libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

merge

Browse source
This commit is contained in:
Bill Burke 2015-06-05 14:44:37 -04:00
commit dc0d9a8dce
406 changed files with 7555 additions and 3890 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
.travis.yml
View file

@ -3,6 +3,8 @@ language: java
cache:
directories:
- $HOME/.m2
sudo: false
after_script: 'misc/.travis/after.sh'
before_cache:
- rm -rf $HOME/.m2/repository/org/keycloak
sudo: false

4
broker/core/src/main/java/org/keycloak/broker/provider/IdentityProviderMapperSpi.java
View file

@ -10,8 +10,8 @@ import org.keycloak.provider.Spi;
public class IdentityProviderMapperSpi implements Spi {
@Override
public boolean isPrivate() {
return false;
public boolean isInternal() {
return true;
}
@Override

2
broker/core/src/main/java/org/keycloak/broker/provider/IdentityProviderSpi.java
View file

@ -29,7 +29,7 @@ public class IdentityProviderSpi implements Spi {
public static final String IDENTITY_PROVIDER_SPI_NAME = "identity_provider";
@Override
public boolean isPrivate() {
public boolean isInternal() {
return false;
}

8
broker/saml/src/main/java/org/keycloak/broker/saml/SAMLEndpoint.java
View file

@ -180,10 +180,10 @@ public class SAMLEndpoint {
SAMLDocumentHolder holder = extractRequestDocument(samlRequest);
RequestAbstractType requestAbstractType = (RequestAbstractType) holder.getSamlObject();
// validate destination
if (!uriInfo.getAbsolutePath().equals(requestAbstractType.getDestination())) {
if (requestAbstractType.getDestination() != null && !uriInfo.getAbsolutePath().equals(requestAbstractType.getDestination())) {
event.event(EventType.IDENTITY_PROVIDER_RESPONSE);
event.error(Errors.INVALID_SAML_RESPONSE);
event.detail(Details.REASON, "invalid_destination");
event.error(Errors.INVALID_SAML_RESPONSE);
return ErrorPage.error(session, Messages.INVALID_REQUEST);
}
if (config.isValidateSignature()) {
@ -354,10 +354,10 @@ public class SAMLEndpoint {
SAMLDocumentHolder holder = extractResponseDocument(samlResponse);
StatusResponseType statusResponse = (StatusResponseType)holder.getSamlObject();
// validate destination
if (!uriInfo.getAbsolutePath().toString().equals(statusResponse.getDestination())) {
if (statusResponse.getDestination() != null && !uriInfo.getAbsolutePath().toString().equals(statusResponse.getDestination())) {
event.event(EventType.IDENTITY_PROVIDER_RESPONSE);
event.error(Errors.INVALID_SAML_RESPONSE);
event.detail(Details.REASON, "invalid_destination");
event.error(Errors.INVALID_SAML_RESPONSE);
return ErrorPage.error(session, Messages.INVALID_FEDERATED_IDENTITY_ACTION);
}
if (config.isValidateSignature()) {

2
connections/file/src/main/java/org/keycloak/connections/file/FileConnectionSpi.java
View file

@ -10,7 +10,7 @@ import org.keycloak.provider.Spi;
public class FileConnectionSpi implements Spi {
@Override
public boolean isPrivate() {
public boolean isInternal() {
return true;
}

2
connections/http-client/src/main/java/org/keycloak/connections/httpclient/HttpClientSpi.java
View file

@ -10,7 +10,7 @@ import org.keycloak.provider.Spi;
public class HttpClientSpi implements Spi {
@Override
public boolean isPrivate() {
public boolean isInternal() {
return true;
}

2
connections/infinispan/src/main/java/org/keycloak/connections/infinispan/InfinispanConnectionSpi.java
View file

@ -10,7 +10,7 @@ import org.keycloak.provider.Spi;
public class InfinispanConnectionSpi implements Spi {
@Override
public boolean isPrivate() {
public boolean isInternal() {
return true;
}

22
connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-1.3.0.Beta1.xml
View file

@ -19,7 +19,7 @@
<column name="AUTH_USER_ID" type="VARCHAR(255)"/>
<column name="IP_ADDRESS" type="VARCHAR(255)"/>
<column name="RESOURCE_PATH" type="VARCHAR(2550)"/>
<column name="REPRESENTATION" type="VARCHAR(25500)"/>
<column name="REPRESENTATION" type="TEXT(25500)"/>
<column name="ERROR" type="VARCHAR(255)"/>
</createTable>
<createTable tableName="AUTHENTICATOR">
@ -28,7 +28,7 @@
</column>
<column name="ALIAS" type="VARCHAR(255)"/>
<column name="REALM_ID" type="VARCHAR(36)"/>
<column name="PROVIDER_ID" type="VARCHAR(36)"/>
<column name="PROVIDER_ID" type="VARCHAR(255)"/>
</createTable>
<createTable tableName="AUTHENTICATION_FLOW">
<column name="ID" type="VARCHAR(36)">
@ -94,6 +94,9 @@
<column name="ADMIN_EVENTS_DETAILS_ENABLED" type="BOOLEAN" defaultValueBoolean="false">
<constraints nullable="false"/>
</column>
<column name="EDIT_USERNAME_ALLOWED" type="BOOLEAN" defaultValueBoolean="false">
<constraints nullable="false"/>
</column>
</addColumn>
<createTable tableName="CLIENT_SESSION_AUTH_STATUS">
<column name="AUTHENTICATOR" type="VARCHAR(36)">
@ -107,6 +110,19 @@
<addColumn tableName="CLIENT_SESSION">
<column name="AUTH_USER_ID" type="VARCHAR(36)"/>
</addColumn>
<addColumn tableName="IDENTITY_PROVIDER">
<column name="TRUST_EMAIL" type="BOOLEAN" defaultValueBoolean="false"/>
<column name="UPDATE_PROFILE_FIRST_LOGIN_MODE" type="VARCHAR(10)" defaultValue="on">
<constraints nullable="false"/>
</column>
</addColumn>
<!-- migrate value from UPDATE_PROFILE_FIRST_LOGIN to UPDATE_PROFILE_FIRST_LOGIN_MODE then drop it -->
<update tableName="IDENTITY_PROVIDER">
<column name="UPDATE_PROFILE_FIRST_LOGIN_MODE" value="off"/>
<where>UPDATE_PROFILE_FIRST_LOGIN = false</where>
</update>
<dropColumn tableName="IDENTITY_PROVIDER" columnName="UPDATE_PROFILE_FIRST_LOGIN"/>
<addColumn tableName="USER_REQUIRED_ACTION">
<column name="REQUIRED_ACTION" type="VARCHAR(36)">
<constraints nullable="false"/>
@ -158,5 +174,7 @@
<addForeignKeyConstraint baseColumnNames="REALM_ID" baseTableName="USER_FEDERATION_MAPPER" constraintName="FK_FEDMAPPERPM_REALM" referencedColumnNames="ID" referencedTableName="REALM"/>
<addForeignKeyConstraint baseColumnNames="FEDERATION_PROVIDER_ID" baseTableName="USER_FEDERATION_MAPPER" constraintName="FK_FEDMAPPERPM_FEDPRV" referencedColumnNames="ID" referencedTableName="USER_FEDERATION_PROVIDER"/>
<addForeignKeyConstraint baseColumnNames="USER_FEDERATION_MAPPER_ID" baseTableName="USER_FEDERATION_MAPPER_CONFIG" constraintName="FK_FEDMAPPER_CFG" referencedColumnNames="ID" referencedTableName="USER_FEDERATION_MAPPER"/>
<dropColumn tableName="REALM" columnName="PASSWORD_CRED_GRANT_ALLOWED"/>
</changeSet>
</databaseChangeLog>

2
connections/jpa/src/main/java/org/keycloak/connections/jpa/JpaConnectionSpi.java
View file

@ -10,7 +10,7 @@ import org.keycloak.provider.Spi;
public class JpaConnectionSpi implements Spi {
@Override
public boolean isPrivate() {
public boolean isInternal() {
return true;
}

2
connections/jpa/src/main/java/org/keycloak/connections/jpa/updater/JpaUpdaterSpi.java
View file

@ -10,7 +10,7 @@ import org.keycloak.provider.Spi;
public class JpaUpdaterSpi implements Spi {
@Override
public boolean isPrivate() {
public boolean isInternal() {
return true;
}

9
connections/mongo-update/src/main/java/org/keycloak/connections/mongo/updater/impl/DefaultMongoUpdaterProvider.java
View file

@ -6,11 +6,7 @@ import com.mongodb.DBCollection;
import com.mongodb.DBCursor;
import org.jboss.logging.Logger;
import org.keycloak.connections.mongo.updater.MongoUpdaterProvider;
import org.keycloak.connections.mongo.updater.impl.updates.Update;
import org.keycloak.connections.mongo.updater.impl.updates.Update1_0_0_Final;
import org.keycloak.connections.mongo.updater.impl.updates.Update1_1_0_Beta1;
import org.keycloak.connections.mongo.updater.impl.updates.Update1_2_0_Beta1;
import org.keycloak.connections.mongo.updater.impl.updates.Update1_2_0_CR1;
import org.keycloak.connections.mongo.updater.impl.updates.*;
import org.keycloak.models.KeycloakSession;
import java.util.Date;
@ -30,7 +26,8 @@ public class DefaultMongoUpdaterProvider implements MongoUpdaterProvider {
Update1_0_0_Final.class,
Update1_1_0_Beta1.class,
Update1_2_0_Beta1.class,
Update1_2_0_CR1.class
Update1_2_0_CR1.class,
Update1_3_0_Beta1.class
};
@Override

4
connections/mongo-update/src/main/java/org/keycloak/connections/mongo/updater/impl/updates/Update.java
View file

@ -53,6 +53,10 @@ public abstract class Update {
log.debugv("Deleted entries from {0}", collection);
}
protected void removeField(String collection, String field) {
db.getCollection(collection).update(new BasicDBObject(), new BasicDBObject("$unset" , new BasicDBObject(field, 1)), false, true);
}
protected void renameCollection(String collection, String newName) {
db.getCollection(collection).rename(newName);
}

20
connections/mongo-update/src/main/java/org/keycloak/connections/mongo/updater/impl/updates/Update1_3_0_Beta1.java Normal file
View file

@ -0,0 +1,20 @@
package org.keycloak.connections.mongo.updater.impl.updates;
import org.keycloak.models.KeycloakSession;
/**
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
*/
public class Update1_3_0_Beta1 extends Update {
@Override
public String getId() {
return "1.3.0.Beta1";
}
@Override
public void update(KeycloakSession session) {
removeField("realms", "passwordCredentialGrantAllowed");
}
}

5
connections/mongo/src/main/java/org/keycloak/connections/mongo/DefaultMongoConnectionFactoryProvider.java
View file

@ -43,7 +43,10 @@ public class DefaultMongoConnectionFactoryProvider implements MongoConnectionPro
"org.keycloak.models.entities.ProtocolMapperEntity",
"org.keycloak.models.entities.IdentityProviderMapperEntity",
"org.keycloak.models.mongo.keycloak.entities.MongoUserConsentEntity",
"org.keycloak.models.mongo.keycloak.entities.MongoMigrationModelEntity"
"org.keycloak.models.mongo.keycloak.entities.MongoMigrationModelEntity",
"org.keycloak.models.entities.AuthenticationExecutionEntity",
"org.keycloak.models.entities.AuthenticationFlowEntity",
"org.keycloak.models.entities.AuthenticatorEntity",
};
private static final Logger logger = Logger.getLogger(DefaultMongoConnectionFactoryProvider.class);

2
connections/mongo/src/main/java/org/keycloak/connections/mongo/MongoConnectionSpi.java
View file

@ -10,7 +10,7 @@ import org.keycloak.provider.Spi;
public class MongoConnectionSpi implements Spi {
@Override
public boolean isPrivate() {
public boolean isInternal() {
return true;
}

2
connections/mongo/src/main/java/org/keycloak/connections/mongo/updater/MongoUpdaterSpi.java
View file

@ -10,7 +10,7 @@ import org.keycloak.provider.Spi;
public class MongoUpdaterSpi implements Spi {
@Override
public boolean isPrivate() {
public boolean isInternal() {
return true;
}

55
core/src/main/java/org/keycloak/representations/idm/IdentityProviderRepresentation.java
View file

@ -29,7 +29,26 @@ public class IdentityProviderRepresentation {
protected String internalId;
protected String providerId;
protected boolean enabled = true;
protected boolean updateProfileFirstLogin = true;
public static final String UPFLM_ON = "on";
public static final String UPFLM_MISSING = "missing";
public static final String UPFLM_OFF = "off";
/**
* Mode of profile update after first login when user is created over this identity provider. Possible values:
* <ul>
* <li><code>on</code> - update profile page is presented for all users
* <li><code>missing</code> - update profile page is presented for users with missing some of mandatory user profile fields
* <li><code>off</code> - update profile page is newer shown after first login
* </ul>
*
* @see #UPFLM_ON
* @see #UPFLM_MISSING
* @see #UPFLM_OFF
*/
protected String updateProfileFirstLoginMode = UPFLM_ON;
protected boolean trustEmail;
protected boolean storeToken;
protected boolean addReadTokenRoleOnCreate;
protected boolean authenticateByDefault;
@ -75,12 +94,29 @@ public class IdentityProviderRepresentation {
this.enabled = enabled;
}
public boolean isUpdateProfileFirstLogin() {
return this.updateProfileFirstLogin;
/**
*
* Deprecated because replaced by {@link #updateProfileFirstLoginMode}. Kept here to allow import of old realms.
*
* @deprecated {@link #setUpdateProfileFirstLoginMode(String)}
*/
@Deprecated
public void setUpdateProfileFirstLogin(boolean updateProfileFirstLogin) {
this.updateProfileFirstLoginMode = updateProfileFirstLogin ? UPFLM_ON : UPFLM_OFF;
}
public void setUpdateProfileFirstLogin(boolean updateProfileFirstLogin) {
this.updateProfileFirstLogin = updateProfileFirstLogin;
/**
* @return see {@link #updateProfileFirstLoginMode}
*/
public String getUpdateProfileFirstLoginMode() {
return updateProfileFirstLoginMode;
}
/**
* @param updateProfileFirstLoginMode see {@link #updateProfileFirstLoginMode}
*/
public void setUpdateProfileFirstLoginMode(String updateProfileFirstLoginMode) {
this.updateProfileFirstLoginMode = updateProfileFirstLoginMode;
}
public boolean isAuthenticateByDefault() {
@ -106,4 +142,13 @@ public class IdentityProviderRepresentation {
public void setAddReadTokenRoleOnCreate(boolean addReadTokenRoleOnCreate) {
this.addReadTokenRoleOnCreate = addReadTokenRoleOnCreate;
}
public boolean isTrustEmail() {
return trustEmail;
}
public void setTrustEmail(boolean trustEmail) {
this.trustEmail = trustEmail;
}
}

18
core/src/main/java/org/keycloak/representations/idm/RealmRepresentation.java
View file

@ -18,12 +18,14 @@ public class RealmRepresentation {
protected Integer accessCodeLifespanLogin;
protected Boolean enabled;
protected String sslRequired;
@Deprecated
protected Boolean passwordCredentialGrantAllowed;
protected Boolean registrationAllowed;
protected Boolean registrationEmailAsUsername;
protected Boolean rememberMe;
protected Boolean verifyEmail;
protected Boolean resetPasswordAllowed;
protected Boolean editUsernameAllowed;
protected Boolean userCacheEnabled;
protected Boolean realmCacheEnabled;
@ -264,14 +266,6 @@ public class RealmRepresentation {
this.codeSecret = codeSecret;
}
public Boolean isPasswordCredentialGrantAllowed() {
return passwordCredentialGrantAllowed;
}
public void setPasswordCredentialGrantAllowed(Boolean passwordCredentialGrantAllowed) {
this.passwordCredentialGrantAllowed = passwordCredentialGrantAllowed;
}
public Boolean isRegistrationAllowed() {
return registrationAllowed;
}
@ -328,6 +322,14 @@ public class RealmRepresentation {
this.resetPasswordAllowed = resetPassword;
}
public Boolean isEditUsernameAllowed() {
return editUsernameAllowed;
}
public void setEditUsernameAllowed(Boolean editUsernameAllowed) {
this.editUsernameAllowed = editUsernameAllowed;
}
@Deprecated
public Boolean isSocial() {
return social;

59
distribution/adapters/as7-adapter-zip/assembly.xml → distribution/adapters/as7-eap6-adapter/as7-adapter-zip/assembly.xml
View file

@ -1,29 +1,30 @@
<assembly>
<id>war-dist</id>
<formats>
<format>zip</format>
<format>tar.gz</format>
</formats>
<includeBaseDirectory>false</includeBaseDirectory>
<fileSets>
<fileSet>
<directory>${project.build.directory}/unpacked</directory>
<includes>
<include>org/bouncycastle/**</include>
<include>net/iharder/base64/**</include>
<include>org/apache/httpcomponents/**</include>
<include>org/keycloak/keycloak-core/**</include>
<include>org/keycloak/keycloak-adapter-core/**</include>
<include>org/keycloak/keycloak-jboss-adapter-core/**</include>
<include>org/keycloak/keycloak-as7-adapter/**</include>
<include>org/keycloak/keycloak-as7-subsystem/**</include>
</includes>
<excludes>
<exclude>**/*.war</exclude>
</excludes>
<outputDirectory>modules</outputDirectory>
</fileSet>
</fileSets>
</assembly>
<assembly>
<id>war-dist</id>
<formats>
<format>zip</format>
<format>tar.gz</format>
</formats>
<includeBaseDirectory>false</includeBaseDirectory>
<fileSets>
<fileSet>
<directory>${project.build.directory}/unpacked</directory>
<includes>
<include>org/bouncycastle/**</include>
<include>net/iharder/base64/**</include>
<include>org/apache/httpcomponents/**</include>
<include>org/keycloak/keycloak-core/**</include>
<include>org/keycloak/keycloak-adapter-core/**</include>
<include>org/keycloak/keycloak-jboss-adapter-core/**</include>
<include>org/keycloak/keycloak-as7-adapter/**</include>
<include>org/keycloak/keycloak-as7-subsystem/**</include>
<include>org/keycloak/keycloak-adapter-subsystem/**</include>
</includes>
<excludes>
<exclude>**/*.war</exclude>
</excludes>
<outputDirectory>modules</outputDirectory>
</fileSet>
</fileSets>
</assembly>

158
distribution/adapters/as7-adapter-zip/pom.xml → distribution/adapters/as7-eap6-adapter/as7-adapter-zip/pom.xml
View file

@ -1,79 +1,79 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
<version>1.3.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<artifactId>keycloak-as7-adapter-dist</artifactId>
<packaging>pom</packaging>
<name>Keycloak AS7 Adapter Distro</name>
<description/>
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-as7-adapter</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-jboss-modules</artifactId>
<type>zip</type>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<executions>
<execution>
<id>unpack</id>
<phase>prepare-package</phase>
<goals>
<goal>unpack</goal>
</goals>
<configuration>
<artifactItems>
<artifactItem>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-jboss-modules</artifactId>
<type>zip</type>
<outputDirectory>${project.build.directory}/unpacked</outputDirectory>
</artifactItem>
</artifactItems>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<artifactId>maven-assembly-plugin</artifactId>
<executions>
<execution>
<id>assemble</id>
<phase>package</phase>
<goals>
<goal>single</goal>
</goals>
<configuration>
<descriptors>
<descriptor>assembly.xml</descriptor>
</descriptors>
<outputDirectory>
target
</outputDirectory>
<workDirectory>
target/assembly/work
</workDirectory>
<appendAssemblyId>false</appendAssemblyId>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
<version>1.3.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
<artifactId>keycloak-as7-adapter-dist</artifactId>
<packaging>pom</packaging>
<name>Keycloak AS7 Adapter Distro</name>
<description/>
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-as7-adapter</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-as7-modules</artifactId>
<type>zip</type>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<executions>
<execution>
<id>unpack</id>
<phase>prepare-package</phase>
<goals>
<goal>unpack</goal>
</goals>
<configuration>
<artifactItems>
<artifactItem>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-as7-modules</artifactId>
<type>zip</type>
<outputDirectory>${project.build.directory}/unpacked</outputDirectory>
</artifactItem>
</artifactItems>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<artifactId>maven-assembly-plugin</artifactId>
<executions>
<execution>
<id>assemble</id>
<phase>package</phase>
<goals>
<goal>single</goal>
</goals>
<configuration>
<descriptors>
<descriptor>assembly.xml</descriptor>
</descriptors>
<outputDirectory>
target
</outputDirectory>
<workDirectory>
target/assembly/work
</workDirectory>
<appendAssemblyId>false</appendAssemblyId>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>

22
distribution/adapters/as7-eap6-adapter/as7-modules/assembly.xml Executable file
View file

@ -0,0 +1,22 @@
<assembly>
<id>dist</id>
<formats>
<format>zip</format>
</formats>
<includeBaseDirectory>false</includeBaseDirectory>
<fileSets>
<fileSet>
<directory>../../</directory>
<includes>
<include>License.html</include>
</includes>
<outputDirectory></outputDirectory>
</fileSet>
<fileSet>
<directory>${project.build.directory}/modules</directory>
<outputDirectory></outputDirectory>
</fileSet>
</fileSets>
</assembly>

89
distribution/adapters/as7-eap6-adapter/as7-modules/build.xml Executable file
View file

@ -0,0 +1,89 @@
<!--
~ JBoss, Home of Professional Open Source.
~ Copyright 2012, Red Hat, Inc., and individual contributors
~ as indicated by the @author tags. See the copyright.txt file in the
~ distribution for a full listing of individual contributors.
~
~ This is free software; you can redistribute it and/or modify it
~ under the terms of the GNU Lesser General Public License as
~ published by the Free Software Foundation; either version 2.1 of
~ the License, or (at your option) any later version.
~
~ This software is distributed in the hope that it will be useful,
~ but WITHOUT ANY WARRANTY; without even the implied warranty of
~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
~ Lesser General Public License for more details.
~
~ You should have received a copy of the GNU Lesser General Public
~ License along with this software; if not, write to the Free
~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
~ 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-->
<project name="module-repository" basedir="." default="all">
<import file="lib.xml"/>
<property name="output.dir" value="target"/>
<target name="all">
<antcall target="modules">
<param name="mavenized.modules" value="false"/>
<param name="output.dir" value="target"/>
</antcall>
</target>
<target name="modules">
<!-- server min dependencies -->
<module-def name="org.apache.httpcomponents" slot="4.3">
<maven-resource group="org.apache.httpcomponents" artifact="httpclient"/>
<maven-resource group="org.apache.httpcomponents" artifact="httpcore"/>
<maven-resource group="org.apache.httpcomponents" artifact="httpmime"/>
</module-def>
<module-def name="org.keycloak.keycloak-core">
<maven-resource group="org.keycloak" artifact="keycloak-core"/>
</module-def>
<module-def name="net.iharder.base64">
<maven-resource group="net.iharder" artifact="base64"/>
</module-def>
<module-def name="org.bouncycastle">
<maven-resource group="org.bouncycastle" artifact="bcprov-jdk15on"/>
<maven-resource group="org.bouncycastle" artifact="bcpkix-jdk15on"/>
</module-def>
<!-- subsystems -->
<module-def name="org.keycloak.keycloak-adapter-core">
<maven-resource group="org.keycloak" artifact="keycloak-adapter-core"/>
</module-def>
<module-def name="org.keycloak.keycloak-jboss-adapter-core">
<maven-resource group="org.keycloak" artifact="keycloak-jboss-adapter-core"/>
</module-def>
<module-def name="org.keycloak.keycloak-as7-adapter">
<maven-resource group="org.keycloak" artifact="keycloak-as7-adapter"/>
<maven-resource group="org.keycloak" artifact="keycloak-tomcat-core-adapter"/>
</module-def>
<module-def name="org.keycloak.keycloak-as7-subsystem">
<maven-resource group="org.keycloak" artifact="keycloak-as7-subsystem"/>
</module-def>
</target>
<target name="clean-target">
<delete dir="${output.dir}"/>
</target>
<target name="clean" depends="clean-target">
<delete file="maven-ant-tasks.jar"/>
</target>
</project>

282
distribution/adapters/as7-eap6-adapter/as7-modules/lib.xml Executable file
View file

@ -0,0 +1,282 @@
<!--
~ JBoss, Home of Professional Open Source.
~ Copyright 2010, Red Hat, Inc., and individual contributors
~ as indicated by the @author tags. See the copyright.txt file in the
~ distribution for a full listing of individual contributors.
~
~ This is free software; you can redistribute it and/or modify it
~ under the terms of the GNU Lesser General Public License as
~ published by the Free Software Foundation; either version 2.1 of
~ the License, or (at your option) any later version.
~
~ This software is distributed in the hope that it will be useful,
~ but WITHOUT ANY WARRANTY; without even the implied warranty of
~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
~ Lesser General Public License for more details.
~
~ You should have received a copy of the GNU Lesser General Public
~ License along with this software; if not, write to the Free
~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
~ 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-->
<project name="module-repository-lib">
<property name="src.dir" value="src"/>
<property name="module.repo.src.dir" value="${src.dir}/main/resources/modules"/>
<property name="module.xml" value="module.xml"/>
<taskdef resource="net/sf/antcontrib/antlib.xml"/>
<taskdef name="jandex" classname="org.jboss.jandex.JandexAntTask" />
<macrodef name="module-def">
<attribute name="name"/>
<attribute name="slot" default="main"/>
<element name="resources" implicit="yes" optional="yes"/>
<sequential>
<echo message="Initializing module -> @{name}"/>
<property name="module.repo.output.dir" value="${output.dir}/modules"/>
<!-- Figure out the correct module path -->
<define-module-dir name="@{name}" slot="@{slot}"/>
<!-- Make the module output director -->
<mkdir dir="${module.repo.output.dir}/${current.module.path}"/>
<!-- Copy the module.xml and other stuff to the output director -->
<copy todir="${module.repo.output.dir}/${current.module.path}" overwrite="true">
<fileset dir="${module.repo.src.dir}/${current.module.path}">
<include name="**"/>
</fileset>
</copy>
<!-- Process the resource -->
<resources/>
<!-- Add keycloak version property to module xml -->
<replace file="${module.repo.output.dir}/${current.module.path}/${module.xml}"
token="$${project.version}"
value="${project.version}"/>
<!-- Some final cleanup -->
<replace file="${module.repo.output.dir}/${current.module.path}/${module.xml}">
<replacetoken>
<![CDATA[
<!-- Insert resources here -->]]></replacetoken>
<replacevalue>
</replacevalue>
</replace>
</sequential>
</macrodef>
<macrodef name="bundle-def">
<attribute name="name"/>
<attribute name="slot" default="main"/>
<element name="resources" implicit="yes" optional="yes"/>
<sequential>
<echo message="Initializing bundle -> @{name}"/>
<property name="bundle.repo.output.dir" value="${output.dir}/bundles/system/layers/base"/>
<!-- Figure out the correct bundle path -->
<define-bundle-dir name="@{name}" slot="@{slot}" />
<!-- Make the bundle output director -->
<mkdir dir="${bundle.repo.output.dir}/${current.bundle.path}"/>
<!-- Process the resource -->
<resources/>
</sequential>
</macrodef>
<macrodef name="maven-bundle" >
<attribute name="group"/>
<attribute name="artifact"/>
<sequential>
<!-- Copy the jar to the bundle dir -->
<property name="bundle.repo.output.dir" value="${output.dir}/bundles/system/layers/base"/>
<copy todir="${bundle.repo.output.dir}/${current.bundle.path}" failonerror="true">
<fileset file="${@{group}:@{artifact}:jar}"/>
<mapper type="flatten" />
</copy>
</sequential>
</macrodef>
<scriptdef name="define-module-dir" language="javascript" manager="bsf">
<attribute name="name"/>
<attribute name="slot"/>
<![CDATA[
name = attributes.get("name");
name = name.replace(".", "/");
project.setProperty("current.module.path", name + "/" + attributes.get("slot"));
]]>
</scriptdef>
<scriptdef name="define-bundle-dir" language="javascript" manager="bsf">
<attribute name="name"/>
<attribute name="slot"/>
<![CDATA[
name = attributes.get("name");
name = name.replace(".", "/");
project.setProperty("current.bundle.path", name + "/" + attributes.get("slot"));
]]>
</scriptdef>
<!--
Get the version from the parent directory of the jar. If the parent directory is 'target' this
means that the jar is contained in AS build so extract the version from the file name
-->
<scriptdef name="define-maven-artifact" language="javascript" manager="bsf">
<attribute name="group"/>
<attribute name="artifact"/>
<attribute name="classifier"/>
<attribute name="element"/>
<attribute name="path"/>
<![CDATA[
importClass(Packages.java.io.File);
group = attributes.get("group");
artifact = attributes.get("artifact");
classifier = attributes.get("classifier");
element = attributes.get("element");
path = attributes.get("path");
if(path.indexOf('${') != -1) {
throw "Module resource root not found, make sure it is listed in build/pom.xml" + path;
}
fp = new File(path);
version = fp.getParentFile().getName();
if (version.equals("target")) {
version = fp.getName();
version = version.substring(artifact.length() + 1);
suffix = ".jar";
if (classifier) {
suffix = "-" + classifier + suffix;
}
version = version.replace(suffix, "");
}
root = "<" + element + " name=\"" + group + ":" + artifact + ":" + version;
if (classifier) {
root = root + ":" + classifier;
}
root = root + "\"/>";
project.setProperty("current.maven.root", root);
]]>
</scriptdef>
<macrodef name="maven-resource" >
<attribute name="group"/>
<attribute name="artifact"/>
<attribute name="jandex" default="false" />
<sequential>
<if>
<equals arg1="${mavenized.modules}" arg2="true"/>
<then>
<define-maven-artifact group="@{group}" artifact="@{artifact}" element="artifact" path="${@{group}:@{artifact}:jar}"/>
<replace file="${module.repo.output.dir}/${current.module.path}/${module.xml}">
<replacefilter token="&lt;!-- Insert resources here --&gt;" value="${current.maven.root}&#10; &lt;!-- Insert resources here --&gt;"/>
</replace>
</then>
<else>
<!-- Copy the jar to the module dir -->
<copy todir="${module.repo.output.dir}/${current.module.path}" failonerror="true">
<fileset file="${@{group}:@{artifact}:jar}"/>
<mapper type="flatten" />
</copy>
<basename file="${@{group}:@{artifact}:jar}" property="resourcename.@{group}.@{artifact}"/>
<!-- Generate the Jandex Index -->
<jandex run="@{jandex}" newJar="true" >
<fileset dir="${module.repo.output.dir}/${current.module.path}" />
</jandex>
<!-- Update the resource entry in module.xml -->
<define-resource-root path="${resourcename.@{group}.@{artifact}}" jandex="@{jandex}"/>
<replace file="${module.repo.output.dir}/${current.module.path}/${module.xml}">
<replacefilter token="&lt;!-- Insert resources here --&gt;" value="${current.resource.root}&#10; &lt;!-- Insert resources here --&gt;"/>
</replace>
</else>
</if>
</sequential>
</macrodef>
<macrodef name="maven-resource-with-classifier" >
<attribute name="group"/>
<attribute name="artifact"/>
<attribute name="classifier"/>
<attribute name="jandex" default="false" />
<sequential>
<if>
<equals arg1="${mavenized.modules}" arg2="true"/>
<then>
<define-maven-artifact group="@{group}" artifact="@{artifact}" element="artifact" classifier="@{classifier}" path="${@{group}:@{artifact}:jar:@{classifier}}"/>
<replace file="${module.repo.output.dir}/${current.module.path}/${module.xml}">
<replacefilter token="&lt;!-- Insert resources here --&gt;" value="${current.maven.root}&#10; &lt;!-- Insert resources here --&gt;"/>
</replace>
</then>
<else>
<!-- Copy the jar to the module dir -->
<copy todir="${module.repo.output.dir}/${current.module.path}" failonerror="true">
<fileset file="${@{group}:@{artifact}:jar:@{classifier}}"/>
<!-- http://jira.codehaus.org/browse/MANTRUN-159 -->
<mapper type="flatten" />
</copy>
<basename file="${@{group}:@{artifact}:jar:@{classifier}}" property="resourcename.@{group}.@{artifact}.@{classifier}"/>
<!-- Update the resource entry in module.xml -->
<define-resource-root path="${resourcename.@{group}.@{artifact}.@{classifier}}"/>
<replace file="${module.repo.output.dir}/${current.module.path}/${module.xml}">
<replacefilter token="&lt;!-- Insert resources here --&gt;" value="${current.resource.root}&#10; &lt;!-- Insert resources here --&gt;"/>
</replace>
</else>
</if>
</sequential>
</macrodef>
<macrodef name="extract-native-jar" >
<attribute name="group"/>
<attribute name="artifact"/>
<sequential>
<if>
<equals arg1="${mavenized.modules}" arg2="true"/>
<then>
<define-maven-artifact group="@{group}" artifact="@{artifact}" element="native-artifact" path="${@{group}:@{artifact}:jar}"/>
<replace file="${module.repo.output.dir}/${current.module.path}/${module.xml}">
<replacefilter token="&lt;!-- Insert resources here --&gt;" value="${current.maven.root}&#10; &lt;!-- Insert resources here --&gt;"/>
</replace>
</then>
<else>
<unzip src="${@{group}:@{artifact}:jar}" dest="${module.repo.output.dir}/${current.module.path}">
<patternset>
<include name="lib/**"/>
</patternset>
</unzip>
</else>
</if>
</sequential>
</macrodef>
<scriptdef name="define-resource-root" language="javascript" manager="bsf">
<attribute name="path"/>
<attribute name="jandex"/>
<![CDATA[
path = attributes.get("path");
root = "<resource-root path=\"" + path + "\"/>";
if(path.indexOf('${') != -1) {
throw "Module resource root not found, make sure it is listed in build/pom.xml" + path;
}
if(attributes.get("jandex") == "true" ) {
root = root + "\n\t<resource-root path=\"" + path.replace(".jar","-jandex.jar") + "\"/>";
}
project.setProperty("current.resource.root", root);
]]>
</scriptdef>
</project>

172
distribution/adapters/as7-eap6-adapter/as7-modules/pom.xml Executable file
View file

@ -0,0 +1,172 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
<version>1.3.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
<artifactId>keycloak-as7-modules</artifactId>
<name>Keycloak AS7 / JBoss EAP 6 Modules</name>
<packaging>pom</packaging>
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-core</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-adapter-core</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-jboss-adapter-core</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-as7-adapter</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-tomcat-core-adapter</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-as7-subsystem</artifactId>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpmime</artifactId>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpcore</artifactId>
</dependency>
<dependency>
<groupId>net.iharder</groupId>
<artifactId>base64</artifactId>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>${bouncycastle.crypto.version}</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-antrun-plugin</artifactId>
<inherited>false</inherited>
<executions>
<execution>
<id>build-dist</id>
<goals>
<goal>run</goal>
</goals>
<phase>compile</phase>
<configuration>
<target>
<ant antfile="build.xml" inheritRefs="true">
<target name="all"/>
</ant>
</target>
</configuration>
</execution>
</executions>
<dependencies>
<dependency>
<groupId>org.jboss</groupId>
<artifactId>jandex</artifactId>
<version>1.0.3.Final</version>
</dependency>
<dependency>
<groupId>ant-contrib</groupId>
<artifactId>ant-contrib</artifactId>
<version>1.0b3</version>
<exclusions>
<exclusion>
<groupId>ant</groupId>
<artifactId>ant</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.ant</groupId>
<artifactId>ant-apache-bsf</artifactId>
<version>1.9.3</version>
</dependency>
<dependency>
<groupId>org.apache.bsf</groupId>
<artifactId>bsf-api</artifactId>
<version>3.1</version>
</dependency>
<dependency>
<groupId>rhino</groupId>
<artifactId>js</artifactId>
<version>1.7R2</version>
</dependency>
</dependencies>
</plugin>
<plugin>
<artifactId>maven-assembly-plugin</artifactId>
<executions>
<execution>
<id>assemble</id>
<phase>package</phase>
<goals>
<goal>single</goal>
</goals>
<configuration>
<descriptors>
<descriptor>assembly.xml</descriptor>
</descriptors>
<outputDirectory>
target
</outputDirectory>
<workDirectory>
target/assembly/work
</workDirectory>
<appendAssemblyId>false</appendAssemblyId>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-resources-plugin</artifactId>
<executions>
<execution>
<id>copy-resources</id>
<!-- here the phase you need -->
<phase>validate</phase>
<goals>
<goal>copy-resources</goal>
</goals>
<configuration>
<outputDirectory>${project.build.directory}/modules/org/keycloak/keycloak-adapter-subsystem</outputDirectory>
<resources>
<resource>
<directory>src/main/resources/modules/org/keycloak/keycloak-adapter-subsystem</directory>
<filtering>true</filtering>
</resource>
</resources>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>

13
distribution/adapters/as7-eap6-adapter/as7-modules/src/main/resources/modules/net/iharder/base64/main/module.xml Executable file
View file

@ -0,0 +1,13 @@
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="net.iharder.base64">
<resources>
<!-- Insert resources here -->
</resources>
<dependencies>
<module name="javax.api"/>
</dependencies>
</module>

0
distribution/modules/src/main/resources/modules/org/apache/httpcomponents/4.3/module.xml → distribution/adapters/as7-eap6-adapter/as7-modules/src/main/resources/modules/org/apache/httpcomponents/4.3/module.xml
View file

0
distribution/modules/src/main/resources/modules/org/bouncycastle/main/module.xml → distribution/adapters/as7-eap6-adapter/as7-modules/src/main/resources/modules/org/bouncycastle/main/module.xml
View file

40
distribution/modules/src/main/resources/modules/org/keycloak/keycloak-adapter-core/main/module.xml → distribution/adapters/as7-eap6-adapter/as7-modules/src/main/resources/modules/org/keycloak/keycloak-adapter-core/main/module.xml
View file

@ -1,20 +1,20 @@
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-adapter-core">
<resources>
<!-- Insert resources here -->
</resources>
<dependencies>
<module name="javax.api"/>
<module name="org.codehaus.jackson.jackson-core-asl"/>
<module name="org.codehaus.jackson.jackson-mapper-asl"/>
<module name="org.codehaus.jackson.jackson-xc"/>
<module name="org.apache.httpcomponents" slot="4.3" />
<module name="org.jboss.logging"/>
<module name="org.keycloak.keycloak-core"/>
<module name="net.iharder.base64"/>
</dependencies>
</module>
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-adapter-core">
<resources>
<!-- Insert resources here -->
</resources>
<dependencies>
<module name="javax.api"/>
<module name="org.codehaus.jackson.jackson-core-asl"/>
<module name="org.codehaus.jackson.jackson-mapper-asl"/>
<module name="org.codehaus.jackson.jackson-xc"/>
<module name="org.apache.httpcomponents" slot="4.3" />
<module name="org.jboss.logging"/>
<module name="org.keycloak.keycloak-core"/>
<module name="net.iharder.base64"/>
</dependencies>
</module>

38
distribution/adapters/as7-eap6-adapter/as7-modules/src/main/resources/modules/org/keycloak/keycloak-adapter-subsystem/main/module.xml Executable file
View file

@ -0,0 +1,38 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ JBoss, Home of Professional Open Source.
~ Copyright 2014, Red Hat, Inc., and individual contributors
~ as indicated by the @author tags. See the copyright.txt file in the
~ distribution for a full listing of individual contributors.
~
~ This is free software; you can redistribute it and/or modify it
~ under the terms of the GNU Lesser General Public License as
~ published by the Free Software Foundation; either version 2.1 of
~ the License, or (at your option) any later version.
~
~ This software is distributed in the hope that it will be useful,
~ but WITHOUT ANY WARRANTY; without even the implied warranty of
~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
~ Lesser General Public License for more details.
~
~ You should have received a copy of the GNU Lesser General Public
~ License along with this software; if not, write to the Free
~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
~ 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-->
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-adapter-subsystem">
<properties>
<property name="keycloak-version" value="${project.version}"/>
</properties>
<resources>
<resource-root path="."/>
<!-- Insert resources here -->
</resources>
<dependencies>
<module name="org.keycloak.keycloak-as7-subsystem" export="true" services="export"/>
</dependencies>
</module>

50
distribution/modules/src/main/resources/modules/org/keycloak/keycloak-as7-adapter/main/module.xml → distribution/adapters/as7-eap6-adapter/as7-modules/src/main/resources/modules/org/keycloak/keycloak-as7-adapter/main/module.xml
View file

@ -1,25 +1,25 @@
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-as7-adapter">
<resources>
<!-- Insert resources here -->
</resources>
<dependencies>
<module name="javax.api"/>
<module name="org.bouncycastle" />
<module name="org.codehaus.jackson.jackson-core-asl"/>
<module name="org.codehaus.jackson.jackson-mapper-asl"/>
<module name="org.codehaus.jackson.jackson-xc"/>
<module name="org.apache.httpcomponents" slot="4.3" />
<module name="javax.servlet.api"/>
<module name="org.jboss.logging"/>
<module name="org.jboss.as.security"/>
<module name="org.jboss.as.web"/>
<module name="org.picketbox"/>
<module name="org.keycloak.keycloak-adapter-core"/>
<module name="org.keycloak.keycloak-core"/>
</dependencies>
</module>
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-as7-adapter">
<resources>
<!-- Insert resources here -->
</resources>
<dependencies>
<module name="javax.api"/>
<module name="org.bouncycastle" />
<module name="org.codehaus.jackson.jackson-core-asl"/>
<module name="org.codehaus.jackson.jackson-mapper-asl"/>
<module name="org.codehaus.jackson.jackson-xc"/>
<module name="org.apache.httpcomponents" slot="4.3" />
<module name="javax.servlet.api"/>
<module name="org.jboss.logging"/>
<module name="org.jboss.as.security"/>
<module name="org.jboss.as.web"/>
<module name="org.picketbox"/>
<module name="org.keycloak.keycloak-adapter-core"/>
<module name="org.keycloak.keycloak-core"/>
</dependencies>
</module>

0
distribution/modules/src/main/resources/modules/org/keycloak/keycloak-as7-subsystem/main/module.xml → distribution/adapters/as7-eap6-adapter/as7-modules/src/main/resources/modules/org/keycloak/keycloak-as7-subsystem/main/module.xml
View file

21
distribution/adapters/as7-eap6-adapter/as7-modules/src/main/resources/modules/org/keycloak/keycloak-core/main/module.xml Executable file
View file

@ -0,0 +1,21 @@
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-core">
<resources>
<!-- Insert resources here -->
</resources>
<dependencies>
<module name="org.codehaus.jackson.jackson-core-asl"/>
<module name="org.codehaus.jackson.jackson-mapper-asl"/>
<module name="org.codehaus.jackson.jackson-xc"/>
<module name="org.bouncycastle" />
<module name="net.iharder.base64"/>
<module name="javax.api"/>
<module name="javax.activation.api"/>
<module name="sun.jdk" optional="true" />
<module name="sun.jdk.jgss" optional="true" />
</dependencies>
</module>

34
distribution/modules/src/main/resources/modules/org/keycloak/keycloak-jboss-adapter-core/main/module.xml → distribution/adapters/as7-eap6-adapter/as7-modules/src/main/resources/modules/org/keycloak/keycloak-jboss-adapter-core/main/module.xml
View file

@ -1,17 +1,17 @@
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-jboss-adapter-core">
<resources>
<!-- Insert resources here -->
</resources>
<dependencies>
<module name="javax.api"/>
<module name="org.jboss.logging"/>
<module name="org.picketbox"/>
<module name="org.keycloak.keycloak-adapter-core"/>
<module name="org.keycloak.keycloak-core"/>
</dependencies>
</module>
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-jboss-adapter-core">
<resources>
<!-- Insert resources here -->
</resources>
<dependencies>
<module name="javax.api"/>
<module name="org.jboss.logging"/>
<module name="org.picketbox"/>
<module name="org.keycloak.keycloak-adapter-core"/>
<module name="org.keycloak.keycloak-core"/>
</dependencies>
</module>

59
distribution/adapters/eap6-adapter-zip/assembly.xml → distribution/adapters/as7-eap6-adapter/eap6-adapter-zip/assembly.xml
View file

@ -1,29 +1,30 @@
<assembly>
<id>war-dist</id>
<formats>
<format>zip</format>
<format>tar.gz</format>
</formats>
<includeBaseDirectory>false</includeBaseDirectory>
<fileSets>
<fileSet>
<directory>${project.build.directory}/unpacked</directory>
<includes>
<include>org/bouncycastle/**</include>
<include>net/iharder/base64/**</include>
<include>org/apache/httpcomponents/**</include>
<include>org/keycloak/keycloak-core/**</include>
<include>org/keycloak/keycloak-adapter-core/**</include>
<include>org/keycloak/keycloak-jboss-adapter-core/**</include>
<include>org/keycloak/keycloak-as7-adapter/**</include>
<include>org/keycloak/keycloak-as7-subsystem/**</include>
</includes>
<excludes>
<exclude>**/*.war</exclude>
</excludes>
<outputDirectory>modules/system/layers/base</outputDirectory>
</fileSet>
</fileSets>
</assembly>
<assembly>
<id>war-dist</id>
<formats>
<format>zip</format>
<format>tar.gz</format>
</formats>
<includeBaseDirectory>false</includeBaseDirectory>
<fileSets>
<fileSet>
<directory>${project.build.directory}/unpacked</directory>
<includes>
<include>org/bouncycastle/**</include>
<include>net/iharder/base64/**</include>
<include>org/apache/httpcomponents/**</include>
<include>org/keycloak/keycloak-core/**</include>
<include>org/keycloak/keycloak-adapter-core/**</include>
<include>org/keycloak/keycloak-jboss-adapter-core/**</include>
<include>org/keycloak/keycloak-as7-adapter/**</include>
<include>org/keycloak/keycloak-as7-subsystem/**</include>
<include>org/keycloak/keycloak-adapter-subsystem/**</include>
</includes>
<excludes>
<exclude>**/*.war</exclude>
</excludes>
<outputDirectory>modules/system/layers/base</outputDirectory>
</fileSet>
</fileSets>
</assembly>

158
distribution/adapters/eap6-adapter-zip/pom.xml → distribution/adapters/as7-eap6-adapter/eap6-adapter-zip/pom.xml
View file

@ -1,79 +1,79 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
<version>1.3.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<artifactId>keycloak-eap6-adapter-dist</artifactId>
<packaging>pom</packaging>
<name>Keycloak EAP6 Adapter Distro</name>
<description/>
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-as7-adapter</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-jboss-modules</artifactId>
<type>zip</type>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<executions>
<execution>
<id>unpack</id>
<phase>prepare-package</phase>
<goals>
<goal>unpack</goal>
</goals>
<configuration>
<artifactItems>
<artifactItem>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-jboss-modules</artifactId>
<type>zip</type>
<outputDirectory>${project.build.directory}/unpacked</outputDirectory>
</artifactItem>
</artifactItems>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<artifactId>maven-assembly-plugin</artifactId>
<executions>
<execution>
<id>assemble</id>
<phase>package</phase>
<goals>
<goal>single</goal>
</goals>
<configuration>
<descriptors>
<descriptor>assembly.xml</descriptor>
</descriptors>
<outputDirectory>
target
</outputDirectory>
<workDirectory>
target/assembly/work
</workDirectory>
<appendAssemblyId>false</appendAssemblyId>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
<version>1.3.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
<artifactId>keycloak-eap6-adapter-dist</artifactId>
<packaging>pom</packaging>
<name>Keycloak JBoss EAP 6 Adapter Distro</name>
<description/>
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-as7-adapter</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-as7-modules</artifactId>
<type>zip</type>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<executions>
<execution>
<id>unpack</id>
<phase>prepare-package</phase>
<goals>
<goal>unpack</goal>
</goals>
<configuration>
<artifactItems>
<artifactItem>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-as7-modules</artifactId>
<type>zip</type>
<outputDirectory>${project.build.directory}/unpacked</outputDirectory>
</artifactItem>
</artifactItems>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<artifactId>maven-assembly-plugin</artifactId>
<executions>
<execution>
<id>assemble</id>
<phase>package</phase>
<goals>
<goal>single</goal>
</goals>
<configuration>
<descriptors>
<descriptor>assembly.xml</descriptor>
</descriptors>
<outputDirectory>
target
</outputDirectory>
<workDirectory>
target/assembly/work
</workDirectory>
<appendAssemblyId>false</appendAssemblyId>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>

21
distribution/adapters/as7-eap6-adapter/pom.xml Normal file
View file

@ -0,0 +1,21 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
<version>1.3.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<name>Keycloak AS7 / JBoss EAP 6 Adapter Distros</name>
<description/>
<modelVersion>4.0.0</modelVersion>
<artifactId>keycloak-as7-eap6-adapter-dist-pom</artifactId>
<packaging>pom</packaging>
<modules>
<module>as7-modules</module>
<module>as7-adapter-zip</module>
<module>eap6-adapter-zip</module>
</modules>
</project>

5
distribution/adapters/pom.xml
View file

@ -27,8 +27,7 @@
</build>
<modules>
<module>as7-adapter-zip</module>
<module>eap6-adapter-zip</module>
<module>as7-eap6-adapter</module>
<module>jetty81-adapter-zip</module>
<module>jetty91-adapter-zip</module>
<module>jetty92-adapter-zip</module>
@ -37,7 +36,7 @@
<module>tomcat6-adapter-zip</module>
<module>tomcat7-adapter-zip</module>
<module>tomcat8-adapter-zip</module>
<module>wildfly-adapter-zip</module>
<module>wf8-adapter</module>
<module>wf9-adapter</module>
</modules>
</project>

1
distribution/adapters/wf8-adapter/wf8-adapter-zip/assembly.xml
View file

@ -19,6 +19,7 @@
<include>org/keycloak/keycloak-undertow-adapter/**</include>
<include>org/keycloak/keycloak-wildfly-adapter/**</include>
<include>org/keycloak/keycloak-wf8-subsystem/**</include>
<include>org/keycloak/keycloak-adapter-subsystem/**</include>
</includes>
<excludes>
<exclude>**/*.war</exclude>

25
distribution/adapters/wf8-adapter/wf8-modules/pom.xml
View file

@ -40,7 +40,6 @@
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-wf8-subsystem</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
@ -132,6 +131,30 @@
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-resources-plugin</artifactId>
<executions>
<execution>
<id>copy-resources</id>
<!-- here the phase you need -->
<phase>validate</phase>
<goals>
<goal>copy-resources</goal>
</goals>
<configuration>
<outputDirectory>${project.build.directory}/modules/org/keycloak/keycloak-adapter-subsystem</outputDirectory>
<resources>
<resource>
<directory>src/main/resources/modules/org/keycloak/keycloak-adapter-subsystem</directory>
<filtering>true</filtering>
</resource>
</resources>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>

38
distribution/adapters/wf8-adapter/wf8-modules/src/main/resources/modules/org/keycloak/keycloak-adapter-subsystem/main/module.xml Executable file
View file

@ -0,0 +1,38 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ JBoss, Home of Professional Open Source.
~ Copyright 2014, Red Hat, Inc., and individual contributors
~ as indicated by the @author tags. See the copyright.txt file in the
~ distribution for a full listing of individual contributors.
~
~ This is free software; you can redistribute it and/or modify it
~ under the terms of the GNU Lesser General Public License as
~ published by the Free Software Foundation; either version 2.1 of
~ the License, or (at your option) any later version.
~
~ This software is distributed in the hope that it will be useful,
~ but WITHOUT ANY WARRANTY; without even the implied warranty of
~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
~ Lesser General Public License for more details.
~
~ You should have received a copy of the GNU Lesser General Public
~ License along with this software; if not, write to the Free
~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
~ 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-->
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-adapter-subsystem">
<properties>
<property name="keycloak-version" value="${project.version}"/>
</properties>
<resources>
<resource-root path="."/>
<!-- Insert resources here -->
</resources>
<dependencies>
<module name="org.keycloak.keycloak-wf8-subsystem" export="true" services="export"/>
</dependencies>
</module>

20
distribution/adapters/wf9-adapter/pom.xml Normal file
View file

@ -0,0 +1,20 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
<version>1.3.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<name>Keycloak Wildfly 9 Adapter</name>
<description/>
<modelVersion>4.0.0</modelVersion>
<artifactId>keycloak-wf9-adapter-dist-pom</artifactId>
<packaging>pom</packaging>
<modules>
<module>wf9-modules</module>
<module>wf9-adapter-zip</module>
</modules>
</project>

58
distribution/adapters/wildfly-adapter-zip/assembly.xml → distribution/adapters/wf9-adapter/wf9-adapter-zip/assembly.xml
View file

@ -1,29 +1,29 @@
<assembly>
<id>war-dist</id>
<formats>
<format>zip</format>
<format>tar.gz</format>
</formats>
<includeBaseDirectory>false</includeBaseDirectory>
<fileSets>
<fileSet>
<directory>${project.build.directory}/unpacked</directory>
<includes>
<include>net/iharder/base64/**</include>
<include>org/apache/httpcomponents/**</include>
<include>org/keycloak/keycloak-core/**</include>
<include>org/keycloak/keycloak-adapter-core/**</include>
<include>org/keycloak/keycloak-jboss-adapter-core/**</include>
<include>org/keycloak/keycloak-undertow-adapter/**</include>
<include>org/keycloak/keycloak-wildfly-adapter/**</include>
<include>org/keycloak/keycloak-adapter-subsystem/**</include>
</includes>
<excludes>
<exclude>**/*.war</exclude>
</excludes>
<outputDirectory>modules/system/layers/base</outputDirectory>
</fileSet>
</fileSets>
</assembly>
<assembly>
<id>war-dist</id>
<formats>
<format>zip</format>
<format>tar.gz</format>
</formats>
<includeBaseDirectory>false</includeBaseDirectory>
<fileSets>
<fileSet>
<directory>${project.build.directory}/unpacked</directory>
<includes>
<include>net/iharder/base64/**</include>
<include>org/keycloak/keycloak-core/**</include>
<include>org/keycloak/keycloak-adapter-core/**</include>
<include>org/keycloak/keycloak-jboss-adapter-core/**</include>
<include>org/keycloak/keycloak-undertow-adapter/**</include>
<include>org/keycloak/keycloak-wildfly-adapter/**</include>
<include>org/keycloak/keycloak-wf9-subsystem/**</include>
<include>org/keycloak/keycloak-adapter-subsystem/**</include>
</includes>
<excludes>
<exclude>**/*.war</exclude>
</excludes>
<outputDirectory>modules/system/layers/base</outputDirectory>
</fileSet>
</fileSets>
</assembly>

152
distribution/adapters/wildfly-adapter-zip/pom.xml → distribution/adapters/wf9-adapter/wf9-adapter-zip/pom.xml
View file

@ -1,76 +1,76 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
<version>1.3.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<artifactId>keycloak-wildfly-adapter-dist</artifactId>
<packaging>pom</packaging>
<name>Keycloak Wildfly Adapter Distro</name>
<description/>
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-jboss-modules</artifactId>
<type>zip</type>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<executions>
<execution>
<id>unpack</id>
<phase>prepare-package</phase>
<goals>
<goal>unpack</goal>
</goals>
<configuration>
<artifactItems>
<artifactItem>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-jboss-modules</artifactId>
<type>zip</type>
<outputDirectory>${project.build.directory}/unpacked</outputDirectory>
</artifactItem>
</artifactItems>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<artifactId>maven-assembly-plugin</artifactId>
<executions>
<execution>
<id>assemble</id>
<phase>package</phase>
<goals>
<goal>single</goal>
</goals>
<configuration>
<descriptors>
<descriptor>assembly.xml</descriptor>
</descriptors>
<outputDirectory>
target
</outputDirectory>
<workDirectory>
target/assembly/work
</workDirectory>
<appendAssemblyId>false</appendAssemblyId>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
<version>1.3.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
<artifactId>keycloak-wf9-adapter-dist</artifactId>
<packaging>pom</packaging>
<name>Keycloak Wildfly 9 Adapter Distro</name>
<description/>
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-wf9-modules</artifactId>
<type>zip</type>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<executions>
<execution>
<id>unpack</id>
<phase>prepare-package</phase>
<goals>
<goal>unpack</goal>
</goals>
<configuration>
<artifactItems>
<artifactItem>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-wf9-modules</artifactId>
<type>zip</type>
<outputDirectory>${project.build.directory}/unpacked</outputDirectory>
</artifactItem>
</artifactItems>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<artifactId>maven-assembly-plugin</artifactId>
<executions>
<execution>
<id>assemble</id>
<phase>package</phase>
<goals>
<goal>single</goal>
</goals>
<configuration>
<descriptors>
<descriptor>assembly.xml</descriptor>
</descriptors>
<outputDirectory>
target
</outputDirectory>
<workDirectory>
target/assembly/work
</workDirectory>
<appendAssemblyId>false</appendAssemblyId>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>

22
distribution/adapters/wf9-adapter/wf9-modules/assembly.xml Executable file
View file

@ -0,0 +1,22 @@
<assembly>
<id>dist</id>
<formats>
<format>zip</format>
</formats>
<includeBaseDirectory>false</includeBaseDirectory>
<fileSets>
<fileSet>
<directory>../../</directory>
<includes>
<include>License.html</include>
</includes>
<outputDirectory></outputDirectory>
</fileSet>
<fileSet>
<directory>${project.build.directory}/modules</directory>
<outputDirectory></outputDirectory>
</fileSet>
</fileSets>
</assembly>

82
distribution/adapters/wf9-adapter/wf9-modules/build.xml Executable file
View file

@ -0,0 +1,82 @@
<!--
~ JBoss, Home of Professional Open Source.
~ Copyright 2012, Red Hat, Inc., and individual contributors
~ as indicated by the @author tags. See the copyright.txt file in the
~ distribution for a full listing of individual contributors.
~
~ This is free software; you can redistribute it and/or modify it
~ under the terms of the GNU Lesser General Public License as
~ published by the Free Software Foundation; either version 2.1 of
~ the License, or (at your option) any later version.
~
~ This software is distributed in the hope that it will be useful,
~ but WITHOUT ANY WARRANTY; without even the implied warranty of
~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
~ Lesser General Public License for more details.
~
~ You should have received a copy of the GNU Lesser General Public
~ License along with this software; if not, write to the Free
~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
~ 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-->
<project name="module-repository" basedir="." default="all">
<import file="lib.xml"/>
<property name="output.dir" value="target"/>
<target name="all">
<antcall target="modules">
<param name="mavenized.modules" value="false"/>
<param name="output.dir" value="target"/>
</antcall>
</target>
<target name="modules">
<!-- server min dependencies -->
<module-def name="org.keycloak.keycloak-core">
<maven-resource group="org.keycloak" artifact="keycloak-core"/>
</module-def>
<module-def name="net.iharder.base64">
<maven-resource group="net.iharder" artifact="base64"/>
</module-def>
<!-- subsystems -->
<module-def name="org.keycloak.keycloak-adapter-core">
<maven-resource group="org.keycloak" artifact="keycloak-adapter-core"/>
</module-def>
<module-def name="org.keycloak.keycloak-jboss-adapter-core">
<maven-resource group="org.keycloak" artifact="keycloak-jboss-adapter-core"/>
</module-def>
<module-def name="org.keycloak.keycloak-undertow-adapter">
<maven-resource group="org.keycloak" artifact="keycloak-undertow-adapter"/>
</module-def>
<module-def name="org.keycloak.keycloak-wildfly-adapter">
<maven-resource group="org.keycloak" artifact="keycloak-wildfly-adapter"/>
</module-def>
<module-def name="org.keycloak.keycloak-wf9-subsystem">
<maven-resource group="org.keycloak" artifact="keycloak-wf9-subsystem"/>
</module-def>
</target>
<target name="clean-target">
<delete dir="${output.dir}"/>
</target>
<target name="clean" depends="clean-target">
<delete file="maven-ant-tasks.jar"/>
</target>
</project>

282
distribution/adapters/wf9-adapter/wf9-modules/lib.xml Executable file
View file

@ -0,0 +1,282 @@
<!--
~ JBoss, Home of Professional Open Source.
~ Copyright 2010, Red Hat, Inc., and individual contributors
~ as indicated by the @author tags. See the copyright.txt file in the
~ distribution for a full listing of individual contributors.
~
~ This is free software; you can redistribute it and/or modify it
~ under the terms of the GNU Lesser General Public License as
~ published by the Free Software Foundation; either version 2.1 of
~ the License, or (at your option) any later version.
~
~ This software is distributed in the hope that it will be useful,
~ but WITHOUT ANY WARRANTY; without even the implied warranty of
~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
~ Lesser General Public License for more details.
~
~ You should have received a copy of the GNU Lesser General Public
~ License along with this software; if not, write to the Free
~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
~ 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-->
<project name="module-repository-lib">
<property name="src.dir" value="src"/>
<property name="module.repo.src.dir" value="${src.dir}/main/resources/modules"/>
<property name="module.xml" value="module.xml"/>
<taskdef resource="net/sf/antcontrib/antlib.xml"/>
<taskdef name="jandex" classname="org.jboss.jandex.JandexAntTask" />
<macrodef name="module-def">
<attribute name="name"/>
<attribute name="slot" default="main"/>
<element name="resources" implicit="yes" optional="yes"/>
<sequential>
<echo message="Initializing module -> @{name}"/>
<property name="module.repo.output.dir" value="${output.dir}/modules"/>
<!-- Figure out the correct module path -->
<define-module-dir name="@{name}" slot="@{slot}"/>
<!-- Make the module output director -->
<mkdir dir="${module.repo.output.dir}/${current.module.path}"/>
<!-- Copy the module.xml and other stuff to the output director -->
<copy todir="${module.repo.output.dir}/${current.module.path}" overwrite="true">
<fileset dir="${module.repo.src.dir}/${current.module.path}">
<include name="**"/>
</fileset>
</copy>
<!-- Process the resource -->
<resources/>
<!-- Add keycloak version property to module xml -->
<replace file="${module.repo.output.dir}/${current.module.path}/${module.xml}"
token="$${project.version}"
value="${project.version}"/>
<!-- Some final cleanup -->
<replace file="${module.repo.output.dir}/${current.module.path}/${module.xml}">
<replacetoken>
<![CDATA[
<!-- Insert resources here -->]]></replacetoken>
<replacevalue>
</replacevalue>
</replace>
</sequential>
</macrodef>
<macrodef name="bundle-def">
<attribute name="name"/>
<attribute name="slot" default="main"/>
<element name="resources" implicit="yes" optional="yes"/>
<sequential>
<echo message="Initializing bundle -> @{name}"/>
<property name="bundle.repo.output.dir" value="${output.dir}/bundles/system/layers/base"/>
<!-- Figure out the correct bundle path -->
<define-bundle-dir name="@{name}" slot="@{slot}" />
<!-- Make the bundle output director -->
<mkdir dir="${bundle.repo.output.dir}/${current.bundle.path}"/>
<!-- Process the resource -->
<resources/>
</sequential>
</macrodef>
<macrodef name="maven-bundle" >
<attribute name="group"/>
<attribute name="artifact"/>
<sequential>
<!-- Copy the jar to the bundle dir -->
<property name="bundle.repo.output.dir" value="${output.dir}/bundles/system/layers/base"/>
<copy todir="${bundle.repo.output.dir}/${current.bundle.path}" failonerror="true">
<fileset file="${@{group}:@{artifact}:jar}"/>
<mapper type="flatten" />
</copy>
</sequential>
</macrodef>
<scriptdef name="define-module-dir" language="javascript" manager="bsf">
<attribute name="name"/>
<attribute name="slot"/>
<![CDATA[
name = attributes.get("name");
name = name.replace(".", "/");
project.setProperty("current.module.path", name + "/" + attributes.get("slot"));
]]>
</scriptdef>
<scriptdef name="define-bundle-dir" language="javascript" manager="bsf">
<attribute name="name"/>
<attribute name="slot"/>
<![CDATA[
name = attributes.get("name");
name = name.replace(".", "/");
project.setProperty("current.bundle.path", name + "/" + attributes.get("slot"));
]]>
</scriptdef>
<!--
Get the version from the parent directory of the jar. If the parent directory is 'target' this
means that the jar is contained in AS build so extract the version from the file name
-->
<scriptdef name="define-maven-artifact" language="javascript" manager="bsf">
<attribute name="group"/>
<attribute name="artifact"/>
<attribute name="classifier"/>
<attribute name="element"/>
<attribute name="path"/>
<![CDATA[
importClass(Packages.java.io.File);
group = attributes.get("group");
artifact = attributes.get("artifact");
classifier = attributes.get("classifier");
element = attributes.get("element");
path = attributes.get("path");
if(path.indexOf('${') != -1) {
throw "Module resource root not found, make sure it is listed in build/pom.xml" + path;
}
fp = new File(path);
version = fp.getParentFile().getName();
if (version.equals("target")) {
version = fp.getName();
version = version.substring(artifact.length() + 1);
suffix = ".jar";
if (classifier) {
suffix = "-" + classifier + suffix;
}
version = version.replace(suffix, "");
}
root = "<" + element + " name=\"" + group + ":" + artifact + ":" + version;
if (classifier) {
root = root + ":" + classifier;
}
root = root + "\"/>";
project.setProperty("current.maven.root", root);
]]>
</scriptdef>
<macrodef name="maven-resource" >
<attribute name="group"/>
<attribute name="artifact"/>
<attribute name="jandex" default="false" />
<sequential>
<if>
<equals arg1="${mavenized.modules}" arg2="true"/>
<then>
<define-maven-artifact group="@{group}" artifact="@{artifact}" element="artifact" path="${@{group}:@{artifact}:jar}"/>
<replace file="${module.repo.output.dir}/${current.module.path}/${module.xml}">
<replacefilter token="&lt;!-- Insert resources here --&gt;" value="${current.maven.root}&#10; &lt;!-- Insert resources here --&gt;"/>
</replace>
</then>
<else>
<!-- Copy the jar to the module dir -->
<copy todir="${module.repo.output.dir}/${current.module.path}" failonerror="true">
<fileset file="${@{group}:@{artifact}:jar}"/>
<mapper type="flatten" />
</copy>
<basename file="${@{group}:@{artifact}:jar}" property="resourcename.@{group}.@{artifact}"/>
<!-- Generate the Jandex Index -->
<jandex run="@{jandex}" newJar="true" >
<fileset dir="${module.repo.output.dir}/${current.module.path}" />
</jandex>
<!-- Update the resource entry in module.xml -->
<define-resource-root path="${resourcename.@{group}.@{artifact}}" jandex="@{jandex}"/>
<replace file="${module.repo.output.dir}/${current.module.path}/${module.xml}">
<replacefilter token="&lt;!-- Insert resources here --&gt;" value="${current.resource.root}&#10; &lt;!-- Insert resources here --&gt;"/>
</replace>
</else>
</if>
</sequential>
</macrodef>
<macrodef name="maven-resource-with-classifier" >
<attribute name="group"/>
<attribute name="artifact"/>
<attribute name="classifier"/>
<attribute name="jandex" default="false" />
<sequential>
<if>
<equals arg1="${mavenized.modules}" arg2="true"/>
<then>
<define-maven-artifact group="@{group}" artifact="@{artifact}" element="artifact" classifier="@{classifier}" path="${@{group}:@{artifact}:jar:@{classifier}}"/>
<replace file="${module.repo.output.dir}/${current.module.path}/${module.xml}">
<replacefilter token="&lt;!-- Insert resources here --&gt;" value="${current.maven.root}&#10; &lt;!-- Insert resources here --&gt;"/>
</replace>
</then>
<else>
<!-- Copy the jar to the module dir -->
<copy todir="${module.repo.output.dir}/${current.module.path}" failonerror="true">
<fileset file="${@{group}:@{artifact}:jar:@{classifier}}"/>
<!-- http://jira.codehaus.org/browse/MANTRUN-159 -->
<mapper type="flatten" />
</copy>
<basename file="${@{group}:@{artifact}:jar:@{classifier}}" property="resourcename.@{group}.@{artifact}.@{classifier}"/>
<!-- Update the resource entry in module.xml -->
<define-resource-root path="${resourcename.@{group}.@{artifact}.@{classifier}}"/>
<replace file="${module.repo.output.dir}/${current.module.path}/${module.xml}">
<replacefilter token="&lt;!-- Insert resources here --&gt;" value="${current.resource.root}&#10; &lt;!-- Insert resources here --&gt;"/>
</replace>
</else>
</if>
</sequential>
</macrodef>
<macrodef name="extract-native-jar" >
<attribute name="group"/>
<attribute name="artifact"/>
<sequential>
<if>
<equals arg1="${mavenized.modules}" arg2="true"/>
<then>
<define-maven-artifact group="@{group}" artifact="@{artifact}" element="native-artifact" path="${@{group}:@{artifact}:jar}"/>
<replace file="${module.repo.output.dir}/${current.module.path}/${module.xml}">
<replacefilter token="&lt;!-- Insert resources here --&gt;" value="${current.maven.root}&#10; &lt;!-- Insert resources here --&gt;"/>
</replace>
</then>
<else>
<unzip src="${@{group}:@{artifact}:jar}" dest="${module.repo.output.dir}/${current.module.path}">
<patternset>
<include name="lib/**"/>
</patternset>
</unzip>
</else>
</if>
</sequential>
</macrodef>
<scriptdef name="define-resource-root" language="javascript" manager="bsf">
<attribute name="path"/>
<attribute name="jandex"/>
<![CDATA[
path = attributes.get("path");
root = "<resource-root path=\"" + path + "\"/>";
if(path.indexOf('${') != -1) {
throw "Module resource root not found, make sure it is listed in build/pom.xml" + path;
}
if(attributes.get("jandex") == "true" ) {
root = root + "\n\t<resource-root path=\"" + path.replace(".jar","-jandex.jar") + "\"/>";
}
project.setProperty("current.resource.root", root);
]]>
</scriptdef>
</project>

160
distribution/adapters/wf9-adapter/wf9-modules/pom.xml Executable file
View file

@ -0,0 +1,160 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
<version>1.3.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
<artifactId>keycloak-wf9-modules</artifactId>
<name>Keycloak Wildfly 9 Modules</name>
<packaging>pom</packaging>
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-core</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-adapter-core</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-jboss-adapter-core</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-undertow-adapter</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-wildfly-adapter</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-wf9-subsystem</artifactId>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpmime</artifactId>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpcore</artifactId>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-antrun-plugin</artifactId>
<inherited>false</inherited>
<executions>
<execution>
<id>build-dist</id>
<goals>
<goal>run</goal>
</goals>
<phase>compile</phase>
<configuration>
<target>
<ant antfile="build.xml" inheritRefs="true">
<target name="all"/>
</ant>
</target>
</configuration>
</execution>
</executions>
<dependencies>
<dependency>
<groupId>org.jboss</groupId>
<artifactId>jandex</artifactId>
<version>1.0.3.Final</version>
</dependency>
<dependency>
<groupId>ant-contrib</groupId>
<artifactId>ant-contrib</artifactId>
<version>1.0b3</version>
<exclusions>
<exclusion>
<groupId>ant</groupId>
<artifactId>ant</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.ant</groupId>
<artifactId>ant-apache-bsf</artifactId>
<version>1.9.3</version>
</dependency>
<dependency>
<groupId>org.apache.bsf</groupId>
<artifactId>bsf-api</artifactId>
<version>3.1</version>
</dependency>
<dependency>
<groupId>rhino</groupId>
<artifactId>js</artifactId>
<version>1.7R2</version>
</dependency>
</dependencies>
</plugin>
<plugin>
<artifactId>maven-assembly-plugin</artifactId>
<executions>
<execution>
<id>assemble</id>
<phase>package</phase>
<goals>
<goal>single</goal>
</goals>
<configuration>
<descriptors>
<descriptor>assembly.xml</descriptor>
</descriptors>
<outputDirectory>
target
</outputDirectory>
<workDirectory>
target/assembly/work
</workDirectory>
<appendAssemblyId>false</appendAssemblyId>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-resources-plugin</artifactId>
<executions>
<execution>
<id>copy-resources</id>
<!-- here the phase you need -->
<phase>validate</phase>
<goals>
<goal>copy-resources</goal>
</goals>
<configuration>
<outputDirectory>${project.build.directory}/modules/org/keycloak/keycloak-adapter-subsystem</outputDirectory>
<resources>
<resource>
<directory>src/main/resources/modules/org/keycloak/keycloak-adapter-subsystem</directory>
<filtering>true</filtering>
</resource>
</resources>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>

13
distribution/adapters/wf9-adapter/wf9-modules/src/main/resources/modules/net/iharder/base64/main/module.xml Executable file
View file

@ -0,0 +1,13 @@
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="net.iharder.base64">
<resources>
<!-- Insert resources here -->
</resources>
<dependencies>
<module name="javax.api"/>
</dependencies>
</module>

4
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-adapter-core/main/module.xml → distribution/adapters/wf9-adapter/wf9-modules/src/main/resources/modules/org/keycloak/keycloak-adapter-core/main/module.xml Normal file → Executable file
View file

@ -4,14 +4,14 @@
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-adapter-core">
<resources>
<artifact name="${org.keycloak:keycloak-adapter-core}"/>
<!-- Insert resources here -->
</resources>
<dependencies>
<module name="javax.api"/>
<module name="org.codehaus.jackson.jackson-core-asl"/>
<module name="org.codehaus.jackson.jackson-mapper-asl"/>
<module name="org.codehaus.jackson.jackson-xc"/>
<module name="org.apache.httpcomponents" />
<module name="org.apache.httpcomponents"/>
<module name="org.jboss.logging"/>
<module name="org.keycloak.keycloak-core"/>
<module name="net.iharder.base64"/>

38
distribution/adapters/wf9-adapter/wf9-modules/src/main/resources/modules/org/keycloak/keycloak-adapter-subsystem/main/module.xml Executable file
View file

@ -0,0 +1,38 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ JBoss, Home of Professional Open Source.
~ Copyright 2014, Red Hat, Inc., and individual contributors
~ as indicated by the @author tags. See the copyright.txt file in the
~ distribution for a full listing of individual contributors.
~
~ This is free software; you can redistribute it and/or modify it
~ under the terms of the GNU Lesser General Public License as
~ published by the Free Software Foundation; either version 2.1 of
~ the License, or (at your option) any later version.
~
~ This software is distributed in the hope that it will be useful,
~ but WITHOUT ANY WARRANTY; without even the implied warranty of
~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
~ Lesser General Public License for more details.
~
~ You should have received a copy of the GNU Lesser General Public
~ License along with this software; if not, write to the Free
~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
~ 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-->
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-adapter-subsystem">
<properties>
<property name="keycloak-version" value="${project.version}"/>
</properties>
<resources>
<resource-root path="."/>
<!-- Insert resources here -->
</resources>
<dependencies>
<module name="org.keycloak.keycloak-wf9-subsystem" export="true" services="export"/>
</dependencies>
</module>

21
distribution/adapters/wf9-adapter/wf9-modules/src/main/resources/modules/org/keycloak/keycloak-core/main/module.xml Executable file
View file

@ -0,0 +1,21 @@
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-core">
<resources>
<!-- Insert resources here -->
</resources>
<dependencies>
<module name="org.codehaus.jackson.jackson-core-asl"/>
<module name="org.codehaus.jackson.jackson-mapper-asl"/>
<module name="org.codehaus.jackson.jackson-xc"/>
<module name="org.bouncycastle" />
<module name="net.iharder.base64"/>
<module name="javax.api"/>
<module name="javax.activation.api"/>
<module name="sun.jdk" optional="true" />
<module name="sun.jdk.jgss" optional="true" />
</dependencies>
</module>

2
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-jboss-adapter-core/main/module.xml → distribution/adapters/wf9-adapter/wf9-modules/src/main/resources/modules/org/keycloak/keycloak-jboss-adapter-core/main/module.xml Normal file → Executable file
View file

@ -4,7 +4,7 @@
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-jboss-adapter-core">
<resources>
<artifact name="${org.keycloak:keycloak-jboss-adapter-core}"/>
<!-- Insert resources here -->
</resources>
<dependencies>
<module name="javax.api"/>

50
distribution/modules/src/main/resources/modules/org/keycloak/keycloak-undertow-adapter/main/module.xml → distribution/adapters/wf9-adapter/wf9-modules/src/main/resources/modules/org/keycloak/keycloak-undertow-adapter/main/module.xml
View file

@ -1,25 +1,25 @@
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-undertow-adapter">
<resources>
<!-- Insert resources here -->
</resources>
<dependencies>
<module name="javax.api"/>
<module name="org.bouncycastle" />
<module name="org.codehaus.jackson.jackson-core-asl"/>
<module name="org.codehaus.jackson.jackson-mapper-asl"/>
<module name="org.codehaus.jackson.jackson-xc"/>
<module name="org.apache.httpcomponents" slot="4.3" />
<module name="javax.servlet.api"/>
<module name="org.jboss.logging"/>
<module name="org.jboss.xnio"/>
<module name="io.undertow.core"/>
<module name="io.undertow.servlet"/>
<module name="org.keycloak.keycloak-adapter-core"/>
<module name="org.keycloak.keycloak-core"/>
</dependencies>
</module>
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-undertow-adapter">
<resources>
<!-- Insert resources here -->
</resources>
<dependencies>
<module name="javax.api"/>
<module name="org.bouncycastle" />
<module name="org.codehaus.jackson.jackson-core-asl"/>
<module name="org.codehaus.jackson.jackson-mapper-asl"/>
<module name="org.codehaus.jackson.jackson-xc"/>
<module name="org.apache.httpcomponents"/>
<module name="javax.servlet.api"/>
<module name="org.jboss.logging"/>
<module name="org.jboss.xnio"/>
<module name="io.undertow.core"/>
<module name="io.undertow.servlet"/>
<module name="org.keycloak.keycloak-adapter-core"/>
<module name="org.keycloak.keycloak-core"/>
</dependencies>
</module>

7
distribution/modules/src/main/resources/modules/org/keycloak/keycloak-adapter-subsystem/main/module.xml → distribution/adapters/wf9-adapter/wf9-modules/src/main/resources/modules/org/keycloak/keycloak-wf9-subsystem/main/module.xml
View file

@ -22,7 +22,7 @@
~ 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-->
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-adapter-subsystem">
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-wf9-subsystem">
<properties>
<property name="keycloak-version" value="${project.version}"/>
</properties>
@ -42,10 +42,7 @@
<module name="org.jboss.msc"/>
<module name="org.jboss.logging"/>
<module name="org.jboss.vfs"/>
<module name="org.jboss.as.web-common" optional="true"/>
<module name="org.jboss.as.web" optional="true"/>
<module name="org.jboss.as.version" optional="true"/>
<module name="org.keycloak.keycloak-as7-adapter" optional="true"/>
<module name="org.jboss.as.web-common"/>
<module name="org.jboss.metadata"/>
</dependencies>
</module>

52
distribution/modules/src/main/resources/modules/org/keycloak/keycloak-wildfly-adapter/main/module.xml → distribution/adapters/wf9-adapter/wf9-modules/src/main/resources/modules/org/keycloak/keycloak-wildfly-adapter/main/module.xml
View file

@ -1,26 +1,26 @@
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-wildfly-adapter">
<resources>
<!-- Insert resources here -->
</resources>
<dependencies>
<module name="javax.api"/>
<module name="org.bouncycastle" />
<module name="org.codehaus.jackson.jackson-core-asl"/>
<module name="org.codehaus.jackson.jackson-mapper-asl"/>
<module name="org.codehaus.jackson.jackson-xc"/>
<module name="org.apache.httpcomponents" slot="4.3" />
<module name="javax.servlet.api"/>
<module name="org.jboss.logging"/>
<module name="io.undertow.core"/>
<module name="io.undertow.servlet"/>
<module name="org.picketbox"/>
<module name="org.keycloak.keycloak-undertow-adapter"/>
<module name="org.keycloak.keycloak-adapter-core"/>
<module name="org.keycloak.keycloak-core"/>
</dependencies>
</module>
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-wildfly-adapter">
<resources>
<!-- Insert resources here -->
</resources>
<dependencies>
<module name="javax.api"/>
<module name="org.bouncycastle" />
<module name="org.codehaus.jackson.jackson-core-asl"/>
<module name="org.codehaus.jackson.jackson-mapper-asl"/>
<module name="org.codehaus.jackson.jackson-xc"/>
<module name="org.apache.httpcomponents"/>
<module name="javax.servlet.api"/>
<module name="org.jboss.logging"/>
<module name="io.undertow.core"/>
<module name="io.undertow.servlet"/>
<module name="org.picketbox"/>
<module name="org.keycloak.keycloak-undertow-adapter"/>
<module name="org.keycloak.keycloak-adapter-core"/>
<module name="org.keycloak.keycloak-core"/>
</dependencies>
</module>

10
distribution/feature-packs/server-feature-pack/pom.xml
View file

@ -48,21 +48,11 @@
<artifactId>keycloak-wildfly-server-subsystem</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-wildfly-extensions</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.wildfly</groupId>
<artifactId>wildfly-feature-pack</artifactId>
<type>zip</type>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-undertow-adapter</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak.subsystem</groupId>
<artifactId>keycloak-server</artifactId>

3
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-services/main/module.xml
View file

@ -36,7 +36,6 @@
<module name="org.keycloak.keycloak-forms-common-themes" services="import"/>
<module name="org.keycloak.keycloak-invalidation-cache-infinispan" services="import"/>
<module name="org.keycloak.keycloak-invalidation-cache-model" services="import"/>
<module name="org.keycloak.keycloak-jboss-adapter-core" services="import"/>
<module name="org.keycloak.keycloak-js-adapter" services="import"/>
<module name="org.keycloak.keycloak-kerberos-federation" services="import"/>
<module name="org.keycloak.keycloak-ldap-federation" services="import"/>
@ -50,8 +49,6 @@
<module name="org.keycloak.keycloak-model-sessions-jpa" services="import"/>
<module name="org.keycloak.keycloak-model-sessions-mem" services="import"/>
<module name="org.keycloak.keycloak-model-sessions-mongo" services="import"/>
<module name="org.keycloak.keycloak-wildfly-extensions" services="import"/>
<module name="org.keycloak.keycloak-saml-protocol" services="import"/>
<module name="org.keycloak.keycloak-services" export="true" services="import"/>
<module name="org.keycloak.keycloak-social-core" services="import"/>

25
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-undertow-adapter/main/module.xml
View file

@ -1,25 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-undertow-adapter">
<resources>
<artifact name="${org.keycloak:keycloak-undertow-adapter}"/>
</resources>
<dependencies>
<module name="javax.api"/>
<module name="org.bouncycastle" />
<module name="org.codehaus.jackson.jackson-core-asl"/>
<module name="org.codehaus.jackson.jackson-mapper-asl"/>
<module name="org.codehaus.jackson.jackson-xc"/>
<module name="org.apache.httpcomponents" />
<module name="javax.servlet.api"/>
<module name="org.jboss.logging"/>
<module name="org.jboss.xnio"/>
<module name="io.undertow.core"/>
<module name="io.undertow.servlet"/>
<module name="org.keycloak.keycloak-adapter-core"/>
<module name="org.keycloak.keycloak-core"/>
</dependencies>
</module>

27
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-wildfly-adapter/main/module.xml
View file

@ -1,27 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-wildfly-adapter">
<resources>
<artifact name="${org.keycloak:keycloak-wildfly-adapter}"/>
</resources>
<dependencies>
<module name="javax.api"/>
<module name="org.bouncycastle" />
<module name="org.codehaus.jackson.jackson-core-asl"/>
<module name="org.codehaus.jackson.jackson-mapper-asl"/>
<module name="org.codehaus.jackson.jackson-xc"/>
<module name="org.apache.httpcomponents" />
<module name="javax.servlet.api"/>
<module name="org.jboss.logging"/>
<module name="io.undertow.core"/>
<module name="io.undertow.servlet"/>
<module name="org.picketbox"/>
<module name="org.keycloak.keycloak-undertow-adapter"/>
<module name="org.keycloak.keycloak-adapter-core"/>
<module name="org.keycloak.keycloak-core"/>
<module name="org.jboss.xnio"/>
</dependencies>
</module>

15
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-wildfly-extensions/main/module.xml
View file

@ -1,15 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-wildfly-extensions">
<resources>
<artifact name="${org.keycloak:keycloak-wildfly-extensions}"/>
</resources>
<dependencies>
<module name="org.keycloak.keycloak-core"/>
<module name="org.keycloak.keycloak-model-api"/>
<module name="org.keycloak.keycloak-services"/>
<module name="org.keycloak.keycloak-forms-common-freemarker"/>
<module name="org.keycloak.keycloak-forms-common-themes"/>
<module name="org.jboss.modules"/>
</dependencies>
</module>

43
distribution/modules/build.xml
View file

@ -46,11 +46,6 @@
<maven-resource group="net.iharder" artifact="base64"/>
</module-def>
<module-def name="org.bouncycastle">
<maven-resource group="org.bouncycastle" artifact="bcprov-jdk15on"/>
<maven-resource group="org.bouncycastle" artifact="bcpkix-jdk15on"/>
</module-def>
<module-def name="org.keycloak.keycloak-broker-core">
<maven-resource group="org.keycloak" artifact="keycloak-broker-core"/>
</module-def>
@ -71,10 +66,6 @@
<maven-resource group="org.keycloak" artifact="keycloak-services"/>
</module-def>
<module-def name="org.keycloak.keycloak-wildfly-extensions">
<maven-resource group="org.keycloak" artifact="keycloak-wildfly-extensions"/>
</module-def>
<module-def name="com.google.zxing.core">
<maven-resource group="com.google.zxing" artifact="core"/>
</module-def>
@ -315,43 +306,9 @@
<module-def name="org.keycloak.keycloak-server"></module-def>
<module-def name="org.keycloak.keycloak-adapter-core">
<maven-resource group="org.keycloak" artifact="keycloak-adapter-core"/>
</module-def>
<module-def name="org.keycloak.keycloak-jboss-adapter-core">
<maven-resource group="org.keycloak" artifact="keycloak-jboss-adapter-core"/>
</module-def>
<module-def name="org.keycloak.keycloak-as7-adapter">
<maven-resource group="org.keycloak" artifact="keycloak-as7-adapter"/>
<maven-resource group="org.keycloak" artifact="keycloak-tomcat-core-adapter"/>
</module-def>
<module-def name="org.keycloak.keycloak-undertow-adapter">
<maven-resource group="org.keycloak" artifact="keycloak-undertow-adapter"/>
</module-def>
<module-def name="org.keycloak.keycloak-wildfly-adapter">
<maven-resource group="org.keycloak" artifact="keycloak-wildfly-adapter"/>
</module-def>
<module-def name="org.keycloak.keycloak-server-subsystem">
<maven-resource group="org.keycloak" artifact="keycloak-wildfly-server-subsystem"/>
</module-def>
<module-def name="org.keycloak.keycloak-adapter-subsystem">
<maven-resource group="org.keycloak" artifact="keycloak-wildfly-adapter-subsystem"/>
</module-def>
<module-def name="org.keycloak.keycloak-as7-subsystem">
<maven-resource group="org.keycloak" artifact="keycloak-as7-subsystem"/>
</module-def>
<module-def name="org.apache.httpcomponents" slot="4.3">
<maven-resource group="org.apache.httpcomponents" artifact="httpclient"/>
<maven-resource group="org.apache.httpcomponents" artifact="httpcore"/>
<maven-resource group="org.apache.httpcomponents" artifact="httpmime"/>
</module-def>
</target>
<target name="clean-target">

37
distribution/modules/pom.xml
View file

@ -34,53 +34,16 @@
<groupId>org.keycloak</groupId>
<artifactId>keycloak-core-jaxrs</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-adapter-core</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-jboss-adapter-core</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-as7-adapter</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-undertow-adapter</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-wildfly-adapter</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-wildfly-server-subsystem</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-wildfly-adapter-subsystem</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.keycloak.subsystem</groupId>
<artifactId>keycloak-server</artifactId>
<type>war</type>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-as7-subsystem</artifactId>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpmime</artifactId>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpcore</artifactId>
</dependency>
</dependencies>
<build>

2
distribution/modules/src/main/resources/modules/org/keycloak/keycloak-connections-http-client/main/module.xml
View file

@ -14,7 +14,7 @@
<module name="org.keycloak.keycloak-model-api"/>
<module name="org.jboss.logging"/>
<module name="javax.api"/>
<module name="org.apache.httpcomponents" slot="4.3" />
<module name="org.apache.httpcomponents"/>
</dependencies>
</module>

2
distribution/modules/src/main/resources/modules/org/keycloak/keycloak-saml-protocol/main/module.xml
View file

@ -16,7 +16,7 @@
<module name="org.keycloak.keycloak-login-api"/>
<module name="org.keycloak.keycloak-services"/>
<module name="org.keycloak.keycloak-forms-common-freemarker"/>
<module name="org.apache.httpcomponents" slot="4.3" />
<module name="org.apache.httpcomponents"/>
<module name="org.jboss.logging"/>
<module name="javax.ws.rs.api"/>
<module name="org.jboss.resteasy.resteasy-jaxrs"/>

1
distribution/modules/src/main/resources/modules/org/keycloak/keycloak-server-subsystem/main/module.xml
View file

@ -46,7 +46,6 @@
<module name="org.jboss.as.web-common" optional="true"/>
<module name="org.jboss.as.web" optional="true"/>
<module name="org.jboss.as.version" optional="true"/>
<module name="org.keycloak.keycloak-as7-adapter" optional="true"/>
<module name="org.jboss.metadata"/>
</dependencies>
</module>

7
distribution/modules/src/main/resources/modules/org/keycloak/keycloak-server/main/module.xml
View file

@ -9,10 +9,6 @@
<dependencies>
<module name="org.keycloak.keycloak-account-api" services="import"/>
<module name="org.keycloak.keycloak-account-freemarker" services="import"/>
<module name="org.keycloak.keycloak-adapter-core" services="import"/>
<module name="org.keycloak.keycloak-adapter-subsystem" services="import"/>
<module name="org.keycloak.keycloak-as7-adapter" services="import"/>
<module name="org.keycloak.keycloak-as7-subsystem" services="import"/>
<module name="org.keycloak.keycloak-connections-infinispan" services="import"/>
<module name="org.keycloak.keycloak-connections-jpa" services="import"/>
<module name="org.keycloak.keycloak-connections-jpa-liquibase" services="import"/>
@ -36,7 +32,6 @@
<module name="org.keycloak.keycloak-forms-common-themes" services="import"/>
<module name="org.keycloak.keycloak-invalidation-cache-infinispan" services="import"/>
<module name="org.keycloak.keycloak-invalidation-cache-model" services="import"/>
<module name="org.keycloak.keycloak-jboss-adapter-core" services="import"/>
<module name="org.keycloak.keycloak-js-adapter" services="import"/>
<module name="org.keycloak.keycloak-kerberos-federation" services="import"/>
<module name="org.keycloak.keycloak-ldap-federation" services="import"/>
@ -61,8 +56,6 @@
<module name="org.keycloak.keycloak-server-subsystem" services="import"/>
<module name="org.keycloak.keycloak-timer-api" services="import"/>
<module name="org.keycloak.keycloak-timer-basic" services="import"/>
<module name="org.keycloak.keycloak-undertow-adapter" services="import"/>
<module name="org.keycloak.keycloak-wildfly-adapter" services="import"/>
</dependencies>
</module>

4
distribution/modules/src/main/resources/modules/org/keycloak/keycloak-services/main/module.xml
View file

@ -36,7 +36,6 @@
<module name="org.keycloak.keycloak-forms-common-themes" services="import"/>
<module name="org.keycloak.keycloak-invalidation-cache-infinispan" services="import"/>
<module name="org.keycloak.keycloak-invalidation-cache-model" services="import"/>
<module name="org.keycloak.keycloak-jboss-adapter-core" services="import"/>
<module name="org.keycloak.keycloak-js-adapter" services="import"/>
<module name="org.keycloak.keycloak-kerberos-federation" services="import"/>
<module name="org.keycloak.keycloak-ldap-federation" services="import"/>
@ -50,7 +49,6 @@
<module name="org.keycloak.keycloak-model-sessions-jpa" services="import"/>
<module name="org.keycloak.keycloak-model-sessions-mem" services="import"/>
<module name="org.keycloak.keycloak-model-sessions-mongo" services="import"/>
<module name="org.keycloak.keycloak-wildfly-extensions" services="import"/>
<module name="org.keycloak.keycloak-saml-protocol" services="import"/>
<module name="org.keycloak.keycloak-services" export="true" services="import"/>
@ -78,7 +76,7 @@
<module name="net.iharder.base64"/>
<module name="javax.api"/>
<module name="javax.activation.api"/>
<module name="org.apache.httpcomponents" slot="4.3" />
<module name="org.apache.httpcomponents"/>
</dependencies>
</module>

15
distribution/modules/src/main/resources/modules/org/keycloak/keycloak-wildfly-extensions/main/module.xml
View file

@ -1,15 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-wildfly-extensions">
<resources>
<!-- Insert resources here -->
</resources>
<dependencies>
<module name="org.keycloak.keycloak-core"/>
<module name="org.keycloak.keycloak-model-api"/>
<module name="org.keycloak.keycloak-services"/>
<module name="org.keycloak.keycloak-forms-common-freemarker"/>
<module name="org.keycloak.keycloak-forms-common-themes"/>
<module name="org.jboss.modules"/>
</dependencies>
</module>

4
distribution/subsystem-war/src/main/webapp/WEB-INF/jboss-deployment-structure.xml
View file

@ -26,7 +26,6 @@
<module name="org.keycloak.keycloak-forms-common-themes" services="import"/>
<module name="org.keycloak.keycloak-invalidation-cache-infinispan" services="import"/>
<module name="org.keycloak.keycloak-invalidation-cache-model" services="import"/>
<module name="org.keycloak.keycloak-jboss-adapter-core" services="import"/>
<module name="org.keycloak.keycloak-js-adapter" services="import"/>
<module name="org.keycloak.keycloak-kerberos-federation" services="import"/>
<module name="org.keycloak.keycloak-ldap-federation" services="import"/>
@ -63,9 +62,6 @@
<!-- Exclude keycloak modules -->
<module name="org.keycloak.keycloak-core" />
<module name="org.keycloak.keycloak-adapter-core" />
<module name="org.keycloak.keycloak-undertow-adapter" />
<module name="org.keycloak.keycloak-as7-adapter" />
</exclusions>
<exclude-subsystems>
<subsystem name="webservices"/>

11
docbook/reference/en/en-US/modules/MigrationFromOlderVersions.xml
View file

@ -79,6 +79,17 @@
<section>
<title>Version specific migration</title>
<section>
<title>Migrating to 1.3.0.Final</title>
<simplesect>
<title>Direct Grant API always enabled</title>
<para>
In the past Direct Grant API (or Resource Owner Password Credentials) was disabled by default and
there was an option on a realm to enable it. The Direct Grant API is now always enabled and the
option to enable/disable for a realm is removed.
</para>
</simplesect>
</section>
<section>
<title>Migrating from 1.2.0.Beta1 to 1.2.0.RC1</title>
<simplesect>

7
docbook/reference/en/en-US/modules/direct-access.xml
View file

@ -3,8 +3,7 @@
<para>
Keycloak allows you to make direct REST invocations to obtain an access token.
(See <ulink url="http://tools.ietf.org/html/rfc6749#section-4.3">Resource Owner Password Credentials Grant</ulink>
from OAuth 2.0 spec). To use it, Direct Access Grants must be allowed by your realm. This is a configuration switch
in the admin console under Settings->General, specifically the "Direct Grant API" switch. You must also have
from OAuth 2.0 spec). To use it you must also have
registered a valid Client to use as the "client_id" for this grant request.
</para>
<warning>
@ -12,7 +11,9 @@
It is highly recommended that you do not use Direct Access Grants to write your own login pages for your application.
You will lose a lot of features that Keycloak has if you do this. Specifically all the account management, remember me,
lost password, account reset features of Keycloak. Instead, if you want to tailor the look and feel of Keycloak login
pages, you should create your own <link linkend="themes">theme</link>.
pages, you should create your own <link linkend="themes">theme</link>. There are also security implications
to using Direct Access Grants compared to the redirect based flows as you are exposing plain text passwords
to applications directly.
</para>
<para>
It is even highly recommended that you use the browser to log in for native mobile applications! Android

16
docbook/reference/en/en-US/modules/identity-broker.xml
View file

@ -299,12 +299,24 @@
</entry>
<entry>
Allows you to force users to update their profile right after the authentication finishes and
before the account is actually created in Keycloak. When enabled, users will be presented with the
before the account is actually created in Keycloak. When "On", users will be always presented with the
<emphasis>update profile page</emphasis> asking for additional information in order to federate their identities.
If disabled, the account will be created with the minimal information obtained from the identity provider
When "On missing info", users will be presented with the <emphasis>update profile page</emphasis> only if some
mandatory information (email, first name, last name) is not provided by identity provider.
If "Off", the account will be created with the minimal information obtained from the identity provider
during the authentication process.
</entry>
</row>
<row>
<entry>
<literal>Trust email</literal>
</entry>
<entry>
Allows you to trust email address returned from the social provider. If enabled then email address returned by the provider
is marked as 'verified' in the Keycloak user profile. This means that email verification step is skipped even
if "Verify email" feature is enabled in realm settings.
</entry>
</row>
<row>
<entry>
<literal>GUI order</literal>

4
docbook/reference/en/en-US/modules/kerberos.xml
View file

@ -200,7 +200,7 @@ ktadd -k /tmp/http.keytab HTTP/www.mydomain.org@MYDOMAIN.ORG
<para>
For quick testing and unit tests, we use very simple <ulink url="http://directory.apache.org/apacheds/">ApacheDS</ulink> Kerberos server.
You need to build Keycloak from sources and then run Kerberos server with maven-exec-plugin from our testsuite. See details
<ulink url="https://github.com/keycloak/keycloak/blob/master/testsuite/integration/README.md#kerberos-server">here</ulink> .
<ulink url="https://github.com/keycloak/keycloak/blob/master/misc/Testsuite.md#kerberos-server">here</ulink> .
</para>
</section>
</section>
@ -234,7 +234,7 @@ GSSContext context = gssManager.createContext(serviceName, krb5Oid,
<para>
Credential delegation has some security implications. So enable the protocol claim and support in browser just if you really need it.
It's highly recommended to use it together with HTTPS. See for example
<ulink url="http://www.microhowto.info/howto/configure_firefox_to_authenticate_using_spnego_and_kerberos.html#idp18752">this article</ulink>
<ulink url="http://www.microhowto.info/howto/configure_firefox_to_authenticate_using_spnego_and_kerberos.html#idp27072">this article</ulink>
for details.
</para>
</warning>

196
docbook/reference/en/en-US/modules/proxy.xml
View file

@ -182,106 +182,162 @@ $ java -jar bin/launcher.jar [your-config.json]
</section>
<section>
<title>Application Config</title>
<para>
Next under the <literal>applications</literal> array attribute, you can define one or more applications per host you are proxying.
<variablelist>
<varlistentry>
<term>base-path</term>
<listitem>
<para>
The base context root for the application. Must start with '/' <emphasis>REQUIRED.</emphasis>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>error-page</term>
<listitem>
<para>
If the proxy has an error, it will display the target application's error page relative URL <emphasis>OPTIONAL.</emphasis>.
This is a relative path to the base-path. In the example above it would be <literal>/customer-portal/error.html</literal>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>adapter-config</term>
<listitem>
<para>
<emphasis>REQUIRED.</emphasis>. Same configuration as any other keycloak adapter. See <link linkend='adapter-config'>Adapter Config</link>
</para>
</listitem>
</varlistentry>
</variablelist>
</para>
<para>
Next under the <literal>applications</literal> array attribute, you can define one or more applications per host you are proxying.
<variablelist>
<varlistentry>
<term>base-path</term>
<listitem>
<para>
The base context root for the application. Must start with '/' <emphasis>REQUIRED.</emphasis>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>error-page</term>
<listitem>
<para>
If the proxy has an error, it will display the target application's error page relative URL <emphasis>OPTIONAL.</emphasis>.
This is a relative path to the base-path. In the example above it would be <literal>/customer-portal/error.html</literal>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>adapter-config</term>
<listitem>
<para>
<emphasis>REQUIRED.</emphasis>. Same configuration as any other keycloak adapter. See <link linkend='adapter-config'>Adapter Config</link>
</para>
</listitem>
</varlistentry>
</variablelist>
</para>
<section>
<title>Constraint Config</title>
<para>
Next under each application you can define one or more constraints in the <literal>constraints</literal> array attribute.
A constraint defines a URL pattern relative to the base-path. You can deny, permit, or require authentication for
a specific URL pattern. You can specify roles allowed for that path as well. More specific constraints will take
precedence over more general ones.
<para>
Next under each application you can define one or more constraints in the <literal>constraints</literal> array attribute.
A constraint defines a URL pattern relative to the base-path. You can deny, permit, or require authentication for
a specific URL pattern. You can specify roles allowed for that path as well. More specific constraints will take
precedence over more general ones.
<variablelist>
<varlistentry>
<term>pattern</term>
<listitem>
<para>
URL pattern to match relative to the base-path of the application. Must start with '/' <emphasis>REQUIRED.</emphasis>.
You may only have one wildcard and it must come at the end of the pattern. Valid <literal>/foo/bar/*</literal> and <literal>/foo/*.txt</literal>
Not valid: <literal>/*/foo/*</literal>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>roles-allowed</term>
<listitem>
<para>
Array of strings of roles allowed to access this url pattern. <emphasis>OPTIONAL.</emphasis>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>methods</term>
<listitem>
<para>
Array of strings of HTTP methods that will exclusively match this pattern and HTTP request. <emphasis>OPTIONAL.</emphasis>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>excluded-methods</term>
<listitem>
<para>
Array of strings of HTTP methods that will be ignored when match this pattern. <emphasis>OPTIONAL.</emphasis>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>deny</term>
<listitem>
<para>
Deny all access to this URL pattern. <emphasis>OPTIONAL.</emphasis>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>permit</term>
<listitem>
<para>
Permit all access without requiring authentication or a role mapping. <emphasis>OPTIONAL.</emphasis>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>permit-and-inject</term>
<listitem>
<para>
Permit all access, but inject the headers, if user is already authenticated.<emphasis>OPTIONAL.</emphasis>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>authenticate</term>
<listitem>
<para>
Require authentication for this pattern, but no role mapping. <emphasis>OPTIONAL.</emphasis>.
</para>
</listitem>
</varlistentry>
</variablelist>
</para>
</section>
</section>
<section>
<title>Header Names Config</title>
<para>
Next under the list of applications you can override the defaults for the names of the header fields injected by the proxy (see Keycloak Identity Headers).
This mapping is optional.
<variablelist>
<varlistentry>
<term>pattern</term>
<term>keycloak-subject</term>
<listitem>
<para>
URL pattern to match relative to the base-path of the application. Must start with '/' <emphasis>REQUIRED.</emphasis>.
You may only have one wildcard and it must come at the end of the pattern. Valid <literal>/foo/bar/*</literal> and <literal>/foo/*.txt</literal>
Not valid: <literal>/*/foo/*</literal>.
e.g. MYAPP_USER_ID
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>roles-allowed</term>
<term>keycloak-username</term>
<listitem>
<para>
Array of strings of roles allowed to access this url pattern. <emphasis>OPTIONAL.</emphasis>.
e.g. MYAPP_USER_NAME
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>methods</term>
<term>keycloak-email</term>
<listitem>
<para>
Array of strings of HTTP methods that will exclusively match this pattern and HTTP request. <emphasis>OPTIONAL.</emphasis>.
e.g. MYAPP_USER_EMAIL
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>excluded-methods</term>
<term>keycloak-name</term>
<listitem>
<para>
Array of strings of HTTP methods that will be ignored when match this pattern. <emphasis>OPTIONAL.</emphasis>.
e.g. MYAPP_USER_ID
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>deny</term>
<term>keycloak-access-token</term>
<listitem>
<para>
Deny all access to this URL pattern. <emphasis>OPTIONAL.</emphasis>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>permit</term>
<listitem>
<para>
Permit all access without requiring authentication or a role mapping. <emphasis>OPTIONAL.</emphasis>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>authenticate</term>
<listitem>
<para>
Require authentication for this pattern, but no role mapping. <emphasis>OPTIONAL.</emphasis>.
e.g. MYAPP_ACCESS_TOKEN
</para>
</listitem>
</varlistentry>
</variablelist>
</para>
</section>
</para>
</section>
</section>
<section>
@ -333,6 +389,14 @@ $ java -jar bin/launcher.jar [your-config.json]
</listitem>
</varlistentry>
</variablelist>
Header field names can be configured using a map of <literal>header-names</literal> in configuration file:
<programlisting><![CDATA[
{
"header-names" {
"keycloak-subject": "MY_SUBJECT"
}
}
]]></programlisting>
</para>
</section>
</chapter>

2
events/api/src/main/java/org/keycloak/events/Details.java
View file

@ -25,5 +25,7 @@ public interface Details {
String NODE_HOST = "node_host";
String REASON = "reason";
String REVOKED_CLIENT = "revoked_client";
String CLIENT_SESSION_STATE = "client_session_state";
String CLIENT_SESSION_HOST = "client_session_host";
}

2
events/api/src/main/java/org/keycloak/events/EventListenerSpi.java
View file

@ -10,7 +10,7 @@ import org.keycloak.provider.Spi;
public class EventListenerSpi implements Spi {
@Override
public boolean isPrivate() {
public boolean isInternal() {
return false;
}

5
events/api/src/main/java/org/keycloak/events/EventQuery.java
View file

@ -1,5 +1,6 @@
package org.keycloak.events;
import java.util.Date;
import java.util.List;
/**
@ -15,9 +16,9 @@ public interface EventQuery {
public EventQuery user(String userId);
public EventQuery fromDate(String fromDate);
public EventQuery fromDate(Date fromDate);
public EventQuery toDate(String toDate);
public EventQuery toDate(Date toDate);
public EventQuery ipAddress(String ipAddress);

2
events/api/src/main/java/org/keycloak/events/EventStoreSpi.java
View file

@ -10,7 +10,7 @@ import org.keycloak.provider.Spi;
public class EventStoreSpi implements Spi {
@Override
public boolean isPrivate() {
public boolean isInternal() {
return true;
}

9
events/api/src/main/java/org/keycloak/events/admin/AdminEventQuery.java
View file

@ -1,5 +1,6 @@
package org.keycloak.events.admin;
import java.util.Date;
import java.util.List;
/**
@ -71,18 +72,18 @@ public interface AdminEventQuery {
/**
* Search by events after the specified time
*
* @param fromTime time in millis
* @param fromTime from date
* @return <code>this</code> for method chaining
*/
AdminEventQuery fromTime(String fromTime);
AdminEventQuery fromTime(Date fromTime);
/**
* Search by events before the specified time
*
* @param toTime time in millis
* @param toTime to date
* @return <code>this</code> for method chaining
*/
AdminEventQuery toTime(String toTime);
AdminEventQuery toTime(Date toTime);
/**
* Used for pagination

23
events/jpa/src/main/java/org/keycloak/events/jpa/JpaAdminEventQuery.java
View file

@ -3,6 +3,7 @@ package org.keycloak.events.jpa;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.LinkedList;
import java.util.List;
@ -88,28 +89,14 @@ public class JpaAdminEventQuery implements AdminEventQuery {
}
@Override
public AdminEventQuery fromTime(String fromTime) {
SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd");
Long from = null;
try {
from = df.parse(fromTime).getTime();
} catch (ParseException e) {
e.printStackTrace();
}
predicates.add(cb.greaterThanOrEqualTo(root.<Long>get("time"), from));
public AdminEventQuery fromTime(Date fromTime) {
predicates.add(cb.greaterThanOrEqualTo(root.<Long>get("time"), fromTime.getTime()));
return this;
}
@Override
public AdminEventQuery toTime(String toTime) {
SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd");
Long to = null;
try {
to = df.parse(toTime).getTime();
} catch (ParseException e) {
e.printStackTrace();
}
predicates.add(cb.lessThanOrEqualTo(root.<Long>get("time"), to));
public AdminEventQuery toTime(Date toTime) {
predicates.add(cb.lessThanOrEqualTo(root.<Long>get("time"), toTime.getTime()));
return this;
}

25
events/jpa/src/main/java/org/keycloak/events/jpa/JpaEventQuery.java
View file

@ -11,9 +11,8 @@ import javax.persistence.criteria.CriteriaQuery;
import javax.persistence.criteria.Predicate;
import javax.persistence.criteria.Root;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.LinkedList;
import java.util.List;
@ -68,28 +67,14 @@ public class JpaEventQuery implements EventQuery {
}
@Override
public EventQuery fromDate(String fromDate) {
SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd");
Long from = null;
try {
from = df.parse(fromDate).getTime();
} catch (ParseException e) {
e.printStackTrace();
}
predicates.add(cb.greaterThanOrEqualTo(root.<Long>get("time"), from));
public EventQuery fromDate(Date fromDate) {
predicates.add(cb.greaterThanOrEqualTo(root.<Long>get("time"), fromDate.getTime()));
return this;
}
@Override
public EventQuery toDate(String toDate) {
SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd");
Long to = null;
try {
to = df.parse(toDate).getTime();
} catch (ParseException e) {
e.printStackTrace();
}
predicates.add(cb.lessThanOrEqualTo(root.<Long>get("time"), to));
public EventQuery toDate(Date toDate) {
predicates.add(cb.lessThanOrEqualTo(root.<Long>get("time"), toDate.getTime()));
return this;
}

27
events/mongo/src/main/java/org/keycloak/events/mongo/MongoAdminEventQuery.java
View file

@ -2,6 +2,7 @@ package org.keycloak.events.mongo;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.LinkedList;
import java.util.List;
import java.util.regex.Pattern;
@ -74,28 +75,18 @@ public class MongoAdminEventQuery implements AdminEventQuery{
}
@Override
public AdminEventQuery fromTime(String fromTime) {
SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd");
Long from = null;
try {
from = df.parse(fromTime).getTime();
} catch (ParseException e) {
e.printStackTrace();
}
query.put("time", BasicDBObjectBuilder.start("$gte", from).get());
public AdminEventQuery fromTime(Date fromTime) {
BasicDBObject time = query.containsField("time") ? (BasicDBObject) query.get("time") : new BasicDBObject();
time.append("$gte", fromTime.getTime());
query.put("time", time);
return this;
}
@Override
public AdminEventQuery toTime(String toTime) {
SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd");
Long to = null;
try {
to = df.parse(toTime).getTime();
} catch (ParseException e) {
e.printStackTrace();
}
query.put("time", BasicDBObjectBuilder.start("$lte", to).get());
public AdminEventQuery toTime(Date toTime) {
BasicDBObject time = query.containsField("time") ? (BasicDBObject) query.get("time") : new BasicDBObject();
time.append("$lte", toTime.getTime());
query.put("time", time);
return this;
}

25
events/mongo/src/main/java/org/keycloak/events/mongo/MongoEventQuery.java
View file

@ -4,14 +4,15 @@ import com.mongodb.BasicDBObject;
import com.mongodb.BasicDBObjectBuilder;
import com.mongodb.DBCollection;
import com.mongodb.DBCursor;
import com.mongodb.DBObject;
import org.keycloak.events.Event;
import org.keycloak.events.EventQuery;
import org.keycloak.events.EventType;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.LinkedList;
import java.util.List;
@ -59,31 +60,17 @@ public class MongoEventQuery implements EventQuery {
}
@Override
public EventQuery fromDate(String fromDate) {
SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd");
Long from = null;
try {
from = df.parse(fromDate).getTime();
} catch (ParseException e) {
e.printStackTrace();
}
public EventQuery fromDate(Date fromDate) {
BasicDBObject time = query.containsField("time") ? (BasicDBObject) query.get("time") : new BasicDBObject();
time.append("$gte", from);
time.append("$gte", fromDate.getTime());
query.put("time", time);
return this;
}
@Override
public EventQuery toDate(String toDate) {
SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd");
Long to = null;
try {
to = df.parse(toDate).getTime();
} catch (ParseException e) {
e.printStackTrace();
}
public EventQuery toDate(Date toDate) {
BasicDBObject time = query.containsField("time") ? (BasicDBObject) query.get("time") : new BasicDBObject();
time.append("$lte", to);
time.append("$lte", toDate.getTime());
query.put("time", time);
return this;
}

1
examples/admin-client/example-realm.json
View file

@ -3,7 +3,6 @@
"enabled": true,
"sslRequired": "external",
"registrationAllowed": true,
"passwordCredentialGrantAllowed": true,
"privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=",
"publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
"requiredCredentials": [ "password" ],

1
examples/basic-auth/basicauthrealm.json
View file

@ -6,7 +6,6 @@
"accessCodeLifespanUserAction": 300,
"ssoSessionIdleTimeout": 600,
"ssoSessionMaxLifespan": 36000,
"passwordCredentialGrantAllowed": true,
"sslRequired": "external",
"registrationAllowed": false,
"privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=",

1
examples/broker/twitter-authentication/twitter-identity-provider-realm.json
View file

@ -2,7 +2,6 @@
"realm": "twitter-identity-provider-realm",
"enabled": true,
"sslRequired": "external",
"passwordCredentialGrantAllowed": true,
"privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=",
"publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
"defaultRoles": [ "user" ],

2
examples/demo-template/customer-app/src/main/webapp/customers/view.jsp
View file

@ -33,7 +33,7 @@ Servlet User Principal <b><%=request.getUserPrincipal().getName()%>
try {
list = CustomerDatabaseClient.getCustomers(request);
} catch (CustomerDatabaseClient.Failure failure) {
out.println("There was a failure processing request. You either didn't configure Keycloak properly, or maybe" +
out.println("There was a failure processing request. You either didn't configure Keycloak properly, or maybe " +
"you just forgot to secure the database service?");
out.println("Status from database service invocation was: " + failure.getStatus());
return;

1
examples/demo-template/testrealm.json
View file

@ -6,7 +6,6 @@
"accessCodeLifespanUserAction": 300,
"ssoSessionIdleTimeout": 600,
"ssoSessionMaxLifespan": 36000,
"passwordCredentialGrantAllowed": true,
"sslRequired": "external",
"registrationAllowed": false,
"privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=",

1
examples/fuse/testrealm.json
View file

@ -6,7 +6,6 @@
"accessCodeLifespanUserAction": 300,
"ssoSessionIdleTimeout": 600,
"ssoSessionMaxLifespan": 36000,
"passwordCredentialGrantAllowed": true,
"sslRequired": "external",
"registrationAllowed": false,
"privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=",

6
examples/kerberos/README.md
View file

@ -40,7 +40,7 @@ is in your `/etc/hosts` before other records for the 127.0.0.1 host to avoid iss
**4)** Configure Kerberos client (On linux it's in file `/etc/krb5.conf` ). You need to configure `KEYCLOAK.ORG` realm and enable `forwardable` flag, which is needed
for credential delegation example, as application needs to forward Kerberos ticket and authenticate with it against LDAP server.
See [this file](https://github.com/keycloak/keycloak/blob/master/testsuite/integration/src/main/resources/kerberos/test-krb5.conf) for inspiration.
See [this file](https://github.com/keycloak/keycloak/blob/master/testsuite/integration/src/test/resources/kerberos/test-krb5.conf) for inspiration.
**5)** Run ApacheDS based Kerberos server embedded in Keycloak. Easiest is to checkout keycloak sources, build and then run KerberosEmbeddedServer
as shown here:
@ -52,12 +52,12 @@ cd testsuite/integration
mvn exec:java -Pkerberos
```
More details about embedded Kerberos server in [testsuite README](https://github.com/keycloak/keycloak/blob/master/testsuite/integration/README.md#kerberos-server).
More details about embedded Kerberos server in [testsuite README](https://github.com/keycloak/keycloak/blob/master/misc/Testsuite.md#kerberos-server).
**6)** Configure browser (Firefox, Chrome or other) and enable SPNEGO authentication and credential delegation for `localhost` .
In Firefox it can be done by adding `localhost` to both `network.negotiate-auth.trusted-uris` and `network.negotiate-auth.delegation-uris` .
More info in [testsuite README](https://github.com/keycloak/keycloak/blob/master/testsuite/integration/README.md#kerberos-server).
More info in [testsuite README](https://github.com/keycloak/keycloak/blob/master/misc/Testsuite.md#kerberos-server).
**7)** Test the example. Obtain kerberos ticket by running command from CMD (on linux):

1
examples/multi-tenant/tenant1-realm.json
View file

@ -7,7 +7,6 @@
"accessCodeLifespanUserAction": 6000,
"sslRequired": "external",
"registrationAllowed": false,
"passwordCredentialGrantAllowed": true,
"privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=",
"publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
"requiredCredentials": [ "password" ],

1
examples/multi-tenant/tenant2-realm.json
View file

@ -7,7 +7,6 @@
"accessCodeLifespanUserAction": 6000,
"sslRequired": "external",
"registrationAllowed": false,
"passwordCredentialGrantAllowed": true,
"updateProfileOnInitialSocialLogin": false,
"privateKey": "MIICXQIBAAKBgQDA0oJjgPQJhnVhOo51KauQGfLLreMFu64OJdKXRnfvAQJQTuKNwc5JrR63l/byyW1B6FgclABF818TtLvMCAkn4EuFwQZCZhg3x3+lFGiB/IzC6UAt4Bi0JQrTbdh83/U97GIPegvaDqiqEiQESEkbCZWxM6sh/34hQaAhCaFpMwIDAQABAoGADwFSvEOQuh0IjWRtKZjwjOo4BrmlbRDJ3rf6x2LoemTttSouXzGxx/H87fSZdxNNuU9HbBHoY4ko4POzmZEWhS0gV6UjM7VArc4YjID6Hh2tfU9vCbuuKZrRs7RjxL70b51WxycKc49PQ4JiR3g04punrpq2UzToPrm66zI+ICECQQD2Jauo6cXXoxHR0QychQf4dityZwFXUoR/8oI/YFiu9XwcWgSMwrFKUdWWNKYmrIRNqCBzrGyeiGdaAjsw41T3AkEAyIpn+XL7bek/uLno5/7ULauf2dFI6MEaHJixQJD7S6Tfo/CGuDK93H4K0GAdjgR0LA0tCnB09yyPCd5NmAYKpQJBAO7+BH4s/PsyScr+vs/6GpMTqXuap6KxbBUO0YfXdEPr9mVQwboqDxmp+0esNua1+n+sDlZBw/TpW+/42p/NGmECQF0sOQyjyH+TfGCmN7j6I7ioYZeA7h/9/9TDeK8n7SmDC8kOanlQUfgMs5eG4JRoK1WANaoA/8cLc9XA7EoynGUCQQDx/Gjg6qyWheVujxjKufH1XkqDNiQHClDRM1ntChCmGq/RmpVmce+mYeOYZ9eofv7UJUCBdamllRlB+056Ld2h",
"publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDA0oJjgPQJhnVhOo51KauQGfLLreMFu64OJdKXRnfvAQJQTuKNwc5JrR63l/byyW1B6FgclABF818TtLvMCAkn4EuFwQZCZhg3x3+lFGiB/IzC6UAt4Bi0JQrTbdh83/U97GIPegvaDqiqEiQESEkbCZWxM6sh/34hQaAhCaFpMwIDAQAB",

25
examples/providers/event-store-mem/src/main/java/org/keycloak/examples/providers/events/MemAdminEventQuery.java
View file

@ -3,6 +3,7 @@ package org.keycloak.examples.providers.events;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Collections;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.regex.Pattern;
@ -112,18 +113,10 @@ public class MemAdminEventQuery implements AdminEventQuery {
}
@Override
public AdminEventQuery fromTime(String fromTime) {
SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd");
Long from = null;
try {
from = df.parse(fromTime).getTime();
} catch (ParseException e) {
e.printStackTrace();
}
public AdminEventQuery fromTime(Date fromTime) {
Iterator<AdminEvent> itr = this.adminEvents.iterator();
while (itr.hasNext()) {
if (!(itr.next().getTime() >= from)) {
if (!(itr.next().getTime() >= fromTime.getTime())) {
itr.remove();
}
}
@ -131,18 +124,10 @@ public class MemAdminEventQuery implements AdminEventQuery {
}
@Override
public AdminEventQuery toTime(String toTime) {
SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd");
Long to = null;
try {
to = df.parse(toTime).getTime();
} catch (ParseException e) {
e.printStackTrace();
}
public AdminEventQuery toTime(Date toTime) {
Iterator<AdminEvent> itr = this.adminEvents.iterator();
while (itr.hasNext()) {
if (!(itr.next().getTime() <= to)) {
if (!(itr.next().getTime() <= toTime.getTime())) {
itr.remove();
}
}

25
examples/providers/event-store-mem/src/main/java/org/keycloak/examples/providers/events/MemEventQuery.java
View file

@ -7,6 +7,7 @@ import org.keycloak.events.EventType;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Collections;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
@ -77,18 +78,10 @@ public class MemEventQuery implements EventQuery {
}
@Override
public EventQuery fromDate(String fromDate) {
SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd");
Long from = null;
try {
from = df.parse(fromDate).getTime();
} catch (ParseException e) {
e.printStackTrace();
}
public EventQuery fromDate(Date fromDate) {
Iterator<Event> itr = this.events.iterator();
while (itr.hasNext()) {
if (!(itr.next().getTime() >= from)) {
if (!(itr.next().getTime() >= fromDate.getTime())) {
itr.remove();
}
}
@ -96,18 +89,10 @@ public class MemEventQuery implements EventQuery {
}
@Override
public EventQuery toDate(String toDate) {
SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd");
Long to = null;
try {
to = df.parse(toDate).getTime();
} catch (ParseException e) {
e.printStackTrace();
}
public EventQuery toDate(Date toDate) {
Iterator<Event> itr = this.events.iterator();
while (itr.hasNext()) {
if (!(itr.next().getTime() <= to)) {
if (!(itr.next().getTime() <= toDate.getTime())) {
itr.remove();
}
}

1
examples/saml/testsaml.json
View file

@ -3,7 +3,6 @@
"realm": "saml-demo",
"enabled": true,
"sslRequired": "external",
"passwordCredentialGrantAllowed": true,
"privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=",
"publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
"requiredCredentials": [ "password" ],

2
export-import/export-import-api/src/main/java/org/keycloak/exportimport/ExportSpi.java
View file

@ -10,7 +10,7 @@ import org.keycloak.provider.Spi;
public class ExportSpi implements Spi {
@Override
public boolean isPrivate() {
public boolean isInternal() {
return true;
}

2
export-import/export-import-api/src/main/java/org/keycloak/exportimport/ImportSpi.java
View file

@ -10,7 +10,7 @@ import org.keycloak.provider.Spi;
public class ImportSpi implements Spi {
@Override
public boolean isPrivate() {
public boolean isInternal() {
return true;
}

30
federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPConfig.java
View file

@ -1,8 +1,6 @@
package org.keycloak.federation.ldap;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Map;
import java.util.Properties;
@ -12,7 +10,6 @@ import javax.naming.directory.SearchControls;
import org.keycloak.models.LDAPConstants;
import org.keycloak.models.UserFederationProvider;
import org.keycloak.models.UserFederationProviderModel;
/**
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
@ -37,8 +34,12 @@ public class LDAPConfig {
}
public String getAuthType() {
// hardcoded for now
return "simple";
String value = config.get(LDAPConstants.AUTH_TYPE);
if (value == null) {
return LDAPConstants.AUTH_TYPE_SIMPLE;
} else {
return value;
}
}
public String getSecurityProtocol() {
@ -46,21 +47,8 @@ public class LDAPConfig {
return config.get(LDAPConstants.SECURITY_PROTOCOL);
}
public Collection<String> getUserDns() {
String value = config.get(LDAPConstants.USER_DNS);
if (value == null) {
return Collections.emptyList();
} else {
return Arrays.asList(value.split(LDAPConstants.CONFIG_DIVIDER));
}
}
public String getSingleUserDn() {
Collection<String> dns = getUserDns();
if (dns.size() == 0) {
throw new IllegalStateException("No user DN configured. User DNS value is " + config.get(LDAPConstants.USER_DNS));
}
return dns.iterator().next();
public String getUsersDn() {
return config.get(LDAPConstants.USERS_DN);
}
public Collection<String> getUserObjectClasses() {
@ -70,7 +58,7 @@ public class LDAPConfig {
String[] objectClasses = objClassesStr.split(",");
// Trim them
Set<String> userObjClasses = new HashSet<String>();
Set<String> userObjClasses = new HashSet<>();
for (int i=0 ; i<objectClasses.length ; i++) {
userObjClasses.add(objectClasses[i].trim());
}

9
federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPFederationProvider.java
View file

@ -106,7 +106,7 @@ public class LDAPFederationProvider implements UserFederationProvider {
proxied = new UnsyncedLDAPUserModelDelegate(local, this);
}
Set<UserFederationMapperModel> federationMappers = realm.getUserFederationMappers();
Set<UserFederationMapperModel> federationMappers = realm.getUserFederationMappersByFederationProvider(model.getId());
for (UserFederationMapperModel mapperModel : federationMappers) {
LDAPFederationMapper ldapMapper = getMapper(mapperModel);
proxied = ldapMapper.proxy(mapperModel, this, ldapObject, proxied, realm);
@ -263,7 +263,7 @@ public class LDAPFederationProvider implements UserFederationProvider {
UserModel imported = session.userStorage().addUser(realm, ldapUsername);
imported.setEnabled(true);
Set<UserFederationMapperModel> federationMappers = realm.getUserFederationMappers();
Set<UserFederationMapperModel> federationMappers = realm.getUserFederationMappersByFederationProvider(getModel().getId());
for (UserFederationMapperModel mapperModel : federationMappers) {
LDAPFederationMapper ldapMapper = getMapper(mapperModel);
ldapMapper.onImportUserFromLDAP(mapperModel, this, ldapUser, imported, realm, true);
@ -308,8 +308,7 @@ public class LDAPFederationProvider implements UserFederationProvider {
@Override
public void preRemove(RealmModel realm, RoleModel role) {
// complete I don't think we have to do anything here
// TODO: requires implementation... Maybe mappers callback to ensure role deletion propagated to LDAP by RoleLDAPFederationMapper
// TODO: Maybe mappers callback to ensure role deletion propagated to LDAP by RoleLDAPFederationMapper?
}
public boolean validPassword(RealmModel realm, UserModel user, String password) {
@ -399,7 +398,7 @@ public class LDAPFederationProvider implements UserFederationProvider {
if ((fedModel.getId().equals(currentUser.getFederationLink())) && (ldapUser.getUuid().equals(currentUser.getAttribute(LDAPConstants.LDAP_ID)))) {
// Update keycloak user
Set<UserFederationMapperModel> federationMappers = realm.getUserFederationMappers();
Set<UserFederationMapperModel> federationMappers = realm.getUserFederationMappersByFederationProvider(model.getId());
for (UserFederationMapperModel mapperModel : federationMappers) {
LDAPFederationMapper ldapMapper = getMapper(mapperModel);
ldapMapper.onImportUserFromLDAP(mapperModel, this, ldapUser, currentUser, realm, false);

42
federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPFederationProviderFactory.java
View file

@ -94,12 +94,42 @@ public class LDAPFederationProviderFactory extends UserFederationEventAwareProvi
UserAttributeLDAPFederationMapper.READ_ONLY, readOnly);
realm.addUserFederationMapper(mapperModel);
// For AD deployments with sAMAccountName is probably more common to map "cn" to full name of user
if (activeDirectory && usernameLdapAttribute.equalsIgnoreCase(LDAPConstants.SAM_ACCOUNT_NAME)) {
mapperModel = KeycloakModelUtils.createUserFederationMapperModel("full name", newProviderModel.getId(), FullNameLDAPFederationMapperFactory.PROVIDER_ID,
FullNameLDAPFederationMapper.LDAP_FULL_NAME_ATTRIBUTE, LDAPConstants.CN,
UserAttributeLDAPFederationMapper.READ_ONLY, readOnly);
realm.addUserFederationMapper(mapperModel);
// CN is typically used as RDN for Active Directory deployments
if (ldapConfig.getRdnLdapAttribute().equalsIgnoreCase(LDAPConstants.CN)) {
if (usernameLdapAttribute.equalsIgnoreCase(LDAPConstants.CN)) {
// For AD deployments with "cn" as username, we will map "givenName" to first name
mapperModel = KeycloakModelUtils.createUserFederationMapperModel("first name", newProviderModel.getId(), UserAttributeLDAPFederationMapperFactory.PROVIDER_ID,
UserAttributeLDAPFederationMapper.USER_MODEL_ATTRIBUTE, UserModel.FIRST_NAME,
UserAttributeLDAPFederationMapper.LDAP_ATTRIBUTE, LDAPConstants.GIVENNAME,
UserAttributeLDAPFederationMapper.READ_ONLY, readOnly);
realm.addUserFederationMapper(mapperModel);
} else {
if (editMode == UserFederationProvider.EditMode.WRITABLE) {
// For AD deployments with "sAMAccountName" as username and writable, we need to map "cn" as username as well (this is needed so we can register new users from KC into LDAP) and we will map "givenName" to first name.
mapperModel = KeycloakModelUtils.createUserFederationMapperModel("first name", newProviderModel.getId(), UserAttributeLDAPFederationMapperFactory.PROVIDER_ID,
UserAttributeLDAPFederationMapper.USER_MODEL_ATTRIBUTE, UserModel.FIRST_NAME,
UserAttributeLDAPFederationMapper.LDAP_ATTRIBUTE, LDAPConstants.GIVENNAME,
UserAttributeLDAPFederationMapper.READ_ONLY, readOnly);
realm.addUserFederationMapper(mapperModel);
mapperModel = KeycloakModelUtils.createUserFederationMapperModel("username-cn", newProviderModel.getId(), UserAttributeLDAPFederationMapperFactory.PROVIDER_ID,
UserAttributeLDAPFederationMapper.USER_MODEL_ATTRIBUTE, UserModel.USERNAME,
UserAttributeLDAPFederationMapper.LDAP_ATTRIBUTE, LDAPConstants.CN,
UserAttributeLDAPFederationMapper.READ_ONLY, readOnly);
realm.addUserFederationMapper(mapperModel);
} else {
// For read-only LDAP, we map "cn" as full name
mapperModel = KeycloakModelUtils.createUserFederationMapperModel("full name", newProviderModel.getId(), FullNameLDAPFederationMapperFactory.PROVIDER_ID,
FullNameLDAPFederationMapper.LDAP_FULL_NAME_ATTRIBUTE, LDAPConstants.CN,
UserAttributeLDAPFederationMapper.READ_ONLY, readOnly);
realm.addUserFederationMapper(mapperModel);
}
}
} else {
mapperModel = KeycloakModelUtils.createUserFederationMapperModel("first name", newProviderModel.getId(), UserAttributeLDAPFederationMapperFactory.PROVIDER_ID,
UserAttributeLDAPFederationMapper.USER_MODEL_ATTRIBUTE, UserModel.FIRST_NAME,

Some files were not shown because too many files have changed in this diff Show more