KEYCLOAK-5522 Base for Fuse 7 adapter
This commit is contained in:
parent
06f108df3b
commit
ae690e0679
6 changed files with 184 additions and 10 deletions
|
@ -36,7 +36,7 @@
|
|||
org.keycloak.adapters.osgi.*
|
||||
</keycloak.osgi.export>
|
||||
<keycloak.osgi.import>
|
||||
org.ops4j.pax.web.*;version="[3.0,5)",
|
||||
org.ops4j.pax.web.*;version="[3.0,8)",
|
||||
javax.servlet.*;version="[2.5,4)";resolution:=optional,
|
||||
org.eclipse.jetty.*;version="[8.1,10)";resolution:=optional,
|
||||
org.keycloak.*;version="${project.version}",
|
||||
|
|
|
@ -29,6 +29,7 @@ import org.osgi.util.tracker.ServiceTrackerCustomizer;
|
|||
|
||||
import java.net.URL;
|
||||
import java.security.SecureRandom;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
|
||||
|
@ -47,7 +48,7 @@ public class PaxWebIntegrationService {
|
|||
|
||||
private BundleContext bundleContext;
|
||||
private String jettyWebXmlLocation;
|
||||
private List<ConstraintMapping> constraintMappings; // Using jetty constraint mapping just because of compatibility with other fuse services
|
||||
private List<Object> constraintMappings;
|
||||
|
||||
private ServiceTracker webContainerTracker;
|
||||
private HttpContext httpContext;
|
||||
|
@ -68,11 +69,11 @@ public class PaxWebIntegrationService {
|
|||
this.jettyWebXmlLocation = jettyWebXmlLocation;
|
||||
}
|
||||
|
||||
public List<ConstraintMapping> getConstraintMappings() {
|
||||
public List<Object> getConstraintMappings() {
|
||||
return constraintMappings;
|
||||
}
|
||||
|
||||
public void setConstraintMappings(List<ConstraintMapping> constraintMappings) {
|
||||
public void setConstraintMappings(List<Object> constraintMappings) {
|
||||
this.constraintMappings = constraintMappings;
|
||||
}
|
||||
|
||||
|
@ -120,8 +121,25 @@ public class PaxWebIntegrationService {
|
|||
if (constraintMappings == null) {
|
||||
throw new IllegalStateException("constraintMappings was null!");
|
||||
}
|
||||
for (ConstraintMapping constraintMapping : constraintMappings) {
|
||||
addConstraintMapping(service, constraintMapping);
|
||||
List<ConstraintHandler> handlers = new ArrayList<>();
|
||||
try {
|
||||
handlers.add(new JettyConstraintHandler());
|
||||
} catch (Throwable t) {
|
||||
// Ignore
|
||||
}
|
||||
try {
|
||||
handlers.add(new PaxWebConstraintHandler());
|
||||
} catch (Throwable t) {
|
||||
// Ignore
|
||||
}
|
||||
for (Object constraintMapping : constraintMappings) {
|
||||
boolean handled = false;
|
||||
for (ConstraintHandler handler : handlers) {
|
||||
handled |= handler.addConstraintMapping(httpContext, service, constraintMapping);
|
||||
}
|
||||
if (!handled) {
|
||||
log.warnv("Unable to add constraint mapping for constraint of type " + constraintMapping.getClass().toString());
|
||||
}
|
||||
}
|
||||
|
||||
service.registerLoginConfig("BASIC", "does-not-matter", null, null, httpContext);
|
||||
|
@ -146,6 +164,16 @@ public class PaxWebIntegrationService {
|
|||
}
|
||||
}
|
||||
|
||||
protected void addConstraintMapping(WebContainer service, PaxWebSecurityConstraintMapping constraintMapping) {
|
||||
String name = constraintMapping.getConstraintName();
|
||||
if (name == null) {
|
||||
name = "Constraint-" + new SecureRandom().nextInt(Integer.MAX_VALUE);
|
||||
}
|
||||
log.debug("Adding security constraint name=" + name + ", url=" + constraintMapping.getUrl() + ", dataConstraint=" + constraintMapping.getDataConstraint() + ", canAuthenticate="
|
||||
+ constraintMapping.isAuthentication() + ", roles=" + constraintMapping.getRoles());
|
||||
service.registerConstraintMapping(name, constraintMapping.getUrl(), constraintMapping.getMapping(), constraintMapping.getDataConstraint(), constraintMapping.isAuthentication(), constraintMapping.getRoles(), httpContext);
|
||||
}
|
||||
|
||||
protected void addConstraintMapping(WebContainer service, ConstraintMapping constraintMapping) {
|
||||
Constraint constraint = constraintMapping.getConstraint();
|
||||
String[] roles = constraint.getRoles();
|
||||
|
@ -178,4 +206,71 @@ public class PaxWebIntegrationService {
|
|||
service.unregisterConstraintMapping(httpContext);
|
||||
}
|
||||
}
|
||||
|
||||
private interface ConstraintHandler {
|
||||
boolean addConstraintMapping(HttpContext httpContext, WebContainer service, Object cm);
|
||||
}
|
||||
|
||||
private static class PaxWebConstraintHandler implements ConstraintHandler {
|
||||
|
||||
@Override
|
||||
public boolean addConstraintMapping(HttpContext httpContext, WebContainer service, Object cm) {
|
||||
if (cm instanceof PaxWebSecurityConstraintMapping) {
|
||||
PaxWebSecurityConstraintMapping constraintMapping = (PaxWebSecurityConstraintMapping) cm;
|
||||
String name = constraintMapping.getConstraintName();
|
||||
if (name == null) {
|
||||
name = "Constraint-" + new SecureRandom().nextInt(Integer.MAX_VALUE);
|
||||
}
|
||||
log.debug("Adding security constraint name=" + name + ", url=" + constraintMapping.getUrl() + ", dataConstraint=" + constraintMapping.getDataConstraint() + ", canAuthenticate="
|
||||
+ constraintMapping.isAuthentication() + ", roles=" + constraintMapping.getRoles());
|
||||
service.registerConstraintMapping(name, constraintMapping.getUrl(), constraintMapping.getMapping(), constraintMapping.getDataConstraint(), constraintMapping.isAuthentication(), constraintMapping.getRoles(), httpContext);
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
private static class JettyConstraintHandler implements ConstraintHandler {
|
||||
|
||||
@Override
|
||||
public boolean addConstraintMapping(HttpContext httpContext, WebContainer service, Object cm) {
|
||||
if (cm instanceof ConstraintMapping) {
|
||||
ConstraintMapping constraintMapping = (ConstraintMapping) cm;
|
||||
Constraint constraint = constraintMapping.getConstraint();
|
||||
String[] roles = constraint.getRoles();
|
||||
// name property is unavailable on constraint object :/
|
||||
|
||||
String name = "Constraint-" + new SecureRandom().nextInt(Integer.MAX_VALUE);
|
||||
|
||||
int dataConstraint = constraint.getDataConstraint();
|
||||
String dataConstraintStr;
|
||||
switch (dataConstraint) {
|
||||
case Constraint.DC_UNSET:
|
||||
dataConstraintStr = null;
|
||||
break;
|
||||
case Constraint.DC_NONE:
|
||||
dataConstraintStr = "NONE";
|
||||
break;
|
||||
case Constraint.DC_CONFIDENTIAL:
|
||||
dataConstraintStr = "CONFIDENTIAL";
|
||||
break;
|
||||
case Constraint.DC_INTEGRAL:
|
||||
dataConstraintStr = "INTEGRAL";
|
||||
break;
|
||||
default:
|
||||
log.warnv("Unknown data constraint: " + dataConstraint);
|
||||
dataConstraintStr = "CONFIDENTIAL";
|
||||
}
|
||||
List<String> rolesList = Arrays.asList(roles);
|
||||
|
||||
log.debug("Adding security constraint name=" + name + ", url=" + constraintMapping.getPathSpec() + ", dataConstraint=" + dataConstraintStr + ", canAuthenticate="
|
||||
+ constraint.getAuthenticate() + ", roles=" + rolesList);
|
||||
service.registerConstraintMapping(name, constraintMapping.getPathSpec(), null, dataConstraintStr, constraint.getAuthenticate(), rolesList, httpContext);
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
|
@ -0,0 +1,73 @@
|
|||
/*
|
||||
* To change this license header, choose License Headers in Project Properties.
|
||||
* To change this template file, choose Tools | Templates
|
||||
* and open the template in the editor.
|
||||
*/
|
||||
package org.keycloak.adapters.osgi;
|
||||
|
||||
import java.security.SecureRandom;
|
||||
import java.util.LinkedList;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
*
|
||||
* @author hmlnarik
|
||||
*/
|
||||
public class PaxWebSecurityConstraintMapping {
|
||||
|
||||
private String constraintName = "Constraint-" + new SecureRandom().nextInt(Integer.MAX_VALUE);
|
||||
private String mapping;
|
||||
private String url;
|
||||
private String dataConstraint = "NONE";
|
||||
private boolean authentication = true;
|
||||
private List<String> roles = new LinkedList<>();
|
||||
|
||||
public String getConstraintName() {
|
||||
return constraintName;
|
||||
}
|
||||
|
||||
public void setConstraintName(String constraintName) {
|
||||
this.constraintName = constraintName;
|
||||
}
|
||||
|
||||
public String getMapping() {
|
||||
return mapping;
|
||||
}
|
||||
|
||||
public void setMapping(String mapping) {
|
||||
this.mapping = mapping;
|
||||
}
|
||||
|
||||
public String getUrl() {
|
||||
return url;
|
||||
}
|
||||
|
||||
public void setUrl(String url) {
|
||||
this.url = url;
|
||||
}
|
||||
|
||||
public String getDataConstraint() {
|
||||
return dataConstraint;
|
||||
}
|
||||
|
||||
public void setDataConstraint(String dataConstraint) {
|
||||
this.dataConstraint = dataConstraint;
|
||||
}
|
||||
|
||||
public boolean isAuthentication() {
|
||||
return authentication;
|
||||
}
|
||||
|
||||
public void setAuthentication(boolean authentication) {
|
||||
this.authentication = authentication;
|
||||
}
|
||||
|
||||
public List<String> getRoles() {
|
||||
return roles;
|
||||
}
|
||||
|
||||
public void setRoles(List<String> roles) {
|
||||
this.roles = roles;
|
||||
}
|
||||
|
||||
}
|
|
@ -34,6 +34,7 @@
|
|||
<module>adapter-core</module>
|
||||
<module>as7-eap6</module>
|
||||
<module>installed</module>
|
||||
<module>fuse7</module>
|
||||
<module>kcinit</module>
|
||||
<module>jaxrs-oauth-client</module>
|
||||
<module>jetty</module>
|
||||
|
|
|
@ -30,7 +30,7 @@
|
|||
<artifactId>keycloak-examples-fuse-parent</artifactId>
|
||||
<packaging>pom</packaging>
|
||||
<properties>
|
||||
<camel.version>2.17.0</camel.version>
|
||||
<camel.version>2.21.0</camel.version>
|
||||
</properties>
|
||||
<modules>
|
||||
<module>customer-app-fuse</module>
|
||||
|
|
9
pom.xml
9
pom.xml
|
@ -59,7 +59,7 @@
|
|||
<apache.mime4j.version>0.6</apache.mime4j.version>
|
||||
<jboss.dmr.version>1.4.1.Final</jboss.dmr.version>
|
||||
<bouncycastle.version>1.56</bouncycastle.version>
|
||||
<cxf.version>3.1.13</cxf.version>
|
||||
<cxf.version>3.2.0</cxf.version>
|
||||
<dom4j.version>1.6.1</dom4j.version>
|
||||
<github.relaxng.version>2011.1</github.relaxng.version>
|
||||
<h2.version>1.4.193</h2.version>
|
||||
|
@ -105,7 +105,7 @@
|
|||
<liquibase.version>3.4.1</liquibase.version>
|
||||
<mysql.version>5.1.29</mysql.version>
|
||||
<osgi.version>4.2.0</osgi.version>
|
||||
<pax.web.version>4.2.4</pax.web.version>
|
||||
<pax.web.version>7.1.0</pax.web.version>
|
||||
<postgresql.version>9.3-1100-jdbc41</postgresql.version>
|
||||
<mariadb.version>1.3.7</mariadb.version>
|
||||
<servlet.api.30.version>1.0.2.Final</servlet.api.30.version>
|
||||
|
@ -697,6 +697,11 @@
|
|||
<artifactId>pax-web-api</artifactId>
|
||||
<version>${pax.web.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.ops4j.pax.web</groupId>
|
||||
<artifactId>pax-web-spi</artifactId>
|
||||
<version>${pax.web.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.jboss.aesh</groupId>
|
||||
<artifactId>aesh</artifactId>
|
||||
|
|
Loading…
Reference in a new issue