libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

Upgrade to picketlink 2.6.0.CR5. Support for sync whole UserModel into AuthenticationProvider

Browse source
This commit is contained in:
mposolda 2014-06-23 15:28:35 +02:00
parent 767e6a9783
commit aea4fd8e30
7 changed files with 23 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
authentication/authentication-api/src/main/java/org/keycloak/authentication/AuthenticationProvider.java
View file

@ -4,6 +4,7 @@ import java.util.List;
import java.util.Map;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.provider.Provider;
/**
@ -36,11 +37,11 @@ public interface AuthenticationProvider extends Provider {
*
* @param realm
* @param configuration
* @param username
* @param user Keycloak user, which will be registered on authentication provider side
* @return ID of newly created user (For example ID from LDAP)
* @throws AuthenticationProviderException if user creation couldn't happen
*/
String registerUser(RealmModel realm, Map<String, String> configuration, String username) throws AuthenticationProviderException;
String registerUser(RealmModel realm, Map<String, String> configuration, UserModel user) throws AuthenticationProviderException;
/**
* Standard Authentication flow

4
authentication/authentication-api/src/main/java/org/keycloak/authentication/AuthenticationProviderManager.java
View file

@ -118,7 +118,7 @@ public class AuthenticationProviderManager {
+ authUser.getProviderName() + " but is not linked with model user");
}
} else {
String userIdInProvider = delegate.registerUser(realm, providerModel.getConfig(), user.getLoginName());
String userIdInProvider = delegate.registerUser(realm, providerModel.getConfig(), user);
authLink = new AuthenticationLinkModel(providerModel.getProviderName(), userIdInProvider);
user.setAuthenticationLink(authLink);
logger.infof("User '%s' registered in provider '%s' and linked", user.getLoginName(), providerModel.getProviderName());
@ -143,7 +143,7 @@ public class AuthenticationProviderManager {
String username = user.getLoginName();
// Update just those, which support password update
// Update just if password update is supported
if (providerModel.isPasswordUpdateSupported()) {
try {
AuthenticationProvider delegate = getProvider(providerName);

11
authentication/authentication-model/src/main/java/org/keycloak/authentication/model/AbstractModelAuthenticationProvider.java
View file

@ -30,11 +30,14 @@ public abstract class AbstractModelAuthenticationProvider implements Authenticat
}
@Override
public String registerUser(RealmModel currentRealm, Map<String, String> config, String username) throws AuthenticationProviderException {
public String registerUser(RealmModel currentRealm, Map<String, String> config, UserModel user) throws AuthenticationProviderException {
RealmModel realm = getRealm(currentRealm, config);
UserModel user = currentRealm.addUser(username);
user.setEnabled(true);
return user.getId();
UserModel newUser = realm.addUser(user.getLoginName());
newUser.setFirstName(user.getFirstName());
newUser.setLastName(user.getLastName());
newUser.setEmail(user.getEmail());
newUser.setEnabled(true);
return newUser.getId();
}
@Override

12
authentication/authentication-picketlink/src/main/java/org/keycloak/authentication/picketlink/PicketlinkAuthenticationProvider.java
View file

@ -7,6 +7,7 @@ import org.keycloak.authentication.AuthUser;
import org.keycloak.authentication.AuthenticationProvider;
import org.keycloak.authentication.AuthenticationProviderException;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.picketlink.IdentityManagerProvider;
import org.picketlink.idm.IdentityManagementException;
import org.picketlink.idm.IdentityManager;
@ -67,16 +68,15 @@ public class PicketlinkAuthenticationProvider implements AuthenticationProvider
}
@Override
public String registerUser(RealmModel realm, Map<String, String> configuration, String username) throws AuthenticationProviderException {
public String registerUser(RealmModel realm, Map<String, String> configuration, UserModel user) throws AuthenticationProviderException {
IdentityManager identityManager = getIdentityManager(realm);
try {
User picketlinkUser = new User(username);
User picketlinkUser = new User(user.getLoginName());
picketlinkUser.setFirstName(user.getFirstName());
picketlinkUser.setLastName(user.getLastName());
picketlinkUser.setEmail(user.getEmail());
identityManager.add(picketlinkUser);
// Hack needed due to ActiveDirectory bug in Picketlink TODO: Remove once https://issues.jboss.org/browse/PLINK-485 fixed and updated in keycloak master
picketlinkUser = BasicModel.getUser(identityManager, picketlinkUser.getLoginName());
return picketlinkUser.getId();
} catch (IdentityManagementException ie) {
throw convertIDMException(ie);

5
examples/providers/authentication-properties/src/main/java/org/keycloak/examples/providers/authentication/PropertiesAuthenticationProvider.java
View file

@ -11,6 +11,7 @@ import org.keycloak.authentication.AuthUser;
import org.keycloak.authentication.AuthenticationProvider;
import org.keycloak.authentication.AuthenticationProviderException;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
/**
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
@ -45,9 +46,9 @@ public class PropertiesAuthenticationProvider implements AuthenticationProvider
}
@Override
public String registerUser(RealmModel realm, Map<String, String> configuration, String username) throws AuthenticationProviderException {
public String registerUser(RealmModel realm, Map<String, String> configuration, UserModel user) throws AuthenticationProviderException {
// Registration ignored
return username;
return user.getLoginName();
}
@Override

2
pom.xml
View file

@ -19,7 +19,7 @@
<resteasy.version.eap.6.3>2.3.7.Final</resteasy.version.eap.6.3>
<resteasy.version.latest>3.0.8.Final</resteasy.version.latest>
<undertow.version>1.0.15.Final</undertow.version>
<picketlink.version>2.6.0.CR2</picketlink.version>
<picketlink.version>2.6.0.CR5</picketlink.version>
<picketbox.ldap.version>1.0.2.Final</picketbox.ldap.version>
<mongo.driver.version>2.11.3</mongo.driver.version>
<jboss.logging.version>3.1.1.GA</jboss.logging.version>

2
services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java
View file

@ -276,7 +276,7 @@ public class AuthenticationManager {
user.setLastName(authUser.getLastName());
user.setEmail(authUser.getEmail());
user.setAuthenticationLink(new AuthenticationLinkModel(authUser.getProviderName(), authUser.getId()));
logger.info("User " + authUser.getUsername() + " created and linked with provider " + authUser.getProviderName());
logger.info("User " + authUser.getUsername() + " created in Keycloak and linked with provider " + authUser.getProviderName());
} else {
logger.warn("User " + username + " not found");
return AuthenticationStatus.INVALID_USER;