Merge pull request #4035 from sebastienblanc/KEYCLOAK-4486

KEYCLOAK-4486: add autodetect-bearer-only attribute in subsystem
2017-04-19 09:47:42 +02:00 · 2017-04-19 09:47:42 +02:00 · c9630157e8
commit c9630157e8
parent 51eef9b8b3 886528dab8
6 changed files with 22 additions and 3 deletions
--- a/adapters/oidc/wildfly/wf8-subsystem/src/main/java/org/keycloak/subsystem/wf8/extension/SharedAttributeDefinitons.java
+++ b/adapters/oidc/wildfly/wf8-subsystem/src/main/java/org/keycloak/subsystem/wf8/extension/SharedAttributeDefinitons.java
@ -167,7 +167,12 @@ public class SharedAttributeDefinitons {
                    .setValidator(new StringLengthValidator(1, Integer.MAX_VALUE, true, true))
                    .build();

-
+    protected static final SimpleAttributeDefinition AUTODETECT_BEARER_ONLY =
+            new SimpleAttributeDefinitionBuilder("autodetect-bearer-only", ModelType.BOOLEAN, true)
+            .setXmlName("autodetect-bearer-only")
+            .setAllowExpression(true)
+            .setDefaultValue(new ModelNode(false))
+            .build(); 

    protected static final List<SimpleAttributeDefinition> ATTRIBUTES = new ArrayList<SimpleAttributeDefinition>();
    static {
@ -193,6 +198,7 @@ public class SharedAttributeDefinitons {
        ATTRIBUTES.add(REGISTER_NODE_PERIOD);
        ATTRIBUTES.add(TOKEN_STORE);
        ATTRIBUTES.add(PRINCIPAL_ATTRIBUTE);
+        ATTRIBUTES.add(AUTODETECT_BEARER_ONLY);
    }

    /**
--- a/adapters/oidc/wildfly/wf8-subsystem/src/main/resources/org/keycloak/subsystem/wf8/extension/LocalDescriptions.properties
+++ b/adapters/oidc/wildfly/wf8-subsystem/src/main/resources/org/keycloak/subsystem/wf8/extension/LocalDescriptions.properties
@ -46,7 +46,7 @@ keycloak.realm.register-node-at-startup=Cluster setting
 keycloak.realm.register-node-period=how often to re-register node
 keycloak.realm.token-store=cookie or session storage for auth session data
 keycloak.realm.principal-attribute=token attribute to use to set Principal name
-
+keycloak.realm.autodetect-bearer-only=autodetect bearer-only requests

 keycloak.secure-deployment=A deployment secured by Keycloak
 keycloak.secure-deployment.add=Add a deployment to be secured by Keycloak
@ -83,6 +83,7 @@ keycloak.secure-deployment.principal-attribute=token attribute to use to set Pri
 keycloak.secure-deployment.turn-off-change-session-id-on-login=The session id is changed by default on a successful login.  Change this to true if you want to turn this off
 keycloak.secure-deployment.token-minimum-time-to-live=The adapter will refresh the token if the current token is expired OR will expire in 'token-minimum-time-to-live' seconds or less
 keycloak.secure-deployment.min-time-between-jwks-requests=If adapter recognize token signed by unknown public key, it will try to download new public key from keycloak server. However it won't try to download if already tried it in less than 'min-time-between-jwks-requests' seconds
+keycloak.secure-deployment.autodetect-bearer-only=autodetect bearer-only requests

 keycloak.secure-deployment.credential=Credential value

--- a/adapters/oidc/wildfly/wf8-subsystem/src/main/resources/schema/wildfly-keycloak_1_1.xsd
+++ b/adapters/oidc/wildfly/wf8-subsystem/src/main/resources/schema/wildfly-keycloak_1_1.xsd
@ -65,6 +65,7 @@
            <xs:element name="register-node-period" type="xs:integer" minOccurs="0" maxOccurs="1"/>
            <xs:element name="token-store" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="principal-attribute" type="xs:string" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="autodetect-bearer-only" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
        </xs:all>
        <xs:attribute name="name" type="xs:string" use="required">
            <xs:annotation>
@ -107,6 +108,7 @@
            <xs:element name="turn-off-change-session-id-on-login" type="xs:boolean" minOccurs="0" maxOccurs="1" />
            <xs:element name="token-minimum-time-to-live" type="xs:integer" minOccurs="0" maxOccurs="1"/>
            <xs:element name="min-time-between-jwks-requests" type="xs:integer" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="autodetect-bearer-only" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
        </xs:all>
        <xs:attribute name="name" type="xs:string" use="required">
            <xs:annotation>
--- a/adapters/oidc/wildfly/wildfly-subsystem/src/main/java/org/keycloak/subsystem/adapter/extension/SharedAttributeDefinitons.java
+++ b/adapters/oidc/wildfly/wildfly-subsystem/src/main/java/org/keycloak/subsystem/adapter/extension/SharedAttributeDefinitons.java
@ -166,6 +166,12 @@ public class SharedAttributeDefinitons {
                    .setAllowExpression(true)
                    .setValidator(new StringLengthValidator(1, Integer.MAX_VALUE, true, true))
                    .build();
+    protected static final SimpleAttributeDefinition AUTODETECT_BEARER_ONLY =
+            new SimpleAttributeDefinitionBuilder("autodetect-bearer-only", ModelType.BOOLEAN, true)
+            .setXmlName("autodetect-bearer-only")
+            .setAllowExpression(true)
+            .setDefaultValue(new ModelNode(false))
+            .build();



@ -193,6 +199,7 @@ public class SharedAttributeDefinitons {
        ATTRIBUTES.add(REGISTER_NODE_PERIOD);
        ATTRIBUTES.add(TOKEN_STORE);
        ATTRIBUTES.add(PRINCIPAL_ATTRIBUTE);
+        ATTRIBUTES.add(AUTODETECT_BEARER_ONLY);
    }

    private static boolean isSet(ModelNode attributes, SimpleAttributeDefinition def) {
--- a/adapters/oidc/wildfly/wildfly-subsystem/src/main/resources/org/keycloak/subsystem/adapter/extension/LocalDescriptions.properties
+++ b/adapters/oidc/wildfly/wildfly-subsystem/src/main/resources/org/keycloak/subsystem/adapter/extension/LocalDescriptions.properties
@ -46,7 +46,7 @@ keycloak.realm.register-node-at-startup=Cluster setting
 keycloak.realm.register-node-period=how often to re-register node
 keycloak.realm.token-store=cookie or session storage for auth session data
 keycloak.realm.principal-attribute=token attribute to use to set Principal name
-
+keycloak.realm.autodetect-bearer-only=autodetect bearer-only requests

 keycloak.secure-deployment=A deployment secured by Keycloak
 keycloak.secure-deployment.add=Add a deployment to be secured by Keycloak
@ -67,6 +67,7 @@ keycloak.secure-deployment.bearer-only=Bearer Token Auth only
 keycloak.secure-deployment.enable-basic-auth=Enable Basic Authentication
 keycloak.secure-deployment.public-client=Public client
 keycloak.secure-deployment.enable-cors=Enable Keycloak CORS support
+keycloak.secure-deployment.autodetect-bearer-only=autodetect bearer-only requests
 keycloak.secure-deployment.client-keystore=n/a
 keycloak.secure-deployment.client-keystore-password=n/a
 keycloak.secure-deployment.client-key-password=n/a
--- a/adapters/oidc/wildfly/wildfly-subsystem/src/main/resources/schema/wildfly-keycloak_1_1.xsd
+++ b/adapters/oidc/wildfly/wildfly-subsystem/src/main/resources/schema/wildfly-keycloak_1_1.xsd
@ -65,6 +65,7 @@
            <xs:element name="register-node-period" type="xs:integer" minOccurs="0" maxOccurs="1"/>
            <xs:element name="token-store" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="principal-attribute" type="xs:string" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="autodetect-bearer-only" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
        </xs:all>
        <xs:attribute name="name" type="xs:string" use="required">
            <xs:annotation>
@ -107,6 +108,7 @@
            <xs:element name="turn-off-change-session-id-on-login" type="xs:boolean" minOccurs="0" maxOccurs="1" />
            <xs:element name="token-minimum-time-to-live" type="xs:integer" minOccurs="0" maxOccurs="1"/>
            <xs:element name="min-time-between-jwks-requests" type="xs:integer" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="autodetect-bearer-only" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
        </xs:all>
        <xs:attribute name="name" type="xs:string" use="required">
            <xs:annotation>