Merge pull request #4200 from guigarage/servlet-config
KeycloakConfigResolver config for servlet filter
This commit is contained in:
Stian Thorgersen
GitHub
commit
b041146a3f
1 changed files with 54 additions and 30 deletions
|
|
@ -54,24 +54,51 @@ import java.util.regex.Pattern;
|
||||||
*/
|
*/
|
||||||
public class KeycloakOIDCFilter implements Filter {
|
public class KeycloakOIDCFilter implements Filter {
|
||||||
|
|
||||||
|
private final static Logger log = Logger.getLogger("" + KeycloakOIDCFilter.class);
|
||||||
|
|
||||||
public static final String SKIP_PATTERN_PARAM = "keycloak.config.skipPattern";
|
public static final String SKIP_PATTERN_PARAM = "keycloak.config.skipPattern";
|
||||||
|
|
||||||
|
public static final String CONFIG_RESOLVER_PARAM = "keycloak.config.resolver";
|
||||||
|
|
||||||
|
public static final String CONFIG_FILE_PARAM = "keycloak.config.file";
|
||||||
|
|
||||||
|
public static final String CONFIG_PATH_PARAM = "keycloak.config.path";
|
||||||
|
|
||||||
protected AdapterDeploymentContext deploymentContext;
|
protected AdapterDeploymentContext deploymentContext;
|
||||||
|
|
||||||
protected SessionIdMapper idMapper = new InMemorySessionIdMapper();
|
protected SessionIdMapper idMapper = new InMemorySessionIdMapper();
|
||||||
|
|
||||||
protected NodesRegistrationManagement nodesRegistrationManagement;
|
protected NodesRegistrationManagement nodesRegistrationManagement;
|
||||||
|
|
||||||
protected Pattern skipPattern;
|
protected Pattern skipPattern;
|
||||||
|
|
||||||
private final static Logger log = Logger.getLogger(""+KeycloakOIDCFilter.class);
|
private final KeycloakConfigResolver definedconfigResolver;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Constructor that can be used to define a {@code KeycloakConfigResolver} that will be used at initialization to
|
||||||
|
* provide the {@code KeycloakDeployment}.
|
||||||
|
* @param definedconfigResolver the resolver
|
||||||
|
*/
|
||||||
|
public KeycloakOIDCFilter(KeycloakConfigResolver definedconfigResolver) {
|
||||||
|
this.definedconfigResolver = definedconfigResolver;
|
||||||
|
}
|
||||||
|
|
||||||
|
public KeycloakOIDCFilter() {
|
||||||
|
this(null);
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void init(final FilterConfig filterConfig) throws ServletException {
|
public void init(final FilterConfig filterConfig) throws ServletException {
|
||||||
|
|
||||||
String skipPatternDefinition = filterConfig.getInitParameter(SKIP_PATTERN_PARAM);
|
String skipPatternDefinition = filterConfig.getInitParameter(SKIP_PATTERN_PARAM);
|
||||||
if (skipPatternDefinition != null) {
|
if (skipPatternDefinition != null) {
|
||||||
skipPattern = Pattern.compile(skipPatternDefinition, Pattern.DOTALL);
|
skipPattern = Pattern.compile(skipPatternDefinition, Pattern.DOTALL);
|
||||||
}
|
}
|
||||||
|
|
||||||
String configResolverClass = filterConfig.getInitParameter("keycloak.config.resolver");
|
if (definedconfigResolver != null) {
|
||||||
|
deploymentContext = new AdapterDeploymentContext(definedconfigResolver);
|
||||||
|
log.log(Level.INFO, "Using {0} to resolve Keycloak configuration on a per-request basis.", definedconfigResolver.getClass());
|
||||||
|
} else {
|
||||||
|
String configResolverClass = filterConfig.getInitParameter(CONFIG_RESOLVER_PARAM);
|
||||||
if (configResolverClass != null) {
|
if (configResolverClass != null) {
|
||||||
try {
|
try {
|
||||||
KeycloakConfigResolver configResolver = (KeycloakConfigResolver) getClass().getClassLoader().loadClass(configResolverClass).newInstance();
|
KeycloakConfigResolver configResolver = (KeycloakConfigResolver) getClass().getClassLoader().loadClass(configResolverClass).newInstance();
|
||||||
|
|
@ -82,7 +109,7 @@ public class KeycloakOIDCFilter implements Filter {
|
||||||
deploymentContext = new AdapterDeploymentContext(new KeycloakDeployment());
|
deploymentContext = new AdapterDeploymentContext(new KeycloakDeployment());
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
String fp = filterConfig.getInitParameter("keycloak.config.file");
|
String fp = filterConfig.getInitParameter(CONFIG_FILE_PARAM);
|
||||||
InputStream is = null;
|
InputStream is = null;
|
||||||
if (fp != null) {
|
if (fp != null) {
|
||||||
try {
|
try {
|
||||||
|
|
@ -92,7 +119,7 @@ public class KeycloakOIDCFilter implements Filter {
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
String path = "/WEB-INF/keycloak.json";
|
String path = "/WEB-INF/keycloak.json";
|
||||||
String pathParam = filterConfig.getInitParameter("keycloak.config.path");
|
String pathParam = filterConfig.getInitParameter(CONFIG_PATH_PARAM);
|
||||||
if (pathParam != null) path = pathParam;
|
if (pathParam != null) path = pathParam;
|
||||||
is = filterConfig.getServletContext().getResourceAsStream(path);
|
is = filterConfig.getServletContext().getResourceAsStream(path);
|
||||||
}
|
}
|
||||||
|
|
@ -100,26 +127,23 @@ public class KeycloakOIDCFilter implements Filter {
|
||||||
deploymentContext = new AdapterDeploymentContext(kd);
|
deploymentContext = new AdapterDeploymentContext(kd);
|
||||||
log.fine("Keycloak is using a per-deployment configuration.");
|
log.fine("Keycloak is using a per-deployment configuration.");
|
||||||
}
|
}
|
||||||
|
}
|
||||||
filterConfig.getServletContext().setAttribute(AdapterDeploymentContext.class.getName(), deploymentContext);
|
filterConfig.getServletContext().setAttribute(AdapterDeploymentContext.class.getName(), deploymentContext);
|
||||||
nodesRegistrationManagement = new NodesRegistrationManagement();
|
nodesRegistrationManagement = new NodesRegistrationManagement();
|
||||||
}
|
}
|
||||||
|
|
||||||
private KeycloakDeployment createKeycloakDeploymentFrom(InputStream is) {
|
private KeycloakDeployment createKeycloakDeploymentFrom(InputStream is) {
|
||||||
|
|
||||||
if (is == null) {
|
if (is == null) {
|
||||||
log.fine("No adapter configuration. Keycloak is unconfigured and will deny all requests.");
|
log.fine("No adapter configuration. Keycloak is unconfigured and will deny all requests.");
|
||||||
return new KeycloakDeployment();
|
return new KeycloakDeployment();
|
||||||
}
|
}
|
||||||
|
|
||||||
return KeycloakDeploymentBuilder.build(is);
|
return KeycloakDeploymentBuilder.build(is);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
|
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
|
||||||
|
|
||||||
log.fine("Keycloak OIDC Filter");
|
log.fine("Keycloak OIDC Filter");
|
||||||
//System.err.println("Keycloak OIDC Filter: " + ((HttpServletRequest)req).getRequestURL().toString());
|
|
||||||
HttpServletRequest request = (HttpServletRequest) req;
|
HttpServletRequest request = (HttpServletRequest) req;
|
||||||
HttpServletResponse response = (HttpServletResponse) res;
|
HttpServletResponse response = (HttpServletResponse) res;
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue