org.keycloak.services.models.picketlink.mappings.ResourceEntity; import org.keycloak.social.SocialRequestManager; import org.picketlink.idm.PartitionManager; import org.picketlink.idm.config.IdentityConfigurationBuilder; @@ -98,7 +98,7 @@ public class KeycloakApplication extends Application { OTPCredentialTypeEntity.class, AttributeTypeEntity.class, RealmEntity.class, - ResourceEntity.class + ApplicationEntity.class ) .supportGlobalRelationship(org.picketlink.idm.model.Relationship.class) .addContextInitializer(new JPAContextInitializer(null) { diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RealmResourceResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ApplicationResource.java similarity index 59% rename from services/src/main/java/org/keycloak/services/resources/admin/RealmResourceResource.java rename to services/src/main/java/org/keycloak/services/resources/admin/ApplicationResource.java index 5f91f64ed6..35038d2984 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/RealmResourceResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ApplicationResource.java @@ -2,53 +2,45 @@ package org.keycloak.services.resources.admin; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.logging.Logger; -import org.keycloak.representations.idm.ResourceRepresentation; +import org.keycloak.representations.idm.ApplicationRepresentation; import org.keycloak.services.managers.RealmManager; import org.keycloak.services.managers.ResourceManager; import org.keycloak.services.models.RealmModel; -import org.keycloak.services.models.ResourceModel; +import org.keycloak.services.models.ApplicationModel; import org.keycloak.services.models.UserModel; import org.keycloak.services.resources.Transaction; import javax.ws.rs.Consumes; import javax.ws.rs.GET; -import javax.ws.rs.NotFoundException; -import javax.ws.rs.POST; import javax.ws.rs.PUT; -import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.Produces; -import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; -import javax.ws.rs.core.Response; -import javax.ws.rs.core.UriInfo; -import java.util.ArrayList; -import java.util.List; /** * @author Bill Burke * @version $Revision: 1 $ */ -public class RealmResourceResource { +public class ApplicationResource { protected static final Logger logger = Logger.getLogger(RealmAdminResource.class); protected UserModel admin; protected RealmModel realm; - protected ResourceModel resourceModel; + protected ApplicationModel applicationModel; - public RealmResourceResource(UserModel admin, RealmModel realm, ResourceModel resourceModel) { + public ApplicationResource(UserModel admin, RealmModel realm, ApplicationModel applicationModel) { this.admin = admin; this.realm = realm; - this.resourceModel = resourceModel; + this.applicationModel = applicationModel; } @PUT @Consumes(MediaType.APPLICATION_JSON) - public void update(final ResourceRepresentation rep) { + public void update(final ApplicationRepresentation rep) { new Transaction() { @Override protected void runImpl() { ResourceManager resourceManager = new ResourceManager(new RealmManager(session)); - resourceManager.updateResource(rep, resourceModel); + resourceManager.updateResource(rep, applicationModel); } }.run(); } @@ -57,12 +49,12 @@ public class RealmResourceResource { @GET @NoCache @Produces(MediaType.APPLICATION_JSON) - public ResourceRepresentation getResource(final @PathParam("id") String id) { + public ApplicationRepresentation getResource(final @PathParam("id") String id) { return new Transaction() { @Override - protected ResourceRepresentation callImpl() { + protected ApplicationRepresentation callImpl() { ResourceManager resourceManager = new ResourceManager(new RealmManager(session)); - return resourceManager.toRepresentation(resourceModel); + return resourceManager.toRepresentation(applicationModel); } }.call(); } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RealmResourcesResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ApplicationsResource.java similarity index 60% rename from services/src/main/java/org/keycloak/services/resources/admin/RealmResourcesResource.java rename to services/src/main/java/org/keycloak/services/resources/admin/ApplicationsResource.java index 5fa4a5402b..e7496af971 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/RealmResourcesResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ApplicationsResource.java @@ -2,11 +2,11 @@ package org.keycloak.services.resources.admin; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.logging.Logger; -import org.keycloak.representations.idm.ResourceRepresentation; +import org.keycloak.representations.idm.ApplicationRepresentation; import org.keycloak.services.managers.RealmManager; import org.keycloak.services.managers.ResourceManager; import org.keycloak.services.models.RealmModel; -import org.keycloak.services.models.ResourceModel; +import org.keycloak.services.models.ApplicationModel; import org.keycloak.services.models.UserModel; import org.keycloak.services.resources.Transaction; @@ -14,7 +14,6 @@ import javax.ws.rs.Consumes; import javax.ws.rs.GET; import javax.ws.rs.NotFoundException; import javax.ws.rs.POST; -import javax.ws.rs.PUT; import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.Produces; @@ -29,12 +28,12 @@ import java.util.List; * @author Bill Burke * @version $Revision: 1 $ */ -public class RealmResourcesResource { +public class ApplicationsResource { protected static final Logger logger = Logger.getLogger(RealmAdminResource.class); protected UserModel admin; protected RealmModel realm; - public RealmResourcesResource(UserModel admin, RealmModel realm) { + public ApplicationsResource(UserModel admin, RealmModel realm) { this.admin = admin; this.realm = realm; } @@ -42,15 +41,15 @@ public class RealmResourcesResource { @GET @Produces(MediaType.APPLICATION_JSON) @NoCache - public List getResources() { + public List getResources() { return new Transaction() { @Override - protected List callImpl() { - List rep = new ArrayList(); - List resourceModels = realm.getResources(); + protected List callImpl() { + List rep = new ArrayList(); + List applicationModels = realm.getApplications(); ResourceManager resourceManager = new ResourceManager(new RealmManager(session)); - for (ResourceModel resourceModel : resourceModels) { - rep.add(resourceManager.toRepresentation(resourceModel)); + for (ApplicationModel applicationModel : applicationModels) { + rep.add(resourceManager.toRepresentation(applicationModel)); } return rep; } @@ -59,27 +58,27 @@ public class RealmResourcesResource { @POST @Consumes(MediaType.APPLICATION_JSON) - public Response createResource(final @Context UriInfo uriInfo, final ResourceRepresentation rep) { + public Response createResource(final @Context UriInfo uriInfo, final ApplicationRepresentation rep) { return new Transaction() { @Override protected Response callImpl() { ResourceManager resourceManager = new ResourceManager(new RealmManager(session)); - ResourceModel resourceModel = resourceManager.createResource(realm, rep); - return Response.created(uriInfo.getAbsolutePathBuilder().path(resourceModel.getId()).build()).build(); + ApplicationModel applicationModel = resourceManager.createResource(realm, rep); + return Response.created(uriInfo.getAbsolutePathBuilder().path(applicationModel.getId()).build()).build(); } }.call(); } @Path("{id}") - public RealmResourceResource getResource(final @PathParam("id") String id) { + public ApplicationResource getResource(final @PathParam("id") String id) { return new Transaction(false) { @Override - protected RealmResourceResource callImpl() { - ResourceModel resourceModel = realm.getResourceById(id); - if (resourceModel == null) { + protected ApplicationResource callImpl() { + ApplicationModel applicationModel = realm.getApplicationById(id); + if (applicationModel == null) { throw new NotFoundException(); } - return new RealmResourceResource(admin, realm, resourceModel); + return new ApplicationResource(admin, realm, applicationModel); } }.call(); diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java index 564aa50145..539d34bc04 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java @@ -7,17 +7,13 @@ import org.keycloak.representations.idm.RoleRepresentation; import org.keycloak.representations.idm.UserRepresentation; import org.keycloak.services.managers.RealmManager; import org.keycloak.services.models.RealmModel; -import org.keycloak.services.models.RequiredCredentialModel; import org.keycloak.services.models.RoleModel; import org.keycloak.services.models.UserModel; -import org.keycloak.services.resources.PublicRealmResource; import org.keycloak.services.resources.Transaction; import javax.ws.rs.Consumes; -import javax.ws.rs.ForbiddenException; import javax.ws.rs.GET; import javax.ws.rs.InternalServerErrorException; -import javax.ws.rs.NotAuthorizedException; import javax.ws.rs.NotFoundException; import javax.ws.rs.POST; import javax.ws.rs.PUT; @@ -25,15 +21,10 @@ import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.Produces; import javax.ws.rs.core.Context; -import javax.ws.rs.core.HttpHeaders; -import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; -import javax.ws.rs.core.UriBuilder; import javax.ws.rs.core.UriInfo; import java.util.ArrayList; -import java.util.HashMap; import java.util.List; -import java.util.Map; /** * @author Bill Burke @@ -49,9 +40,9 @@ public class RealmAdminResource { this.realm = realm; } - @Path("resources") - public RealmResourcesResource getResources() { - return new RealmResourcesResource(admin, realm); + @Path("applications") + public ApplicationsResource getResources() { + return new ApplicationsResource(admin, realm); } @GET @@ -86,6 +77,19 @@ public class RealmAdminResource { }.call(); } + @PUT + @Consumes("application/json") + public void updateRealm(final RealmRepresentation rep) { + new Transaction() { + @Override + protected void runImpl() { + logger.info("updating realm: " + rep.getRealm()); + new RealmManager(session).updateRealm(rep, realm); + } + }.run(); + + } + @Path("roles/{id}") @GET @NoCache diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java index 015f150d98..fd5485a507 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java @@ -28,6 +28,7 @@ import javax.ws.rs.core.Response; import javax.ws.rs.core.UriBuilder; import javax.ws.rs.core.UriInfo; import java.net.URI; +import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -52,18 +53,18 @@ public class RealmsAdminResource { @GET @NoCache @Produces("application/json") - public Response getRealms() { + public List getRealms() { return new Transaction() { @Override - protected Response callImpl() { + protected List callImpl() { logger.info(("getRealms()")); + RealmManager realmManager = new RealmManager(session); List realms = session.getRealms(admin); - Map map = new HashMap(); + List reps = new ArrayList(); for (RealmModel realm : realms) { - map.put(realm.getId(), realm.getName()); + reps.add(realmManager.toRepresentation(realm)); } - return Response.ok(new GenericEntity>(map){}) - .cacheControl(noCache).build(); + return reps; } }.call(); } diff --git a/services/src/test/java/org/keycloak/test/AdapterTest.java b/services/src/test/java/org/keycloak/test/AdapterTest.java index 25ef03dfd5..ad191ddbee 100755 --- a/services/src/test/java/org/keycloak/test/AdapterTest.java +++ b/services/src/test/java/org/keycloak/test/AdapterTest.java @@ -18,7 +18,9 @@ import org.keycloak.services.models.UserCredentialModel; import org.keycloak.services.resources.KeycloakApplication; +import java.util.HashSet; import java.util.List; +import java.util.Set; import java.util.StringTokenizer; /** @@ -89,8 +91,14 @@ public class AdapterTest { public void test2RequiredCredential() throws Exception { test1CreateRealm(); realmModel.addRequiredCredential(CredentialRepresentation.PASSWORD); - realmModel.addRequiredCredential(CredentialRepresentation.TOTP); List storedCreds = realmModel.getRequiredCredentials(); + Assert.assertEquals(1, storedCreds.size()); + + Set creds = new HashSet(); + creds.add(CredentialRepresentation.PASSWORD); + creds.add(CredentialRepresentation.TOTP); + realmModel.updateRequiredCredentials(creds); + storedCreds = realmModel.getRequiredCredentials(); Assert.assertEquals(2, storedCreds.size()); boolean totp = false; boolean password = false; diff --git a/services/src/test/java/org/keycloak/test/ImportTest.java b/services/src/test/java/org/keycloak/test/ImportTest.java index 02218d848c..727aa081c8 100755 --- a/services/src/test/java/org/keycloak/test/ImportTest.java +++ b/services/src/test/java/org/keycloak/test/ImportTest.java @@ -6,18 +6,18 @@ import org.junit.Before; import org.junit.FixMethodOrder; import org.junit.Test; import org.junit.runners.MethodSorters; +import org.keycloak.representations.idm.CredentialRepresentation; import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.services.managers.RealmManager; import org.keycloak.services.models.KeycloakSession; import org.keycloak.services.models.KeycloakSessionFactory; import org.keycloak.services.models.RealmModel; import org.keycloak.services.models.RequiredCredentialModel; -import org.keycloak.services.models.ResourceModel; +import org.keycloak.services.models.ApplicationModel; import org.keycloak.services.models.RoleModel; import org.keycloak.services.models.UserModel; import org.keycloak.services.resources.KeycloakApplication; import org.keycloak.services.resources.SaasService; -import org.keycloak.services.resources.SaasService; import java.util.List; import java.util.Set; @@ -59,7 +59,7 @@ public class ImportTest { defaultRealm.setCookieLoginAllowed(true); defaultRealm.setRegistrationAllowed(true); manager.generateRealmKeys(defaultRealm); - defaultRealm.addRequiredCredential(RequiredCredentialModel.PASSWORD); + defaultRealm.addRequiredCredential(CredentialRepresentation.PASSWORD); RoleModel role = defaultRealm.addRole(SaasService.REALM_CREATOR_ROLE); UserModel admin = defaultRealm.addUser("admin"); defaultRealm.grantRole(admin, role); @@ -78,7 +78,7 @@ public class ImportTest { Set scopes = realm.getScope(user); System.out.println("Scopes size: " + scopes.size()); Assert.assertTrue(scopes.contains("*")); - List resources = realm.getResources(); + List resources = realm.getApplications(); Assert.assertEquals(2, resources.size()); List realms = identitySession.getRealms(admin); Assert.assertEquals(1, realms.size()); @@ -96,7 +96,7 @@ public class ImportTest { defaultRealm.setCookieLoginAllowed(true); defaultRealm.setRegistrationAllowed(true); manager.generateRealmKeys(defaultRealm); - defaultRealm.addRequiredCredential(RequiredCredentialModel.PASSWORD); + defaultRealm.addRequiredCredential(CredentialRepresentation.PASSWORD); RoleModel role = defaultRealm.addRole(SaasService.REALM_CREATOR_ROLE); UserModel admin = defaultRealm.addUser("admin"); defaultRealm.grantRole(admin, role); diff --git a/services/src/test/java/org/keycloak/test/InstallationManager.java b/services/src/test/java/org/keycloak/test/InstallationManager.java index 63e5d1d361..18a2cc4d5f 100755 --- a/services/src/test/java/org/keycloak/test/InstallationManager.java +++ b/services/src/test/java/org/keycloak/test/InstallationManager.java @@ -1,5 +1,6 @@ package org.keycloak.test; +import org.keycloak.representations.idm.CredentialRepresentation; import org.keycloak.services.managers.RealmManager; import org.keycloak.services.models.RealmModel; import org.keycloak.services.models.RequiredCredentialModel; @@ -21,7 +22,7 @@ public class InstallationManager { defaultRealm.setCookieLoginAllowed(true); defaultRealm.setRegistrationAllowed(true); manager.generateRealmKeys(defaultRealm); - defaultRealm.addRequiredCredential(RequiredCredentialModel.PASSWORD); + defaultRealm.addRequiredCredential(CredentialRepresentation.PASSWORD); defaultRealm.addRole(SaasService.REALM_CREATOR_ROLE); } diff --git a/services/src/test/resources/META-INF/persistence.xml b/services/src/test/resources/META-INF/persistence.xml index e89967b4f0..0c8ed9eade 100755 --- a/services/src/test/resources/META-INF/persistence.xml +++ b/services/src/test/resources/META-INF/persistence.xml @@ -19,7 +19,7 @@ org.picketlink.idm.jpa.model.sample.simple.OTPCredentialTypeEntity org.picketlink.idm.jpa.model.sample.simple.AttributeTypeEntity org.keycloak.services.models.picketlink.mappings.RealmEntity - org.keycloak.services.models.picketlink.mappings.ResourceEntity + org.keycloak.services.models.picketlink.mappings.ApplicationEntity true diff --git a/services/src/test/resources/testrealm-demo.json b/services/src/test/resources/testrealm-demo.json index e7d458049a..d8497a87b7 100755 --- a/services/src/test/resources/testrealm-demo.json +++ b/services/src/test/resources/testrealm-demo.json @@ -8,7 +8,7 @@ "privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=", "publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB", "requiredCredentials": [ "password" ], - "requiredResourceCredentials": [ "password" ], + "requiredApplicationCredentials": [ "password" ], "requiredOAuthClientCredentials": [ "password" ], "users" : [ { @@ -57,7 +57,7 @@ "roles": ["user"] } ], - "resources": [ + "applications": [ { "name": "customer-portal", "enabled": true, diff --git a/services/src/test/resources/testrealm.json b/services/src/test/resources/testrealm.json index 4750169a55..6ec29bfe93 100755 --- a/services/src/test/resources/testrealm.json +++ b/services/src/test/resources/testrealm.json @@ -4,7 +4,7 @@ "tokenLifespan": 6000, "accessCodeLifespan": 30, "requiredCredentials": [ "password" ], - "requiredResourceCredentials": [ "password" ], + "requiredApplicationCredentials": [ "password" ], "requiredOAuthClientCredentials": [ "password" ], "users": [ { @@ -63,7 +63,7 @@ "roles": ["*"] } ], - "resources": [ + "applications": [ { "name": "Application", "enabled": true,