From a5567ead7acbf56b9989b4755eb9c518675f0b78 Mon Sep 17 00:00:00 2001 From: mposolda Date: Tue, 31 Mar 2015 19:57:52 +0200 Subject: [PATCH 1/2] KEYCLOAK-1169 Skip DB write at each broker login if 3rd party token is not required --- .../java/org/keycloak/util/ObjectUtil.java | 27 +++++++++++++++++++ .../resources/IdentityBrokerService.java | 12 ++++++--- 2 files changed, 35 insertions(+), 4 deletions(-) create mode 100644 core/src/main/java/org/keycloak/util/ObjectUtil.java diff --git a/core/src/main/java/org/keycloak/util/ObjectUtil.java b/core/src/main/java/org/keycloak/util/ObjectUtil.java new file mode 100644 index 0000000000..23a6bef345 --- /dev/null +++ b/core/src/main/java/org/keycloak/util/ObjectUtil.java @@ -0,0 +1,27 @@ +package org.keycloak.util; + +/** + * @author Marek Posolda + */ +public class ObjectUtil { + + private ObjectUtil() {} + + /** + * + * @param str1 + * @param str2 + * @return true if both strings are null or equal + */ + public static boolean isEqualOrNull(Object str1, Object str2) { + if (str1 == null && str2 == null) { + return true; + } + + if ((str1 != null && str2 == null) || (str1 == null && str2 != null)) { + return false; + } + + return str1.equals(str2); + } +} diff --git a/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java b/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java index 4e05ad5926..1cfae3f57a 100755 --- a/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java +++ b/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java @@ -50,6 +50,7 @@ import org.keycloak.services.resources.flows.Flows; import org.keycloak.services.resources.flows.Urls; import org.keycloak.services.validation.Validation; import org.keycloak.social.SocialIdentityProvider; +import org.keycloak.util.ObjectUtil; import javax.ws.rs.Consumes; import javax.ws.rs.GET; @@ -342,12 +343,15 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal private void updateFederatedIdentity(FederatedIdentity updatedIdentity, UserModel federatedUser) { FederatedIdentityModel federatedIdentityModel = this.session.users().getFederatedIdentity(federatedUser, updatedIdentity.getIdentityProviderId(), this.realmModel); - federatedIdentityModel.setToken(updatedIdentity.getToken()); + // Skip DB write if tokens are null or equal + if (!ObjectUtil.isEqualOrNull(updatedIdentity.getToken(), federatedIdentityModel.getToken())) { + federatedIdentityModel.setToken(updatedIdentity.getToken()); - this.session.users().updateFederatedIdentity(this.realmModel, federatedUser, federatedIdentityModel); + this.session.users().updateFederatedIdentity(this.realmModel, federatedUser, federatedIdentityModel); - if (isDebugEnabled()) { - LOGGER.debugf("Identity [%s] update with response from identity provider [%s].", federatedUser, updatedIdentity.getIdentityProviderId()); + if (isDebugEnabled()) { + LOGGER.debugf("Identity [%s] update with response from identity provider [%s].", federatedUser, updatedIdentity.getIdentityProviderId()); + } } } From 42541d74b5503015964f2bda1e60535647e577d4 Mon Sep 17 00:00:00 2001 From: mposolda Date: Wed, 1 Apr 2015 10:51:17 +0200 Subject: [PATCH 2/2] KEYCLOAK-1151 AuthorizationURL for custom social logins should perserve query parameters --- .../keycloak/broker/oidc/AbstractOAuth2IdentityProvider.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/broker/oidc/src/main/java/org/keycloak/broker/oidc/AbstractOAuth2IdentityProvider.java b/broker/oidc/src/main/java/org/keycloak/broker/oidc/AbstractOAuth2IdentityProvider.java index c67b19533d..8d57b2c81c 100755 --- a/broker/oidc/src/main/java/org/keycloak/broker/oidc/AbstractOAuth2IdentityProvider.java +++ b/broker/oidc/src/main/java/org/keycloak/broker/oidc/AbstractOAuth2IdentityProvider.java @@ -143,7 +143,7 @@ public abstract class AbstractOAuth2IdentityProvider