From acefd3cacdb773c3ae7f6e971a24e9d7064ab499 Mon Sep 17 00:00:00 2001 From: Michael Gerber Date: Wed, 30 Sep 2015 13:31:22 +0200 Subject: [PATCH 1/3] swap import and migrate order --- .../org/keycloak/services/resources/KeycloakApplication.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java b/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java index ab55ef3e8d..28818d8d0b 100755 --- a/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java +++ b/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java @@ -83,12 +83,12 @@ public class KeycloakApplication extends Application { classes.add(JsResource.class); classes.add(WelcomeResource.class); - new ExportImportManager().checkExportImport(this.sessionFactory, context.getContextPath()); setupDefaultRealm(context.getContextPath()); - importRealms(context); migrateModel(); + new ExportImportManager().checkExportImport(this.sessionFactory, context.getContextPath()); + importRealms(context); AdminRecovery.recover(sessionFactory); From 05bd51ac1cf2bb23285c4356184283d719db39ab Mon Sep 17 00:00:00 2001 From: Scott Rossillo Date: Tue, 16 Jun 2015 21:54:24 -0400 Subject: [PATCH 2/3] WrappedHttpServletRequest may throw an exception returning cookies HttpServletRequest.getCookies() may return null --- .../facade/WrappedHttpServletRequest.java | 6 ++++++ .../facade/WrappedHttpServletRequestTest.java | 10 +++++++++- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/facade/WrappedHttpServletRequest.java b/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/facade/WrappedHttpServletRequest.java index e2e5ba40f5..c72888fb0c 100755 --- a/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/facade/WrappedHttpServletRequest.java +++ b/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/facade/WrappedHttpServletRequest.java @@ -64,6 +64,12 @@ class WrappedHttpServletRequest implements Request { @Override public Cookie getCookie(String cookieName) { + javax.servlet.http.Cookie[] cookies = request.getCookies(); + + if (cookies == null) { + return null; + } + for (javax.servlet.http.Cookie cookie : request.getCookies()) { if (cookie.getName().equals(cookieName)) { return new Cookie(cookie.getName(), cookie.getValue(), cookie.getVersion(), cookie.getDomain(), cookie.getPath()); diff --git a/integration/spring-security/src/test/java/org/keycloak/adapters/springsecurity/facade/WrappedHttpServletRequestTest.java b/integration/spring-security/src/test/java/org/keycloak/adapters/springsecurity/facade/WrappedHttpServletRequestTest.java index 91ec35bfa3..80d682e633 100644 --- a/integration/spring-security/src/test/java/org/keycloak/adapters/springsecurity/facade/WrappedHttpServletRequestTest.java +++ b/integration/spring-security/src/test/java/org/keycloak/adapters/springsecurity/facade/WrappedHttpServletRequestTest.java @@ -24,10 +24,11 @@ public class WrappedHttpServletRequestTest { private static final String QUERY_PARM_2 = "code2"; private WrappedHttpServletRequest request; + private MockHttpServletRequest mockHttpServletRequest; @Before public void setUp() throws Exception { - MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest(); + mockHttpServletRequest = new MockHttpServletRequest(); request = new WrappedHttpServletRequest(mockHttpServletRequest); mockHttpServletRequest.setMethod(REQUEST_METHOD); @@ -75,6 +76,13 @@ public class WrappedHttpServletRequestTest { assertNotNull(request.getCookie(COOKIE_NAME)); } + @Test + public void testGetCookieCookiesNull() throws Exception + { + mockHttpServletRequest.setCookies(null); + request.getCookie(COOKIE_NAME); + } + @Test public void testGetHeader() throws Exception { String header = request.getHeader(HEADER_SINGLE_VALUE); From 28fad68486762e90dea99a291cd90bac80db3f52 Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Fri, 2 Oct 2015 15:01:39 -0400 Subject: [PATCH 3/3] KEYCLOAK-1882 Also add locale mapper when new realm is created. --- .../migration/migrators/MigrateTo1_6_0.java | 23 +++++++++++++-- .../protocol/ProtocolMapperUtils.java | 28 +++++++++++++++++-- .../services/managers/RealmManager.java | 23 ++++++++++++++- 3 files changed, 68 insertions(+), 6 deletions(-) diff --git a/model/api/src/main/java/org/keycloak/migration/migrators/MigrateTo1_6_0.java b/model/api/src/main/java/org/keycloak/migration/migrators/MigrateTo1_6_0.java index 6712c081b5..d668ae0444 100644 --- a/model/api/src/main/java/org/keycloak/migration/migrators/MigrateTo1_6_0.java +++ b/model/api/src/main/java/org/keycloak/migration/migrators/MigrateTo1_6_0.java @@ -1,8 +1,23 @@ +/* + * Copyright 2015 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.migration.migrators; import java.util.List; -import org.keycloak.Config; import org.keycloak.migration.MigrationProvider; import org.keycloak.migration.ModelVersion; import org.keycloak.models.*; @@ -52,10 +67,14 @@ public class MigrateTo1_6_0 { } ClientModel adminConsoleClient = realm.getClientByClientId(Constants.ADMIN_CONSOLE_CLIENT_ID); - if (adminConsoleClient != null) { + if ((adminConsoleClient != null) && !localeMapperAdded(adminConsoleClient)) { adminConsoleClient.addProtocolMapper(localeMapper); } } } + private boolean localeMapperAdded(ClientModel adminConsoleClient) { + return adminConsoleClient.getProtocolMapperByName("openid-connect", "locale") != null; + } + } diff --git a/services/src/main/java/org/keycloak/protocol/ProtocolMapperUtils.java b/services/src/main/java/org/keycloak/protocol/ProtocolMapperUtils.java index 829e8635e5..c1a9938547 100755 --- a/services/src/main/java/org/keycloak/protocol/ProtocolMapperUtils.java +++ b/services/src/main/java/org/keycloak/protocol/ProtocolMapperUtils.java @@ -1,12 +1,13 @@ package org.keycloak.protocol; -import org.keycloak.models.KeycloakSessionFactory; +import org.keycloak.models.KeycloakSession; import org.keycloak.models.ProtocolMapperModel; import org.keycloak.models.UserModel; -import org.keycloak.representations.AccessToken; +import org.keycloak.protocol.oidc.OIDCLoginProtocol; +import org.keycloak.protocol.oidc.OIDCLoginProtocolFactory; +import org.keycloak.provider.ProviderFactory; import java.lang.reflect.Method; -import java.util.List; /** * @author Bill Burke @@ -59,4 +60,25 @@ public class ProtocolMapperUtils { } } + + /** + * Find the builtin locale mapper. + * + * @param session A KeycloakSession + * @return The builtin locale mapper. + */ + public static ProtocolMapperModel findLocaleMapper(KeycloakSession session) { + ProtocolMapperModel found = null; + for (ProviderFactory p : session.getKeycloakSessionFactory().getProviderFactories(LoginProtocol.class)) { + LoginProtocolFactory factory = (LoginProtocolFactory) p; + for (ProtocolMapperModel mapper : factory.getBuiltinMappers()) { + if (mapper.getName().equals(OIDCLoginProtocolFactory.LOCALE) && mapper.getProtocol().equals(OIDCLoginProtocol.LOGIN_PROTOCOL)) { + found = mapper; + break; + } + } + if (found != null) break; + } + return found; + } } diff --git a/services/src/main/java/org/keycloak/services/managers/RealmManager.java b/services/src/main/java/org/keycloak/services/managers/RealmManager.java index 958cd3e3aa..06c19ac369 100755 --- a/services/src/main/java/org/keycloak/services/managers/RealmManager.java +++ b/services/src/main/java/org/keycloak/services/managers/RealmManager.java @@ -1,3 +1,19 @@ +/* + * Copyright 2015 Red Hat Inc. and/or its affiliates and other contributors + * as indicated by the @author tags. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ package org.keycloak.services.managers; import org.jboss.logging.Logger; @@ -33,6 +49,8 @@ import org.keycloak.timer.TimerProvider; import java.util.Collections; import java.util.HashSet; import java.util.List; +import org.keycloak.models.ProtocolMapperModel; +import org.keycloak.protocol.ProtocolMapperUtils; /** * Per request object @@ -124,6 +142,9 @@ public class RealmManager implements RealmImporter { adminConsole.addRedirectUri(baseUrl + "/*"); adminConsole.setFullScopeAllowed(false); + ProtocolMapperModel localeMapper = ProtocolMapperUtils.findLocaleMapper(session); + if (localeMapper != null) adminConsole.addProtocolMapper(localeMapper); + RoleModel adminRole; if (realm.getName().equals(Config.getAdminRealm())) { adminRole = realm.getRole(AdminRoles.ADMIN); @@ -194,7 +215,7 @@ public class RealmManager implements RealmImporter { if(rep.getEnabledEventTypes() != null) { realm.setEnabledEventTypes(new HashSet(rep.getEnabledEventTypes())); } - + realm.setAdminEventsEnabled(rep.isAdminEventsEnabled()); realm.setAdminEventsDetailsEnabled(rep.isAdminEventsDetailsEnabled()); }