Merge pull request #996 from pedroigor/master

[KEYCLOAK-1036] - Revert.
2015-02-25 11:22:15 -03:00 · 2015-02-25 11:22:15 -03:00 · b8e712e10b
commit b8e712e10b
parent 12dc159326 128cd98ce2
7 changed files with 9 additions and 39 deletions
--- a/events/api/src/main/java/org/keycloak/events/Errors.java
+++ b/events/api/src/main/java/org/keycloak/events/Errors.java
@ -37,7 +37,6 @@ public interface Errors {
    String FEDERATED_IDENTITY_EMAIL_EXISTS = "federated_identity_email_exists";
    String FEDERATED_IDENTITY_USERNAME_EXISTS = "federated_identity_username_exists";
    String FEDERATED_IDENTITY_DISABLED_REGISTRATION = "federated_identity_disabled_registration";
    String SSL_REQUIRED = "ssl_required";
    String USER_SESSION_NOT_FOUND = "user_session_not_found";
--- a/examples/broker/saml-broker-authentication/saml-broker-authentication-realm.json
+++ b/examples/broker/saml-broker-authentication/saml-broker-authentication-realm.json
@ -38,7 +38,11 @@
            "adminUrl": "/saml-broker-authentication",
            "baseUrl": "/saml-broker-authentication",
            "redirectUris": [
-              "/saml-broker-authentication/*"
+              "/saml-broker-authentication/*",
              "http://localhost:8080/saml-broker-authentication/*"
            ],
            "webOrigins": [
              "http://localhost:8080"
            ]
        }
    ],
@ -51,7 +55,7 @@
          "updateProfileFirstLogin" : "true",
          "storeToken" : "true",
          "config": {
-              "singleSignOnServiceUrl": "http://localhost:8080/auth/realms/saml-broker-realm/protocol/saml",
+              "singleSignOnServiceUrl": "http://localhost:8081/auth/realms/saml-broker-realm/protocol/saml",
              "nameIDPolicyFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
              "signingCertificate": "MIIDdzCCAl+gAwIBAgIEbySuqTANBgkqhkiG9w0BAQsFADBsMRAwDgYDVQQGEwdVbmtub3duMRAwDgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3duMRAwDgYDVQQKEwdVbmtub3duMRAwDgYDVQQLEwdVbmtub3duMRAwDgYDVQQDEwdVbmtub3duMB4XDTE1MDEyODIyMTYyMFoXDTE3MTAyNDIyMTYyMFowbDEQMA4GA1UEBhMHVW5rbm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5rbm93bjEQMA4GA1UEChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjEQMA4GA1UEAxMHVW5rbm93bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAII/K9NNvXi9IySl7+l2zY/kKrGTtuR4WdCI0xLW/Jn4dLY7v1/HOnV4CC4ecFOzhdNFPtJkmEhP/q62CpmOYOKApXk3tfmm2rwEz9bWprVxgFGKnbrWlz61Z/cjLAlhD3IUj2ZRBquYgSXQPsYfXo1JmSWF5pZ9uh1FVqu9f4wvRqY20ZhUN+39F+1iaBsoqsrbXypCn1HgZkW1/9D9GZug1c3vB4wg1TwZZWRNGtxwoEhdK6dPrNcZ+6PdanVilWrbQFbBjY4wz8/7IMBzssoQ7Usmo8F1Piv0FGfaVeJqBrcAvbiBMpk8pT+27u6p8VyIX6LhGvnxIwM07NByeSUCAwEAAaMhMB8wHQYDVR0OBBYEFFlcNuTYwI9W0tQ224K1gFJlMam0MA0GCSqGSIb3DQEBCwUAA4IBAQB5snl1KWOJALtAjLqD0mLPg1iElmZP82Lq1htLBt3XagwzU9CaeVeCQ7lTp+DXWzPa9nCLhsC3QyrV3/+oqNli8C6NpeqI8FqN2yQW/QMWN1m5jWDbmrWwtQzRUn/rh5KEb5m3zPB+tOC6e/2bV3QeQebxeW7lVMD0tSCviUg1MQf1l2gzuXQo60411YwqrXwk6GMkDOhFDQKDlMchO3oRbQkGbcP8UeiKAXjMeHfzbiBr+cWz8NYZEtxUEDYDjTpKrYCSMJBXpmgVJCZ00BswbksxJwaGqGMPpUKmCV671pf3m8nq3xyiHMDGuGwtbU+GE8kVx85menmp8+964nin",
              "wantAuthnRequestsSigned": true,
--- a/examples/broker/saml-broker-authentication/saml-broker-realm.json
+++ b/examples/broker/saml-broker-authentication/saml-broker-realm.json
@ -28,10 +28,10 @@
    },
    "applications": [
        {
-            "name": "http://localhost:8080/auth/",
+            "name": "http://localhost:8081/auth/",
            "enabled": true,
            "redirectUris": [
-              "http://localhost:8080/auth/realms/saml-broker-authentication-realm/broker/saml-identity-provider"
+              "http://localhost:8081/auth/realms/saml-broker-authentication-realm/broker/saml-identity-provider"
            ],
          "attributes": {
            "saml.assertion.signature": "true",
--- a/examples/broker/saml-broker-authentication/src/main/webapp/keycloak.json
+++ b/examples/broker/saml-broker-authentication/src/main/webapp/keycloak.json
@ -2,7 +2,7 @@
  "realm" : "saml-broker-authentication-realm",
  "resource" : "saml-broker-authentication",
  "realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
-  "auth-server-url": "http://localhost:8080/auth",
+  "auth-server-url": "http://localhost:8081/auth",
  "ssl-required" : "external",
  "public-client" : true
 }
--- a/forms/common-themes/src/main/resources/theme/login/base/messages/messages.properties
+++ b/forms/common-themes/src/main/resources/theme/login/base/messages/messages.properties
@ -56,7 +56,6 @@ emailExists=Email already exists
 federatedIdentityEmailExists=User with email already exists. Please login to account management to link the account.
 federatedIdentityUsernameExists=User with username already exists. Please login to account management to link the account.
 federatedIdentityDisabledRegistration=Registration of new users is not allowed. Please ask admin to register you and login to account management to link the account.
 loginTitle=Log in to
 loginOauthTitle=Temporary access.
--- a/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java
+++ b/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java
@ -526,12 +526,6 @@ public class IdentityBrokerService {
            throw new IdentityBrokerException("federatedIdentityUsernameExists");
        }
        // Check if realm registration is allowed
        if (!this.realmModel.isRegistrationAllowed()) {
            fireErrorEvent(Errors.FEDERATED_IDENTITY_DISABLED_REGISTRATION);
            throw new IdentityBrokerException("federatedIdentityDisabledRegistration");
        }
        if (isDebugEnabled()) {
            LOGGER.debugf("Creating account from identity [%s].", federatedIdentityModel);
        }
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/AbstractIdentityProviderTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/AbstractIdentityProviderTest.java
@ -257,32 +257,6 @@ public abstract class AbstractIdentityProviderTest {
        this.updateProfilePage.assertCurrent();
    }
    @Test
    public void testDisabledRegistration() {
        // Disable registration in realm
        getRealm().setRegistrationAllowed(false);
        brokerServerRule.stopSession(this.session, true);
        this.session = brokerServerRule.startSession();
        // Login with identity provider
        this.driver.navigate().to("http://localhost:8081/test-app/");
        assertTrue(this.driver.getCurrentUrl().startsWith("http://localhost:8081/auth/realms/realm-with-broker/protocol/openid-connect/login"));
        this.loginPage.clickSocial(getProviderId());
        assertTrue(this.driver.getCurrentUrl().startsWith("http://localhost:8082/auth/"));
        this.loginPage.login("test-user", "password");
        doAfterProviderAuthentication();
        WebElement element = this.driver.findElement(By.className("kc-feedback-text"));
        assertNotNull(element);
        assertEquals("Registration of new users is not allowed. Please ask admin to register you and login to account management to link the account.", element.getText());
        // Re-enable registration in realm
        getRealm().setRegistrationAllowed(true);
        brokerServerRule.stopSession(this.session, true);
        this.session = brokerServerRule.startSession();
    }
    @Test(expected = NoSuchElementException.class)
    public void testIdentityProviderNotAllowed() {
        this.driver.navigate().to("http://localhost:8081/test-app/");