From e82e584b81ca9c59cbe716d861eba8d9137af955 Mon Sep 17 00:00:00 2001 From: Bill Burke Date: Wed, 23 Nov 2016 16:48:02 -0500 Subject: [PATCH] port removed migrators --- .../migration/MigrationModelManager.java | 16 ++- .../migration/migrators/MigrateTo1_3_0.java | 100 ++++++++++++++++++ .../migration/migrators/MigrateTo1_4_0.java | 88 +++++++++++++++ .../migration/migrators/MigrateTo1_8_0.java | 81 ++++++++++++++ .../ldap/LDAPGroupMapper2WaySyncTest.java | 8 +- .../storage/ldap/LDAPGroupMapperSyncTest.java | 8 +- .../storage/ldap/LDAPGroupMapperTest.java | 10 +- .../ldap/LDAPProvidersIntegrationTest.java | 14 +-- .../storage/ldap/LDAPRoleMappingsTest.java | 4 +- .../federation/storage/ldap/LDAPSyncTest.java | 2 +- .../storage/ldap/LDAPTestUtils.java | 20 ++-- 11 files changed, 317 insertions(+), 34 deletions(-) create mode 100755 server-spi-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_3_0.java create mode 100755 server-spi-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_4_0.java create mode 100644 server-spi-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_8_0.java diff --git a/server-spi-private/src/main/java/org/keycloak/migration/MigrationModelManager.java b/server-spi-private/src/main/java/org/keycloak/migration/MigrationModelManager.java index c569e9cc19..205d17c371 100755 --- a/server-spi-private/src/main/java/org/keycloak/migration/MigrationModelManager.java +++ b/server-spi-private/src/main/java/org/keycloak/migration/MigrationModelManager.java @@ -18,6 +18,13 @@ package org.keycloak.migration; import org.jboss.logging.Logger; +import org.keycloak.migration.migrators.MigrateTo1_2_0; +import org.keycloak.migration.migrators.MigrateTo1_3_0; +import org.keycloak.migration.migrators.MigrateTo1_4_0; +import org.keycloak.migration.migrators.MigrateTo1_5_0; +import org.keycloak.migration.migrators.MigrateTo1_6_0; +import org.keycloak.migration.migrators.MigrateTo1_7_0; +import org.keycloak.migration.migrators.MigrateTo1_8_0; import org.keycloak.migration.migrators.MigrateTo1_9_0; import org.keycloak.migration.migrators.MigrateTo1_9_2; import org.keycloak.migration.migrators.MigrateTo2_0_0; @@ -35,7 +42,14 @@ public class MigrationModelManager { private static Logger logger = Logger.getLogger(MigrationModelManager.class); private static final Migration[] migrations = { - new MigrateTo1_9_0(), + new MigrateTo1_2_0(), + new MigrateTo1_3_0(), + new MigrateTo1_4_0(), + new MigrateTo1_5_0(), + new MigrateTo1_6_0(), + new MigrateTo1_7_0(), + new MigrateTo1_8_0(), + new MigrateTo1_9_0(), new MigrateTo1_9_2(), new MigrateTo2_0_0(), new MigrateTo2_1_0(), diff --git a/server-spi-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_3_0.java b/server-spi-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_3_0.java new file mode 100755 index 0000000000..cda91a44be --- /dev/null +++ b/server-spi-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_3_0.java @@ -0,0 +1,100 @@ +/* + * Copyright 2016 Red Hat, Inc. and/or its affiliates + * and other contributors as indicated by the @author tags. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.keycloak.migration.migrators; + +import org.keycloak.common.util.MultivaluedHashMap; +import org.keycloak.component.ComponentFactory; +import org.keycloak.component.ComponentModel; +import org.keycloak.migration.ModelVersion; +import org.keycloak.models.KeycloakSession; +import org.keycloak.models.LDAPConstants; +import org.keycloak.models.RealmModel; +import org.keycloak.provider.ProviderFactory; +import org.keycloak.storage.UserStorageProvider; +import org.keycloak.storage.UserStorageProviderModel; + +import javax.naming.directory.SearchControls; +import java.util.List; +import java.util.Map; +import java.util.Set; + +/** + * @author Bill Burke + * @version $Revision: 1 $ + */ +public class MigrateTo1_3_0 implements Migration { + public static final ModelVersion VERSION = new ModelVersion("1.3.0"); + + public ModelVersion getVersion() { + return VERSION; + } + + public void migrate(KeycloakSession session) { + List realms = session.realms().getRealms(); + for (RealmModel realm : realms) { + migrateLDAPProviders(session, realm); + } + + } + + private void migrateLDAPProviders(KeycloakSession session, RealmModel realm) { + List federationProviders = realm.getUserStorageProviders(); + for (UserStorageProviderModel fedProvider : federationProviders) { + + if (fedProvider.getProviderId().equals(LDAPConstants.LDAP_PROVIDER)) { + fedProvider = new UserStorageProviderModel(fedProvider); // copy don't want to muck with cache + MultivaluedHashMap config = fedProvider.getConfig(); + + // Update config properties for LDAP federation provider + if (config.get(LDAPConstants.SEARCH_SCOPE) == null) { + config.putSingle(LDAPConstants.SEARCH_SCOPE, String.valueOf(SearchControls.SUBTREE_SCOPE)); + } + + List usersDn = config.remove("userDnSuffix"); + if (usersDn != null && !usersDn.isEmpty() && config.getFirst(LDAPConstants.USERS_DN) == null) { + config.put(LDAPConstants.USERS_DN, usersDn); + } + + String usernameLdapAttribute = config.getFirst(LDAPConstants.USERNAME_LDAP_ATTRIBUTE); + if (usernameLdapAttribute != null && config.getFirst(LDAPConstants.RDN_LDAP_ATTRIBUTE) == null) { + if (usernameLdapAttribute.equalsIgnoreCase(LDAPConstants.SAM_ACCOUNT_NAME)) { + config.putSingle(LDAPConstants.RDN_LDAP_ATTRIBUTE, LDAPConstants.CN); + } else { + config.putSingle(LDAPConstants.RDN_LDAP_ATTRIBUTE, usernameLdapAttribute); + } + } + + if (config.getFirst(LDAPConstants.UUID_LDAP_ATTRIBUTE) == null) { + String uuidAttrName = LDAPConstants.getUuidAttributeName(config.getFirst(LDAPConstants.VENDOR)); + config.putSingle(LDAPConstants.UUID_LDAP_ATTRIBUTE, uuidAttrName); + } + + realm.updateComponent(fedProvider); + + // Create default mappers for LDAP + List mappers = realm.getComponents(fedProvider.getId()); + if (mappers.isEmpty()) { + ProviderFactory ldapFactory = session.getKeycloakSessionFactory().getProviderFactory(UserStorageProvider.class, LDAPConstants.LDAP_PROVIDER); + if (ldapFactory != null) { + ((ComponentFactory) ldapFactory).onCreate(session, realm, fedProvider); + } + } + } + } + } +} diff --git a/server-spi-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_4_0.java b/server-spi-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_4_0.java new file mode 100755 index 0000000000..766540d1da --- /dev/null +++ b/server-spi-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_4_0.java @@ -0,0 +1,88 @@ +/* + * Copyright 2016 Red Hat, Inc. and/or its affiliates + * and other contributors as indicated by the @author tags. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.keycloak.migration.migrators; + +import org.keycloak.component.ComponentModel; +import org.keycloak.migration.ModelVersion; +import org.keycloak.models.ImpersonationConstants; +import org.keycloak.models.KeycloakSession; +import org.keycloak.models.LDAPConstants; +import org.keycloak.models.RealmModel; +import org.keycloak.models.UserModel; +import org.keycloak.models.utils.DefaultAuthenticationFlows; +import org.keycloak.models.utils.DefaultRequiredActions; +import org.keycloak.models.utils.KeycloakModelUtils; +import org.keycloak.storage.UserStorageProviderModel; + +import java.util.Arrays; +import java.util.List; + +/** + * @author Bill Burke + * @version $Revision: 1 $ + */ +public class MigrateTo1_4_0 implements Migration { + public static final ModelVersion VERSION = new ModelVersion("1.4.0"); + public ModelVersion getVersion() { + return VERSION; + } + + public void migrate(KeycloakSession session) { + List realms = session.realms().getRealms(); + for (RealmModel realm : realms) { + if (realm.getAuthenticationFlows().size() == 0) { + DefaultAuthenticationFlows.migrateFlows(realm); + DefaultRequiredActions.addActions(realm); + } + ImpersonationConstants.setupImpersonationService(session, realm); + + migrateLDAPMappers(session, realm); + migrateUsers(session, realm); + } + + } + + private void migrateLDAPMappers(KeycloakSession session, RealmModel realm) { + List mandatoryInLdap = Arrays.asList("username", "username-cn", "first name", "last name"); + for (UserStorageProviderModel providerModel : realm.getUserStorageProviders()) { + if (providerModel.getProviderId().equals(LDAPConstants.LDAP_PROVIDER)) { + List mappers = realm.getComponents(providerModel.getId()); + for (ComponentModel mapper : mappers) { + if (mandatoryInLdap.contains(mapper.getName())) { + mapper = new ComponentModel(mapper); // don't want to modify cache + mapper.getConfig().putSingle("is.mandatory.in.ldap", "true"); + realm.updateComponent(mapper); + } + + } + } + } + } + + private void migrateUsers(KeycloakSession session, RealmModel realm) { + List users = session.userLocalStorage().getUsers(realm, false); + for (UserModel user : users) { + String email = user.getEmail(); + email = KeycloakModelUtils.toLowerCaseSafe(email); + if (email != null && !email.equals(user.getEmail())) { + user.setEmail(email); + session.userCache().evict(realm, user); + } + } + } +} diff --git a/server-spi-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_8_0.java b/server-spi-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_8_0.java new file mode 100644 index 0000000000..3c5d4d9fd2 --- /dev/null +++ b/server-spi-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_8_0.java @@ -0,0 +1,81 @@ +/* + * Copyright 2016 Red Hat, Inc. and/or its affiliates + * and other contributors as indicated by the @author tags. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.keycloak.migration.migrators; + +import org.keycloak.common.util.MultivaluedHashMap; +import org.keycloak.component.ComponentModel; +import org.keycloak.migration.ModelVersion; +import org.keycloak.models.KeycloakSession; +import org.keycloak.models.LDAPConstants; +import org.keycloak.models.RealmModel; +import org.keycloak.models.utils.KeycloakModelUtils; +import org.keycloak.storage.UserStorageProviderModel; + +import java.util.List; +import java.util.Map; + +/** + * @author Marek Posolda + */ +public class MigrateTo1_8_0 implements Migration { + + public static final ModelVersion VERSION = new ModelVersion("1.8.0"); + + public ModelVersion getVersion() { + return VERSION; + } + + + public void migrate(KeycloakSession session) { + List realms = session.realms().getRealms(); + for (RealmModel realm : realms) { + + List federationProviders = realm.getUserStorageProviders(); + for (UserStorageProviderModel fedProvider : federationProviders) { + + if (fedProvider.getProviderId().equals(LDAPConstants.LDAP_PROVIDER)) { + + if (isActiveDirectory(fedProvider)) { + // Create mapper for MSAD account controls + if (getMapperByName(realm, fedProvider, "MSAD account controls") == null) { + ComponentModel mapperModel = KeycloakModelUtils.createComponentModel("MSAD account controls", fedProvider.getId(), LDAPConstants.MSAD_USER_ACCOUNT_CONTROL_MAPPER, "org.keycloak.storage.ldap.mappers.LDAPStorageMapper"); + realm.addComponentModel(mapperModel); + } + } + } + } + + } + } + + public static ComponentModel getMapperByName(RealmModel realm, ComponentModel providerModel, String name) { + List components = realm.getComponents(providerModel.getId(), "org.keycloak.storage.ldap.mappers.LDAPStorageMapper"); + for (ComponentModel component : components) { + if (component.getName().equals(name)) { + return component; + } + } + return null; + } + + + private boolean isActiveDirectory(UserStorageProviderModel provider) { + String vendor = provider.getConfig().getFirst(LDAPConstants.VENDOR); + return vendor != null && vendor.equals(LDAPConstants.VENDOR_ACTIVE_DIRECTORY); + } +} diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapper2WaySyncTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapper2WaySyncTest.java index 47bd2bb186..78e690731d 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapper2WaySyncTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapper2WaySyncTest.java @@ -107,7 +107,7 @@ public class LDAPGroupMapper2WaySyncTest { KeycloakSession session = keycloakRule.startSession(); try { RealmModel realm = session.realms().getRealmByName("test"); - ComponentModel mapperModel = LDAPTestUtils.getComponentByName(realm,ldapModel, "groupsMapper"); + ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm,ldapModel, "groupsMapper"); LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel); // Update group mapper to skip preserve inheritance and check it will pass now @@ -139,7 +139,7 @@ public class LDAPGroupMapper2WaySyncTest { session = keycloakRule.startSession(); try { RealmModel realm = session.realms().getRealmByName("test"); - ComponentModel mapperModel = LDAPTestUtils.getComponentByName(realm,ldapModel, "groupsMapper"); + ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm,ldapModel, "groupsMapper"); LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel); // Sync from LDAP back into Keycloak @@ -171,7 +171,7 @@ public class LDAPGroupMapper2WaySyncTest { KeycloakSession session = keycloakRule.startSession(); try { RealmModel realm = session.realms().getRealmByName("test"); - ComponentModel mapperModel = LDAPTestUtils.getComponentByName(realm,ldapModel, "groupsMapper"); + ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm,ldapModel, "groupsMapper"); LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel); // Update group mapper to skip preserve inheritance and check it will pass now @@ -203,7 +203,7 @@ public class LDAPGroupMapper2WaySyncTest { session = keycloakRule.startSession(); try { RealmModel realm = session.realms().getRealmByName("test"); - ComponentModel mapperModel = LDAPTestUtils.getComponentByName(realm,ldapModel, "groupsMapper"); + ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm,ldapModel, "groupsMapper"); LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel); // Sync from LDAP back into Keycloak diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapperSyncTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapperSyncTest.java index 91075ae4ee..e5a9ff3ff2 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapperSyncTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapperSyncTest.java @@ -125,7 +125,7 @@ public class LDAPGroupMapperSyncTest { KeycloakSession session = keycloakRule.startSession(); try { RealmModel realm = session.realms().getRealmByName("test"); - ComponentModel mapperModel = LDAPTestUtils.getComponentByName(realm,ldapModel, "groupsMapper"); + ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm,ldapModel, "groupsMapper"); LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel); GroupLDAPStorageMapper groupMapper = LDAPTestUtils.getGroupMapper(mapperModel, ldapProvider, realm); @@ -171,7 +171,7 @@ public class LDAPGroupMapperSyncTest { KeycloakSession session = keycloakRule.startSession(); try { RealmModel realm = session.realms().getRealmByName("test"); - ComponentModel mapperModel = LDAPTestUtils.getComponentByName(realm,ldapModel, "groupsMapper"); + ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm,ldapModel, "groupsMapper"); LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel); GroupLDAPStorageMapper groupMapper = LDAPTestUtils.getGroupMapper(mapperModel, ldapProvider, realm); @@ -220,7 +220,7 @@ public class LDAPGroupMapperSyncTest { KeycloakSession session = keycloakRule.startSession(); try { RealmModel realm = session.realms().getRealmByName("test"); - ComponentModel mapperModel = LDAPTestUtils.getComponentByName(realm,ldapModel, "groupsMapper"); + ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm,ldapModel, "groupsMapper"); LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel); // Sync groups with inheritance @@ -275,7 +275,7 @@ public class LDAPGroupMapperSyncTest { KeycloakSession session = keycloakRule.startSession(); try { RealmModel realm = session.realms().getRealmByName("test"); - ComponentModel mapperModel = LDAPTestUtils.getComponentByName(realm,ldapModel, "groupsMapper"); + ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm,ldapModel, "groupsMapper"); LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel); GroupLDAPStorageMapper groupMapper = LDAPTestUtils.getGroupMapper(mapperModel, ldapProvider, realm); diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapperTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapperTest.java index 693b8aeaff..5157b1f682 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapperTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapperTest.java @@ -102,7 +102,7 @@ public class LDAPGroupMapperTest { LDAPUtils.addMember(ldapFedProvider, MembershipType.DN, LDAPConstants.MEMBER, group1, group12, true); // Sync LDAP groups to Keycloak DB - ComponentModel mapperModel = LDAPTestUtils.getComponentByName(appRealm,ldapModel, "groupsMapper"); + ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(appRealm,ldapModel, "groupsMapper"); new GroupLDAPStorageMapperFactory().create(session, mapperModel).syncDataFromFederationProviderToKeycloak(mapperModel, ldapFedProvider, session, appRealm); // Delete all LDAP users @@ -135,7 +135,7 @@ public class LDAPGroupMapperTest { try { RealmModel appRealm = session.realms().getRealmByName("test"); - ComponentModel mapperModel = LDAPTestUtils.getComponentByName(appRealm,ldapModel, "groupsMapper"); + ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(appRealm,ldapModel, "groupsMapper"); LDAPTestUtils.updateGroupMapperConfigOptions(mapperModel, GroupMapperConfig.MODE, LDAPGroupMapperMode.LDAP_ONLY.toString()); appRealm.updateComponent(mapperModel); @@ -205,7 +205,7 @@ public class LDAPGroupMapperTest { System.out.println("starting test02_readOnlyGroupMappings"); RealmModel appRealm = session.realms().getRealmByName("test"); - ComponentModel mapperModel = LDAPTestUtils.getComponentByName(appRealm,ldapModel, "groupsMapper"); + ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(appRealm,ldapModel, "groupsMapper"); LDAPTestUtils.updateGroupMapperConfigOptions(mapperModel, GroupMapperConfig.MODE, LDAPGroupMapperMode.READ_ONLY.toString()); appRealm.updateComponent(mapperModel); @@ -273,7 +273,7 @@ public class LDAPGroupMapperTest { try { RealmModel appRealm = session.realms().getRealmByName("test"); - ComponentModel mapperModel = LDAPTestUtils.getComponentByName(appRealm,ldapModel, "groupsMapper"); + ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(appRealm,ldapModel, "groupsMapper"); LDAPTestUtils.updateGroupMapperConfigOptions(mapperModel, GroupMapperConfig.MODE, LDAPGroupMapperMode.IMPORT.toString()); appRealm.updateComponent(mapperModel); @@ -328,7 +328,7 @@ public class LDAPGroupMapperTest { RealmModel appRealm = session.realms().getRealmByName("test"); - ComponentModel mapperModel = LDAPTestUtils.getComponentByName(appRealm,ldapModel, "groupsMapper"); + ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(appRealm,ldapModel, "groupsMapper"); LDAPTestUtils.updateGroupMapperConfigOptions(mapperModel, GroupMapperConfig.MODE, LDAPGroupMapperMode.LDAP_ONLY.toString()); appRealm.updateComponent(mapperModel); diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPProvidersIntegrationTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPProvidersIntegrationTest.java index def66390c8..8881e42303 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPProvidersIntegrationTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPProvidersIntegrationTest.java @@ -383,7 +383,7 @@ public class LDAPProvidersIntegrationTest { LDAPObject johnZip = LDAPTestUtils.addLDAPUser(ldapFedProvider, appRealm, "johnzip", "John", "Zip", "johnzip@email.org", null, "12398"); // Remove default zipcode mapper and add the mapper for "POstalCode" to test case sensitivity - ComponentModel currentZipMapper = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "zipCodeMapper"); + ComponentModel currentZipMapper = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "zipCodeMapper"); appRealm.removeComponent(currentZipMapper); LDAPTestUtils.addUserAttributeMapper(appRealm, ldapModel, "zipCodeMapper-cs", "postal_code", "POstalCode"); @@ -480,12 +480,12 @@ public class LDAPProvidersIntegrationTest { RealmModel appRealm = new RealmManager(session).getRealmByName("test"); // Update postalCode mapper to always read the value from LDAP - ComponentModel zipMapper = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "zipCodeMapper"); + ComponentModel zipMapper = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "zipCodeMapper"); zipMapper.getConfig().putSingle(UserAttributeLDAPStorageMapper.ALWAYS_READ_VALUE_FROM_LDAP, "true"); appRealm.updateComponent(zipMapper); // Update lastName mapper to read the value from Keycloak DB - ComponentModel lastNameMapper = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "last name"); + ComponentModel lastNameMapper = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "last name"); lastNameMapper.getConfig().putSingle(UserAttributeLDAPStorageMapper.ALWAYS_READ_VALUE_FROM_LDAP, "false"); appRealm.updateComponent(lastNameMapper); @@ -527,7 +527,7 @@ public class LDAPProvidersIntegrationTest { LDAPTestUtils.addLDAPUser(ldapFedProvider, appRealm, "fullname", "James Dee", "Dee", "fullname@email.org", null, "4578"); // add fullname mapper to the provider and remove "firstNameMapper". For this test, we will simply map full name to the LDAP attribute, which was before firstName ( "givenName" on active directory, "cn" on other LDAP servers) - firstNameMapper = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "first name"); + firstNameMapper = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "first name"); String ldapFirstNameAttributeName = firstNameMapper.getConfig().getFirst(UserAttributeLDAPStorageMapper.LDAP_ATTRIBUTE); appRealm.removeComponent(firstNameMapper); @@ -547,7 +547,7 @@ public class LDAPProvidersIntegrationTest { LDAPTestUtils.assertUserImported(session.users(), appRealm, "fullname", "James", "Dee", "fullname@email.org", "4578"); // change mapper to writeOnly - ComponentModel fullNameMapperModel = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "full name"); + ComponentModel fullNameMapperModel = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "full name"); fullNameMapperModel.getConfig().putSingle(FullNameLDAPStorageMapper.WRITE_ONLY, "true"); appRealm.updateComponent(fullNameMapperModel); } finally { @@ -581,7 +581,7 @@ public class LDAPProvidersIntegrationTest { session.users().removeUser(appRealm, fullnameUser); // Revert mappers - ComponentModel fullNameMapperModel = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "full name"); + ComponentModel fullNameMapperModel = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "full name"); appRealm.removeComponent(fullNameMapperModel); firstNameMapper.setId(null); @@ -628,7 +628,7 @@ public class LDAPProvidersIntegrationTest { } // Revert mappers - ComponentModel hardcodedMapperModel = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "hardcoded role"); + ComponentModel hardcodedMapperModel = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "hardcoded role"); appRealm.removeComponent(hardcodedMapperModel); } finally { keycloakRule.stopSession(session, true); diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPRoleMappingsTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPRoleMappingsTest.java index 3cb70fbc1d..7329a02dc8 100644 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPRoleMappingsTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPRoleMappingsTest.java @@ -247,7 +247,7 @@ public class LDAPRoleMappingsTest { } // Add some role mappings directly into LDAP - ComponentModel roleMapperModel = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "realmRolesMapper"); + ComponentModel roleMapperModel = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "realmRolesMapper"); LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel); RoleLDAPStorageMapper roleMapper = LDAPTestUtils.getRoleMapper(roleMapperModel, ldapProvider, appRealm); @@ -309,7 +309,7 @@ public class LDAPRoleMappingsTest { LDAPTestUtils.addOrUpdateRoleLDAPMappers(appRealm, ldapModel, LDAPGroupMapperMode.IMPORT); // Add some role mappings directly in LDAP - ComponentModel roleMapperModel = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "realmRolesMapper"); + ComponentModel roleMapperModel = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "realmRolesMapper"); LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel); RoleLDAPStorageMapper roleMapper = LDAPTestUtils.getRoleMapper(roleMapperModel, ldapProvider, appRealm); diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPSyncTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPSyncTest.java index 41438467b9..32f6457d00 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPSyncTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPSyncTest.java @@ -360,7 +360,7 @@ public class LDAPSyncTest { UserStorageProviderModel providerModel = KeycloakModelUtils.findUserStorageProviderByName(ldapModel.getName(), testRealm); providerModel.getConfig().putSingle(LDAPConstants.USERNAME_LDAP_ATTRIBUTE, origUsernameAttrName); testRealm.updateComponent(providerModel); - ComponentModel streetMapper = LDAPTestUtils.getComponentByName(testRealm, providerModel, "streetMapper"); + ComponentModel streetMapper = LDAPTestUtils.getSubcomponentByName(testRealm, providerModel, "streetMapper"); testRealm.removeComponent(streetMapper); } finally { keycloakRule.stopSession(session, true); diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPTestUtils.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPTestUtils.java index ae58321d5a..df86f1f712 100644 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPTestUtils.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPTestUtils.java @@ -167,7 +167,7 @@ public class LDAPTestUtils { } public static void addOrUpdateRoleLDAPMappers(RealmModel realm, ComponentModel providerModel, LDAPGroupMapperMode mode) { - ComponentModel mapperModel = getComponentByName(realm, providerModel, "realmRolesMapper"); + ComponentModel mapperModel = getSubcomponentByName(realm, providerModel, "realmRolesMapper"); if (mapperModel != null) { mapperModel.getConfig().putSingle(RoleMapperConfig.MODE, mode.toString()); realm.updateComponent(mapperModel); @@ -180,7 +180,7 @@ public class LDAPTestUtils { realm.addComponentModel(mapperModel); } - mapperModel = getComponentByName(realm, providerModel, "financeRolesMapper"); + mapperModel = getSubcomponentByName(realm, providerModel, "financeRolesMapper"); if (mapperModel != null) { mapperModel.getConfig().putSingle(RoleMapperConfig.MODE, mode.toString()); realm.updateComponent(mapperModel); @@ -195,7 +195,7 @@ public class LDAPTestUtils { } } - public static ComponentModel getComponentByName(RealmModel realm, ComponentModel providerModel, String name) { + public static ComponentModel getSubcomponentByName(RealmModel realm, ComponentModel providerModel, String name) { List components = realm.getComponents(providerModel.getId(), LDAPStorageMapper.class.getName()); for (ComponentModel component : components) { if (component.getName().equals(name)) { @@ -206,7 +206,7 @@ public class LDAPTestUtils { } public static void addOrUpdateGroupMapper(RealmModel realm, ComponentModel providerModel, LDAPGroupMapperMode mode, String descriptionAttrName, String... otherConfigOptions) { - ComponentModel mapperModel = getComponentByName(realm, providerModel, "groupsMapper"); + ComponentModel mapperModel = getSubcomponentByName(realm, providerModel, "groupsMapper"); if (mapperModel != null) { mapperModel.getConfig().putSingle(GroupMapperConfig.MODE, mode.toString()); updateGroupMapperConfigOptions(mapperModel, otherConfigOptions); @@ -234,12 +234,12 @@ public class LDAPTestUtils { // End CRUD model mappers public static void syncRolesFromLDAP(RealmModel realm, LDAPStorageProvider ldapProvider, ComponentModel providerModel) { - ComponentModel mapperModel = getComponentByName(realm, providerModel, "realmRolesMapper"); + ComponentModel mapperModel = getSubcomponentByName(realm, providerModel, "realmRolesMapper"); RoleLDAPStorageMapper roleMapper = getRoleMapper(mapperModel, ldapProvider, realm); roleMapper.syncDataFromFederationProviderToKeycloak(); - mapperModel = getComponentByName(realm, providerModel, "financeRolesMapper"); + mapperModel = getSubcomponentByName(realm, providerModel, "financeRolesMapper"); roleMapper = getRoleMapper(mapperModel, ldapProvider, realm); roleMapper.syncDataFromFederationProviderToKeycloak(); } @@ -255,7 +255,7 @@ public class LDAPTestUtils { } public static void removeAllLDAPRoles(KeycloakSession session, RealmModel appRealm, ComponentModel ldapModel, String mapperName) { - ComponentModel mapperModel = getComponentByName(appRealm, ldapModel, mapperName); + ComponentModel mapperModel = getSubcomponentByName(appRealm, ldapModel, mapperName); LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel); LDAPQuery roleQuery = getRoleMapper(mapperModel, ldapProvider, appRealm).createRoleQuery(); List ldapRoles = roleQuery.getResultList(); @@ -265,7 +265,7 @@ public class LDAPTestUtils { } public static void removeAllLDAPGroups(KeycloakSession session, RealmModel appRealm, ComponentModel ldapModel, String mapperName) { - ComponentModel mapperModel = getComponentByName(appRealm, ldapModel, mapperName); + ComponentModel mapperModel = getSubcomponentByName(appRealm, ldapModel, mapperName); LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel); LDAPQuery roleQuery = getGroupMapper(mapperModel, ldapProvider, appRealm).createGroupQuery(); List ldapRoles = roleQuery.getResultList(); @@ -275,13 +275,13 @@ public class LDAPTestUtils { } public static void createLDAPRole(KeycloakSession session, RealmModel appRealm, ComponentModel ldapModel, String mapperName, String roleName) { - ComponentModel mapperModel = getComponentByName(appRealm, ldapModel, mapperName); + ComponentModel mapperModel = getSubcomponentByName(appRealm, ldapModel, mapperName); LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel); getRoleMapper(mapperModel, ldapProvider, appRealm).createLDAPRole(roleName); } public static LDAPObject createLDAPGroup(KeycloakSession session, RealmModel appRealm, ComponentModel ldapModel, String groupName, String... additionalAttrs) { - ComponentModel mapperModel = getComponentByName(appRealm, ldapModel, "groupsMapper"); + ComponentModel mapperModel = getSubcomponentByName(appRealm, ldapModel, "groupsMapper"); LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel); Map> additAttrs = new HashMap<>();