KEYCLOAK-4662 Keycloak adapter missing configuration attribute proxy-url

2018-07-11 13:17:00 +02:00 · 2018-07-11 13:17:00 +02:00 · b520dda3ef
commit b520dda3ef
parent 90bfa2bff5
11 changed files with 41 additions and 2 deletions
--- a/adapters/oidc/as7-eap6/as7-subsystem/src/main/java/org/keycloak/subsystem/as7/SharedAttributeDefinitons.java
+++ b/adapters/oidc/as7-eap6/as7-subsystem/src/main/java/org/keycloak/subsystem/as7/SharedAttributeDefinitons.java
@ -166,6 +166,13 @@ class SharedAttributeDefinitons {
                    .setValidator(new StringLengthValidator(1, Integer.MAX_VALUE, true, true))
                    .build();
    protected static final SimpleAttributeDefinition PROXY_URL =
            new SimpleAttributeDefinitionBuilder("proxy-url", ModelType.STRING, true)
                    .setXmlName("proxy-url")
                    .setAllowExpression(true)
                    .setValidator(new StringLengthValidator(1, Integer.MAX_VALUE, true, true))
                    .build();
    protected static final List<SimpleAttributeDefinition> ATTRIBUTES = new ArrayList<SimpleAttributeDefinition>();
@ -192,6 +199,7 @@ class SharedAttributeDefinitons {
        ATTRIBUTES.add(REGISTER_NODE_PERIOD);
        ATTRIBUTES.add(TOKEN_STORE);
        ATTRIBUTES.add(PRINCIPAL_ATTRIBUTE);
        ATTRIBUTES.add(PROXY_URL);
    }
    /**
--- a/adapters/oidc/as7-eap6/as7-subsystem/src/main/resources/org/keycloak/subsystem/as7/LocalDescriptions.properties
+++ b/adapters/oidc/as7-eap6/as7-subsystem/src/main/resources/org/keycloak/subsystem/as7/LocalDescriptions.properties
@ -46,6 +46,7 @@ keycloak.realm.register-node-at-startup=Cluster setting
 keycloak.realm.register-node-period=how often to re-register node
 keycloak.realm.token-store=cookie or session storage for auth session data
 keycloak.realm.principal-attribute=token attribute to use to set Principal name
 keycloak.realm.proxy-url=The URL for the HTTP proxy if one is used.
 keycloak.secure-deployment=A deployment secured by Keycloak
 keycloak.secure-deployment.add=Add a deployment to be secured by Keycloak
@ -82,7 +83,7 @@ keycloak.secure-deployment.principal-attribute=token attribute to use to set Pri
 keycloak.secure-deployment.turn-off-change-session-id-on-login=The session id is changed by default on a successful login.  Change this to true if you want to turn this off
 keycloak.secure-deployment.token-minimum-time-to-live=The adapter will refresh the token if the current token is expired OR will expire in 'token-minimum-time-to-live' seconds or less
 keycloak.secure-deployment.min-time-between-jwks-requests=If adapter recognize token signed by unknown public key, it will try to download new public key from keycloak server. However it won't try to download if already tried it in less than 'min-time-between-jwks-requests' seconds
-
+keycloak.secure-deployment.proxy-url=The URL for the HTTP proxy if one is used.
 keycloak.secure-deployment.credential=Credential value
 keycloak.credential=Credential
--- a/adapters/oidc/as7-eap6/as7-subsystem/src/main/resources/schema/keycloak_1_1.xsd
+++ b/adapters/oidc/as7-eap6/as7-subsystem/src/main/resources/schema/keycloak_1_1.xsd
@ -65,6 +65,7 @@
            <xs:element name="register-node-period" type="xs:integer" minOccurs="0" maxOccurs="1"/>
            <xs:element name="token-store" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="principal-attribute" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="proxy-url" type="xs:string" minOccurs="0" maxOccurs="1"/>
        </xs:all>
        <xs:attribute name="name" type="xs:string" use="required">
            <xs:annotation>
@ -107,6 +108,7 @@
            <xs:element name="turn-off-change-session-id-on-login" type="xs:boolean" minOccurs="0" maxOccurs="1" />
            <xs:element name="token-minimum-time-to-live" type="xs:integer" minOccurs="0" maxOccurs="1"/>
            <xs:element name="min-time-between-jwks-requests" type="xs:integer" minOccurs="0" maxOccurs="1"/>
            <xs:element name="proxy-url" type="xs:string" minOccurs="0" maxOccurs="1"/>
        </xs:all>
        <xs:attribute name="name" type="xs:string" use="required">
            <xs:annotation>
--- a/adapters/oidc/wildfly/wf8-subsystem/src/main/java/org/keycloak/subsystem/wf8/extension/SharedAttributeDefinitons.java
+++ b/adapters/oidc/wildfly/wf8-subsystem/src/main/java/org/keycloak/subsystem/wf8/extension/SharedAttributeDefinitons.java
@ -187,6 +187,13 @@ public class SharedAttributeDefinitons {
            .setDefaultValue(new ModelNode(false))
            .build();
    protected static final SimpleAttributeDefinition PROXY_URL =
            new SimpleAttributeDefinitionBuilder("proxy-url", ModelType.STRING, true)
                    .setXmlName("proxy-url")
                    .setAllowExpression(true)
                    .setValidator(new StringLengthValidator(1, Integer.MAX_VALUE, true, true))
                    .build();
    protected static final List<SimpleAttributeDefinition> ATTRIBUTES = new ArrayList<SimpleAttributeDefinition>();
    static {
        ATTRIBUTES.add(REALM_PUBLIC_KEY);
@ -214,6 +221,7 @@ public class SharedAttributeDefinitons {
        ATTRIBUTES.add(PRINCIPAL_ATTRIBUTE);
        ATTRIBUTES.add(AUTODETECT_BEARER_ONLY);
        ATTRIBUTES.add(IGNORE_OAUTH_QUERY_PARAMETER);
        ATTRIBUTES.add(PROXY_URL);
    }
    /**
--- a/adapters/oidc/wildfly/wf8-subsystem/src/main/resources/org/keycloak/subsystem/wf8/extension/LocalDescriptions.properties
+++ b/adapters/oidc/wildfly/wf8-subsystem/src/main/resources/org/keycloak/subsystem/wf8/extension/LocalDescriptions.properties
@ -49,6 +49,7 @@ keycloak.realm.token-store=cookie or session storage for auth session data
 keycloak.realm.principal-attribute=token attribute to use to set Principal name
 keycloak.realm.autodetect-bearer-only=autodetect bearer-only requests
 keycloak.realm.ignore-oauth-query-parameter=disable query parameter parsing for access_token
 keycloak.realm.proxy-url=The URL for the HTTP proxy if one is used.
 keycloak.secure-deployment=A deployment secured by Keycloak
 keycloak.secure-deployment.add=Add a deployment to be secured by Keycloak
@ -88,7 +89,7 @@ keycloak.secure-deployment.token-minimum-time-to-live=The adapter will refresh t
 keycloak.secure-deployment.min-time-between-jwks-requests=If adapter recognize token signed by unknown public key, it will try to download new public key from keycloak server. However it won't try to download if already tried it in less than 'min-time-between-jwks-requests' seconds
 keycloak.secure-deployment.autodetect-bearer-only=autodetect bearer-only requests
 keycloak.secure-deployment.ignore-oauth-query-parameter=disable query parameter parsing for access_token
-
+keycloak.secure-deployment.proxy-url=The URL for the HTTP proxy if one is used.
 keycloak.secure-deployment.credential=Credential value
 keycloak.credential=Credential
--- a/adapters/oidc/wildfly/wf8-subsystem/src/main/resources/schema/wildfly-keycloak_1_1.xsd
+++ b/adapters/oidc/wildfly/wf8-subsystem/src/main/resources/schema/wildfly-keycloak_1_1.xsd
@ -68,6 +68,7 @@
            <xs:element name="principal-attribute" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="autodetect-bearer-only" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
            <xs:element name="ignore-oauth-query-parameter" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
            <xs:element name="proxy-url" type="xs:string" minOccurs="0" maxOccurs="1"/>
        </xs:all>
        <xs:attribute name="name" type="xs:string" use="required">
            <xs:annotation>
@ -113,6 +114,7 @@
            <xs:element name="min-time-between-jwks-requests" type="xs:integer" minOccurs="0" maxOccurs="1"/>
            <xs:element name="autodetect-bearer-only" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
            <xs:element name="ignore-oauth-query-parameter" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
            <xs:element name="proxy-url" type="xs:string" minOccurs="0" maxOccurs="1"/>
        </xs:all>
        <xs:attribute name="name" type="xs:string" use="required">
            <xs:annotation>
--- a/adapters/oidc/wildfly/wf8-subsystem/src/test/resources/org/keycloak/subsystem/wf8/extension/keycloak-1.1.xml
+++ b/adapters/oidc/wildfly/wf8-subsystem/src/test/resources/org/keycloak/subsystem/wf8/extension/keycloak-1.1.xml
@ -28,6 +28,7 @@
        </realm-public-key>
        <auth-server-url>http://localhost:8080/auth</auth-server-url>
        <ssl-required>EXTERNAL</ssl-required>
        <proxy-url>http://localhost:9000</proxy-url>
        <credential name="secret">0aa31d98-e0aa-404c-b6e0-e771dba1e798</credential>
    </secure-deployment>
    <secure-deployment name="http-endpoint">
--- a/adapters/oidc/wildfly/wildfly-subsystem/src/main/java/org/keycloak/subsystem/adapter/extension/SharedAttributeDefinitons.java
+++ b/adapters/oidc/wildfly/wildfly-subsystem/src/main/java/org/keycloak/subsystem/adapter/extension/SharedAttributeDefinitons.java
@ -193,6 +193,13 @@ public class SharedAttributeDefinitons {
                    .setDefaultValue(new ModelNode(8443))
                    .build();
    protected static final SimpleAttributeDefinition PROXY_URL =
            new SimpleAttributeDefinitionBuilder("proxy-url", ModelType.STRING, true)
                    .setXmlName("proxy-url")
                    .setAllowExpression(true)
                    .setValidator(new StringLengthValidator(1, Integer.MAX_VALUE, true, true))
                    .build();
    protected static final List<SimpleAttributeDefinition> ATTRIBUTES = new ArrayList<SimpleAttributeDefinition>();
    static {
@ -222,6 +229,7 @@ public class SharedAttributeDefinitons {
        ATTRIBUTES.add(PRINCIPAL_ATTRIBUTE);
        ATTRIBUTES.add(AUTODETECT_BEARER_ONLY);
        ATTRIBUTES.add(IGNORE_OAUTH_QUERY_PARAMETER);
        ATTRIBUTES.add(PROXY_URL);
    }
    private static boolean isSet(ModelNode attributes, SimpleAttributeDefinition def) {
--- a/adapters/oidc/wildfly/wildfly-subsystem/src/main/resources/org/keycloak/subsystem/adapter/extension/LocalDescriptions.properties
+++ b/adapters/oidc/wildfly/wildfly-subsystem/src/main/resources/org/keycloak/subsystem/adapter/extension/LocalDescriptions.properties
@ -52,6 +52,7 @@ keycloak.realm.token-store=cookie or session storage for auth session data
 keycloak.realm.principal-attribute=token attribute to use to set Principal name
 keycloak.realm.autodetect-bearer-only=autodetect bearer-only requests
 keycloak.realm.ignore-oauth-query-parameter=disable query parameter parsing for access_token
 keycloak.realm.proxy-url=The URL for the HTTP proxy if one is used.
 keycloak.secure-deployment=A deployment secured by Keycloak
 keycloak.secure-deployment.add=Add a deployment to be secured by Keycloak
@ -93,6 +94,7 @@ keycloak.secure-deployment.turn-off-change-session-id-on-login=The session id is
 keycloak.secure-deployment.token-minimum-time-to-live=The adapter will refresh the token if the current token is expired OR will expire in 'token-minimum-time-to-live' seconds or less
 keycloak.secure-deployment.min-time-between-jwks-requests=If adapter recognize token signed by unknown public key, it will try to download new public key from keycloak server. However it won't try to download if already tried it in less than 'min-time-between-jwks-requests' seconds
 keycloak.secure-deployment.ignore-oauth-query-parameter=disable query parameter parsing for access_token
 keycloak.secure-deployment.proxy-url=The URL for the HTTP proxy if one is used.
 keycloak.secure-server=A deployment secured by Keycloak
 keycloak.secure-server.add=Add a deployment to be secured by Keycloak
@ -134,6 +136,7 @@ keycloak.secure-server.turn-off-change-session-id-on-login=The session id is cha
 keycloak.secure-server.token-minimum-time-to-live=The adapter will refresh the token if the current token is expired OR will expire in 'token-minimum-time-to-live' seconds or less
 keycloak.secure-server.min-time-between-jwks-requests=If adapter recognize token signed by unknown public key, it will try to download new public key from keycloak server. However it won't try to download if already tried it in less than 'min-time-between-jwks-requests' seconds
 keycloak.secure-server.ignore-oauth-query-parameter=disable query parameter parsing for access_token
 keycloak.secure-server.proxy-url=The URL for the HTTP proxy if one is used.
 keycloak.secure-deployment.credential=Credential value
 keycloak.secure-server.credential=Credential value
--- a/adapters/oidc/wildfly/wildfly-subsystem/src/main/resources/schema/wildfly-keycloak_1_1.xsd
+++ b/adapters/oidc/wildfly/wildfly-subsystem/src/main/resources/schema/wildfly-keycloak_1_1.xsd
@ -70,6 +70,7 @@
            <xs:element name="principal-attribute" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="autodetect-bearer-only" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
            <xs:element name="ignore-oauth-query-parameter" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
            <xs:element name="proxy-url" type="xs:string" minOccurs="0" maxOccurs="1"/>
        </xs:all>
        <xs:attribute name="name" type="xs:string" use="required">
            <xs:annotation>
@ -117,6 +118,7 @@
            <xs:element name="min-time-between-jwks-requests" type="xs:integer" minOccurs="0" maxOccurs="1"/>
            <xs:element name="autodetect-bearer-only" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
            <xs:element name="ignore-oauth-query-parameter" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
            <xs:element name="proxy-url" type="xs:string" minOccurs="0" maxOccurs="1"/>
        </xs:all>
        <xs:attribute name="name" type="xs:string" use="required">
            <xs:annotation>
--- a/adapters/oidc/wildfly/wildfly-subsystem/src/test/resources/org/keycloak/subsystem/adapter/extension/keycloak-1.1.xml
+++ b/adapters/oidc/wildfly/wildfly-subsystem/src/test/resources/org/keycloak/subsystem/adapter/extension/keycloak-1.1.xml
@ -40,6 +40,7 @@
        <register-node-period>60</register-node-period>
        <token-store>session</token-store>
        <principal-attribute>sub</principal-attribute>
        <proxy-url>http://localhost:9000</proxy-url>
    </realm>
    <realm name="jboss-infra">
        <realm-public-key>MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKoq+a9MgXepmsPJDmo45qswuChW9pWjanX68oIBuI4hGvhQxFHryCow230A+sr7tFdMQMt8f1l/ysmV/fYAuW29WaoY4kI4Ou1yYPuwywKSsxT6PooTs83hKyZ1h4LZMj5DkLGDDDyVRHob2WmPaYg9RGVRw3iGGsD/p+Yb+L/gnBYQnZZ7lYqmN7h36p5CkzzlgXQA1Ha8sQxL+rJNH8+sZm0vBrKsoII3Of7TqHGsm1RwFV3XCuGJ7S61AbjJMXL5DQgJl9Z5scvxGAyoRLKC294UgMnQdzyBTMPw2GybxkRKmiK2KjQKmcopmrJp/Bt6fBR6ZkGSs9qUlxGHgwIDAQAB</realm-public-key>
@ -58,6 +59,7 @@
        <auth-server-url>http://localhost:8080/auth</auth-server-url>
        <ssl-required>EXTERNAL</ssl-required>
        <confidential-port>443</confidential-port>
        <proxy-url>http://localhost:9000</proxy-url>
        <credential name="secret">0aa31d98-e0aa-404c-b6e0-e771dba1e798</credential>
        <redirect-rewrite-rule name="^/wsmaster/api/(.*)$">api/$1/</redirect-rewrite-rule>
    </secure-deployment>
@ -88,5 +90,6 @@
        <public-client>true</public-client>
        <ssl-required>EXTERNAL</ssl-required>
        <confidential-port>443</confidential-port>
        <proxy-url>http://localhost:9000</proxy-url>
    </secure-server>
 </subsystem>