libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

Remove setContext() + minor cleanup

Browse source 
Signed-off-by: Dmitry Telegin <demetrio@carretti.pro>
This commit is contained in:
Dmitry Telegin 2024-02-26 18:48:08 -06:00 committed by Pedro Igor
parent 6a57614554
commit c18c4bbeb8
11 changed files with 30 additions and 38 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
server-spi-private/src/main/java/org/keycloak/protocol/oidc/grants/OAuth2GrantType.java
View file

@ -50,28 +50,13 @@ public interface OAuth2GrantType extends Provider {
*/ */
EventType getEventType(); EventType getEventType();
/**
* Checks if the grant implementation supports the request.
* The check will be performed after the initial matching against the "grant_type" parameter.
* @param context grant request context
* @return request supported
*/
default boolean supports(Context context) {
return true;
}
/**
* Sets grant request context.
* @param context grant request context
*/
void setContext(Context context);
/** /**
* Processes grant request. * Processes grant request.
* @param context grant request context
* *
* @return token response * @return token response
*/ */
Response process(); Response process(Context context);
public static class Context { public static class Context {
protected KeycloakSession session; protected KeycloakSession session;
@ -124,10 +109,6 @@ public interface OAuth2GrantType extends Provider {
this.dPoP = context.dPoP; this.dPoP = context.dPoP;
} }
public KeycloakSession getSession() {
return session;
}
public void setFormParams(MultivaluedHashMap<String, String> formParams) { public void setFormParams(MultivaluedHashMap<String, String> formParams) {
this.formParams = formParams; this.formParams = formParams;
} }

7
services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java
View file

@ -92,7 +92,6 @@ public class TokenEndpoint {
private String grantType; private String grantType;
private OAuth2GrantType grant; private OAuth2GrantType grant;
private OAuth2GrantType.Context context;
private Cors cors; private Cors cors;
@ -136,10 +135,8 @@ public class TokenEndpoint {
checkParameterDuplicated(); checkParameterDuplicated();
} }
context = new OAuth2GrantType.Context(session, clientConfig, clientAuthAttributes, formParams, event, cors, tokenManager, dPoP); OAuth2GrantType.Context context = new OAuth2GrantType.Context(session, clientConfig, clientAuthAttributes, formParams, event, cors, tokenManager, dPoP);
return grant.process(context);
grant.setContext(context);
return grant.process();
} }
@Path("introspect") @Path("introspect")

4
services/src/main/java/org/keycloak/protocol/oidc/grants/AuthorizationCodeGrantType.java
View file

@ -59,7 +59,9 @@ public class AuthorizationCodeGrantType extends OAuth2GrantTypeBase {
private static final Logger logger = Logger.getLogger(AuthorizationCodeGrantType.class); private static final Logger logger = Logger.getLogger(AuthorizationCodeGrantType.class);
@Override @Override
public Response process() { public Response process(Context context) {
setContext(context);
checkAndRetrieveDPoPProof(Profile.isFeatureEnabled(Profile.Feature.DPOP)); checkAndRetrieveDPoPProof(Profile.isFeatureEnabled(Profile.Feature.DPOP));
String code = formParams.getFirst(OAuth2Constants.CODE); String code = formParams.getFirst(OAuth2Constants.CODE);

4
services/src/main/java/org/keycloak/protocol/oidc/grants/ClientCredentialsGrantType.java
View file

@ -60,7 +60,9 @@ public class ClientCredentialsGrantType extends OAuth2GrantTypeBase {
private static final Logger logger = Logger.getLogger(ClientCredentialsGrantType.class); private static final Logger logger = Logger.getLogger(ClientCredentialsGrantType.class);
@Override @Override
public Response process() { public Response process(Context context) {
setContext(context);
if (client.isBearerOnly()) { if (client.isBearerOnly()) {
event.error(Errors.INVALID_CLIENT); event.error(Errors.INVALID_CLIENT);
throw new CorsErrorResponseException(cors, OAuthErrorException.UNAUTHORIZED_CLIENT, "Bearer-only client not allowed to retrieve service account", Response.Status.UNAUTHORIZED); throw new CorsErrorResponseException(cors, OAuthErrorException.UNAUTHORIZED_CLIENT, "Bearer-only client not allowed to retrieve service account", Response.Status.UNAUTHORIZED);

3
services/src/main/java/org/keycloak/protocol/oidc/grants/OAuth2GrantTypeBase.java
View file

@ -88,8 +88,7 @@ public abstract class OAuth2GrantTypeBase implements OAuth2GrantType {
protected HttpResponse response; protected HttpResponse response;
protected HttpHeaders headers; protected HttpHeaders headers;
@Override protected void setContext(Context context) {
public void setContext(Context context) {
this.context = context; this.context = context;
this.session = context.session; this.session = context.session;
this.realm = context.realm; this.realm = context.realm;

7
services/src/main/java/org/keycloak/protocol/oidc/grants/PermissionGrantType.java
View file

@ -49,7 +49,9 @@ import org.keycloak.services.managers.AppAuthManager;
public class PermissionGrantType extends OAuth2GrantTypeBase { public class PermissionGrantType extends OAuth2GrantTypeBase {
@Override @Override
public Response process() { public Response process(Context context) {
setContext(context);
event.detail(Details.AUTH_METHOD, "oauth_credentials"); event.detail(Details.AUTH_METHOD, "oauth_credentials");
String accessTokenString = null; String accessTokenString = null;
@ -117,8 +119,7 @@ public class PermissionGrantType extends OAuth2GrantTypeBase {
context.setClient(client); context.setClient(client);
context.setClientConfig(clientConfig); context.setClientConfig(clientConfig);
context.setClientAuthAttributes(clientAuthAttributes); context.setClientAuthAttributes(clientAuthAttributes);
clientCredentialsGrant.setContext(context); accessTokenString = AccessTokenResponse.class.cast(clientCredentialsGrant.process(context).getEntity()).getToken();
accessTokenString = AccessTokenResponse.class.cast(clientCredentialsGrant.process().getEntity()).getToken();
} }
} }

4
services/src/main/java/org/keycloak/protocol/oidc/grants/RefreshTokenGrantType.java
View file

@ -49,7 +49,9 @@ public class RefreshTokenGrantType extends OAuth2GrantTypeBase {
private static final Logger logger = Logger.getLogger(RefreshTokenGrantType.class); private static final Logger logger = Logger.getLogger(RefreshTokenGrantType.class);
@Override @Override
public Response process() { public Response process(Context context) {
setContext(context);
checkAndRetrieveDPoPProof(Profile.isFeatureEnabled(Profile.Feature.DPOP)); checkAndRetrieveDPoPProof(Profile.isFeatureEnabled(Profile.Feature.DPOP));
String refreshToken = formParams.getFirst(OAuth2Constants.REFRESH_TOKEN); String refreshToken = formParams.getFirst(OAuth2Constants.REFRESH_TOKEN);

4
services/src/main/java/org/keycloak/protocol/oidc/grants/ResourceOwnerPasswordCredentialsGrantType.java
View file

@ -60,7 +60,9 @@ public class ResourceOwnerPasswordCredentialsGrantType extends OAuth2GrantTypeBa
private static final Logger logger = Logger.getLogger(ResourceOwnerPasswordCredentialsGrantType.class); private static final Logger logger = Logger.getLogger(ResourceOwnerPasswordCredentialsGrantType.class);
@Override @Override
public Response process() { public Response process(Context context) {
setContext(context);
event.detail(Details.AUTH_METHOD, "oauth_credentials"); event.detail(Details.AUTH_METHOD, "oauth_credentials");
if (!client.isDirectAccessGrantsEnabled()) { if (!client.isDirectAccessGrantsEnabled()) {

4
services/src/main/java/org/keycloak/protocol/oidc/grants/TokenExchangeGrantType.java
View file

@ -34,7 +34,9 @@ import org.keycloak.protocol.oidc.TokenExchangeProvider;
public class TokenExchangeGrantType extends OAuth2GrantTypeBase { public class TokenExchangeGrantType extends OAuth2GrantTypeBase {
@Override @Override
public Response process() { public Response process(Context context) {
setContext(context);
event.detail(Details.AUTH_METHOD, "token_exchange"); event.detail(Details.AUTH_METHOD, "token_exchange");
event.client(client); event.client(client);

4
services/src/main/java/org/keycloak/protocol/oidc/grants/ciba/CibaGrantType.java
View file

@ -109,7 +109,9 @@ public class CibaGrantType extends OAuth2GrantTypeBase {
} }
@Override @Override
public Response process() { public Response process(Context context) {
setContext(context);
if (!realm.getCibaPolicy().isOIDCCIBAGrantEnabled(client)) { if (!realm.getCibaPolicy().isOIDCCIBAGrantEnabled(client)) {
event.error(Errors.NOT_ALLOWED); event.error(Errors.NOT_ALLOWED);
throw new CorsErrorResponseException(cors, OAuthErrorException.INVALID_GRANT, throw new CorsErrorResponseException(cors, OAuthErrorException.INVALID_GRANT,

4
services/src/main/java/org/keycloak/protocol/oidc/grants/device/DeviceGrantType.java
View file

@ -206,7 +206,9 @@ public class DeviceGrantType extends OAuth2GrantTypeBase {
} }
@Override @Override
public Response process() { public Response process(Context context) {
setContext(context);
if (!realm.getOAuth2DeviceConfig().isOAuth2DeviceAuthorizationGrantEnabled(client)) { if (!realm.getOAuth2DeviceConfig().isOAuth2DeviceAuthorizationGrantEnabled(client)) {
event.error(Errors.NOT_ALLOWED); event.error(Errors.NOT_ALLOWED);
throw new CorsErrorResponseException(cors, OAuthErrorException.INVALID_GRANT, throw new CorsErrorResponseException(cors, OAuthErrorException.INVALID_GRANT,