libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

[KEYCLOAK-8406] - Remove Drools/Rules Policy

Browse source
This commit is contained in:
Pedro Igor 2019-11-21 13:20:32 -03:00 committed by Stian Thorgersen
parent 79074aa380
commit cee884e4a7
63 changed files with 14 additions and 3210 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

63
authz/policy/drools/pom.xml
View file

@ -1,63 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-authz-provider-parent</artifactId>
<version>9.0.0-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<artifactId>keycloak-authz-policy-drools</artifactId>
<packaging>jar</packaging>
<name>KeyCloak AuthZ: Drools Policy Provider</name>
<description>KeyCloak AuthZ: Drools Policy Provider</description>
<dependencyManagement>
<dependencies>
<!-- Authorization Drools Policy Provider -->
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>drools-bom</artifactId>
<type>pom</type>
<version>${project.version}</version>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-server-spi</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-server-spi-private</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-services</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.drools</groupId>
<artifactId>drools-core</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.jboss.spec.javax.ws.rs</groupId>
<artifactId>jboss-jaxrs-api_2.1_spec</artifactId>
<scope>provided</scope>
</dependency>
</dependencies>
</project>

71
authz/policy/drools/src/main/java/org/keycloak/authorization/policy/provider/drools/DroolsPolicy.java
View file

@ -1,71 +0,0 @@
package org.keycloak.authorization.policy.provider.drools;
import org.keycloak.authorization.model.Policy;
import org.keycloak.authorization.policy.evaluation.Evaluation;
import org.kie.api.KieServices;
import org.kie.api.builder.KieScanner;
import org.kie.api.runtime.KieContainer;
import org.kie.api.runtime.KieSession;
import java.util.concurrent.TimeUnit;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
class DroolsPolicy {
private static final int SESSION_POOL_SIZE = 10;
private final KieContainer kc;
private final KieScanner kcs;
private final String sessionName;
DroolsPolicy(KieServices ks, Policy associatedPolicy) {
String groupId = associatedPolicy.getConfig().get("mavenArtifactGroupId");
String artifactId = associatedPolicy.getConfig().get("mavenArtifactId");
String version = associatedPolicy.getConfig().get("mavenArtifactVersion");
String scannerPeriod = associatedPolicy.getConfig().get("scannerPeriod");
String scannerPeriodUnit = associatedPolicy.getConfig().get("scannerPeriodUnit");
this.sessionName = associatedPolicy.getConfig().get("sessionName");
this.kc = ks.newKieContainer(ks.newReleaseId(groupId, artifactId, version));
this.kcs = ks.newKieScanner(this.kc);
this.kcs.start(toMillis(scannerPeriod, scannerPeriodUnit));
KieSession session = this.kc.newKieSession(this.sessionName);
if (session == null) {
throw new RuntimeException("Could not obtain session with name [" + this.sessionName + "].");
}
session.dispose();
}
void evaluate(Evaluation evaluation) {
KieSession session = this.kc.newKieSession(this.sessionName);
session.insert(evaluation);
session.fireAllRules();
session.dispose();
}
void dispose() {
this.kcs.stop();
}
private long toMillis(final String scannerPeriod, final String scannerPeriodUnit) {
switch (scannerPeriodUnit) {
case "Seconds":
return TimeUnit.SECONDS.toMillis(Integer.valueOf(scannerPeriod));
case "Minutes":
return TimeUnit.MINUTES.toMillis(Integer.valueOf(scannerPeriod));
case "Hours":
return TimeUnit.HOURS.toMillis(Integer.valueOf(scannerPeriod));
case "Days":
return TimeUnit.DAYS.toMillis(Integer.valueOf(scannerPeriod));
}
throw new RuntimeException("Invalid time period [" + scannerPeriodUnit + "].");
}
}

70
authz/policy/drools/src/main/java/org/keycloak/authorization/policy/provider/drools/DroolsPolicyAdminResource.java
View file

@ -1,70 +0,0 @@
/*
* Copyright 2016 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.authorization.policy.provider.drools;
import org.keycloak.authorization.policy.provider.PolicyProviderAdminService;
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
import org.keycloak.services.ErrorResponse;
import org.kie.api.runtime.KieContainer;
import javax.ws.rs.Consumes;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
public class DroolsPolicyAdminResource implements PolicyProviderAdminService {
private final DroolsPolicyProviderFactory factory;
public DroolsPolicyAdminResource(DroolsPolicyProviderFactory factory) {
this.factory = factory;
}
@Path("/resolveModules")
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces("application/json")
public Response resolveModules(RulePolicyRepresentation policy) {
return Response.ok(getContainer(policy).getKieBaseNames()).build();
}
@Path("/resolveSessions")
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
public Response resolveSessions(RulePolicyRepresentation policy) {
return Response.ok(getContainer(policy).getKieSessionNamesInKieBase(policy.getModuleName())).build();
}
private KieContainer getContainer(RulePolicyRepresentation policy) {
final String groupId = policy.getArtifactGroupId();
final String artifactId = policy.getArtifactId();
final String version = policy.getArtifactVersion();
try {
return this.factory.getKieContainer(groupId, artifactId, version);
} catch (RuntimeException re) {
throw new WebApplicationException(ErrorResponse.error(
"Unable to locate artifact " + groupId + ":" + artifactId + ":" + version, Response.Status.BAD_REQUEST));
}
}
}

46
authz/policy/drools/src/main/java/org/keycloak/authorization/policy/provider/drools/DroolsPolicyProvider.java
View file

@ -1,46 +0,0 @@
/*
* JBoss, Home of Professional Open Source
*
* Copyright 2015 Red Hat, Inc. and/or its affiliates.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.authorization.policy.provider.drools;
import java.util.function.Function;
import org.keycloak.authorization.model.Policy;
import org.keycloak.authorization.policy.evaluation.Evaluation;
import org.keycloak.authorization.policy.provider.PolicyProvider;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
public class DroolsPolicyProvider implements PolicyProvider {
private final Function<Policy, DroolsPolicy> policy;
public DroolsPolicyProvider(Function<Policy, DroolsPolicy> policyProvider) {
this.policy = policyProvider;
}
@Override
public void evaluate(Evaluation evaluation) {
policy.apply(evaluation.getPolicy()).evaluate(evaluation);
}
@Override
public void close() {
}
}

157
authz/policy/drools/src/main/java/org/keycloak/authorization/policy/provider/drools/DroolsPolicyProviderFactory.java
View file

@ -1,157 +0,0 @@
package org.keycloak.authorization.policy.provider.drools;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import org.keycloak.Config;
import org.keycloak.authorization.AuthorizationProvider;
import org.keycloak.authorization.model.Policy;
import org.keycloak.authorization.model.ResourceServer;
import org.keycloak.authorization.policy.provider.PolicyProvider;
import org.keycloak.authorization.policy.provider.PolicyProviderAdminService;
import org.keycloak.authorization.policy.provider.PolicyProviderFactory;
import org.keycloak.common.Profile;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.provider.EnvironmentDependentProviderFactory;
import org.keycloak.representations.idm.authorization.PolicyRepresentation;
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
import org.kie.api.KieServices;
import org.kie.api.runtime.KieContainer;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
public class DroolsPolicyProviderFactory implements PolicyProviderFactory<RulePolicyRepresentation>, EnvironmentDependentProviderFactory {
private KieServices ks;
private final Map<String, DroolsPolicy> containers = Collections.synchronizedMap(new HashMap<>());
private DroolsPolicyProvider provider = new DroolsPolicyProvider(policy -> {
if (!containers.containsKey(policy.getId())) {
synchronized (containers) {
update(policy);
}
}
return containers.get(policy.getId());
});
@Override
public String getName() {
return "Rules";
}
@Override
public String getGroup() {
return "Rule Based";
}
@Override
public PolicyProvider create(AuthorizationProvider authorization) {
return provider;
}
@Override
public RulePolicyRepresentation toRepresentation(Policy policy, AuthorizationProvider authorization) {
RulePolicyRepresentation representation = new RulePolicyRepresentation();
representation.setArtifactGroupId(policy.getConfig().get("mavenArtifactGroupId"));
representation.setArtifactId(policy.getConfig().get("mavenArtifactId"));
representation.setArtifactVersion(policy.getConfig().get("mavenArtifactVersion"));
representation.setScannerPeriod(policy.getConfig().get("scannerPeriod"));
representation.setScannerPeriodUnit(policy.getConfig().get("scannerPeriodUnit"));
representation.setSessionName(policy.getConfig().get("sessionName"));
representation.setModuleName(policy.getConfig().get("moduleName"));
return representation;
}
@Override
public PolicyProviderAdminService getAdminResource(ResourceServer resourceServer, AuthorizationProvider authorization) {
return new DroolsPolicyAdminResource(this);
}
@Override
public PolicyProvider create(KeycloakSession session) {
return null;
}
@Override
public void onCreate(Policy policy, RulePolicyRepresentation representation, AuthorizationProvider authorization) {
updateConfig(policy, representation);
update(policy);
}
@Override
public void onUpdate(Policy policy, RulePolicyRepresentation representation, AuthorizationProvider authorization) {
updateConfig(policy, representation);
update(policy);
}
@Override
public void onImport(Policy policy, PolicyRepresentation representation, AuthorizationProvider authorization) {
update(policy);
}
@Override
public void onRemove(Policy policy, AuthorizationProvider authorization) {
remove(policy);
}
@Override
public Class<RulePolicyRepresentation> getRepresentationType() {
return RulePolicyRepresentation.class;
}
@Override
public void init(Config.Scope config) {
this.ks = KieServices.get();
}
@Override
public void postInit(KeycloakSessionFactory factory) {
}
@Override
public void close() {
this.containers.values().forEach(DroolsPolicy::dispose);
this.containers.clear();
}
@Override
public String getId() {
return "rules";
}
private void updateConfig(Policy policy, RulePolicyRepresentation representation) {
policy.putConfig("mavenArtifactGroupId", representation.getArtifactGroupId());
policy.putConfig("mavenArtifactId", representation.getArtifactId());
policy.putConfig("mavenArtifactVersion", representation.getArtifactVersion());
policy.putConfig("scannerPeriod", representation.getScannerPeriod());
policy.putConfig("scannerPeriodUnit", representation.getScannerPeriodUnit());
policy.putConfig("sessionName", representation.getSessionName());
policy.putConfig("moduleName", representation.getModuleName());
}
void update(Policy policy) {
remove(policy);
this.containers.put(policy.getId(), new DroolsPolicy(this.ks, policy));
}
void remove(Policy policy) {
DroolsPolicy holder = this.containers.remove(policy.getId());
if (holder != null) {
holder.dispose();
}
}
KieContainer getKieContainer(String groupId, String artifactId, String version) {
return this.ks.newKieContainer(this.ks.newReleaseId(groupId, artifactId, version));
}
@Override
public boolean isSupported() {
return Profile.isFeatureEnabled(Profile.Feature.AUTHZ_DROOLS_POLICY);
}
}

19
authz/policy/drools/src/main/resources/META-INF/services/org.keycloak.authorization.policy.provider.PolicyProviderFactory
View file

@ -1,19 +0,0 @@
#
# JBoss, Home of Professional Open Source.
# Copyright 2016 Red Hat, Inc., and individual contributors
# as indicated by the @author tags.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
org.keycloak.authorization.policy.provider.drools.DroolsPolicyProviderFactory

1
authz/policy/pom.xml
View file

@ -19,7 +19,6 @@
<modules>
<module>common</module>
<module>drools</module>
</modules>
</project>

1
common/src/main/java/org/keycloak/common/Profile.java
View file

@ -52,7 +52,6 @@ public class Profile {
OPENSHIFT_INTEGRATION(Type.PREVIEW),
SCRIPTS(Type.PREVIEW),
TOKEN_EXCHANGE(Type.PREVIEW),
AUTHZ_DROOLS_POLICY(Type.PREVIEW),
UPLOAD_SCRIPTS(DEPRECATED);
private Type type;

4
common/src/test/java/org/keycloak/common/ProfileTest.java
View file

@ -21,8 +21,8 @@ public class ProfileTest {
@Test
public void checkDefaults() {
Assert.assertEquals("community", Profile.getName());
assertEquals(Profile.getDisabledFeatures(), Profile.Feature.ACCOUNT2, Profile.Feature.ACCOUNT_API, Profile.Feature.ADMIN_FINE_GRAINED_AUTHZ, Profile.Feature.DOCKER, Profile.Feature.SCRIPTS, Profile.Feature.TOKEN_EXCHANGE, Profile.Feature.AUTHZ_DROOLS_POLICY, Profile.Feature.OPENSHIFT_INTEGRATION, Profile.Feature.UPLOAD_SCRIPTS);
assertEquals(Profile.getPreviewFeatures(), Profile.Feature.ACCOUNT_API, Profile.Feature.ADMIN_FINE_GRAINED_AUTHZ, Profile.Feature.SCRIPTS, Profile.Feature.TOKEN_EXCHANGE, Profile.Feature.AUTHZ_DROOLS_POLICY, Profile.Feature.OPENSHIFT_INTEGRATION);
assertEquals(Profile.getDisabledFeatures(), Profile.Feature.ACCOUNT2, Profile.Feature.ACCOUNT_API, Profile.Feature.ADMIN_FINE_GRAINED_AUTHZ, Profile.Feature.DOCKER, Profile.Feature.SCRIPTS, Profile.Feature.TOKEN_EXCHANGE, Profile.Feature.OPENSHIFT_INTEGRATION, Profile.Feature.UPLOAD_SCRIPTS);
assertEquals(Profile.getPreviewFeatures(), Profile.Feature.ACCOUNT_API, Profile.Feature.ADMIN_FINE_GRAINED_AUTHZ, Profile.Feature.SCRIPTS, Profile.Feature.TOKEN_EXCHANGE, Profile.Feature.OPENSHIFT_INTEGRATION);
assertEquals(Profile.getExperimentalFeatures(), Profile.Feature.ACCOUNT2);
assertEquals(Profile.getDeprecatedFeatures(), Profile.Feature.UPLOAD_SCRIPTS);
}

92
core/src/main/java/org/keycloak/representations/idm/authorization/RulePolicyRepresentation.java
View file

@ -1,92 +0,0 @@
/*
* Copyright 2016 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.representations.idm.authorization;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
public class RulePolicyRepresentation extends AbstractPolicyRepresentation {
private String artifactGroupId;
private String artifactId;
private String artifactVersion;
private String moduleName;
private String sessionName;
private String scannerPeriod;
private String scannerPeriodUnit;
@Override
public String getType() {
return "rules";
}
public String getArtifactGroupId() {
return artifactGroupId;
}
public void setArtifactGroupId(String artifactGroupId) {
this.artifactGroupId = artifactGroupId;
}
public String getArtifactId() {
return artifactId;
}
public void setArtifactId(String artifactId) {
this.artifactId = artifactId;
}
public String getArtifactVersion() {
return artifactVersion;
}
public void setArtifactVersion(String artifactVersion) {
this.artifactVersion = artifactVersion;
}
public String getModuleName() {
return moduleName;
}
public void setModuleName(String moduleName) {
this.moduleName = moduleName;
}
public String getSessionName() {
return sessionName;
}
public void setSessionName(String sessionName) {
this.sessionName = sessionName;
}
public String getScannerPeriod() {
return scannerPeriod;
}
public void setScannerPeriod(String scannerPeriod) {
this.scannerPeriod = scannerPeriod;
}
public String getScannerPeriodUnit() {
return scannerPeriodUnit;
}
public void setScannerPeriodUnit(String scannerPeriodUnit) {
this.scannerPeriodUnit = scannerPeriodUnit;
}
}

262
dependencies/drools-bom/pom.xml vendored
View file

@ -1,262 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<parent>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-dependencies-parent</artifactId>
<version>9.0.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>drools-bom</artifactId>
<packaging>pom</packaging>
<name>Keycloak Drools BOM</name>
<description>
Import this BOM in your dependencyManagement if you want to depend on multiple Drools artifacts.
</description>
<properties>
<aopalliance.version>1.0</aopalliance.version>
<xstream.version>1.4.10</xstream.version>
<antlr-runtime.version>3.5.2</antlr-runtime.version>
<ant.version>1.8.4</ant.version>
<ant-launcher.version>1.8.4</ant-launcher.version>
<maven.version>3.3.9</maven.version>
<wagon.version>3.0.0</wagon.version>
<plexus-classworlds.version>2.5.2</plexus-classworlds.version>
<plexus-component-annotations.version>1.6</plexus-component-annotations.version>
<plexus-interpolation.version>1.21</plexus-interpolation.version>
<plexus-utils.version>3.0.22</plexus-utils.version>
<aether.version>1.1.0</aether.version>
<org.eclipse.sisu.inject>0.3.2</org.eclipse.sisu.inject>
<org.eclipse.sisu.plexus>0.3.2</org.eclipse.sisu.plexus>
<mvel2.version>2.4.0.Final</mvel2.version>
<plexus-cipher.version>1.7</plexus-cipher.version>
<plexus-sec-dispatcher.version>1.3</plexus-sec-dispatcher.version>
<sisu-guice.version>4.0</sisu-guice.version>
<ecj.version>4.4.2</ecj.version>
</properties>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.drools</groupId>
<artifactId>drools-bom</artifactId>
<type>pom</type>
<version>${version.org.drools}</version>
<scope>import</scope>
</dependency>
<dependency>
<groupId>org.kie.soup</groupId>
<artifactId>kie-soup-bom</artifactId>
<type>pom</type>
<version>${version.org.drools}</version>
<scope>import</scope>
</dependency>
<dependency>
<groupId>aopalliance</groupId>
<artifactId>aopalliance</artifactId>
<version>${aopalliance.version}</version>
</dependency>
<dependency>
<groupId>com.thoughtworks.xstream</groupId>
<artifactId>xstream</artifactId>
<version>${xstream.version}</version>
</dependency>
<dependency>
<groupId>org.antlr</groupId>
<artifactId>antlr-runtime</artifactId>
<version>${antlr-runtime.version}</version>
</dependency>
<dependency>
<groupId>org.apache.ant</groupId>
<artifactId>ant</artifactId>
<version>${ant.version}</version>
</dependency>
<dependency>
<groupId>org.apache.ant</groupId>
<artifactId>ant-launcher</artifactId>
<version>${ant-launcher.version}</version>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-aether-provider</artifactId>
<version>${maven.version}</version>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-artifact</artifactId>
<version>${maven.version}</version>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-compat</artifactId>
<version>${maven.version}</version>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-core</artifactId>
<version>${maven.version}</version>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-model</artifactId>
<version>${maven.version}</version>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-model-builder</artifactId>
<version>${maven.version}</version>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-plugin-api</artifactId>
<version>${maven.version}</version>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-repository-metadata</artifactId>
<version>${maven.version}</version>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-settings</artifactId>
<version>${maven.version}</version>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-settings-builder</artifactId>
<version>${maven.version}</version>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-builder-support</artifactId>
<version>${maven.version}</version>
</dependency>
<dependency>
<groupId>org.apache.maven.wagon</groupId>
<artifactId>wagon-http</artifactId>
<version>${wagon.version}</version>
</dependency>
<dependency>
<groupId>org.apache.maven.wagon</groupId>
<artifactId>wagon-http-shared</artifactId>
<version>${wagon.version}</version>
</dependency>
<dependency>
<groupId>org.apache.maven.wagon</groupId>
<artifactId>wagon-provider-api</artifactId>
<version>${wagon.version}</version>
</dependency>
<dependency>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-classworlds</artifactId>
<version>${plexus-classworlds.version}</version>
</dependency>
<dependency>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-component-annotations</artifactId>
<version>${plexus-component-annotations.version}</version>
</dependency>
<dependency>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-interpolation</artifactId>
<version>${plexus-interpolation.version}</version>
</dependency>
<dependency>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-utils</artifactId>
<version>${plexus-utils.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.aether</groupId>
<artifactId>aether-api</artifactId>
<version>${aether.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.aether</groupId>
<artifactId>aether-connector-basic</artifactId>
<version>${aether.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.aether</groupId>
<artifactId>aether-impl</artifactId>
<version>${aether.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.aether</groupId>
<artifactId>aether-spi</artifactId>
<version>${aether.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.aether</groupId>
<artifactId>aether-transport-file</artifactId>
<version>${aether.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.aether</groupId>
<artifactId>aether-transport-http</artifactId>
<version>${aether.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.aether</groupId>
<artifactId>aether-transport-wagon</artifactId>
<version>${aether.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.aether</groupId>
<artifactId>aether-util</artifactId>
<version>${aether.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.sisu</groupId>
<artifactId>org.eclipse.sisu.inject</artifactId>
<version>${org.eclipse.sisu.inject}</version>
</dependency>
<dependency>
<groupId>org.eclipse.sisu</groupId>
<artifactId>org.eclipse.sisu.plexus</artifactId>
<version>${org.eclipse.sisu.plexus}</version>
</dependency>
<dependency>
<groupId>org.mvel</groupId>
<artifactId>mvel2</artifactId>
<version>${mvel2.version}</version>
</dependency>
<dependency>
<groupId>org.sonatype.plexus</groupId>
<artifactId>plexus-cipher</artifactId>
<version>${plexus-cipher.version}</version>
</dependency>
<dependency>
<groupId>org.sonatype.plexus</groupId>
<artifactId>plexus-sec-dispatcher</artifactId>
<version>${plexus-sec-dispatcher.version}</version>
</dependency>
<dependency>
<groupId>com.google.inject.extensions</groupId>
<artifactId>guice-servlet</artifactId>
<version>${sisu-guice.version}</version>
<exclusions>
<exclusion>
<groupId>com.google.inject</groupId>
<artifactId>guice</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.google.inject</groupId>
<artifactId>guice</artifactId>
<classifier>no_aop</classifier>
<version>${sisu-guice.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jdt.core.compiler</groupId>
<artifactId>ecj</artifactId>
<version>${ecj.version}</version>
</dependency>
</dependencies>
</dependencyManagement>
</project>

1
dependencies/pom.xml vendored
View file

@ -31,7 +31,6 @@
<description/>
<modules>
<module>drools-bom</module>
<module>server-min</module>
<module>server-all</module>
</modules>

358
dependencies/server-all/pom.xml vendored
View file

@ -30,19 +30,6 @@
<name>Keycloak Dependencies Server All</name>
<description />
<dependencyManagement>
<dependencies>
<!-- Authorization Drools Policy Provider -->
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>drools-bom</artifactId>
<type>pom</type>
<version>${project.version}</version>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
@ -100,351 +87,6 @@
<artifactId>keycloak-authz-policy-common</artifactId>
</dependency>
<!-- Built-in Authorization Drools Policy Provider-->
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-authz-policy-drools</artifactId>
</dependency>
<!-- Drools -->
<dependency>
<groupId>org.kie</groupId>
<artifactId>kie-api</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.kie</groupId>
<artifactId>kie-ci</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.kie</groupId>
<artifactId>kie-internal</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.kie.soup</groupId>
<artifactId>kie-soup-maven-support</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.kie.soup</groupId>
<artifactId>kie-soup-maven-integration</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.kie.soup</groupId>
<artifactId>kie-soup-commons</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.kie.soup</groupId>
<artifactId>kie-soup-project-datamodel-commons</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.drools</groupId>
<artifactId>drools-core</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.drools</groupId>
<artifactId>drools-compiler</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.eclipse.aether</groupId>
<artifactId>aether-api</artifactId>
</dependency>
<dependency>
<groupId>org.eclipse.aether</groupId>
<artifactId>aether-connector-basic</artifactId>
</dependency>
<dependency>
<groupId>org.eclipse.aether</groupId>
<artifactId>aether-spi</artifactId>
</dependency>
<dependency>
<groupId>org.eclipse.aether</groupId>
<artifactId>aether-impl</artifactId>
</dependency>
<dependency>
<groupId>org.eclipse.aether</groupId>
<artifactId>aether-transport-file</artifactId>
</dependency>
<dependency>
<groupId>org.eclipse.aether</groupId>
<artifactId>aether-transport-http</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.eclipse.aether</groupId>
<artifactId>aether-transport-wagon</artifactId>
</dependency>
<dependency>
<groupId>org.eclipse.aether</groupId>
<artifactId>aether-util</artifactId>
</dependency>
<dependency>
<groupId>org.apache.ant</groupId>
<artifactId>ant</artifactId>
</dependency>
<dependency>
<groupId>org.apache.ant</groupId>
<artifactId>ant-launcher</artifactId>
</dependency>
<dependency>
<groupId>org.antlr</groupId>
<artifactId>antlr-runtime</artifactId>
</dependency>
<dependency>
<groupId>aopalliance</groupId>
<artifactId>aopalliance</artifactId>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-aether-provider</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-artifact</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-compat</artifactId>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-core</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-model</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-model-builder</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-plugin-api</artifactId>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-repository-metadata</artifactId>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-settings</artifactId>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-settings-builder</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-builder-support</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.mvel</groupId>
<artifactId>mvel2</artifactId>
</dependency>
<dependency>
<groupId>org.eclipse.sisu</groupId>
<artifactId>org.eclipse.sisu.inject</artifactId>
<exclusions>
<exclusion>
<groupId>com.google.inject</groupId>
<artifactId>guice</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.eclipse.sisu</groupId>
<artifactId>org.eclipse.sisu.plexus</artifactId>
</dependency>
<dependency>
<groupId>com.google.inject.extensions</groupId>
<artifactId>guice-servlet</artifactId>
</dependency>
<dependency>
<groupId>org.sonatype.plexus</groupId>
<artifactId>plexus-cipher</artifactId>
</dependency>
<dependency>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-classworlds</artifactId>
</dependency>
<dependency>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-component-annotations</artifactId>
</dependency>
<dependency>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-interpolation</artifactId>
</dependency>
<dependency>
<groupId>org.sonatype.plexus</groupId>
<artifactId>plexus-sec-dispatcher</artifactId>
</dependency>
<dependency>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-utils</artifactId>
</dependency>
<dependency>
<groupId>org.apache.maven.wagon</groupId>
<artifactId>wagon-http</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.maven.wagon</groupId>
<artifactId>wagon-http-shared</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.maven.wagon</groupId>
<artifactId>wagon-provider-api</artifactId>
</dependency>
<dependency>
<groupId>com.thoughtworks.xstream</groupId>
<artifactId>xstream</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.eclipse.jdt.core.compiler</groupId>
<artifactId>ecj</artifactId>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpcore</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.google.inject</groupId>
<artifactId>guice</artifactId>
<classifier>no_aop</classifier>
</dependency>
<dependency>
<groupId>com.openshift</groupId>
<artifactId>openshift-restclient-java</artifactId>

493
distribution/feature-packs/server-feature-pack/pom.xml
View file

@ -29,29 +29,7 @@
<name>Keycloak Feature Pack: Server</name>
<packaging>pom</packaging>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>drools-bom</artifactId>
<type>pom</type>
<version>${project.version}</version>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>aopalliance</groupId>
<artifactId>aopalliance</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.github.ua-parser</groupId>
<artifactId>uap-java</artifactId>
@ -92,346 +70,6 @@
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.thoughtworks.xstream</groupId>
<artifactId>xstream</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.antlr</groupId>
<artifactId>antlr-runtime</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.ant</groupId>
<artifactId>ant</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.ant</groupId>
<artifactId>ant-launcher</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-aether-provider</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-artifact</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-compat</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-core</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-model</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-model-builder</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-plugin-api</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-repository-metadata</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-settings</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-settings-builder</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-builder-support</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.maven.wagon</groupId>
<artifactId>wagon-http</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.maven.wagon</groupId>
<artifactId>wagon-http-shared</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.maven.wagon</groupId>
<artifactId>wagon-provider-api</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-classworlds</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-component-annotations</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-interpolation</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-utils</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.drools</groupId>
<artifactId>drools-compiler</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.drools</groupId>
<artifactId>drools-core</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.eclipse.aether</groupId>
<artifactId>aether-api</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.eclipse.aether</groupId>
<artifactId>aether-connector-basic</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.eclipse.aether</groupId>
<artifactId>aether-impl</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.eclipse.aether</groupId>
<artifactId>aether-spi</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.eclipse.aether</groupId>
<artifactId>aether-transport-file</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.eclipse.aether</groupId>
<artifactId>aether-transport-http</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.eclipse.aether</groupId>
<artifactId>aether-transport-wagon</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.eclipse.aether</groupId>
<artifactId>aether-util</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.eclipse.sisu</groupId>
<artifactId>org.eclipse.sisu.inject</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.eclipse.sisu</groupId>
<artifactId>org.eclipse.sisu.plexus</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.freemarker</groupId>
<artifactId>freemarker</artifactId>
@ -452,16 +90,6 @@
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-authz-policy-drools</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-common</artifactId>
@ -643,76 +271,6 @@
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.kie</groupId>
<artifactId>kie-api</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.kie</groupId>
<artifactId>kie-ci</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.kie</groupId>
<artifactId>kie-internal</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.kie.soup</groupId>
<artifactId>kie-soup-maven-support</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.kie.soup</groupId>
<artifactId>kie-soup-maven-integration</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.kie.soup</groupId>
<artifactId>kie-soup-commons</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.kie.soup</groupId>
<artifactId>kie-soup-project-datamodel-commons</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.liquibase</groupId>
<artifactId>liquibase-core</artifactId>
@ -723,57 +281,6 @@
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.mvel</groupId>
<artifactId>mvel2</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.sonatype.plexus</groupId>
<artifactId>plexus-cipher</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.sonatype.plexus</groupId>
<artifactId>plexus-sec-dispatcher</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.google.inject.extensions</groupId>
<artifactId>guice-servlet</artifactId>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.google.inject</groupId>
<artifactId>guice</artifactId>
<classifier>no_aop</classifier>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.twitter4j</groupId>
<artifactId>twitter4j-core</artifactId>

35
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/aopalliance/main/module.xml
View file

@ -1,35 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<module xmlns="urn:jboss:module:1.3" name="aopalliance">
<properties>
<property name="jboss.api" value="private"/>
</properties>
<resources>
<artifact name="${aopalliance:aopalliance}"/>
</resources>
<dependencies>
<module name="javax.api"/>
<module name="javax.inject.api"/>
<module name="javax.enterprise.api"/>
<module name="org.slf4j"/>
<module name="org.apache.commons.logging"/>
<module name="org.keycloak.keycloak-core"/>
<module name="org.keycloak.keycloak-common"/>
<module name="org.keycloak.keycloak-server-spi"/>
</dependencies>
</module>

36
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/com/thoughtworks/xstream/main/module.xml
View file

@ -1,36 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<module xmlns="urn:jboss:module:1.3" name="com.thoughtworks.xstream">
<properties>
<property name="jboss.api" value="private"/>
</properties>
<resources>
<artifact name="${com.thoughtworks.xstream:xstream}"/>
</resources>
<dependencies>
<module name="javax.api"/>
<module name="javax.inject.api"/>
<module name="javax.enterprise.api"/>
<module name="org.slf4j"/>
<module name="org.apache.commons.logging"/>
<module name="org.keycloak.keycloak-core"/>
<module name="org.keycloak.keycloak-common"/>
<module name="org.keycloak.keycloak-server-spi"/>
</dependencies>
</module>

28
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/antlr/3.5/module.xml
View file

@ -1,28 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<module xmlns="urn:jboss:module:1.3" name="org.antlr" slot="3.5">
<properties>
<property name="jboss.api" value="private"/>
</properties>
<resources>
<artifact name="${org.antlr:antlr-runtime}"/>
</resources>
<dependencies>
<module name="javax.api"/>
</dependencies>
</module>

29
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/apache/ant/main/module.xml
View file

@ -1,29 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<module xmlns="urn:jboss:module:1.3" name="org.apache.ant" slot="main">
<properties>
<property name="jboss.api" value="private"/>
</properties>
<resources>
<artifact name="${org.apache.ant:ant}"/>
<artifact name="${org.apache.ant:ant-launcher}"/>
</resources>
<dependencies>
<module name="javax.api"/>
</dependencies>
</module>

47
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/apache/maven/main/module.xml
View file

@ -1,47 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<module xmlns="urn:jboss:module:1.3" name="org.apache.maven" slot="main">
<properties>
<property name="jboss.api" value="private"/>
</properties>
<resources>
<artifact name="${org.apache.maven:maven-aether-provider}"/>
<artifact name="${org.apache.maven:maven-artifact}"/>
<artifact name="${org.apache.maven:maven-compat}"/>
<artifact name="${org.apache.maven:maven-core}"/>
<artifact name="${org.apache.maven:maven-model}"/>
<artifact name="${org.apache.maven:maven-model-builder}"/>
<artifact name="${org.apache.maven:maven-plugin-api}"/>
<artifact name="${org.apache.maven:maven-repository-metadata}"/>
<artifact name="${org.apache.maven:maven-settings}"/>
<artifact name="${org.apache.maven:maven-settings-builder}"/>
<artifact name="${org.apache.maven:maven-builder-support}"/>
</resources>
<dependencies>
<module name="com.google.guava"/>
<module name="javax.api"/>
<module name="javax.inject.api"/>
<module name="org.apache.maven.wagon"/>
<module name="org.codehouse.plexus"/>
<module name="org.eclipse.aether" slot="kie"/>
<module name="org.eclipse.sisu"/>
<module name="org.sonatype.plexus"/>
<module name="org.sonatype.sisu"/>
<module name="org.apache.commons.lang3"/>
</dependencies>
</module>

37
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/apache/maven/wagon/main/module.xml
View file

@ -1,37 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ * Copyright 2016 Red Hat, Inc. and/or its affiliates
~ * and other contributors as indicated by the @author tags.
~ *
~ * Licensed under the Apache License, Version 2.0 (the "License");
~ * you may not use this file except in compliance with the License.
~ * You may obtain a copy of the License at
~ *
~ * http://www.apache.org/licenses/LICENSE-2.0
~ *
~ * Unless required by applicable law or agreed to in writing, software
~ * distributed under the License is distributed on an "AS IS" BASIS,
~ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ * See the License for the specific language governing permissions and
~ * limitations under the License.
-->
<module xmlns="urn:jboss:module:1.3" name="org.apache.maven.wagon" slot="main">
<properties>
<property name="jboss.api" value="private"/>
</properties>
<resources>
<artifact name="${org.apache.maven.wagon:wagon-http}"/>
<artifact name="${org.apache.maven.wagon:wagon-http-shared}"/>
<artifact name="${org.apache.maven.wagon:wagon-provider-api}"/>
</resources>
<dependencies>
<module name="javax.api" export="false" slot="main" services="import" optional="false"/>
<module name="org.apache.commons.io" export="false" slot="main" services="import" optional="false"/>
<module name="org.apache.commons.lang" export="false" slot="main" services="import" optional="false"/>
<module name="org.apache.commons.logging" export="false" slot="main" services="import" optional="false"/>
<module name="org.apache.httpcomponents" export="false" slot="main" services="import" optional="false"/>
<module name="org.codehouse.plexus" export="false" slot="main" services="import" optional="false"/>
<module name="sun.jdk" export="false" slot="main" services="import" optional="false"/>
</dependencies>
</module>

31
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/codehouse/plexus/main/module.xml
View file

@ -1,31 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<module xmlns="urn:jboss:module:1.3" name="org.codehouse.plexus" slot="main">
<properties>
<property name="jboss.api" value="private"/>
</properties>
<resources>
<artifact name="${org.codehaus.plexus:plexus-classworlds}"/>
<artifact name="${org.codehaus.plexus:plexus-component-annotations}"/>
<artifact name="${org.codehaus.plexus:plexus-interpolation}"/>
<artifact name="${org.codehaus.plexus:plexus-utils}"/>
</resources>
<dependencies>
<module name="javax.api"/>
</dependencies>
</module>

42
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/drools/main/module.xml
View file

@ -1,42 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<module xmlns="urn:jboss:module:1.3" name="org.drools" slot="main">
<properties>
<property name="jboss.api" value="private"/>
</properties>
<resources>
<artifact name="${org.drools:drools-core}"/>
<artifact name="${org.drools:drools-compiler}"/>
</resources>
<dependencies>
<module name="javax.activation.api"/>
<module name="javax.api"/>
<module name="javax.enterprise.api"/>
<module name="javax.inject.api"/>
<module name="org.keycloak.keycloak-core"/>
<module name="org.keycloak.keycloak-common"/>
<module name="org.keycloak.keycloak-server-spi"/>
<module name="org.keycloak.keycloak-server-spi-private"/>
<module name="com.thoughtworks.xstream"/>
<module name="org.antlr" slot="3.5"/>
<module name="org.kie"/>
<module name="org.mvel"/>
<module name="org.slf4j"/>
<module name="org.eclipse.jdt.ecj"/>
</dependencies>
</module>

39
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/eclipse/aether/kie/module.xml
View file

@ -1,39 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<module xmlns="urn:jboss:module:1.3" name="org.eclipse.aether" slot="kie">
<properties>
<property name="jboss.api" value="private"/>
</properties>
<resources>
<artifact name="${org.eclipse.aether:aether-api}"/>
<artifact name="${org.eclipse.aether:aether-connector-basic}"/>
<artifact name="${org.eclipse.aether:aether-spi}"/>
<artifact name="${org.eclipse.aether:aether-impl}"/>
<artifact name="${org.eclipse.aether:aether-transport-file}"/>
<artifact name="${org.eclipse.aether:aether-transport-http}"/>
<artifact name="${org.eclipse.aether:aether-transport-wagon}"/>
<artifact name="${org.eclipse.aether:aether-util}"/>
</resources>
<dependencies>
<module name="javax.api"/>
<module name="javax.inject.api"/>
<module name="org.apache.httpcomponents"/>
<module name="org.apache.maven.wagon"/>
<module name="org.eclipse.sisu"/>
</dependencies>
</module>

34
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/eclipse/sisu/main/module.xml
View file

@ -1,34 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<module xmlns="urn:jboss:module:1.3" name="org.eclipse.sisu" slot="main">
<properties>
<property name="jboss.api" value="private"/>
</properties>
<resources>
<artifact name="${org.eclipse.sisu:org.eclipse.sisu.inject}"/>
<artifact name="${org.eclipse.sisu:org.eclipse.sisu.plexus}"/>
<artifact name="${com.google.inject.extensions:guice-servlet}"/>
</resources>
<dependencies>
<module name="javax.api"/>
<module name="javax.enterprise.api"/>
<module name="javax.inject.api"/>
<module name="org.codehouse.plexus"/>
<module name="org.sonatype.sisu"/>
</dependencies>
</module>

35
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/keycloak/keycloak-authz-policy-drools/main/module.xml
View file

@ -1,35 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-authz-policy-drools">
<properties>
<property name="jboss.api" value="private"/>
</properties>
<resources>
<artifact name="${org.keycloak:keycloak-authz-policy-drools}"/>
</resources>
<dependencies>
<module name="javax.api"/>
<module name="javax.ws.rs.api"/>
<module name="org.keycloak.keycloak-core"/>
<module name="org.keycloak.keycloak-common"/>
<module name="org.keycloak.keycloak-server-spi"/>
<module name="org.keycloak.keycloak-server-spi-private"/>
<module name="org.keycloak.keycloak-services"/>
<module name="org.kie"/>
</dependencies>
</module>

6
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/keycloak/keycloak-server-subsystem/main/server-war/WEB-INF/jboss-deployment-structure.xml
View file

@ -18,12 +18,6 @@
<deployment>
<dependencies>
<module name="org.keycloak.keycloak-server-subsystem.dependencies"/>
<!-- Kie requires access to kie.conf files from META-INF -->
<module name="org.kie">
<imports>
<include path="META-INF"/>
</imports>
</module>
</dependencies>
<exclude-subsystems>
<subsystem name="webservices"/>

1
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/keycloak/keycloak-services/main/module.xml
View file

@ -42,7 +42,6 @@
<!-- Authorization -->
<module name="org.keycloak.keycloak-authz-policy-common" services="import"/>
<module name="org.keycloak.keycloak-authz-policy-drools" services="import"/>
<!-- Openshift Client Storage -->
<module name="com.openshift.openshift-restclient-java" services="import"/>

68
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/kie/main/module.xml
View file

@ -1,68 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<module xmlns="urn:jboss:module:1.3" name="org.kie">
<properties>
<property name="jboss.api" value="private"/>
</properties>
<resources>
<artifact name="${org.kie:kie-api}"/>
<artifact name="${org.kie:kie-ci}"/>
<artifact name="${org.kie:kie-internal}"/>
<artifact name="${org.kie.soup:kie-soup-maven-support}"/>
<artifact name="${org.kie.soup:kie-soup-maven-integration}"/>
<artifact name="${org.kie.soup:kie-soup-commons}"/>
<artifact name="${org.kie.soup:kie-soup-project-datamodel-commons}"/>
</resources>
<dependencies>
<module name="javax.api"/>
<module name="javax.activation.api"/>
<module name="javax.inject.api"/>
<module name="javax.enterprise.api"/>
<module name="org.keycloak.keycloak-core"/>
<module name="org.keycloak.keycloak-common"/>
<module name="org.keycloak.keycloak-server-spi"/>
<module name="org.keycloak.keycloak-server-spi-private"/>
<module name="org.slf4j"/>
<module name="org.apache.commons.logging"/>
<module name="org.keycloak.keycloak-core"/>
<module name="org.keycloak.keycloak-common"/>
<module name="org.keycloak.keycloak-server-spi"/>
<module name="org.keycloak.keycloak-server-spi-private"/>
<module name="com.sun.xml.bind"/>
<module name="com.thoughtworks.xstream"/>
<module name="org.apache.ant"/>
<module name="org.apache.httpcomponents"/>
<module name="org.apache.maven"/>
<module name="org.apache.maven.wagon"/>
<module name="org.codehouse.plexus"/>
<!-- Kie requires access to kie.conf files from META-INF -->
<module name="org.drools" export="true">
<imports>
<include path="META-INF"/>
</imports>
<exports>
<include path="META-INF"/>
</exports>
</module>
<module name="org.eclipse.aether" slot="kie"/>
<module name="org.eclipse.sisu"/>
<module name="org.sonatype.plexus"/>
<module name="org.sonatype.sisu"/>
<module name="org.mvel"/>
</dependencies>
</module>

29
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/mvel/main/module.xml
View file

@ -1,29 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ * Copyright 2016 Red Hat, Inc. and/or its affiliates
~ * and other contributors as indicated by the @author tags.
~ *
~ * Licensed under the Apache License, Version 2.0 (the "License");
~ * you may not use this file except in compliance with the License.
~ * You may obtain a copy of the License at
~ *
~ * http://www.apache.org/licenses/LICENSE-2.0
~ *
~ * Unless required by applicable law or agreed to in writing, software
~ * distributed under the License is distributed on an "AS IS" BASIS,
~ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ * See the License for the specific language governing permissions and
~ * limitations under the License.
-->
<module xmlns="urn:jboss:module:1.3" name="org.mvel" slot="main">
<properties>
<property name="jboss.api" value="private"/>
</properties>
<resources>
<artifact name="${org.mvel:mvel2}"/>
</resources>
<dependencies>
<module name="javax.api" export="false" slot="main" services="import" optional="false"/>
</dependencies>
</module>

32
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/sonatype/plexus/main/module.xml
View file

@ -1,32 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<module xmlns="urn:jboss:module:1.3" name="org.sonatype.plexus" slot="main">
<properties>
<property name="jboss.api" value="private"/>
</properties>
<resources>
<artifact name="${org.sonatype.plexus:plexus-cipher}"/>
<artifact name="${org.sonatype.plexus:plexus-sec-dispatcher}"/>
</resources>
<dependencies>
<module name="javax.api"/>
<module name="org.codehouse.plexus"/>
<module name="org.eclipse.sisu"/>
<module name="org.sonatype.sisu"/>
</dependencies>
</module>

31
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/sonatype/sisu/main/module.xml
View file

@ -1,31 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<module xmlns="urn:jboss:module:1.3" name="org.sonatype.sisu" slot="main">
<properties>
<property name="jboss.api" value="private"/>
</properties>
<resources>
<artifact name="${com.google.inject:guice::no_aop}"/>
</resources>
<dependencies>
<module name="aopalliance"/>
<module name="com.google.guava"/>
<module name="javax.api"/>
<module name="javax.inject.api"/>
</dependencies>
</module>

3
integration/admin-client/src/main/java/org/keycloak/admin/client/resource/PoliciesResource.java
View file

@ -84,9 +84,6 @@ public interface PoliciesResource {
@Path("aggregate")
AggregatePoliciesResource aggregate();
@Path("rules")
RulePoliciesResource rule();
@Path("client")
ClientPoliciesResource client();

50
integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RulePoliciesResource.java
View file

@ -1,50 +0,0 @@
/*
* Copyright 2016 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.admin.client.resource;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.jboss.resteasy.annotations.cache.NoCache;
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
public interface RulePoliciesResource {
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
Response create(RulePolicyRepresentation representation);
@Path("{id}")
RulePolicyResource findById(@PathParam("id") String id);
@Path("/search")
@GET
@Produces(MediaType.APPLICATION_JSON)
@NoCache
RulePolicyRepresentation findByName(@QueryParam("name") String name);
}

69
integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RulePolicyResource.java
View file

@ -1,69 +0,0 @@
/*
* Copyright 2016 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.admin.client.resource;
import java.util.List;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import org.jboss.resteasy.annotations.cache.NoCache;
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
import org.keycloak.representations.idm.authorization.PolicyRepresentation;
import org.keycloak.representations.idm.authorization.ResourceRepresentation;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
public interface RulePolicyResource {
@GET
@Produces(MediaType.APPLICATION_JSON)
@NoCache
RulePolicyRepresentation toRepresentation();
@PUT
@Consumes(MediaType.APPLICATION_JSON)
void update(RulePolicyRepresentation representation);
@DELETE
void remove();
@Path("/associatedPolicies")
@GET
@Produces(MediaType.APPLICATION_JSON)
@NoCache
List<PolicyRepresentation> associatedPolicies();
@Path("/dependentPolicies")
@GET
@Produces(MediaType.APPLICATION_JSON)
@NoCache
List<PolicyRepresentation> dependentPolicies();
@Path("/resources")
@GET
@Produces("application/json")
@NoCache
List<ResourceRepresentation> resources();
}

15
pom.xml
View file

@ -103,9 +103,6 @@
<picketbox.version>5.0.3.Final</picketbox.version>
<google.guava.version>25.0-jre</google.guava.version>
<!-- Authorization Drools Policy Provider -->
<version.org.drools>7.11.0.Final</version.org.drools>
<!-- Openshift -->
<version.com.openshift.openshift-restclient-java>6.1.3.Final</version.com.openshift.openshift-restclient-java>
@ -172,6 +169,8 @@
<!-- webauthn support -->
<webauthn4j.version>0.9.14.RELEASE</webauthn4j.version>
<org.apache.kerby.kerby-asn1.version>2.0.0</org.apache.kerby.kerby-asn1.version>
<mvel.version>2.4.0.Final</mvel.version>
</properties>
@ -1186,11 +1185,6 @@
<artifactId>keycloak-authz-client</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-authz-policy-drools</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-authz-policy-common</artifactId>
@ -1481,6 +1475,11 @@
<artifactId>commons-lang3</artifactId>
<version>${commons-lang3.version}</version>
</dependency>
<dependency>
<groupId>org.mvel</groupId>
<artifactId>mvel2</artifactId>
<version>${mvel.version}</version>
</dependency>
</dependencies>
</dependencyManagement>

22
testsuite/integration-arquillian/test-apps/photoz/photoz-authz-policy/pom.xml
View file

@ -1,22 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-test-apps-photoz-parent</artifactId>
<version>9.0.0-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<artifactId>photoz-authz-policy</artifactId>
<packaging>jar</packaging>
<name>Keycloak Authz Tests: Photoz Authz Rule-based Policy</name>
<description>
Photoz Authz Rule-based Policies using JBoss Drools
</description>
</project>

21
testsuite/integration-arquillian/test-apps/photoz/photoz-authz-policy/src/main/resources/META-INF/kmodule.xml
View file

@ -1,21 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<kmodule
xmlns="http://jboss.org/kie/6.0.0/kmodule">
<kbase name="PhotozAuthzAdminPolicy" packages="com.photoz.authz.policy.admin">
<ksession name="MainAdminSession" default="true"/>
</kbase>
<kbase name="PhotozAuthzUserPolicy" packages="com.photoz.authz.policy.user">
<ksession name="MainUserSession" default="true"/>
</kbase>
<kbase name="PhotozAuthzOwnerPolicy" packages="com.photoz.authz.policy.resource.owner">
<ksession name="MainOwnerSession" default="true"/>
</kbase>
<kbase name="PhotozAuthzContextualPolicy" packages="com.photoz.authz.policy.contextual">
<ksession name="MainContextualSession" default="true"/>
</kbase>
</kmodule>

14
testsuite/integration-arquillian/test-apps/photoz/photoz-authz-policy/src/main/resources/com.photoz.authz.policy.admin/Main.drl
View file

@ -1,14 +0,0 @@
package com.photoz.authz.policy.admin
import org.keycloak.authorization.policy.evaluation.Evaluation;
rule "Authorize Admin Resources"
dialect "mvel"
when
$evaluation : Evaluation(
$identity : context.identity,
$identity.hasRealmRole("admin")
)
then
$evaluation.grant();
end

15
testsuite/integration-arquillian/test-apps/photoz/photoz-authz-policy/src/main/resources/com.photoz.authz.policy.resource.owner/Main.drl
View file

@ -1,15 +0,0 @@
package com.photoz.authz.policy.admin
import org.keycloak.authorization.policy.evaluation.Evaluation;
rule "Authorize Resource Owner"
dialect "mvel"
when
$evaluation : Evaluation(
$identity: context.identity,
$permission: permission,
$permission.resource != null && $permission.resource.owner.equals($identity.id)
)
then
$evaluation.grant();
end

14
testsuite/integration-arquillian/test-apps/photoz/photoz-authz-policy/src/main/resources/com.photoz.authz.policy.user/Main.drl
View file

@ -1,14 +0,0 @@
package com.photoz.authz.policy.admin
import org.keycloak.authorization.policy.evaluation.Evaluation;
rule "Authorize View User Album"
dialect "mvel"
when
$evaluation : Evaluation(
$identity : context.identity,
$identity.hasRealmRole("user")
)
then
$evaluation.grant();
end

15
testsuite/integration-arquillian/test-apps/photoz/photoz-authz-policy/src/main/resources/com/photoz/authz/policy/contextual/Main.drl
View file

@ -1,15 +0,0 @@
package com.photoz.authz.policy.admin
import org.keycloak.authorization.policy.evaluation.Evaluation;
rule "Authorize Using Context Information"
dialect "mvel"
when
$evaluation : Evaluation(
$attributes: context.attributes,
$attributes.containsValue("kc.identity.authc.method", "otp"),
$attributes.containsValue("someAttribute", "you_can_access")
)
then
$evaluation.grant();
end

1
testsuite/integration-arquillian/test-apps/photoz/pom.xml
View file

@ -18,6 +18,5 @@
<modules>
<module>photoz-restful-api</module>
<module>photoz-html5-client</module>
<module>photoz-authz-policy</module>
</modules>
</project>

4
testsuite/integration-arquillian/tests/base/pom.xml
View file

@ -116,6 +116,10 @@
<version>${project.version}</version>
<classifier>classes</classifier>
</dependency>
<dependency>
<groupId>org.mvel</groupId>
<artifactId>mvel2</artifactId>
</dependency>
</dependencies>
<build>

6
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/GenericPolicyManagementTest.java
View file

@ -54,7 +54,7 @@ import static org.junit.Assert.assertTrue;
*/
public class GenericPolicyManagementTest extends AbstractAuthorizationTest {
private static final String[] EXPECTED_BUILTIN_POLICY_PROVIDERS = {"test", "user", "role", "rules", "js", "time", "aggregate", "scope", "resource"};
private static final String[] EXPECTED_BUILTIN_POLICY_PROVIDERS = {"test", "user", "role", "js", "time", "aggregate", "scope", "resource"};
@Test
public void testCreate() {
@ -146,10 +146,6 @@ public class GenericPolicyManagementTest extends AbstractAuthorizationTest {
assertFalse(providers.isEmpty());
List expected = new ArrayList(Arrays.asList(EXPECTED_BUILTIN_POLICY_PROVIDERS));
if (!Profile.isFeatureEnabled(Profile.Feature.AUTHZ_DROOLS_POLICY)) {
expected.remove("rules");
}
assertTrue(providers.containsAll(expected));
}

146
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/RulesPolicyManagementTest.java
View file

@ -1,146 +0,0 @@
/*
* Copyright 2016 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.testsuite.admin.client.authorization;
import org.junit.BeforeClass;
import org.junit.Test;
import org.keycloak.admin.client.resource.AuthorizationResource;
import org.keycloak.admin.client.resource.RulePoliciesResource;
import org.keycloak.admin.client.resource.RulePolicyResource;
import org.keycloak.common.Profile;
import org.keycloak.representations.idm.authorization.DecisionStrategy;
import org.keycloak.representations.idm.authorization.Logic;
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.arquillian.annotation.RestartContainer;
import org.keycloak.testsuite.util.ContainerAssume;
import javax.ws.rs.NotFoundException;
import javax.ws.rs.core.Response;
import java.util.Collections;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.fail;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
@EnableFeature(Profile.Feature.AUTHZ_DROOLS_POLICY)
public class RulesPolicyManagementTest extends AbstractPolicyManagementTest {
@BeforeClass
public static void verifyEnvironment() {
ContainerAssume.assumeNotAuthServerUndertow();
ContainerAssume.assumeNotAuthServerRemote();
}
@Test
public void testCreate() {
assertCreated(getClient().authorization(), createDefaultRepresentation("Rule Policy"));
}
@Test
public void testUpdate() {
AuthorizationResource authorization = getClient().authorization();
RulePolicyRepresentation representation = createDefaultRepresentation("Update Rule Policy");
assertCreated(authorization, representation);
representation.setName("changed");
representation.setDescription("changed");
representation.setDecisionStrategy(DecisionStrategy.AFFIRMATIVE);
representation.setLogic(Logic.POSITIVE);
representation.setScannerPeriod("12");
representation.setScannerPeriodUnit("Days");
representation.setModuleName("PhotozAuthzContextualPolicy");
representation.setSessionName("MainContextualSession");
RulePoliciesResource policies = authorization.policies().rule();
RulePolicyResource policy = policies.findById(representation.getId());
policy.update(representation);
assertRepresentation(representation, policy);
}
@Test
public void testDelete() {
AuthorizationResource authorization = getClient().authorization();
RulePolicyRepresentation representation = createDefaultRepresentation("Delete Rule Policy");
RulePoliciesResource policies = authorization.policies().rule();
try (Response response = policies.create(representation)) {
RulePolicyRepresentation created = response.readEntity(RulePolicyRepresentation.class);
policies.findById(created.getId()).remove();
RulePolicyResource removed = policies.findById(created.getId());
try {
removed.toRepresentation();
fail("Policy not removed");
} catch (NotFoundException ignore) {
}
}
}
private RulePolicyRepresentation createDefaultRepresentation(String name) {
RulePolicyRepresentation representation = new RulePolicyRepresentation();
representation.setName(name);
representation.setDescription("description");
representation.setDecisionStrategy(DecisionStrategy.CONSENSUS);
representation.setLogic(Logic.NEGATIVE);
representation.setArtifactGroupId("org.keycloak.testsuite");
representation.setArtifactId("photoz-authz-policy");
representation.setArtifactVersion(System.getProperty("project.version"));
representation.setModuleName("PhotozAuthzOwnerPolicy");
representation.setSessionName("MainOwnerSession");
representation.setScannerPeriod("1");
representation.setScannerPeriodUnit("Minutes");
return representation;
}
private void assertCreated(AuthorizationResource authorization, RulePolicyRepresentation representation) {
RulePoliciesResource permissions = authorization.policies().rule();
try (Response response = permissions.create(representation)) {
RulePolicyRepresentation created = response.readEntity(RulePolicyRepresentation.class);
RulePolicyResource permission = permissions.findById(created.getId());
assertRepresentation(representation, permission);
}
}
private void assertRepresentation(RulePolicyRepresentation expected, RulePolicyResource policy) {
RulePolicyRepresentation actual = policy.toRepresentation();
assertRepresentation(expected, actual, policy::resources, Collections::emptyList, policy::associatedPolicies);
assertEquals(expected.getName(), actual.getName());
assertEquals(expected.getDescription(), actual.getDescription());
assertEquals(expected.getLogic(), actual.getLogic());
assertEquals(expected.getArtifactGroupId(), actual.getArtifactGroupId());
assertEquals(expected.getArtifactId(), actual.getArtifactId());
assertEquals(expected.getArtifactVersion(), actual.getArtifactVersion());
assertEquals(expected.getModuleName(), actual.getModuleName());
assertEquals(expected.getSessionName(), actual.getSessionName());
assertEquals(expected.getScannerPeriod(), actual.getScannerPeriod());
assertEquals(expected.getScannerPeriodUnit(), actual.getScannerPeriodUnit());
}
}

7
testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/permission/ResourcePermissionForm.java
View file

@ -26,7 +26,6 @@ import org.keycloak.representations.idm.authorization.GroupPolicyRepresentation;
import org.keycloak.representations.idm.authorization.JSPolicyRepresentation;
import org.keycloak.representations.idm.authorization.ResourcePermissionRepresentation;
import org.keycloak.representations.idm.authorization.RolePolicyRepresentation;
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
import org.keycloak.representations.idm.authorization.TimePolicyRepresentation;
import org.keycloak.representations.idm.authorization.UserPolicyRepresentation;
import org.keycloak.testsuite.console.page.clients.authorization.policy.ClientPolicy;
@ -34,7 +33,6 @@ import org.keycloak.testsuite.console.page.clients.authorization.policy.GroupPol
import org.keycloak.testsuite.console.page.clients.authorization.policy.JSPolicy;
import org.keycloak.testsuite.console.page.clients.authorization.policy.PolicySelect;
import org.keycloak.testsuite.console.page.clients.authorization.policy.RolePolicy;
import org.keycloak.testsuite.console.page.clients.authorization.policy.RulePolicy;
import org.keycloak.testsuite.console.page.clients.authorization.policy.TimePolicy;
import org.keycloak.testsuite.console.page.clients.authorization.policy.UserPolicy;
import org.keycloak.testsuite.console.page.fragment.ModalDialog;
@ -96,9 +94,6 @@ public class ResourcePermissionForm extends Form {
@Page
private TimePolicy timePolicy;
@Page
private RulePolicy rulePolicy;
@Page
private GroupPolicy groupPolicy;
@ -161,8 +156,6 @@ public class ResourcePermissionForm extends Form {
jsPolicy.form().populate((JSPolicyRepresentation) expected, true);
} else if ("time".equalsIgnoreCase(expected.getType())) {
timePolicy.form().populate((TimePolicyRepresentation) expected, true);
} else if ("rules".equalsIgnoreCase(expected.getType())) {
rulePolicy.form().populate((RulePolicyRepresentation) expected, true);
} else if ("group".equalsIgnoreCase(expected.getType())) {
groupPolicy.form().populate((GroupPolicyRepresentation) expected, true);
}

7
testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/permission/ScopePermissionForm.java
View file

@ -28,7 +28,6 @@ import org.keycloak.representations.idm.authorization.DecisionStrategy;
import org.keycloak.representations.idm.authorization.GroupPolicyRepresentation;
import org.keycloak.representations.idm.authorization.JSPolicyRepresentation;
import org.keycloak.representations.idm.authorization.RolePolicyRepresentation;
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
import org.keycloak.representations.idm.authorization.ScopePermissionRepresentation;
import org.keycloak.representations.idm.authorization.TimePolicyRepresentation;
import org.keycloak.representations.idm.authorization.UserPolicyRepresentation;
@ -37,7 +36,6 @@ import org.keycloak.testsuite.console.page.clients.authorization.policy.GroupPol
import org.keycloak.testsuite.console.page.clients.authorization.policy.JSPolicy;
import org.keycloak.testsuite.console.page.clients.authorization.policy.PolicySelect;
import org.keycloak.testsuite.console.page.clients.authorization.policy.RolePolicy;
import org.keycloak.testsuite.console.page.clients.authorization.policy.RulePolicy;
import org.keycloak.testsuite.console.page.clients.authorization.policy.TimePolicy;
import org.keycloak.testsuite.console.page.clients.authorization.policy.UserPolicy;
import org.keycloak.testsuite.console.page.fragment.ModalDialog;
@ -102,9 +100,6 @@ public class ScopePermissionForm extends Form {
@Page
private TimePolicy timePolicy;
@Page
private RulePolicy rulePolicy;
@Page
private GroupPolicy groupPolicy;
@ -173,8 +168,6 @@ public class ScopePermissionForm extends Form {
jsPolicy.form().populate((JSPolicyRepresentation) expected, true);
} else if ("time".equalsIgnoreCase(expected.getType())) {
timePolicy.form().populate((TimePolicyRepresentation) expected, true);
} else if ("rules".equalsIgnoreCase(expected.getType())) {
rulePolicy.form().populate((RulePolicyRepresentation) expected, true);
} else if ("group".equalsIgnoreCase(expected.getType())) {
groupPolicy.form().populate((GroupPolicyRepresentation) expected, true);
}

6
testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/policy/AggregatePolicyForm.java
View file

@ -28,7 +28,6 @@ import org.keycloak.representations.idm.authorization.GroupPolicyRepresentation;
import org.keycloak.representations.idm.authorization.JSPolicyRepresentation;
import org.keycloak.representations.idm.authorization.Logic;
import org.keycloak.representations.idm.authorization.RolePolicyRepresentation;
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
import org.keycloak.representations.idm.authorization.TimePolicyRepresentation;
import org.keycloak.representations.idm.authorization.UserPolicyRepresentation;
import org.keycloak.testsuite.console.page.fragment.ModalDialog;
@ -79,9 +78,6 @@ public class AggregatePolicyForm extends Form {
@Page
private TimePolicy timePolicy;
@Page
private RulePolicy rulePolicy;
@Page
private GroupPolicy groupPolicy;
@ -150,8 +146,6 @@ public class AggregatePolicyForm extends Form {
jsPolicy.form().populate((JSPolicyRepresentation) expected, true);
} else if ("time".equalsIgnoreCase(expected.getType())) {
timePolicy.form().populate((TimePolicyRepresentation) expected, true);
} else if ("rules".equalsIgnoreCase(expected.getType())) {
rulePolicy.form().populate((RulePolicyRepresentation) expected, true);
} else if ("group".equalsIgnoreCase(expected.getType())) {
groupPolicy.form().populate((GroupPolicyRepresentation) expected, true);
}

13
testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/policy/Policies.java
View file

@ -24,7 +24,6 @@ import org.keycloak.representations.idm.authorization.GroupPolicyRepresentation;
import org.keycloak.representations.idm.authorization.JSPolicyRepresentation;
import org.keycloak.representations.idm.authorization.PolicyRepresentation;
import org.keycloak.representations.idm.authorization.RolePolicyRepresentation;
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
import org.keycloak.representations.idm.authorization.TimePolicyRepresentation;
import org.keycloak.representations.idm.authorization.UserPolicyRepresentation;
import org.keycloak.testsuite.console.page.fragment.ModalDialog;
@ -63,9 +62,6 @@ public class Policies extends Form {
@Page
private TimePolicy timePolicy;
@Page
private RulePolicy rulePolicy;
@Page
private ClientPolicy clientPolicy;
@ -99,9 +95,6 @@ public class Policies extends Form {
} else if ("time".equals(type)) {
timePolicy.form().populate((TimePolicyRepresentation) expected, save);
return (P) timePolicy;
} else if ("rules".equals(type)) {
rulePolicy.form().populate((RulePolicyRepresentation) expected, save);
return (P) rulePolicy;
} else if ("client".equals(type)) {
clientPolicy.form().populate((ClientPolicyRepresentation) expected, save);
return (P) clientPolicy;
@ -134,8 +127,6 @@ public class Policies extends Form {
jsPolicy.form().populate((JSPolicyRepresentation) representation, true);
} else if ("time".equals(type)) {
timePolicy.form().populate((TimePolicyRepresentation) representation, true);
} else if ("rules".equals(type)) {
rulePolicy.form().populate((RulePolicyRepresentation) representation, true);
} else if ("client".equals(type)) {
clientPolicy.form().populate((ClientPolicyRepresentation) representation, true);
} else if ("group".equals(type)) {
@ -163,8 +154,6 @@ public class Policies extends Form {
return (P) jsPolicy;
} else if ("time".equals(type)) {
return (P) timePolicy;
} else if ("rules".equals(type)) {
return (P) rulePolicy;
} else if ("client".equals(type)) {
return (P) clientPolicy;
} else if ("group".equals(type)) {
@ -193,8 +182,6 @@ public class Policies extends Form {
jsPolicy.form().delete();
} else if ("time".equals(type)) {
timePolicy.form().delete();
} else if ("rules".equals(type)) {
rulePolicy.form().delete();
} else if ("client".equals(type)) {
clientPolicy.form().delete();
} else if ("group".equals(type)) {

41
testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/policy/RulePolicy.java
View file

@ -1,41 +0,0 @@
/*
* Copyright 2016 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.testsuite.console.page.clients.authorization.policy;
import org.jboss.arquillian.graphene.page.Page;
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
public class RulePolicy implements PolicyTypeUI {
@Page
private RulePolicyForm form;
public RulePolicyForm form() {
return form;
}
public RulePolicyRepresentation toRepresentation() {
return form.toRepresentation();
}
public void update(RulePolicyRepresentation expected) {
form().populate(expected, true);
}
}

125
testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/policy/RulePolicyForm.java
View file

@ -1,125 +0,0 @@
/*
* Copyright 2016 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.testsuite.console.page.clients.authorization.policy;
import org.keycloak.representations.idm.authorization.Logic;
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
import org.keycloak.testsuite.console.page.fragment.ModalDialog;
import org.keycloak.testsuite.page.Form;
import org.keycloak.testsuite.util.UIUtils;
import org.keycloak.testsuite.util.WaitUtils;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.support.FindBy;
import org.openqa.selenium.support.ui.Select;
import java.util.concurrent.TimeUnit;
import static org.jboss.arquillian.graphene.Graphene.waitGui;
import static org.keycloak.testsuite.util.UIUtils.clickLink;
import static org.keycloak.testsuite.util.UIUtils.getTextFromElement;
import static org.openqa.selenium.By.id;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
public class RulePolicyForm extends Form {
@FindBy(id = "name")
private WebElement name;
@FindBy(id = "description")
private WebElement description;
@FindBy(id = "artifactGroupId")
private WebElement artifactGroupId;
@FindBy(id = "artifactId")
private WebElement artifactId;
@FindBy(id = "artifactVersion")
private WebElement artifactVersion;
@FindBy(id = "moduleName")
private Select moduleName;
@FindBy(id = "sessionName")
private Select sessionName;
@FindBy(id = "scannerPeriod")
private WebElement scannerPeriod;
@FindBy(id = "scannerPeriodUnit")
private Select scannerPeriodUnit;
@FindBy(id = "logic")
private Select logic;
@FindBy(xpath = "//i[contains(@class,'pficon-delete')]")
private WebElement deleteButton;
@FindBy(xpath = "//div[@class='modal-dialog']")
protected ModalDialog modalDialog;
@FindBy(id = "resolveModule")
private WebElement resolveModuleButton;
public void populate(RulePolicyRepresentation expected, boolean save) {
UIUtils.setTextInputValue(name, expected.getName());
UIUtils.setTextInputValue(description, expected.getDescription());
UIUtils.setTextInputValue(artifactGroupId, expected.getArtifactGroupId());
UIUtils.setTextInputValue(artifactId, expected.getArtifactId());
UIUtils.setTextInputValue(artifactVersion, expected.getArtifactVersion());
clickLink(resolveModuleButton);
waitGui().withTimeout(150, TimeUnit.SECONDS).until().element(id("moduleName")).is().enabled(); // The module load time could be long at some conditions
moduleName.selectByVisibleText(expected.getModuleName());
WaitUtils.pause(1000);
sessionName.selectByVisibleText(expected.getSessionName());
UIUtils.setTextInputValue(scannerPeriod, expected.getScannerPeriod());
scannerPeriodUnit.selectByVisibleText(expected.getScannerPeriodUnit());
logic.selectByValue(expected.getLogic().name());
if (save) {
save();
}
}
public void delete() {
deleteButton.click();
modalDialog.confirmDeletion();
}
public RulePolicyRepresentation toRepresentation() {
RulePolicyRepresentation representation = new RulePolicyRepresentation();
representation.setName(UIUtils.getTextInputValue(name));
representation.setDescription(UIUtils.getTextInputValue(description));
representation.setLogic(Logic.valueOf(UIUtils.getTextFromElement(logic.getFirstSelectedOption()).toUpperCase()));
representation.setArtifactGroupId(UIUtils.getTextInputValue(artifactGroupId));
representation.setArtifactId(UIUtils.getTextInputValue(artifactId));
representation.setArtifactVersion(UIUtils.getTextInputValue(artifactVersion));
representation.setModuleName(getTextFromElement(moduleName.getFirstSelectedOption()));
representation.setSessionName(getTextFromElement(sessionName.getFirstSelectedOption()));
representation.setScannerPeriod(UIUtils.getTextInputValue(scannerPeriod));
representation.setScannerPeriodUnit(getTextFromElement(scannerPeriodUnit.getFirstSelectedOption()));
return representation;
}
}

17
testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/AggregatePolicyManagementTest.java
View file

@ -40,7 +40,6 @@ import org.keycloak.representations.idm.authorization.GroupPolicyRepresentation;
import org.keycloak.representations.idm.authorization.JSPolicyRepresentation;
import org.keycloak.representations.idm.authorization.Logic;
import org.keycloak.representations.idm.authorization.RolePolicyRepresentation;
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
import org.keycloak.representations.idm.authorization.TimePolicyRepresentation;
import org.keycloak.representations.idm.authorization.UserPolicyRepresentation;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
@ -232,22 +231,6 @@ public class AggregatePolicyManagementTest extends AbstractAuthorizationSettings
policy.createPolicy(childTimePolicy);
expected.addPolicy(childTimePolicy.getName());
if (Profile.isFeatureEnabled(Profile.Feature.AUTHZ_DROOLS_POLICY)) {
RulePolicyRepresentation rulePolicy = new RulePolicyRepresentation();
rulePolicy.setName(UUID.randomUUID().toString());
rulePolicy.setDescription("description");
rulePolicy.setArtifactGroupId("org.keycloak.testsuite");
rulePolicy.setArtifactId("photoz-authz-policy");
rulePolicy.setArtifactVersion(System.getProperty("project.version"));
rulePolicy.setModuleName("PhotozAuthzOwnerPolicy");
rulePolicy.setSessionName("MainOwnerSession");
rulePolicy.setScannerPeriod("1");
rulePolicy.setScannerPeriodUnit("Minutes");
policy.createPolicy(rulePolicy);
expected.addPolicy(rulePolicy.getName());
}
GroupPolicyRepresentation childGroupPolicy = new GroupPolicyRepresentation();
childGroupPolicy.setName(UUID.randomUUID().toString());

128
testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/RulePolicyManagementTest.java
View file

@ -1,128 +0,0 @@
/*
* Copyright 2016 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.testsuite.console.authorization;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNull;
import org.junit.Test;
import org.keycloak.common.Profile;
import org.keycloak.representations.idm.authorization.Logic;
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.console.page.clients.authorization.policy.RulePolicy;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
public class RulePolicyManagementTest extends AbstractAuthorizationSettingsTest {
@Test
public void testUpdate() {
ProfileAssume.assumeFeatureEnabled(Profile.Feature.AUTHZ_DROOLS_POLICY);
authorizationPage.navigateTo();
RulePolicyRepresentation expected = createDefaultRepresentation("Test Rule Policy");
expected = createPolicy(expected);
String previousName = expected.getName();
expected.setName("Changed " + previousName);
expected.setDescription("Changed description");
expected.setLogic(Logic.NEGATIVE);
expected.setModuleName("PhotozAuthzContextualPolicy");
expected.setSessionName("MainContextualSession");
expected.setScannerPeriod("12");
expected.setScannerPeriodUnit("Days");
authorizationPage.navigateTo();
authorizationPage.authorizationTabs().policies().update(previousName, expected);
assertAlertSuccess();
authorizationPage.navigateTo();
RulePolicy actual = authorizationPage.authorizationTabs().policies().name(expected.getName());
assertPolicy(expected, actual);
}
@Test
public void testDelete() {
ProfileAssume.assumeFeatureEnabled(Profile.Feature.AUTHZ_DROOLS_POLICY);
authorizationPage.navigateTo();
RulePolicyRepresentation expected =createDefaultRepresentation("Delete Rule Policy");
expected = createPolicy(expected);
authorizationPage.navigateTo();
authorizationPage.authorizationTabs().policies().delete(expected.getName());
assertAlertSuccess();
authorizationPage.navigateTo();
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
@Test
public void testDeleteFromList() {
ProfileAssume.assumeFeatureEnabled(Profile.Feature.AUTHZ_DROOLS_POLICY);
authorizationPage.navigateTo();
RulePolicyRepresentation expected =createDefaultRepresentation("Delete Rule Policy");
expected = createPolicy(expected);
authorizationPage.navigateTo();
authorizationPage.authorizationTabs().policies().deleteFromList(expected.getName());
authorizationPage.navigateTo();
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
private RulePolicyRepresentation createDefaultRepresentation(String name) {
RulePolicyRepresentation expected = new RulePolicyRepresentation();
expected.setName(name);
expected.setDescription("description");
expected.setArtifactGroupId("org.keycloak.testsuite");
expected.setArtifactId("photoz-authz-policy");
expected.setArtifactVersion(System.getProperty("project.version"));
expected.setModuleName("PhotozAuthzOwnerPolicy");
expected.setSessionName("MainOwnerSession");
expected.setScannerPeriod("1");
expected.setScannerPeriodUnit("Minutes");
return expected;
}
private RulePolicyRepresentation createPolicy(RulePolicyRepresentation expected) {
RulePolicy policy = authorizationPage.authorizationTabs().policies().create(expected);
assertAlertSuccess();
return assertPolicy(expected, policy);
}
private RulePolicyRepresentation assertPolicy(RulePolicyRepresentation expected, RulePolicy policy) {
RulePolicyRepresentation actual = policy.toRepresentation();
assertEquals(expected.getName(), actual.getName());
assertEquals(expected.getDescription(), actual.getDescription());
assertEquals(expected.getLogic(), actual.getLogic());
assertEquals(expected.getArtifactGroupId(), actual.getArtifactGroupId());
assertEquals(expected.getArtifactId(), actual.getArtifactId());
assertEquals(expected.getArtifactVersion(), actual.getArtifactVersion());
assertEquals(expected.getModuleName(), actual.getModuleName());
assertEquals(expected.getSessionName(), actual.getSessionName());
assertEquals(expected.getScannerPeriod(), actual.getScannerPeriod());
assertEquals(expected.getScannerPeriodUnit(), actual.getScannerPeriodUnit());
return actual;
}
}

15
themes/src/main/resources-community/theme/base/admin/messages/admin-messages_ja.properties
View file

@ -1314,21 +1314,6 @@ authz-policy-time-hour=時
authz-policy-time-hour.tooltip=ポリシーが許可される時を定義します。2番目のフィールドに値を入力して範囲を指定することもできます。この場合、現在の時が指定した2つの値の間にあるか、等しい場合のみ許可されます。
authz-policy-time-minute=
authz-policy-time-minute.tooltip=ポリシーが許可される分を定義します。2番目のフィールドに値を入力して範囲を指定することもできます。この場合、現在の分が指定した2つの値の間にあるか、等しい場合のみ許可されます。
# Authz Drools Policy Detail
authz-add-drools-policy=ルールポリシーの追加
authz-policy-drools-maven-artifact-resolve=解決
authz-policy-drools-maven-artifact=ポリシー Maven アーティファクト
authz-policy-drools-maven-artifact.tooltip=ルールの読み込む先となるアーティファクトを示す Maven GAV を設定します。GAV を提供し 「解決」 をクリックすることで、 「モジュール」 と 「セッション」 フィールドを読み込みます。
authz-policy-drools-module=モジュール
authz-policy-drools-module.tooltip=このポリシーで使用されるモジュールです。ルールの読み込み先から特定のセッションを選択するにはモジュールを提供する必要があります。
authz-policy-drools-session=セッション
authz-policy-drools-session.tooltip=このポリシーで使用されるセッションです。セッションは、ポリシーを処理する際に評価するすべてのルールを提供します。
authz-policy-drools-update-period=更新周期
authz-policy-drools-update-period.tooltip=アーティファクトの更新をスキャンする間隔を指定します。
# Authz JS Policy Detail
authz-add-js-policy=JavaScript ポリシーの追加
authz-policy-js-code=コード
authz-policy-js-code.tooltip=このポリシーの条件を提供する JavaScript コードを設定します。
# Authz Aggregated Policy Detail
authz-aggregated=集約
authz-add-aggregated-policy=集約ポリシーの追加

12
themes/src/main/resources-community/theme/base/admin/messages/admin-messages_lt.properties
View file

@ -1102,18 +1102,6 @@ authz-policy-time-hour.tooltip=Nurodykite valandą iki kurios ši taisyklė TENK
authz-policy-time-minute=Minutė
authz-policy-time-minute.tooltip=Nurodykite minutę iki kurios ši taisyklė TENKINAMA. Užpildžius antrąjį laukelį, taisyklė bus TENKINAMA jei minutė patenka į nurodytą intervalą. Reikšmės nurodomos imtinai.
# Authz Drools Policy Detail
authz-add-drools-policy=Pridėti Rules taisyklę
authz-policy-drools-maven-artifact-resolve=Išspręsti
authz-policy-drools-maven-artifact=Maven taisyklės artefaktas
authz-policy-drools-maven-artifact.tooltip=Nuoroda į Maven GAV artifaktą kuriame aprašytos taisyklės. Kai tik nurodysite GAV, galite paspausti *Išspręsti* tam kad įkelti *Modulis* ir *Sesija* laukus.
authz-policy-drools-module=Modulis
authz-policy-drools-module.tooltip=Šioje taisyklėje naudojamas modulis. Privalote nurodyti modulį tam, kad galėtumėte pasirinkti specifinę sesiją taisyklių įkėlimui.
authz-policy-drools-session=Sesija
authz-policy-drools-session.tooltip=Šioje taisyklėje naudojama sesija. Sesija teikia taisykles reikalingas šios taisyklės vykdymui.
authz-policy-drools-update-period=Atnaujinimo intervalas
authz-policy-drools-update-period.tooltip=Nurodykite laiko intervalą, kas kurį turi būti ieškoma artefakto atnaujinimų.
# Authz JS Policy Detail
authz-add-js-policy=Pridėti JavaScript taisyklę
authz-policy-js-code=Programinis kodas

12
themes/src/main/resources-community/theme/base/admin/messages/admin-messages_no.properties
View file

@ -1060,18 +1060,6 @@ authz-policy-time-not-before.tooltip=Definerer tiden f\u00F8r policien M\u00C5 I
authz-policy-time-not-on-after=Ikke p\u00E5 eller etter
authz-policy-time-not-on-after.tooltip=Definerer tiden etter en policy M\u00C5 IKKE innvilges. Denne innvilges kun om gjeldende dato/tid er f\u00F8r eller lik denne verdien.
# Authz Drools Policy Detail
authz-add-drools-policy=Legg til Rules policy
authz-policy-drools-maven-artifact-resolve=L\u00F8s
authz-policy-drools-maven-artifact=Policy for Maven artefakt.
authz-policy-drools-maven-artifact.tooltip=Et Maven GAV som peker til et artefakt hvor reglene vil bli lastet fra. Med en gang du har gitt GAV kan du klikke *L\u00F8s* for \u00E5 laste felter for b\u00E5de *Modul* og *Sesjon*
authz-policy-drools-module=Modul
authz-policy-drools-module.tooltip=Modulen som brukes av denne policien. Du m\u00E5 oppgi en modul for \u00E5 velge en bestemt \u00F8kt der reglene vil bli lastet fra.
authz-policy-drools-session=Sesjon
authz-policy-drools-session.tooltip=Sesjonen brukt av denne policien. Sesjonen vil gi alle regler for evaluering ved prosessering av policien.
authz-policy-drools-update-period=Oppdater periode
authz-policy-drools-update-period.tooltip=Spesifiserer et intervall for \u00E5 skanne etter oppdateringer for artefakter.
# Authz JS Policy Detail
authz-add-js-policy=Legg til policy for JavaScript
authz-policy-js-code=Kode

12
themes/src/main/resources-community/theme/base/admin/messages/admin-messages_pt_BR.properties
View file

@ -773,14 +773,6 @@ authz-no-users-assigned=Nenhum usuário associado
authz-add-time-policy=Adicionar política de tempo
authz-policy-time-not-on-after=Não em ou depois
# Authz Drools Policy Detail
authz-add-drools-policy=Adicionar política Rules
authz-policy-drools-maven-artifact-resolve=Resolver
authz-policy-drools-maven-artifact=Artefato maven de política
authz-policy-drools-module=Módulo
authz-policy-drools-session=Sessão
authz-policy-drools-update-period=Atualizar período
# Authz JS Policy Detail
authz-add-js-policy=Adicionar política Javascript
authz-policy-js-code=Código
@ -1073,10 +1065,6 @@ authz-policy-decision-strategy.tooltip=The decision strategy dictates how the po
authz-policy-user-users.tooltip=Specifies which user(s) are allowed by this policy.
authz-policy-time-not-before.tooltip=Defines the time before which the policy MUST NOT be granted. Only granted if current date/time is after or equal to this value.
authz-policy-time-not-on-after.tooltip=Defines the time after which the policy MUST NOT be granted. Only granted if current date/time is before or equal to this value.
authz-policy-drools-maven-artifact.tooltip=A Maven GAV pointing to an artifact from where the rules would be loaded from. Once you have provided the GAV, you can click *Resolve* to load both *Module* and *Session* fields.
authz-policy-drools-module.tooltip=The module used by this policy. You must provide a module in order to select a specific session from where rules will be loaded from.
authz-policy-drools-session.tooltip=The session used by this policy. The session provides all the rules to evaluate when processing the policy.
authz-policy-drools-update-period.tooltip=Specifies an interval for scanning for artifact updates.
authz-policy-js-code.tooltip=The JavaScript code providing the conditions for this policy.
authz-permission-name.tooltip=The name of this permission.
authz-permission-description.tooltip=A description for this permission.

12
themes/src/main/resources-community/theme/base/admin/messages/admin-messages_ru.properties
View file

@ -1155,18 +1155,6 @@ authz-policy-time-hour.tooltip=Определяет час, в который п
authz-policy-time-minute=Минута
authz-policy-time-minute.tooltip=Определяет минуту, в которую политика ДОЛЖНА быть разрешена. Вы также можете определить диапазон, заполнив второе поле. В этом случае разрешение выдается только если текущая минута равна или находится между заданными значениями.
# Authz Drools Policy Detail
authz-add-drools-policy=Добавить правила политики
authz-policy-drools-maven-artifact-resolve=Разрешить
authz-policy-drools-maven-artifact=Maven артифакт политики
authz-policy-drools-maven-artifact.tooltip=Maven GAV, указывающий на артифакт, из которого должны будут загружены правила. Определив GAV, Вы можете нажать *Разрешить*, чтобы заполнить *Модуль* и *Сессия* поля.
authz-policy-drools-module=Модуль
authz-policy-drools-module.tooltip=Модуль, используемый этой политикой. Вам необходимо предоставить модуль в порядке выбора конкретной сессии, из которой будут загружены правила.
authz-policy-drools-session=Сессия
authz-policy-drools-session.tooltip=Сессия, используемая этой политикой. Сессия предоставляет все правила для оценок при обработке политики.
authz-policy-drools-update-period=Период обновлений
authz-policy-drools-update-period.tooltip=Определите интервал для поиска обновлений артефакта.
# Authz JS Policy Detail
authz-add-js-policy=Добавить политику JavaScript
authz-policy-js-code=Код

12
themes/src/main/resources-community/theme/base/admin/messages/admin-messages_zh_CN.properties
View file

@ -1104,18 +1104,6 @@ authz-policy-time-hour.tooltip =定义策略必须被授予的小时。您还可
authz-policy-time-minute =分钟
authz-policy-time-minute.tooltip =定义策略必须被授予的分钟。您还可以通过填充第二个字段来提供范围。在这种情况下,仅当当前分钟介于或等于您提供的两个值之间时才会授予权限。
#Authz Drools策略详细信息
authz-add-drools-policy =添加Drools策略
authz-policy-drools-maven-artifact-resolve =解决
authz-policy-drools-maven-artifact =策略Maven神器
authz-policy-drools-maven-artifact.tooltip =指向从其中加载规则的工件的Maven GAV。一旦您提供了GAV您可以点击* Resolve *来加载* Module *和* Session *字段。
authz-policy-drools-module = Module
authz-policy-drools-module.tooltip =此策略使用的模块。您必须提供一个模块,以便选择将从中加载规则的特定会话。
authz-policy-drools-session =会话
authz-policy-drools-session.tooltip =此策略使用的会话。会话提供处理策略时评估的所有规则。
authz-policy-drools-update-period =更新周期
authz-policy-drools-update-period.tooltip =指定扫描工件更新的时间间隔。
#Authz JS策略详细信息
authz-add-js-policy =添加JavaScript策略
authz-policy-js-code =代码

11
themes/src/main/resources/theme/base/admin/messages/admin-messages_en.properties
View file

@ -1411,17 +1411,6 @@ authz-policy-time-hour=Hour
authz-policy-time-hour.tooltip=Defines the hour when the policy MUST be granted. You can also provide a range by filling the second field. In this case, permission is granted only if current hour is between or equal to the two values you provided.
authz-policy-time-minute=Minute
authz-policy-time-minute.tooltip=Defines the minute when the policy MUST be granted. You can also provide a range by filling the second field. In this case, permission is granted only if current minute is between or equal to the two values you provided.
# Authz Drools Policy Detail
authz-add-drools-policy=Add Rules Policy
authz-policy-drools-maven-artifact-resolve=Resolve
authz-policy-drools-maven-artifact=Policy Maven Artifact
authz-policy-drools-maven-artifact.tooltip=A Maven GAV pointing to an artifact from which the rules would be loaded. Once you have provided the GAV, you can click *Resolve* to load both *Module* and *Session* fields.
authz-policy-drools-module=Module
authz-policy-drools-module.tooltip=The module used by this policy. You must provide a module in order to select a specific session from which the rules will be loaded.
authz-policy-drools-session=Session
authz-policy-drools-session.tooltip=The session used by this policy. The session provides all the rules to evaluate when processing the policy.
authz-policy-drools-update-period=Update Period
authz-policy-drools-update-period.tooltip=Specifies an interval for scanning for artifact updates.
# Authz JS Policy Detail
authz-add-js-policy=Add JavaScript Policy
authz-policy-js-code=Code

22
themes/src/main/resources/theme/base/admin/resources/js/authz/authz-app.js
View file

@ -192,28 +192,6 @@ module.config(['$routeProvider', function ($routeProvider) {
}
},
controller: 'ResourceServerPolicyCtrl'
}).when('/realms/:realm/clients/:client/authz/resource-server/policy/rules/create', {
templateUrl: resourceUrl + '/partials/authz/policy/provider/resource-server-policy-drools-detail.html',
resolve: {
realm: function (RealmLoader) {
return RealmLoader();
},
client : function(ClientLoader) {
return ClientLoader();
}
},
controller: 'ResourceServerPolicyDroolsDetailCtrl'
}).when('/realms/:realm/clients/:client/authz/resource-server/policy/rules/:id', {
templateUrl: resourceUrl + '/partials/authz/policy/provider/resource-server-policy-drools-detail.html',
resolve: {
realm: function (RealmLoader) {
return RealmLoader();
},
client : function(ClientLoader) {
return ClientLoader();
}
},
controller: 'ResourceServerPolicyDroolsDetailCtrl'
}).when('/realms/:realm/clients/:client/authz/resource-server/permission/resource/create', {
templateUrl: resourceUrl + '/partials/authz/permission/provider/resource-server-policy-resource-detail.html',
resolve: {

53
themes/src/main/resources/theme/base/admin/resources/js/authz/authz-controller.js
View file

@ -900,59 +900,6 @@ module.controller('ResourceServerPermissionCtrl', function($scope, $http, $route
};
});
module.controller('ResourceServerPolicyDroolsDetailCtrl', function($scope, $http, $route, realm, client, PolicyController) {
PolicyController.onInit({
getPolicyType : function() {
return "rules";
},
onInit : function() {
$scope.drools = {};
$scope.resolveModules = function(policy) {
if (!policy) {
policy = $scope.policy;
}
delete policy.config;
$http.post(authUrl + '/admin/realms/'+ $route.current.params.realm + '/clients/' + client.id + '/authz/resource-server/policy/rules/provider/resolveModules'
, policy).then(function(response) {
$scope.drools.moduleNames = response.data;
$scope.resolveSessions();
});
}
$scope.resolveSessions = function() {
delete $scope.policy.config;
$http.post(authUrl + '/admin/realms/'+ $route.current.params.realm + '/clients/' + client.id + '/authz/resource-server/policy/rules/provider/resolveSessions'
, $scope.policy).then(function(response) {
$scope.drools.moduleSessions = response.data;
});
}
},
onInitUpdate : function(policy) {
policy.scannerPeriod = parseInt(policy.scannerPeriod);
$scope.resolveModules(policy);
},
onUpdate : function() {
delete $scope.policy.config;
},
onInitCreate : function(newPolicy) {
newPolicy.scannerPeriod = 1;
newPolicy.scannerPeriodUnit = 'Hours';
},
onCreate : function() {
delete $scope.policy.config;
}
}, realm, client, $scope);
});
module.controller('ResourceServerPolicyResourceDetailCtrl', function($scope, $route, $location, realm, client, PolicyController, ResourceServerPermission, ResourceServerResource, policyViewState) {
PolicyController.onInit({
getPolicyType : function() {

126
themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-drools-detail.html
View file

@ -1,126 +0,0 @@
<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
<ol class="breadcrumb">
<li><a href="#/realms/{{realm.realm}}/clients">{{:: 'clients' | translate}}</a></li>
<li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">{{client.clientId}}</a></li>
<li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server">{{:: 'authz-authorization' | translate}}</a></li>
<li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/authz/resource-server/policy">{{:: 'authz-policies' | translate}}</a></li>
<li data-ng-show="policyState.state.policy.name != null && historyBackOnSaveOrCancel">{{policyState.state.policy.name}}</li>
<li data-ng-show="policyState.state.policy.name == null && historyBackOnSaveOrCancel">{{:: policyState.state.previousPage.name | translate}}</li>
<li data-ng-show="create">{{:: 'authz-add-drools-policy' | translate}}</li>
<li data-ng-hide="create">Rules</li>
<li data-ng-hide="create">{{originalPolicy.name}}</li>
</ol>
<h1 data-ng-show="create">{{:: 'authz-add-drools-policy' | translate}}</h1>
<h1 data-ng-hide="create">{{originalPolicy.name|capitalize}}<i class="pficon pficon-delete clickable" data-ng-show="!create"
data-ng-click="remove()"></i></h1>
<form class="form-horizontal" name="clientForm" novalidate>
<fieldset class="border-top">
<div class="form-group">
<label class="col-md-2 control-label" for="name">{{:: 'name' | translate}} <span class="required">*</span></label>
<div class="col-sm-6">
<input class="form-control" type="text" id="name" name="name" data-ng-model="policy.name" autofocus required data-ng-blur="checkNewNameAvailability()">
</div>
<kc-tooltip>{{:: 'authz-policy-name.tooltip' | translate}}</kc-tooltip>
</div>
<div class="form-group">
<label class="col-md-2 control-label" for="description">{{:: 'description' | translate}} </label>
<div class="col-sm-6">
<input class="form-control" type="text" id="description" name="description" data-ng-model="policy.description">
</div>
<kc-tooltip>{{:: 'authz-policy-description.tooltip' | translate}}</kc-tooltip>
</div>
<div class="form-group">
<label class="col-md-2 control-label" for="artifactGroupId">{{:: 'authz-policy-drools-maven-artifact' | translate}} <span class="required" data-ng-show="create">*</span></label>
<button data-ng-click="resolveModules()" id="resolveModule" class="btn btn-primary">{{:: 'authz-policy-drools-maven-artifact-resolve' | translate}}</button>
<div class="col-sm-3">
<input class="form-control" type="text" id="artifactGroupId" name="artifactGroupId" data-ng-model="policy.artifactGroupId" placeholder="Group Identifier" required>
</div>
<kc-tooltip>{{:: 'authz-policy-drools-maven-artifact.tooltip' | translate}}</kc-tooltip>
</div>
<div class="form-group">
<label class="col-md-2 control-label" for="artifactId"></label>
<div class="col-sm-3">
<input class="form-control" type="text" id="artifactId" name="artifactId" data-ng-model="policy.artifactId" autofocus placeholder="Artifact Identifier" required>
</div>
</div>
<div class="form-group">
<label class="col-md-2 control-label" for="artifactVersion"></label>
<div class="col-sm-3">
<input class="form-control" type="text" id="artifactVersion" name="artifactVersion" data-ng-model="policy.artifactVersion" autofocus placeholder="Version" required>
</div>
</div>
<div class="form-group">
<label class="col-md-2 control-label" for="moduleName">{{:: 'authz-policy-drools-module' | translate}} <span class="required" data-ng-show="create">*</span></label>
<div class="col-sm-3">
<div>
<select class="form-control" id="moduleName"
ng-model="policy.moduleName"
ng-options="moduleName as moduleName for moduleName in drools.moduleNames"
ng-change="resolveSessions()"
ng-disabled="!drools.moduleNames.length"
required>
</select>
</div>
</div>
<kc-tooltip>{{:: 'authz-policy-drools-module.tooltip' | translate}}</kc-tooltip>
</div>
<div class="form-group">
<label class="col-md-2 control-label" for="sessionName">{{:: 'authz-policy-drools-session' | translate}} <span class="required" data-ng-show="create">*</span></label>
<div class="col-sm-3">
<div>
<select class="form-control" id="sessionName"
ng-model="policy.sessionName"
ng-options="sessionName as sessionName for sessionName in drools.moduleSessions"
ng-disabled="!drools.moduleSessions.length"
required>
</select>
</div>
</div>
<kc-tooltip>{{:: 'authz-policy-drools-session.tooltip' | translate}}</kc-tooltip>
</div>
<div class="form-group">
<label class="col-md-2 control-label" for="scannerPeriod">{{:: 'authz-policy-drools-update-period' | translate}}</label>
<div class="col-md-6 time-selector">
<input class="form-control" type="number" required min="1" max="31536000" data-ng-model="policy.scannerPeriod" id="scannerPeriod"
name="scannerPeriod"
ng-disabled="!policy.sessionName"/>
<select class="form-control" id="scannerPeriodUnit" name="scannerPeriodUnit"
data-ng-model="policy.scannerPeriodUnit"
ng-disabled="!policy.sessionName">
<option value="Seconds">{{:: 'seconds' | translate}}</option>
<option value="Minutes">{{:: 'minutes' | translate}}</option>
<option value="Hours">{{:: 'hours' | translate}}</option>
<option value="Days">{{:: 'days' | translate}}</option>
</select>
</div>
<kc-tooltip>{{:: 'authz-policy-drools-update-period.tooltip' | translate}}</kc-tooltip>
</div>
<div class="form-group clearfix">
<label class="col-md-2 control-label" for="logic">{{:: 'authz-policy-logic' | translate}}</label>
<div class="col-sm-1">
<select class="form-control" id="logic"
data-ng-model="policy.logic">
<option value="POSITIVE">{{:: 'authz-policy-logic-positive' | translate}}</option>
<option value="NEGATIVE">{{:: 'authz-policy-logic-negative' | translate}}</option>
</select>
</div>
<kc-tooltip>{{:: 'authz-policy-logic.tooltip' | translate}}</kc-tooltip>
</div>
<input type="hidden" data-ng-model="policy.type"/>
</fieldset>
<div class="form-group" data-ng-show="access.manageAuthorization">
<div class="col-md-10 col-md-offset-2">
<button kc-save data-ng-disabled="!changed">{{:: 'save' | translate}}</button>
<button kc-reset data-ng-disabled="!changed">{{:: 'cancel' | translate}}</button>
</div>
</div>
</form>
</div>
<kc-menu></kc-menu>