libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

Inline deprecated methods in legacy code

Browse source
This commit is contained in:
Alexander Schwartz 2022-05-18 10:55:49 +02:00 committed by Hynek Mlnařík
parent 30b5c646e1
commit d41764b19b
26 changed files with 124 additions and 90 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProvider.java
View file

@ -64,6 +64,7 @@ import org.keycloak.storage.StorageId;
import org.keycloak.storage.UserStoragePrivateUtil; import org.keycloak.storage.UserStoragePrivateUtil;
import org.keycloak.storage.UserStorageProvider; import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.UserStorageProviderModel; import org.keycloak.storage.UserStorageProviderModel;
import org.keycloak.storage.UserStorageUtil;
import org.keycloak.storage.adapter.InMemoryUserAdapter; import org.keycloak.storage.adapter.InMemoryUserAdapter;
import org.keycloak.storage.adapter.UpdateOnlyChangeUserModelDelegate; import org.keycloak.storage.adapter.UpdateOnlyChangeUserModelDelegate;
import org.keycloak.storage.ldap.idm.model.LDAPObject; import org.keycloak.storage.ldap.idm.model.LDAPObject;
@ -240,7 +241,7 @@ public class LDAPStorageProvider implements UserStorageProvider,
logger.debugf("Updated LDAP DN of user '%s' to '%s'", local.getUsername(), ldapDn); logger.debugf("Updated LDAP DN of user '%s' to '%s'", local.getUsername(), ldapDn);
local.setSingleAttribute(LDAPConstants.LDAP_ENTRY_DN, ldapDn); local.setSingleAttribute(LDAPConstants.LDAP_ENTRY_DN, ldapDn);
UserCache userCache = session.userCache(); UserCache userCache = UserStorageUtil.userCache(session);
if (userCache != null) { if (userCache != null) {
userCache.evict(realm, local); userCache.evict(realm, local);
} }
@ -530,8 +531,8 @@ public class LDAPStorageProvider implements UserStorageProvider,
if(existingLocalUser != null){ if(existingLocalUser != null){
imported = existingLocalUser; imported = existingLocalUser;
// Need to evict the existing user from cache // Need to evict the existing user from cache
if (session.userCache() != null) { if (UserStorageUtil.userCache(session) != null) {
session.userCache().evict(realm, existingLocalUser); UserStorageUtil.userCache(session).evict(realm, existingLocalUser);
} }
} else { } else {
imported = UserStoragePrivateUtil.userLocalStorage(session).addUser(realm, ldapUsername); imported = UserStoragePrivateUtil.userLocalStorage(session).addUser(realm, ldapUsername);
@ -792,7 +793,7 @@ public class LDAPStorageProvider implements UserStorageProvider,
logger.warnf("User with username [%s] aready exists and is linked to provider [%s] but is not valid. Stale LDAP_ID on local user is: %s", logger.warnf("User with username [%s] aready exists and is linked to provider [%s] but is not valid. Stale LDAP_ID on local user is: %s",
username, model.getName(), user.getFirstAttribute(LDAPConstants.LDAP_ID)); username, model.getName(), user.getFirstAttribute(LDAPConstants.LDAP_ID));
logger.warn("Will re-create user"); logger.warn("Will re-create user");
UserCache userCache = session.userCache(); UserCache userCache = UserStorageUtil.userCache(session);
if (userCache != null) { if (userCache != null) {
userCache.evict(realm, user); userCache.evict(realm, user);
} }

5
federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProviderFactory.java
View file

@ -43,6 +43,7 @@ import org.keycloak.storage.UserStoragePrivateUtil;
import org.keycloak.storage.UserStorageProvider; import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.UserStorageProviderFactory; import org.keycloak.storage.UserStorageProviderFactory;
import org.keycloak.storage.UserStorageProviderModel; import org.keycloak.storage.UserStorageProviderModel;
import org.keycloak.storage.UserStorageUtil;
import org.keycloak.storage.ldap.idm.model.LDAPObject; import org.keycloak.storage.ldap.idm.model.LDAPObject;
import org.keycloak.storage.ldap.idm.query.Condition; import org.keycloak.storage.ldap.idm.query.Condition;
import org.keycloak.storage.ldap.idm.query.internal.LDAPQuery; import org.keycloak.storage.ldap.idm.query.internal.LDAPQuery;
@ -630,7 +631,7 @@ public class LDAPStorageProviderFactory implements UserStorageProviderFactory<LD
ldapMapper.onImportUserFromLDAP(ldapUser, currentUser, currentRealm, false); ldapMapper.onImportUserFromLDAP(ldapUser, currentUser, currentRealm, false);
}); });
UserCache userCache = session.userCache(); UserCache userCache = UserStorageUtil.userCache(session);
if (userCache != null) { if (userCache != null) {
userCache.evict(currentRealm, currentUser); userCache.evict(currentRealm, currentUser);
} }
@ -667,7 +668,7 @@ public class LDAPStorageProviderFactory implements UserStorageProviderFactory<LD
if (username != null) { if (username != null) {
UserModel existing = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(currentRealm, username); UserModel existing = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(currentRealm, username);
if (existing != null) { if (existing != null) {
UserCache userCache = session.userCache(); UserCache userCache = UserStorageUtil.userCache(session);
if (userCache != null) { if (userCache != null) {
userCache.evict(currentRealm, existing); userCache.evict(currentRealm, existing);
} }

3
model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/RealmAdapter.java vendored
View file

@ -25,6 +25,7 @@ import org.keycloak.models.cache.CachedRealmModel;
import org.keycloak.models.cache.UserCache; import org.keycloak.models.cache.UserCache;
import org.keycloak.models.cache.infinispan.entities.CachedRealm; import org.keycloak.models.cache.infinispan.entities.CachedRealm;
import org.keycloak.storage.UserStorageProvider; import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.UserStorageUtil;
import org.keycloak.storage.client.ClientStorageProvider; import org.keycloak.storage.client.ClientStorageProvider;
import java.util.*; import java.util.*;
@ -1566,7 +1567,7 @@ public class RealmAdapter implements CachedRealmModel {
if (model == null) return; if (model == null) return;
// if user cache is disabled this is null // if user cache is disabled this is null
UserCache userCache = session.userCache(); UserCache userCache = UserStorageUtil.userCache(session);
if (userCache != null) { if (userCache != null) {
// If not realm component, check to see if it is a user storage provider child component (i.e. LDAP mapper) // If not realm component, check to see if it is a user storage provider child component (i.e. LDAP mapper)
if (model.getParentId() != null && !model.getParentId().equals(getId())) { if (model.getParentId() != null && !model.getParentId().equals(getId())) {

2
model/legacy-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_4_0.java
View file

@ -86,7 +86,7 @@ public class MigrateTo1_4_0 implements Migration {
String email = KeycloakModelUtils.toLowerCaseSafe(user.getEmail()); String email = KeycloakModelUtils.toLowerCaseSafe(user.getEmail());
if (email != null && !email.equals(user.getEmail())) { if (email != null && !email.equals(user.getEmail())) {
user.setEmail(email); user.setEmail(email);
UserCache userCache = session.userCache(); UserCache userCache = UserStorageUtil.userCache(session);
if (userCache != null) { if (userCache != null) {
userCache.evict(realm, user); userCache.evict(realm, user);
} }

4
model/legacy-private/src/main/java/org/keycloak/storage/UserStorageManager.java
View file

@ -88,7 +88,7 @@ public class UserStorageManager extends AbstractStorageManager<UserStorageProvid
} }
private UserFederatedStorageProvider getFederatedStorage() { private UserFederatedStorageProvider getFederatedStorage() {
return session.userFederatedStorage(); return UserStorageUtil.userFederatedStorage(session);
} }
/** /**
@ -153,7 +153,7 @@ public class UserStorageManager extends AbstractStorageManager<UserStorageProvid
protected void deleteInvalidUser(final RealmModel realm, final UserModel user) { protected void deleteInvalidUser(final RealmModel realm, final UserModel user) {
String userId = user.getId(); String userId = user.getId();
String userName = user.getUsername(); String userName = user.getUsername();
UserCache userCache = session.userCache(); UserCache userCache = UserStorageUtil.userCache(session);
if (userCache != null) { if (userCache != null) {
userCache.evict(realm, user); userCache.evict(realm, user);
} }

3
model/legacy-private/src/main/java/org/keycloak/storage/datastore/LegacyExportImportManager.java
View file

@ -68,6 +68,7 @@ import org.keycloak.storage.ExportImportManager;
import org.keycloak.storage.UserStoragePrivateUtil; import org.keycloak.storage.UserStoragePrivateUtil;
import org.keycloak.storage.UserStorageProvider; import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.UserStorageProviderModel; import org.keycloak.storage.UserStorageProviderModel;
import org.keycloak.storage.UserStorageUtil;
import org.keycloak.storage.federated.UserFederatedStorageProvider; import org.keycloak.storage.federated.UserFederatedStorageProvider;
import org.keycloak.userprofile.UserProfileProvider; import org.keycloak.userprofile.UserProfileProvider;
import org.keycloak.validation.ValidationUtil; import org.keycloak.validation.ValidationUtil;
@ -1379,7 +1380,7 @@ public class LegacyExportImportManager implements ExportImportManager {
} }
public static void importFederatedUser(KeycloakSession session, RealmModel newRealm, UserRepresentation userRep) { public static void importFederatedUser(KeycloakSession session, RealmModel newRealm, UserRepresentation userRep) {
UserFederatedStorageProvider federatedStorage = session.userFederatedStorage(); UserFederatedStorageProvider federatedStorage = UserStorageUtil.userFederatedStorage(session);
if (userRep.getAttributes() != null) { if (userRep.getAttributes() != null) {
for (Map.Entry<String, List<String>> entry : userRep.getAttributes().entrySet()) { for (Map.Entry<String, List<String>> entry : userRep.getAttributes().entrySet()) {
String key = entry.getKey(); String key = entry.getKey();

5
model/legacy-services/src/main/java/org/keycloak/exportimport/util/MultipleStepsExportProvider.java
View file

@ -28,6 +28,7 @@ import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel; import org.keycloak.models.UserModel;
import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.storage.UserStorageUtil;
import java.io.IOException; import java.io.IOException;
import java.util.List; import java.util.List;
@ -83,7 +84,7 @@ public abstract class MultipleStepsExportProvider implements ExportProvider {
// Count total number of users // Count total number of users
if (!exportUsersIntoRealmFile) { if (!exportUsersIntoRealmFile) {
usersHolder.totalCount = session.users().getUsersCount(realm, true); usersHolder.totalCount = session.users().getUsersCount(realm, true);
federatedUsersHolder.totalCount = session.userFederatedStorage().getStoredUsersCount(realm); federatedUsersHolder.totalCount = UserStorageUtil.userFederatedStorage(session).getStoredUsersCount(realm);
} }
} }
@ -141,7 +142,7 @@ public abstract class MultipleStepsExportProvider implements ExportProvider {
@Override @Override
protected void runExportImportTask(KeycloakSession session) throws IOException { protected void runExportImportTask(KeycloakSession session) throws IOException {
RealmModel realm = session.realms().getRealmByName(realmName); RealmModel realm = session.realms().getRealmByName(realmName);
federatedUsersHolder.users = session.userFederatedStorage() federatedUsersHolder.users = UserStorageUtil.userFederatedStorage(session)
.getStoredUsersStream(realm, federatedUsersHolder.currentPageStart, federatedUsersHolder.currentPageEnd - federatedUsersHolder.currentPageStart) .getStoredUsersStream(realm, federatedUsersHolder.currentPageStart, federatedUsersHolder.currentPageEnd - federatedUsersHolder.currentPageStart)
.collect(Collectors.toList()); .collect(Collectors.toList());

12
model/legacy/src/main/java/org/keycloak/storage/UserStorageUtil.java
View file

@ -1,6 +1,9 @@
package org.keycloak.storage; package org.keycloak.storage;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel; import org.keycloak.models.RealmModel;
import org.keycloak.models.cache.UserCache;
import org.keycloak.storage.federated.UserFederatedStorageProvider;
import java.util.stream.Stream; import java.util.stream.Stream;
@ -18,4 +21,13 @@ public class UserStorageUtil {
.map(UserStorageProviderModel::new) .map(UserStorageProviderModel::new)
.sorted(UserStorageProviderModel.comparator); .sorted(UserStorageProviderModel.comparator);
} }
public static UserFederatedStorageProvider userFederatedStorage(KeycloakSession session) {
return session.getProvider(UserFederatedStorageProvider.class);
}
public static UserCache userCache(KeycloakSession session) {
return session.getProvider(UserCache.class);
}
} }

3
server-spi/src/main/java/org/keycloak/storage/adapter/AbstractUserAdapterFederatedStorage.java → model/legacy/src/main/java/org/keycloak/storage/adapter/AbstractUserAdapterFederatedStorage.java
View file

@ -29,6 +29,7 @@ import org.keycloak.models.UserModel;
import org.keycloak.models.UserModelDefaultMethods; import org.keycloak.models.UserModelDefaultMethods;
import org.keycloak.models.utils.RoleUtils; import org.keycloak.models.utils.RoleUtils;
import org.keycloak.storage.StorageId; import org.keycloak.storage.StorageId;
import org.keycloak.storage.UserStorageUtil;
import org.keycloak.storage.federated.UserFederatedStorageProvider; import org.keycloak.storage.federated.UserFederatedStorageProvider;
import java.util.Collections; import java.util.Collections;
@ -69,7 +70,7 @@ public abstract class AbstractUserAdapterFederatedStorage extends UserModelDefau
} }
public UserFederatedStorageProvider getFederatedStorage() { public UserFederatedStorageProvider getFederatedStorage() {
return session.userFederatedStorage(); return UserStorageUtil.userFederatedStorage(session);
} }
@Override @Override

21
services/src/main/java/org/keycloak/exportimport/util/ExportUtils.java
View file

@ -58,6 +58,7 @@ import org.keycloak.representations.idm.authorization.ResourceOwnerRepresentatio
import org.keycloak.representations.idm.authorization.ResourceRepresentation; import org.keycloak.representations.idm.authorization.ResourceRepresentation;
import org.keycloak.representations.idm.authorization.ResourceServerRepresentation; import org.keycloak.representations.idm.authorization.ResourceServerRepresentation;
import org.keycloak.representations.idm.authorization.ScopeRepresentation; import org.keycloak.representations.idm.authorization.ScopeRepresentation;
import org.keycloak.storage.federated.UserFederatedStorageProvider;
import org.keycloak.util.JsonSerialization; import org.keycloak.util.JsonSerialization;
import java.io.IOException; import java.io.IOException;
@ -234,7 +235,7 @@ public class ExportUtils {
rep.setUsers(users); rep.setUsers(users);
} }
List<UserRepresentation> federatedUsers = session.userFederatedStorage().getStoredUsersStream(realm, 0, -1) List<UserRepresentation> federatedUsers = userFederatedStorage(session).getStoredUsersStream(realm, 0, -1)
.map(user -> exportFederatedUser(session, realm, user, options)).collect(Collectors.toList()); .map(user -> exportFederatedUser(session, realm, user, options)).collect(Collectors.toList());
if (federatedUsers.size() > 0) { if (federatedUsers.size() > 0) {
rep.setFederatedUsers(federatedUsers); rep.setFederatedUsers(federatedUsers);
@ -613,20 +614,20 @@ public class ExportUtils {
public static UserRepresentation exportFederatedUser(KeycloakSession session, RealmModel realm, String id, ExportOptions options) { public static UserRepresentation exportFederatedUser(KeycloakSession session, RealmModel realm, String id, ExportOptions options) {
UserRepresentation userRep = new UserRepresentation(); UserRepresentation userRep = new UserRepresentation();
userRep.setId(id); userRep.setId(id);
MultivaluedHashMap<String, String> attributes = session.userFederatedStorage().getAttributes(realm, id); MultivaluedHashMap<String, String> attributes = userFederatedStorage(session).getAttributes(realm, id);
if (attributes.size() > 0) { if (attributes.size() > 0) {
Map<String, List<String>> attrs = new HashMap<>(); Map<String, List<String>> attrs = new HashMap<>();
attrs.putAll(attributes); attrs.putAll(attributes);
userRep.setAttributes(attrs); userRep.setAttributes(attrs);
} }
List<String> requiredActions = session.userFederatedStorage().getRequiredActionsStream(realm, id).collect(Collectors.toList()); List<String> requiredActions = userFederatedStorage(session).getRequiredActionsStream(realm, id).collect(Collectors.toList());
if (requiredActions.size() > 0) { if (requiredActions.size() > 0) {
userRep.setRequiredActions(requiredActions); userRep.setRequiredActions(requiredActions);
} }
// Social links // Social links
List<FederatedIdentityRepresentation> socialLinkReps = session.userFederatedStorage().getFederatedIdentitiesStream(id, realm) List<FederatedIdentityRepresentation> socialLinkReps = userFederatedStorage(session).getFederatedIdentitiesStream(id, realm)
.map(ExportUtils::exportSocialLink).collect(Collectors.toList()); .map(ExportUtils::exportSocialLink).collect(Collectors.toList());
if (socialLinkReps.size() > 0) { if (socialLinkReps.size() > 0) {
@ -635,7 +636,7 @@ public class ExportUtils {
// Role mappings // Role mappings
if (options.isGroupsAndRolesIncluded()) { if (options.isGroupsAndRolesIncluded()) {
Set<RoleModel> roles = session.userFederatedStorage().getRoleMappingsStream(realm, id).collect(Collectors.toSet()); Set<RoleModel> roles = userFederatedStorage(session).getRoleMappingsStream(realm, id).collect(Collectors.toSet());
List<String> realmRoleNames = new ArrayList<>(); List<String> realmRoleNames = new ArrayList<>();
Map<String, List<String>> clientRoleNames = new HashMap<>(); Map<String, List<String>> clientRoleNames = new HashMap<>();
for (RoleModel role : roles) { for (RoleModel role : roles) {
@ -663,7 +664,7 @@ public class ExportUtils {
} }
// Credentials // Credentials
List<CredentialRepresentation> credReps = session.userFederatedStorage().getStoredCredentialsStream(realm, id) List<CredentialRepresentation> credReps = userFederatedStorage(session).getStoredCredentialsStream(realm, id)
.map(ExportUtils::exportCredential).collect(Collectors.toList()); .map(ExportUtils::exportCredential).collect(Collectors.toList());
userRep.setCredentials(credReps); userRep.setCredentials(credReps);
@ -675,15 +676,19 @@ public class ExportUtils {
} }
// Not Before // Not Before
int notBefore = session.userFederatedStorage().getNotBeforeOfUser(realm, userRep.getId()); int notBefore = userFederatedStorage(session).getNotBeforeOfUser(realm, userRep.getId());
userRep.setNotBefore(notBefore); userRep.setNotBefore(notBefore);
if (options.isGroupsAndRolesIncluded()) { if (options.isGroupsAndRolesIncluded()) {
List<String> groups = session.userFederatedStorage().getGroupsStream(realm, id) List<String> groups = userFederatedStorage(session).getGroupsStream(realm, id)
.map(ModelToRepresentation::buildGroupPath).collect(Collectors.toList()); .map(ModelToRepresentation::buildGroupPath).collect(Collectors.toList());
userRep.setGroups(groups); userRep.setGroups(groups);
} }
return userRep; return userRep;
} }
private static UserFederatedStorageProvider userFederatedStorage(KeycloakSession session) {
return session.getProvider(UserFederatedStorageProvider.class);
}
} }

3
testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/BackwardsCompatibilityUserStorage.java
View file

@ -48,6 +48,7 @@ import org.keycloak.models.credential.PasswordUserCredentialModel;
import org.keycloak.models.utils.TimeBasedOTP; import org.keycloak.models.utils.TimeBasedOTP;
import org.keycloak.storage.StorageId; import org.keycloak.storage.StorageId;
import org.keycloak.storage.UserStorageProvider; import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.UserStorageUtil;
import org.keycloak.storage.adapter.AbstractUserAdapterFederatedStorage; import org.keycloak.storage.adapter.AbstractUserAdapterFederatedStorage;
import org.keycloak.storage.user.UserLookupProvider; import org.keycloak.storage.user.UserLookupProvider;
import org.keycloak.storage.user.UserQueryProvider; import org.keycloak.storage.user.UserQueryProvider;
@ -158,7 +159,7 @@ public class BackwardsCompatibilityUserStorage implements UserLookupProvider, Us
users.get(translateUserName(user.getUsername())).hashedPassword = newPassword; users.get(translateUserName(user.getUsername())).hashedPassword = newPassword;
UserCache userCache = session.userCache(); UserCache userCache = UserStorageUtil.userCache(session);
if (userCache != null) { if (userCache != null) {
userCache.evict(realm, user); userCache.evict(realm, user);
} }

15
testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/PassThroughFederatedUserStorageProvider.java
View file

@ -29,6 +29,7 @@ import org.keycloak.models.UserModel;
import org.keycloak.models.credential.PasswordCredentialModel; import org.keycloak.models.credential.PasswordCredentialModel;
import org.keycloak.storage.StorageId; import org.keycloak.storage.StorageId;
import org.keycloak.storage.UserStorageProvider; import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.UserStorageUtil;
import org.keycloak.storage.adapter.AbstractUserAdapterFederatedStorage; import org.keycloak.storage.adapter.AbstractUserAdapterFederatedStorage;
import org.keycloak.storage.user.UserLookupProvider; import org.keycloak.storage.user.UserLookupProvider;
@ -84,7 +85,7 @@ public class PassThroughFederatedUserStorageProvider implements
if (INITIAL_PASSWORD.equals(input.getChallengeResponse())) { if (INITIAL_PASSWORD.equals(input.getChallengeResponse())) {
return true; return true;
} }
return session.userFederatedStorage().getStoredCredentialsByTypeStream(realm, user.getId(), "CLEAR_TEXT_PASSWORD") return UserStorageUtil.userFederatedStorage(session).getStoredCredentialsByTypeStream(realm, user.getId(), "CLEAR_TEXT_PASSWORD")
.map(credentialModel -> credentialModel.getSecretData()) .map(credentialModel -> credentialModel.getSecretData())
.anyMatch(Predicate.isEqual("{\"value\":\"" + input.getChallengeResponse() + "\"}")); .anyMatch(Predicate.isEqual("{\"value\":\"" + input.getChallengeResponse() + "\"}"));
} }
@ -95,19 +96,19 @@ public class PassThroughFederatedUserStorageProvider implements
public boolean updateCredential(RealmModel realm, UserModel user, CredentialInput input) { public boolean updateCredential(RealmModel realm, UserModel user, CredentialInput input) {
// testing federated credential attributes // testing federated credential attributes
if (input.getType().equals(PasswordCredentialModel.TYPE)) { if (input.getType().equals(PasswordCredentialModel.TYPE)) {
Optional<CredentialModel> existing = session.userFederatedStorage() Optional<CredentialModel> existing = UserStorageUtil.userFederatedStorage(session)
.getStoredCredentialsByTypeStream(realm, user.getId(), "CLEAR_TEXT_PASSWORD") .getStoredCredentialsByTypeStream(realm, user.getId(), "CLEAR_TEXT_PASSWORD")
.findFirst(); .findFirst();
if (existing.isPresent()) { if (existing.isPresent()) {
CredentialModel model = existing.get(); CredentialModel model = existing.get();
model.setType("CLEAR_TEXT_PASSWORD"); model.setType("CLEAR_TEXT_PASSWORD");
model.setSecretData("{\"value\":\"" + input.getChallengeResponse() + "\"}"); model.setSecretData("{\"value\":\"" + input.getChallengeResponse() + "\"}");
session.userFederatedStorage().updateCredential(realm, user.getId(), model); UserStorageUtil.userFederatedStorage(session).updateCredential(realm, user.getId(), model);
} else { } else {
CredentialModel model = new CredentialModel(); CredentialModel model = new CredentialModel();
model.setType("CLEAR_TEXT_PASSWORD"); model.setType("CLEAR_TEXT_PASSWORD");
model.setSecretData("{\"value\":\"" + input.getChallengeResponse() + "\"}"); model.setSecretData("{\"value\":\"" + input.getChallengeResponse() + "\"}");
session.userFederatedStorage().createCredential(realm, user.getId(), model); UserStorageUtil.userFederatedStorage(session).createCredential(realm, user.getId(), model);
} }
return true; return true;
} }
@ -116,9 +117,9 @@ public class PassThroughFederatedUserStorageProvider implements
@Override @Override
public void disableCredentialType(RealmModel realm, UserModel user, String credentialType) { public void disableCredentialType(RealmModel realm, UserModel user, String credentialType) {
session.userFederatedStorage().getStoredCredentialsByTypeStream(realm, user.getId(), "CLEAR_TEXT_PASSWORD") UserStorageUtil.userFederatedStorage(session).getStoredCredentialsByTypeStream(realm, user.getId(), "CLEAR_TEXT_PASSWORD")
.collect(Collectors.toList()) .collect(Collectors.toList())
.forEach(credModel -> session.userFederatedStorage().removeStoredCredential(realm, user.getId(), credModel.getId())); .forEach(credModel -> UserStorageUtil.userFederatedStorage(session).removeStoredCredential(realm, user.getId(), credModel.getId()));
} }
@Override @Override
@ -146,7 +147,7 @@ public class PassThroughFederatedUserStorageProvider implements
@Override @Override
public UserModel getUserByEmail(RealmModel realm, String email) { public UserModel getUserByEmail(RealmModel realm, String email) {
Optional<StorageId> result = session.userFederatedStorage() Optional<StorageId> result = UserStorageUtil.userFederatedStorage(session)
.getUsersByUserAttributeStream(realm, AbstractUserAdapterFederatedStorage.EMAIL_ATTRIBUTE, email) .getUsersByUserAttributeStream(realm, AbstractUserAdapterFederatedStorage.EMAIL_ATTRIBUTE, email)
.map(StorageId::new) .map(StorageId::new)
.filter(storageId -> Objects.equals(storageId.getExternalId(), PASSTHROUGH_USERNAME)) .filter(storageId -> Objects.equals(storageId.getExternalId(), PASSTHROUGH_USERNAME))

3
testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/UserMapStorage.java
View file

@ -36,6 +36,7 @@ import org.keycloak.storage.ReadOnlyException;
import org.keycloak.storage.StorageId; import org.keycloak.storage.StorageId;
import org.keycloak.storage.UserStoragePrivateUtil; import org.keycloak.storage.UserStoragePrivateUtil;
import org.keycloak.storage.UserStorageProvider; import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.UserStorageUtil;
import org.keycloak.storage.adapter.AbstractUserAdapterFederatedStorage; import org.keycloak.storage.adapter.AbstractUserAdapterFederatedStorage;
import org.keycloak.storage.federated.UserGroupMembershipFederatedStorage; import org.keycloak.storage.federated.UserGroupMembershipFederatedStorage;
import org.keycloak.storage.user.ImportedUserValidation; import org.keycloak.storage.user.ImportedUserValidation;
@ -364,7 +365,7 @@ public class UserMapStorage implements UserLookupProvider.Streams, UserStoragePr
if (isImportEnabled()) { if (isImportEnabled()) {
return UserStoragePrivateUtil.userLocalStorage(session).searchForUserByUserAttributeStream(realm, attrName, attrValue); return UserStoragePrivateUtil.userLocalStorage(session).searchForUserByUserAttributeStream(realm, attrName, attrValue);
} else { } else {
return session.userFederatedStorage().getUsersByUserAttributeStream(realm, attrName, attrValue) return UserStorageUtil.userFederatedStorage(session).getUsersByUserAttributeStream(realm, attrName, attrValue)
.map(userName -> createUser(realm, userName)); .map(userName -> createUser(realm, userName));
} }
} }

2
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/UmaRepresentationTest.java
View file

@ -158,7 +158,7 @@ public class UmaRepresentationTest extends AbstractResourceServerTest {
AuthorizationBean authorizationBean = new AuthorizationBean(session, realm, null, session.getContext().getUri()); AuthorizationBean authorizationBean = new AuthorizationBean(session, realm, null, session.getContext().getUri());
ClientModel client = session.getContext().getRealm().getClientByClientId("resource-server-test"); ClientModel client = session.getContext().getRealm().getClientByClientId("resource-server-test");
UserModel user = session.userStorageManager().getUserByUsername(session.getContext().getRealm(), "marta"); UserModel user = session.users().getUserByUsername(session.getContext().getRealm(), "marta");
ResourceServer resourceServer = authorization.getStoreFactory().getResourceServerStore().findByClient(client); ResourceServer resourceServer = authorization.getStoreFactory().getResourceServerStore().findByClient(client);
ResourceBean resourceBean = authorizationBean.new ResourceBean( ResourceBean resourceBean = authorizationBean.new ResourceBean(
authorization.getStoreFactory().getResourceStore().findByName( authorization.getStoreFactory().getResourceStore().findByName(

5
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPMultipleAttributesTest.java
View file

@ -33,6 +33,7 @@ import org.keycloak.protocol.oidc.OIDCLoginProtocol;
import org.keycloak.protocol.oidc.mappers.UserAttributeMapper; import org.keycloak.protocol.oidc.mappers.UserAttributeMapper;
import org.keycloak.representations.IDToken; import org.keycloak.representations.IDToken;
import org.keycloak.storage.UserStoragePrivateUtil; import org.keycloak.storage.UserStoragePrivateUtil;
import org.keycloak.storage.UserStorageUtil;
import org.keycloak.storage.ldap.LDAPStorageProvider; import org.keycloak.storage.ldap.LDAPStorageProvider;
import org.keycloak.storage.ldap.idm.model.LDAPObject; import org.keycloak.storage.ldap.idm.model.LDAPObject;
import org.keycloak.testsuite.ProfileAssume; import org.keycloak.testsuite.ProfileAssume;
@ -117,7 +118,7 @@ public class LDAPMultipleAttributesTest extends AbstractLDAPTest {
Assume.assumeTrue("User cache disabled.", isUserCacheEnabled()); Assume.assumeTrue("User cache disabled.", isUserCacheEnabled());
testingClient.server().run(session -> { testingClient.server().run(session -> {
LDAPTestContext ctx = LDAPTestContext.init(session); LDAPTestContext ctx = LDAPTestContext.init(session);
session.userCache().clear(); UserStorageUtil.userCache(session).clear();
RealmModel appRealm = ctx.getRealm(); RealmModel appRealm = ctx.getRealm();
// Test user imported in local storage now // Test user imported in local storage now
@ -133,7 +134,7 @@ public class LDAPMultipleAttributesTest extends AbstractLDAPTest {
Assume.assumeTrue("User cache disabled.", isUserCacheEnabled()); Assume.assumeTrue("User cache disabled.", isUserCacheEnabled());
testingClient.server().run(session -> { testingClient.server().run(session -> {
LDAPTestContext ctx = LDAPTestContext.init(session); LDAPTestContext ctx = LDAPTestContext.init(session);
session.userCache().clear(); UserStorageUtil.userCache(session).clear();
RealmModel appRealm = ctx.getRealm(); RealmModel appRealm = ctx.getRealm();
UserModel user = session.users().getUserByUsername(appRealm, "bwilson"); UserModel user = session.users().getUserByUsername(appRealm, "bwilson");

11
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPProvidersIntegrationTest.java
View file

@ -52,6 +52,7 @@ import org.keycloak.storage.StorageId;
import org.keycloak.storage.UserStoragePrivateUtil; import org.keycloak.storage.UserStoragePrivateUtil;
import org.keycloak.storage.UserStorageProvider; import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.UserStorageProviderModel; import org.keycloak.storage.UserStorageProviderModel;
import org.keycloak.storage.UserStorageUtil;
import org.keycloak.storage.ldap.LDAPConfig; import org.keycloak.storage.ldap.LDAPConfig;
import org.keycloak.storage.ldap.LDAPStorageProvider; import org.keycloak.storage.ldap.LDAPStorageProvider;
import org.keycloak.storage.ldap.idm.model.LDAPObject; import org.keycloak.storage.ldap.idm.model.LDAPObject;
@ -624,7 +625,7 @@ public class LDAPProvidersIntegrationTest extends AbstractLDAPTest {
LDAPTestContext ctx = LDAPTestContext.init(session); LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel appRealm = ctx.getRealm(); RealmModel appRealm = ctx.getRealm();
session.userCache().evict(appRealm, session.users().getUserByUsername(appRealm, "register123")); UserStorageUtil.userCache(session).evict(appRealm, session.users().getUserByUsername(appRealm, "register123"));
// See that user don't yet have any description // See that user don't yet have any description
UserModel user = session.users().getUserByUsername(appRealm, "register123"); UserModel user = session.users().getUserByUsername(appRealm, "register123");
@ -915,7 +916,7 @@ public class LDAPProvidersIntegrationTest extends AbstractLDAPTest {
testingClient.server().run(session -> { testingClient.server().run(session -> {
LDAPTestContext ctx = LDAPTestContext.init(session); LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel appRealm = ctx.getRealm(); RealmModel appRealm = ctx.getRealm();
session.userCache().clear(); UserStorageUtil.userCache(session).clear();
// Add custom filter again // Add custom filter again
ctx.getLdapModel().getConfig().putSingle(LDAPConstants.CUSTOM_USER_SEARCH_FILTER, "(|(mail=user5@email.org)(mail=user6@email.org))"); ctx.getLdapModel().getConfig().putSingle(LDAPConstants.CUSTOM_USER_SEARCH_FILTER, "(|(mail=user5@email.org)(mail=user6@email.org))");
@ -925,7 +926,7 @@ public class LDAPProvidersIntegrationTest extends AbstractLDAPTest {
testingClient.server().run(session -> { testingClient.server().run(session -> {
LDAPTestContext ctx = LDAPTestContext.init(session); LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel appRealm = ctx.getRealm(); RealmModel appRealm = ctx.getRealm();
session.userCache().clear(); UserStorageUtil.userCache(session).clear();
// search by id using custom filter. Must return the user // search by id using custom filter. Must return the user
UserModel testUser5 = session.users().getUserById(appRealm, user5Id); UserModel testUser5 = session.users().getUserById(appRealm, user5Id);
@ -1063,7 +1064,7 @@ public class LDAPProvidersIntegrationTest extends AbstractLDAPTest {
public void testSearchWithPartiallyCachedUser() { public void testSearchWithPartiallyCachedUser() {
Assume.assumeTrue("User cache disabled.", isUserCacheEnabled()); Assume.assumeTrue("User cache disabled.", isUserCacheEnabled());
testingClient.server().run(session -> { testingClient.server().run(session -> {
session.userCache().clear(); UserStorageUtil.userCache(session).clear();
}); });
@ -1090,7 +1091,7 @@ public class LDAPProvidersIntegrationTest extends AbstractLDAPTest {
public void testLDAPUserRefreshCache() { public void testLDAPUserRefreshCache() {
Assume.assumeTrue("User cache disabled.", isUserCacheEnabled()); Assume.assumeTrue("User cache disabled.", isUserCacheEnabled());
testingClient.server().run(session -> { testingClient.server().run(session -> {
session.userCache().clear(); UserStorageUtil.userCache(session).clear();
}); });
testingClient.server().run(session -> { testingClient.server().run(session -> {

4
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPSyncTest.java
View file

@ -359,7 +359,7 @@ public class LDAPSyncTest extends AbstractLDAPTest {
.peek(user -> System.out.println("trying to delete user: " + user.getUsername())) .peek(user -> System.out.println("trying to delete user: " + user.getUsername()))
.collect(Collectors.toList()) .collect(Collectors.toList())
.forEach(user -> { .forEach(user -> {
UserCache userCache = session.userCache(); UserCache userCache = UserStorageUtil.userCache(session);
if (userCache != null) { if (userCache != null) {
userCache.evict(ctx.getRealm(), user); userCache.evict(ctx.getRealm(), user);
} }
@ -513,7 +513,7 @@ public class LDAPSyncTest extends AbstractLDAPTest {
.peek(user -> System.out.println("trying to delete user: " + user.getUsername())) .peek(user -> System.out.println("trying to delete user: " + user.getUsername()))
.collect(Collectors.toList()) .collect(Collectors.toList())
.forEach(user -> { .forEach(user -> {
UserCache userCache = session.userCache(); UserCache userCache = UserStorageUtil.userCache(session);
if (userCache != null) { if (userCache != null) {
userCache.evict(ctx.getRealm(), user); userCache.evict(ctx.getRealm(), user);
} }

3
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/noimport/LDAPMultipleAttributesNoImportTest.java
View file

@ -25,6 +25,7 @@ import org.junit.runners.MethodSorters;
import org.keycloak.models.RealmModel; import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel; import org.keycloak.models.UserModel;
import org.keycloak.storage.UserStoragePrivateUtil; import org.keycloak.storage.UserStoragePrivateUtil;
import org.keycloak.storage.UserStorageUtil;
import org.keycloak.testsuite.federation.ldap.LDAPMultipleAttributesTest; import org.keycloak.testsuite.federation.ldap.LDAPMultipleAttributesTest;
import org.keycloak.testsuite.federation.ldap.LDAPTestAsserts; import org.keycloak.testsuite.federation.ldap.LDAPTestAsserts;
import org.keycloak.testsuite.federation.ldap.LDAPTestContext; import org.keycloak.testsuite.federation.ldap.LDAPTestContext;
@ -47,7 +48,7 @@ public class LDAPMultipleAttributesNoImportTest extends LDAPMultipleAttributesTe
Assume.assumeTrue("User cache disabled.", isUserCacheEnabled()); Assume.assumeTrue("User cache disabled.", isUserCacheEnabled());
testingClient.server().run(session -> { testingClient.server().run(session -> {
LDAPTestContext ctx = LDAPTestContext.init(session); LDAPTestContext ctx = LDAPTestContext.init(session);
session.userCache().clear(); UserStorageUtil.userCache(session).clear();
RealmModel appRealm = ctx.getRealm(); RealmModel appRealm = ctx.getRealm();
// Test user NOT imported in local storage now. He is available just through "session.users()" // Test user NOT imported in local storage now. He is available just through "session.users()"

15
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/noimport/LDAPRoleMappingsNoImportTest.java
View file

@ -34,6 +34,7 @@ import org.keycloak.models.RoleModel;
import org.keycloak.models.UserModel; import org.keycloak.models.UserModel;
import org.keycloak.storage.UserStoragePrivateUtil; import org.keycloak.storage.UserStoragePrivateUtil;
import org.keycloak.storage.UserStorageProviderModel; import org.keycloak.storage.UserStorageProviderModel;
import org.keycloak.storage.UserStorageUtil;
import org.keycloak.storage.ldap.LDAPStorageProvider; import org.keycloak.storage.ldap.LDAPStorageProvider;
import org.keycloak.storage.ldap.idm.model.LDAPObject; import org.keycloak.storage.ldap.idm.model.LDAPObject;
import org.keycloak.storage.ldap.mappers.membership.LDAPGroupMapperMode; import org.keycloak.storage.ldap.mappers.membership.LDAPGroupMapperMode;
@ -146,7 +147,7 @@ public class LDAPRoleMappingsNoImportTest extends AbstractLDAPTest {
} ); } );
testingClient.server().run(session -> { testingClient.server().run(session -> {
session.userCache().clear(); UserStorageUtil.userCache(session).clear();
LDAPTestContext ctx = LDAPTestContext.init(session); LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel appRealm = ctx.getRealm(); RealmModel appRealm = ctx.getRealm();
@ -175,7 +176,7 @@ public class LDAPRoleMappingsNoImportTest extends AbstractLDAPTest {
}); });
testingClient.server().run(session -> { testingClient.server().run(session -> {
session.userCache().clear(); UserStorageUtil.userCache(session).clear();
LDAPTestContext ctx = LDAPTestContext.init(session); LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel appRealm = ctx.getRealm(); RealmModel appRealm = ctx.getRealm();
@ -196,7 +197,7 @@ public class LDAPRoleMappingsNoImportTest extends AbstractLDAPTest {
@Test @Test
public void test02WriteMappings() { public void test02WriteMappings() {
testingClient.server().run(session -> { testingClient.server().run(session -> {
session.userCache().clear(); UserStorageUtil.userCache(session).clear();
LDAPTestContext ctx = LDAPTestContext.init(session); LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel appRealm = ctx.getRealm(); RealmModel appRealm = ctx.getRealm();
@ -234,11 +235,11 @@ public class LDAPRoleMappingsNoImportTest extends AbstractLDAPTest {
RoleModel manageAccountRole = accountApp.getRole(AccountRoles.MANAGE_ACCOUNT); RoleModel manageAccountRole = accountApp.getRole(AccountRoles.MANAGE_ACCOUNT);
RoleModel financeRole1 = financeApp.getRole("financeRole1"); RoleModel financeRole1 = financeApp.getRole("financeRole1");
john.grantRole(financeRole1); john.grantRole(financeRole1);
session.userCache().clear(); UserStorageUtil.userCache(session).clear();
}); });
testingClient.server().run(session -> { testingClient.server().run(session -> {
session.userCache().clear(); UserStorageUtil.userCache(session).clear();
LDAPTestContext ctx = LDAPTestContext.init(session); LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel appRealm = ctx.getRealm(); RealmModel appRealm = ctx.getRealm();
@ -288,7 +289,7 @@ public class LDAPRoleMappingsNoImportTest extends AbstractLDAPTest {
// Cleanup // Cleanup
mary.deleteRoleMapping(realmRole2); mary.deleteRoleMapping(realmRole2);
mary.deleteRoleMapping(realmRole3); mary.deleteRoleMapping(realmRole3);
session.userCache().clear(); UserStorageUtil.userCache(session).clear();
}); });
} }
@ -298,7 +299,7 @@ public class LDAPRoleMappingsNoImportTest extends AbstractLDAPTest {
// Check user group memberships // Check user group memberships
testingClient.server().run(session -> { testingClient.server().run(session -> {
session.userCache().clear(); UserStorageUtil.userCache(session).clear();
LDAPTestContext ctx = LDAPTestContext.init(session); LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel appRealm = ctx.getRealm(); RealmModel appRealm = ctx.getRealm();

8
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/ClientStorageTest.java
View file

@ -143,7 +143,7 @@ public class ClientStorageTest extends AbstractTestRealmKeycloakTest {
testingClient.server().run(session -> { testingClient.server().run(session -> {
RealmModel realm = session.realms().getRealmByName(AuthRealm.TEST); RealmModel realm = session.realms().getRealmByName(AuthRealm.TEST);
assertThat(session.clientStorageManager() assertThat(session.clients()
.searchClientsByClientIdStream(realm, "client", null, null) .searchClientsByClientIdStream(realm, "client", null, null)
.map(ClientModel::getClientId) .map(ClientModel::getClientId)
.collect(Collectors.toList()), .collect(Collectors.toList()),
@ -153,7 +153,7 @@ public class ClientStorageTest extends AbstractTestRealmKeycloakTest {
); );
// test the pagination; the clients from local storage (root-url-client) are fetched first // test the pagination; the clients from local storage (root-url-client) are fetched first
assertThat(session.clientStorageManager() assertThat(session.clients()
.searchClientsByClientIdStream(realm, "client", 0, 1) .searchClientsByClientIdStream(realm, "client", 0, 1)
.map(ClientModel::getClientId) .map(ClientModel::getClientId)
.collect(Collectors.toList()), .collect(Collectors.toList()),
@ -161,7 +161,7 @@ public class ClientStorageTest extends AbstractTestRealmKeycloakTest {
not(hasItem(hardcodedClient)), not(hasItem(hardcodedClient)),
hasItem("root-url-client")) hasItem("root-url-client"))
); );
assertThat(session.clientStorageManager() assertThat(session.clients()
.searchClientsByClientIdStream(realm, "client", 1, 1) .searchClientsByClientIdStream(realm, "client", 1, 1)
.map(ClientModel::getClientId) .map(ClientModel::getClientId)
.collect(Collectors.toList()), .collect(Collectors.toList()),
@ -179,7 +179,7 @@ public class ClientStorageTest extends AbstractTestRealmKeycloakTest {
testingClient.server().run(session -> { testingClient.server().run(session -> {
// search for clients and check hardcoded-client is not present // search for clients and check hardcoded-client is not present
assertThat(session.clientStorageManager() assertThat(session.clients()
.searchClientsByClientIdStream(session.realms().getRealmByName(AuthRealm.TEST), "client", null, null) .searchClientsByClientIdStream(session.realms().getRealmByName(AuthRealm.TEST), "client", null, null)
.map(ClientModel::getClientId) .map(ClientModel::getClientId)
.collect(Collectors.toList()), .collect(Collectors.toList()),

53
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/FederatedStorageExportImportTest.java
View file

@ -36,6 +36,7 @@ import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel; import org.keycloak.models.RoleModel;
import org.keycloak.models.credential.PasswordCredentialModel; import org.keycloak.models.credential.PasswordCredentialModel;
import org.keycloak.services.managers.RealmManager; import org.keycloak.services.managers.RealmManager;
import org.keycloak.storage.UserStorageUtil;
import org.keycloak.testsuite.AbstractAuthTest; import org.keycloak.testsuite.AbstractAuthTest;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude; import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
@ -110,14 +111,14 @@ public class FederatedStorageExportImportTest extends AbstractAuthTest {
List<String> attrValues = new LinkedList<>(); List<String> attrValues = new LinkedList<>();
attrValues.add("1"); attrValues.add("1");
attrValues.add("2"); attrValues.add("2");
session.userFederatedStorage().setSingleAttribute(realm, userId, "single1", "value1"); UserStorageUtil.userFederatedStorage(session).setSingleAttribute(realm, userId, "single1", "value1");
session.userFederatedStorage().setAttribute(realm, userId, "list1", attrValues); UserStorageUtil.userFederatedStorage(session).setAttribute(realm, userId, "list1", attrValues);
session.userFederatedStorage().addRequiredAction(realm, userId, "UPDATE_PASSWORD"); UserStorageUtil.userFederatedStorage(session).addRequiredAction(realm, userId, "UPDATE_PASSWORD");
PasswordCredentialModel credential = FederatedStorageExportImportTest.getHashProvider(session, realm.getPasswordPolicy()).encodedCredential("password", realm. PasswordCredentialModel credential = FederatedStorageExportImportTest.getHashProvider(session, realm.getPasswordPolicy()).encodedCredential("password", realm.
getPasswordPolicy().getHashIterations()); getPasswordPolicy().getHashIterations());
session.userFederatedStorage().createCredential(realm, userId, credential); UserStorageUtil.userFederatedStorage(session).createCredential(realm, userId, credential);
session.userFederatedStorage().grantRole(realm, userId, role); UserStorageUtil.userFederatedStorage(session).grantRole(realm, userId, role);
session.userFederatedStorage().joinGroup(realm, userId, group); UserStorageUtil.userFederatedStorage(session).joinGroup(realm, userId, group);
}); });
final String realmId = testRealmResource().toRepresentation().getId(); final String realmId = testRealmResource().toRepresentation().getId();
@ -145,18 +146,18 @@ public class FederatedStorageExportImportTest extends AbstractAuthTest {
RoleModel role = realm.getRole("test-role"); RoleModel role = realm.getRole("test-role");
GroupModel group = realm.getGroupById(groupId); GroupModel group = realm.getGroupById(groupId);
Assert.assertEquals(1, session.userFederatedStorage().getStoredUsersCount(realm)); Assert.assertEquals(1, UserStorageUtil.userFederatedStorage(session).getStoredUsersCount(realm));
MultivaluedHashMap<String, String> attributes = session.userFederatedStorage().getAttributes(realm, userId); MultivaluedHashMap<String, String> attributes = UserStorageUtil.userFederatedStorage(session).getAttributes(realm, userId);
Assert.assertEquals(3, attributes.size()); Assert.assertEquals(3, attributes.size());
Assert.assertEquals("value1", attributes.getFirst("single1")); Assert.assertEquals("value1", attributes.getFirst("single1"));
Assert.assertTrue(attributes.getList("list1").contains("1")); Assert.assertTrue(attributes.getList("list1").contains("1"));
Assert.assertTrue(attributes.getList("list1").contains("2")); Assert.assertTrue(attributes.getList("list1").contains("2"));
Assert.assertTrue(session.userFederatedStorage().getRequiredActionsStream(realm, userId) Assert.assertTrue(UserStorageUtil.userFederatedStorage(session).getRequiredActionsStream(realm, userId)
.collect(Collectors.toSet()).contains("UPDATE_PASSWORD")); .collect(Collectors.toSet()).contains("UPDATE_PASSWORD"));
Assert.assertTrue(session.userFederatedStorage().getRoleMappingsStream(realm, userId) Assert.assertTrue(UserStorageUtil.userFederatedStorage(session).getRoleMappingsStream(realm, userId)
.collect(Collectors.toSet()).contains(role)); .collect(Collectors.toSet()).contains(role));
Assert.assertTrue(session.userFederatedStorage().getGroupsStream(realm, userId).collect(Collectors.toSet()).contains(group)); Assert.assertTrue(UserStorageUtil.userFederatedStorage(session).getGroupsStream(realm, userId).collect(Collectors.toSet()).contains(group));
List<CredentialModel> creds = session.userFederatedStorage().getStoredCredentialsStream(realm, userId).collect(Collectors.toList()); List<CredentialModel> creds = UserStorageUtil.userFederatedStorage(session).getStoredCredentialsStream(realm, userId).collect(Collectors.toList());
Assert.assertEquals(1, creds.size()); Assert.assertEquals(1, creds.size());
Assert.assertTrue(FederatedStorageExportImportTest.getHashProvider(session, realm.getPasswordPolicy()) Assert.assertTrue(FederatedStorageExportImportTest.getHashProvider(session, realm.getPasswordPolicy())
.verify("password", PasswordCredentialModel.createFromCredentialModel(creds.get(0)))); .verify("password", PasswordCredentialModel.createFromCredentialModel(creds.get(0))));
@ -177,15 +178,15 @@ public class FederatedStorageExportImportTest extends AbstractAuthTest {
List<String> attrValues = new LinkedList<>(); List<String> attrValues = new LinkedList<>();
attrValues.add("1"); attrValues.add("1");
attrValues.add("2"); attrValues.add("2");
session.userFederatedStorage().setSingleAttribute(realm, userId, "single1", "value1"); UserStorageUtil.userFederatedStorage(session).setSingleAttribute(realm, userId, "single1", "value1");
session.userFederatedStorage().setAttribute(realm, userId, "list1", attrValues); UserStorageUtil.userFederatedStorage(session).setAttribute(realm, userId, "list1", attrValues);
session.userFederatedStorage().addRequiredAction(realm, userId, "UPDATE_PASSWORD"); UserStorageUtil.userFederatedStorage(session).addRequiredAction(realm, userId, "UPDATE_PASSWORD");
PasswordCredentialModel credential = FederatedStorageExportImportTest.getHashProvider(session, realm.getPasswordPolicy()).encodedCredential("password", realm. PasswordCredentialModel credential = FederatedStorageExportImportTest.getHashProvider(session, realm.getPasswordPolicy()).encodedCredential("password", realm.
getPasswordPolicy().getHashIterations()); getPasswordPolicy().getHashIterations());
session.userFederatedStorage().createCredential(realm, userId, credential); UserStorageUtil.userFederatedStorage(session).createCredential(realm, userId, credential);
session.userFederatedStorage().grantRole(realm, userId, role); UserStorageUtil.userFederatedStorage(session).grantRole(realm, userId, role);
session.userFederatedStorage().joinGroup(realm, userId, group); UserStorageUtil.userFederatedStorage(session).joinGroup(realm, userId, group);
session.userFederatedStorage().setNotBeforeForUser(realm, userId, 50); UserStorageUtil.userFederatedStorage(session).setNotBeforeForUser(realm, userId, 50);
}); });
final String realmId = testRealmResource().toRepresentation().getId(); final String realmId = testRealmResource().toRepresentation().getId();
@ -214,19 +215,19 @@ public class FederatedStorageExportImportTest extends AbstractAuthTest {
RoleModel role = realm.getRole("test-role"); RoleModel role = realm.getRole("test-role");
GroupModel group = realm.getGroupById(groupId); GroupModel group = realm.getGroupById(groupId);
Assert.assertEquals(1, session.userFederatedStorage().getStoredUsersCount(realm)); Assert.assertEquals(1, UserStorageUtil.userFederatedStorage(session).getStoredUsersCount(realm));
MultivaluedHashMap<String, String> attributes = session.userFederatedStorage().getAttributes(realm, userId); MultivaluedHashMap<String, String> attributes = UserStorageUtil.userFederatedStorage(session).getAttributes(realm, userId);
Assert.assertEquals(3, attributes.size()); Assert.assertEquals(3, attributes.size());
Assert.assertEquals("value1", attributes.getFirst("single1")); Assert.assertEquals("value1", attributes.getFirst("single1"));
Assert.assertTrue(attributes.getList("list1").contains("1")); Assert.assertTrue(attributes.getList("list1").contains("1"));
Assert.assertTrue(attributes.getList("list1").contains("2")); Assert.assertTrue(attributes.getList("list1").contains("2"));
Assert.assertTrue(session.userFederatedStorage().getRequiredActionsStream(realm, userId) Assert.assertTrue(UserStorageUtil.userFederatedStorage(session).getRequiredActionsStream(realm, userId)
.collect(Collectors.toSet()).contains("UPDATE_PASSWORD")); .collect(Collectors.toSet()).contains("UPDATE_PASSWORD"));
Assert.assertTrue(session.userFederatedStorage().getRoleMappingsStream(realm, userId) Assert.assertTrue(UserStorageUtil.userFederatedStorage(session).getRoleMappingsStream(realm, userId)
.collect(Collectors.toSet()).contains(role)); .collect(Collectors.toSet()).contains(role));
Assert.assertTrue(session.userFederatedStorage().getGroupsStream(realm, userId).collect(Collectors.toSet()).contains(group)); Assert.assertTrue(UserStorageUtil.userFederatedStorage(session).getGroupsStream(realm, userId).collect(Collectors.toSet()).contains(group));
Assert.assertEquals(50, session.userFederatedStorage().getNotBeforeOfUser(realm, userId)); Assert.assertEquals(50, UserStorageUtil.userFederatedStorage(session).getNotBeforeOfUser(realm, userId));
List<CredentialModel> creds = session.userFederatedStorage().getStoredCredentialsStream(realm, userId).collect(Collectors.toList()); List<CredentialModel> creds = UserStorageUtil.userFederatedStorage(session).getStoredCredentialsStream(realm, userId).collect(Collectors.toList());
Assert.assertEquals(1, creds.size()); Assert.assertEquals(1, creds.size());
Assert.assertTrue(FederatedStorageExportImportTest.getHashProvider(session, realm.getPasswordPolicy()) Assert.assertTrue(FederatedStorageExportImportTest.getHashProvider(session, realm.getPasswordPolicy())
.verify("password", PasswordCredentialModel.createFromCredentialModel(creds.get(0)))); .verify("password", PasswordCredentialModel.createFromCredentialModel(creds.get(0))));

4
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/GroupStorageTest.java
View file

@ -95,7 +95,7 @@ public class GroupStorageTest extends AbstractTestRealmKeycloakTest {
testingClient.server().run(session -> { testingClient.server().run(session -> {
RealmModel realm = session.realms().getRealmByName(AuthRealm.TEST); RealmModel realm = session.realms().getRealmByName(AuthRealm.TEST);
assertThat(session.groupStorageManager() assertThat(session.groups()
.searchForGroupByName(realm, "group", null, null).stream() .searchForGroupByName(realm, "group", null, null).stream()
.map(GroupModel::getName) .map(GroupModel::getName)
.collect(Collectors.toList()), .collect(Collectors.toList()),
@ -113,7 +113,7 @@ public class GroupStorageTest extends AbstractTestRealmKeycloakTest {
testingClient.server().run(session -> { testingClient.server().run(session -> {
RealmModel realm = session.realms().getRealmByName(AuthRealm.TEST); RealmModel realm = session.realms().getRealmByName(AuthRealm.TEST);
// search for groups and check hardcoded-group is not present // search for groups and check hardcoded-group is not present
assertThat(session.groupStorageManager() assertThat(session.groups()
.searchForGroupByName(realm, "group", null, null).stream() .searchForGroupByName(realm, "group", null, null).stream()
.map(GroupModel::getName) .map(GroupModel::getName)
.collect(Collectors.toList()), .collect(Collectors.toList()),

4
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/RoleStorageTest.java
View file

@ -102,7 +102,7 @@ public class RoleStorageTest extends AbstractTestRealmKeycloakTest {
testingClient.server().run(session -> { testingClient.server().run(session -> {
RealmModel realm = session.realms().getRealmByName(AuthRealm.TEST); RealmModel realm = session.realms().getRealmByName(AuthRealm.TEST);
assertThat(session.roleStorageManager() assertThat(session.roles()
.searchForRolesStream(realm, "role", null, null) .searchForRolesStream(realm, "role", null, null)
.map(RoleModel::getName) .map(RoleModel::getName)
.collect(Collectors.toList()), .collect(Collectors.toList()),
@ -120,7 +120,7 @@ public class RoleStorageTest extends AbstractTestRealmKeycloakTest {
testingClient.server().run(session -> { testingClient.server().run(session -> {
RealmModel realm = session.realms().getRealmByName(AuthRealm.TEST); RealmModel realm = session.realms().getRealmByName(AuthRealm.TEST);
// search for roles and check hardcoded-role is not present // search for roles and check hardcoded-role is not present
assertThat(session.roleStorageManager() assertThat(session.roles()
.searchForRolesStream(realm, "role", null, null) .searchForRolesStream(realm, "role", null, null)
.map(RoleModel::getName) .map(RoleModel::getName)
.collect(Collectors.toList()), .collect(Collectors.toList()),

3
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/UserStorageFailureTest.java
View file

@ -45,6 +45,7 @@ import org.keycloak.services.managers.RealmManager;
import org.keycloak.storage.UserStoragePrivateUtil; import org.keycloak.storage.UserStoragePrivateUtil;
import org.keycloak.storage.UserStorageProvider; import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.UserStorageProviderModel; import org.keycloak.storage.UserStorageProviderModel;
import org.keycloak.storage.UserStorageUtil;
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest; import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
import org.keycloak.testsuite.AssertEvents; import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude; import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
@ -224,7 +225,7 @@ public class UserStorageFailureTest extends AbstractTestRealmKeycloakTest {
testingClient.server().run(session -> { testingClient.server().run(session -> {
RealmModel realm = session.realms().getRealmByName(AuthRealm.TEST); RealmModel realm = session.realms().getRealmByName(AuthRealm.TEST);
UserModel user = session.users().getUserByUsername(realm, username); UserModel user = session.users().getUserByUsername(realm, username);
session.userCache().evict(realm, user); UserStorageUtil.userCache(session).evict(realm, user);
}); });
} }

5
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/UserStorageTest.java
View file

@ -36,6 +36,7 @@ import org.keycloak.storage.CacheableStorageProviderModel.CachePolicy;
import org.keycloak.storage.StorageId; import org.keycloak.storage.StorageId;
import org.keycloak.storage.UserStoragePrivateUtil; import org.keycloak.storage.UserStoragePrivateUtil;
import org.keycloak.storage.UserStorageProvider; import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.UserStorageUtil;
import org.keycloak.testsuite.AbstractAuthTest; import org.keycloak.testsuite.AbstractAuthTest;
import org.keycloak.testsuite.admin.ApiUtil; import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude; import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
@ -169,7 +170,7 @@ public class UserStorageTest extends AbstractAuthTest {
UserModel user = session.users().getUserByUsername(realm, "thor"); UserModel user = session.users().getUserByUsername(realm, "thor");
if (user != null) { if (user != null) {
UserStoragePrivateUtil.userLocalStorage(session).removeUser(realm, user); UserStoragePrivateUtil.userLocalStorage(session).removeUser(realm, user);
session.userCache().clear(); UserStorageUtil.userCache(session).clear();
} }
//we need to clear userPasswords and userGroups from UserMapStorageFactory //we need to clear userPasswords and userGroups from UserMapStorageFactory
@ -528,7 +529,7 @@ public class UserStorageTest extends AbstractAuthTest {
// let's clear cache // let's clear cache
testingClient.server().run(session -> { testingClient.server().run(session -> {
session.userCache().clear(); UserStorageUtil.userCache(session).clear();
}); });

9
testsuite/model/src/test/java/org/keycloak/testsuite/model/UserModelTest.java
View file

@ -28,6 +28,7 @@ import org.keycloak.models.UserProvider;
import org.keycloak.storage.UserStorageProvider; import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.UserStorageProviderFactory; import org.keycloak.storage.UserStorageProviderFactory;
import org.keycloak.storage.UserStorageProviderModel; import org.keycloak.storage.UserStorageProviderModel;
import org.keycloak.storage.UserStorageUtil;
import org.keycloak.storage.user.UserRegistrationProvider; import org.keycloak.storage.user.UserRegistrationProvider;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.HashSet; import java.util.HashSet;
@ -183,8 +184,8 @@ public class UserModelTest extends KeycloakModelTest {
}); });
withRealm(realmId, (session, realm) -> { withRealm(realmId, (session, realm) -> {
if (session.userCache() != null) { if (UserStorageUtil.userCache(session) != null) {
session.userCache().clear(); UserStorageUtil.userCache(session).clear();
} }
final UserModel user = session.users().getUserByUsername(realm, "user-A"); final UserModel user = session.users().getUserByUsername(realm, "user-A");
assertThat("User should not be found in the main store", user, Matchers.nullValue()); assertThat("User should not be found in the main store", user, Matchers.nullValue());
@ -234,8 +235,8 @@ public class UserModelTest extends KeycloakModelTest {
// because they are not present in any storage. However, when we get users by id cache may still be hit // because they are not present in any storage. However, when we get users by id cache may still be hit
// since it is not alerted in any way when users are removed from external provider. Hence we need to clear // since it is not alerted in any way when users are removed from external provider. Hence we need to clear
// the cache manually. // the cache manually.
if (session.userCache() != null) { if (UserStorageUtil.userCache(session) != null) {
session.userCache().clear(); UserStorageUtil.userCache(session).clear();
} }
return null; return null;
}); });