port removed migrators
This commit is contained in:
parent
ccbd8e8c70
commit
e82e584b81
11 changed files with 317 additions and 34 deletions
|
@ -18,6 +18,13 @@
|
|||
package org.keycloak.migration;
|
||||
|
||||
import org.jboss.logging.Logger;
|
||||
import org.keycloak.migration.migrators.MigrateTo1_2_0;
|
||||
import org.keycloak.migration.migrators.MigrateTo1_3_0;
|
||||
import org.keycloak.migration.migrators.MigrateTo1_4_0;
|
||||
import org.keycloak.migration.migrators.MigrateTo1_5_0;
|
||||
import org.keycloak.migration.migrators.MigrateTo1_6_0;
|
||||
import org.keycloak.migration.migrators.MigrateTo1_7_0;
|
||||
import org.keycloak.migration.migrators.MigrateTo1_8_0;
|
||||
import org.keycloak.migration.migrators.MigrateTo1_9_0;
|
||||
import org.keycloak.migration.migrators.MigrateTo1_9_2;
|
||||
import org.keycloak.migration.migrators.MigrateTo2_0_0;
|
||||
|
@ -35,6 +42,13 @@ public class MigrationModelManager {
|
|||
private static Logger logger = Logger.getLogger(MigrationModelManager.class);
|
||||
|
||||
private static final Migration[] migrations = {
|
||||
new MigrateTo1_2_0(),
|
||||
new MigrateTo1_3_0(),
|
||||
new MigrateTo1_4_0(),
|
||||
new MigrateTo1_5_0(),
|
||||
new MigrateTo1_6_0(),
|
||||
new MigrateTo1_7_0(),
|
||||
new MigrateTo1_8_0(),
|
||||
new MigrateTo1_9_0(),
|
||||
new MigrateTo1_9_2(),
|
||||
new MigrateTo2_0_0(),
|
||||
|
|
|
@ -0,0 +1,100 @@
|
|||
/*
|
||||
* Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.migration.migrators;
|
||||
|
||||
import org.keycloak.common.util.MultivaluedHashMap;
|
||||
import org.keycloak.component.ComponentFactory;
|
||||
import org.keycloak.component.ComponentModel;
|
||||
import org.keycloak.migration.ModelVersion;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.LDAPConstants;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.provider.ProviderFactory;
|
||||
import org.keycloak.storage.UserStorageProvider;
|
||||
import org.keycloak.storage.UserStorageProviderModel;
|
||||
|
||||
import javax.naming.directory.SearchControls;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||
* @version $Revision: 1 $
|
||||
*/
|
||||
public class MigrateTo1_3_0 implements Migration {
|
||||
public static final ModelVersion VERSION = new ModelVersion("1.3.0");
|
||||
|
||||
public ModelVersion getVersion() {
|
||||
return VERSION;
|
||||
}
|
||||
|
||||
public void migrate(KeycloakSession session) {
|
||||
List<RealmModel> realms = session.realms().getRealms();
|
||||
for (RealmModel realm : realms) {
|
||||
migrateLDAPProviders(session, realm);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
private void migrateLDAPProviders(KeycloakSession session, RealmModel realm) {
|
||||
List<UserStorageProviderModel> federationProviders = realm.getUserStorageProviders();
|
||||
for (UserStorageProviderModel fedProvider : federationProviders) {
|
||||
|
||||
if (fedProvider.getProviderId().equals(LDAPConstants.LDAP_PROVIDER)) {
|
||||
fedProvider = new UserStorageProviderModel(fedProvider); // copy don't want to muck with cache
|
||||
MultivaluedHashMap<String, String> config = fedProvider.getConfig();
|
||||
|
||||
// Update config properties for LDAP federation provider
|
||||
if (config.get(LDAPConstants.SEARCH_SCOPE) == null) {
|
||||
config.putSingle(LDAPConstants.SEARCH_SCOPE, String.valueOf(SearchControls.SUBTREE_SCOPE));
|
||||
}
|
||||
|
||||
List<String> usersDn = config.remove("userDnSuffix");
|
||||
if (usersDn != null && !usersDn.isEmpty() && config.getFirst(LDAPConstants.USERS_DN) == null) {
|
||||
config.put(LDAPConstants.USERS_DN, usersDn);
|
||||
}
|
||||
|
||||
String usernameLdapAttribute = config.getFirst(LDAPConstants.USERNAME_LDAP_ATTRIBUTE);
|
||||
if (usernameLdapAttribute != null && config.getFirst(LDAPConstants.RDN_LDAP_ATTRIBUTE) == null) {
|
||||
if (usernameLdapAttribute.equalsIgnoreCase(LDAPConstants.SAM_ACCOUNT_NAME)) {
|
||||
config.putSingle(LDAPConstants.RDN_LDAP_ATTRIBUTE, LDAPConstants.CN);
|
||||
} else {
|
||||
config.putSingle(LDAPConstants.RDN_LDAP_ATTRIBUTE, usernameLdapAttribute);
|
||||
}
|
||||
}
|
||||
|
||||
if (config.getFirst(LDAPConstants.UUID_LDAP_ATTRIBUTE) == null) {
|
||||
String uuidAttrName = LDAPConstants.getUuidAttributeName(config.getFirst(LDAPConstants.VENDOR));
|
||||
config.putSingle(LDAPConstants.UUID_LDAP_ATTRIBUTE, uuidAttrName);
|
||||
}
|
||||
|
||||
realm.updateComponent(fedProvider);
|
||||
|
||||
// Create default mappers for LDAP
|
||||
List<ComponentModel> mappers = realm.getComponents(fedProvider.getId());
|
||||
if (mappers.isEmpty()) {
|
||||
ProviderFactory ldapFactory = session.getKeycloakSessionFactory().getProviderFactory(UserStorageProvider.class, LDAPConstants.LDAP_PROVIDER);
|
||||
if (ldapFactory != null) {
|
||||
((ComponentFactory) ldapFactory).onCreate(session, realm, fedProvider);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,88 @@
|
|||
/*
|
||||
* Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.migration.migrators;
|
||||
|
||||
import org.keycloak.component.ComponentModel;
|
||||
import org.keycloak.migration.ModelVersion;
|
||||
import org.keycloak.models.ImpersonationConstants;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.LDAPConstants;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.models.utils.DefaultAuthenticationFlows;
|
||||
import org.keycloak.models.utils.DefaultRequiredActions;
|
||||
import org.keycloak.models.utils.KeycloakModelUtils;
|
||||
import org.keycloak.storage.UserStorageProviderModel;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||
* @version $Revision: 1 $
|
||||
*/
|
||||
public class MigrateTo1_4_0 implements Migration {
|
||||
public static final ModelVersion VERSION = new ModelVersion("1.4.0");
|
||||
public ModelVersion getVersion() {
|
||||
return VERSION;
|
||||
}
|
||||
|
||||
public void migrate(KeycloakSession session) {
|
||||
List<RealmModel> realms = session.realms().getRealms();
|
||||
for (RealmModel realm : realms) {
|
||||
if (realm.getAuthenticationFlows().size() == 0) {
|
||||
DefaultAuthenticationFlows.migrateFlows(realm);
|
||||
DefaultRequiredActions.addActions(realm);
|
||||
}
|
||||
ImpersonationConstants.setupImpersonationService(session, realm);
|
||||
|
||||
migrateLDAPMappers(session, realm);
|
||||
migrateUsers(session, realm);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
private void migrateLDAPMappers(KeycloakSession session, RealmModel realm) {
|
||||
List<String> mandatoryInLdap = Arrays.asList("username", "username-cn", "first name", "last name");
|
||||
for (UserStorageProviderModel providerModel : realm.getUserStorageProviders()) {
|
||||
if (providerModel.getProviderId().equals(LDAPConstants.LDAP_PROVIDER)) {
|
||||
List<ComponentModel> mappers = realm.getComponents(providerModel.getId());
|
||||
for (ComponentModel mapper : mappers) {
|
||||
if (mandatoryInLdap.contains(mapper.getName())) {
|
||||
mapper = new ComponentModel(mapper); // don't want to modify cache
|
||||
mapper.getConfig().putSingle("is.mandatory.in.ldap", "true");
|
||||
realm.updateComponent(mapper);
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private void migrateUsers(KeycloakSession session, RealmModel realm) {
|
||||
List<UserModel> users = session.userLocalStorage().getUsers(realm, false);
|
||||
for (UserModel user : users) {
|
||||
String email = user.getEmail();
|
||||
email = KeycloakModelUtils.toLowerCaseSafe(email);
|
||||
if (email != null && !email.equals(user.getEmail())) {
|
||||
user.setEmail(email);
|
||||
session.userCache().evict(realm, user);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,81 @@
|
|||
/*
|
||||
* Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.migration.migrators;
|
||||
|
||||
import org.keycloak.common.util.MultivaluedHashMap;
|
||||
import org.keycloak.component.ComponentModel;
|
||||
import org.keycloak.migration.ModelVersion;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.LDAPConstants;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.models.utils.KeycloakModelUtils;
|
||||
import org.keycloak.storage.UserStorageProviderModel;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
|
||||
*/
|
||||
public class MigrateTo1_8_0 implements Migration {
|
||||
|
||||
public static final ModelVersion VERSION = new ModelVersion("1.8.0");
|
||||
|
||||
public ModelVersion getVersion() {
|
||||
return VERSION;
|
||||
}
|
||||
|
||||
|
||||
public void migrate(KeycloakSession session) {
|
||||
List<RealmModel> realms = session.realms().getRealms();
|
||||
for (RealmModel realm : realms) {
|
||||
|
||||
List<UserStorageProviderModel> federationProviders = realm.getUserStorageProviders();
|
||||
for (UserStorageProviderModel fedProvider : federationProviders) {
|
||||
|
||||
if (fedProvider.getProviderId().equals(LDAPConstants.LDAP_PROVIDER)) {
|
||||
|
||||
if (isActiveDirectory(fedProvider)) {
|
||||
// Create mapper for MSAD account controls
|
||||
if (getMapperByName(realm, fedProvider, "MSAD account controls") == null) {
|
||||
ComponentModel mapperModel = KeycloakModelUtils.createComponentModel("MSAD account controls", fedProvider.getId(), LDAPConstants.MSAD_USER_ACCOUNT_CONTROL_MAPPER, "org.keycloak.storage.ldap.mappers.LDAPStorageMapper");
|
||||
realm.addComponentModel(mapperModel);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
public static ComponentModel getMapperByName(RealmModel realm, ComponentModel providerModel, String name) {
|
||||
List<ComponentModel> components = realm.getComponents(providerModel.getId(), "org.keycloak.storage.ldap.mappers.LDAPStorageMapper");
|
||||
for (ComponentModel component : components) {
|
||||
if (component.getName().equals(name)) {
|
||||
return component;
|
||||
}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
private boolean isActiveDirectory(UserStorageProviderModel provider) {
|
||||
String vendor = provider.getConfig().getFirst(LDAPConstants.VENDOR);
|
||||
return vendor != null && vendor.equals(LDAPConstants.VENDOR_ACTIVE_DIRECTORY);
|
||||
}
|
||||
}
|
|
@ -107,7 +107,7 @@ public class LDAPGroupMapper2WaySyncTest {
|
|||
KeycloakSession session = keycloakRule.startSession();
|
||||
try {
|
||||
RealmModel realm = session.realms().getRealmByName("test");
|
||||
ComponentModel mapperModel = LDAPTestUtils.getComponentByName(realm,ldapModel, "groupsMapper");
|
||||
ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm,ldapModel, "groupsMapper");
|
||||
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
|
||||
|
||||
// Update group mapper to skip preserve inheritance and check it will pass now
|
||||
|
@ -139,7 +139,7 @@ public class LDAPGroupMapper2WaySyncTest {
|
|||
session = keycloakRule.startSession();
|
||||
try {
|
||||
RealmModel realm = session.realms().getRealmByName("test");
|
||||
ComponentModel mapperModel = LDAPTestUtils.getComponentByName(realm,ldapModel, "groupsMapper");
|
||||
ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm,ldapModel, "groupsMapper");
|
||||
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
|
||||
|
||||
// Sync from LDAP back into Keycloak
|
||||
|
@ -171,7 +171,7 @@ public class LDAPGroupMapper2WaySyncTest {
|
|||
KeycloakSession session = keycloakRule.startSession();
|
||||
try {
|
||||
RealmModel realm = session.realms().getRealmByName("test");
|
||||
ComponentModel mapperModel = LDAPTestUtils.getComponentByName(realm,ldapModel, "groupsMapper");
|
||||
ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm,ldapModel, "groupsMapper");
|
||||
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
|
||||
|
||||
// Update group mapper to skip preserve inheritance and check it will pass now
|
||||
|
@ -203,7 +203,7 @@ public class LDAPGroupMapper2WaySyncTest {
|
|||
session = keycloakRule.startSession();
|
||||
try {
|
||||
RealmModel realm = session.realms().getRealmByName("test");
|
||||
ComponentModel mapperModel = LDAPTestUtils.getComponentByName(realm,ldapModel, "groupsMapper");
|
||||
ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm,ldapModel, "groupsMapper");
|
||||
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
|
||||
|
||||
// Sync from LDAP back into Keycloak
|
||||
|
|
|
@ -125,7 +125,7 @@ public class LDAPGroupMapperSyncTest {
|
|||
KeycloakSession session = keycloakRule.startSession();
|
||||
try {
|
||||
RealmModel realm = session.realms().getRealmByName("test");
|
||||
ComponentModel mapperModel = LDAPTestUtils.getComponentByName(realm,ldapModel, "groupsMapper");
|
||||
ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm,ldapModel, "groupsMapper");
|
||||
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
|
||||
GroupLDAPStorageMapper groupMapper = LDAPTestUtils.getGroupMapper(mapperModel, ldapProvider, realm);
|
||||
|
||||
|
@ -171,7 +171,7 @@ public class LDAPGroupMapperSyncTest {
|
|||
KeycloakSession session = keycloakRule.startSession();
|
||||
try {
|
||||
RealmModel realm = session.realms().getRealmByName("test");
|
||||
ComponentModel mapperModel = LDAPTestUtils.getComponentByName(realm,ldapModel, "groupsMapper");
|
||||
ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm,ldapModel, "groupsMapper");
|
||||
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
|
||||
GroupLDAPStorageMapper groupMapper = LDAPTestUtils.getGroupMapper(mapperModel, ldapProvider, realm);
|
||||
|
||||
|
@ -220,7 +220,7 @@ public class LDAPGroupMapperSyncTest {
|
|||
KeycloakSession session = keycloakRule.startSession();
|
||||
try {
|
||||
RealmModel realm = session.realms().getRealmByName("test");
|
||||
ComponentModel mapperModel = LDAPTestUtils.getComponentByName(realm,ldapModel, "groupsMapper");
|
||||
ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm,ldapModel, "groupsMapper");
|
||||
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
|
||||
|
||||
// Sync groups with inheritance
|
||||
|
@ -275,7 +275,7 @@ public class LDAPGroupMapperSyncTest {
|
|||
KeycloakSession session = keycloakRule.startSession();
|
||||
try {
|
||||
RealmModel realm = session.realms().getRealmByName("test");
|
||||
ComponentModel mapperModel = LDAPTestUtils.getComponentByName(realm,ldapModel, "groupsMapper");
|
||||
ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm,ldapModel, "groupsMapper");
|
||||
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
|
||||
GroupLDAPStorageMapper groupMapper = LDAPTestUtils.getGroupMapper(mapperModel, ldapProvider, realm);
|
||||
|
||||
|
|
|
@ -102,7 +102,7 @@ public class LDAPGroupMapperTest {
|
|||
LDAPUtils.addMember(ldapFedProvider, MembershipType.DN, LDAPConstants.MEMBER, group1, group12, true);
|
||||
|
||||
// Sync LDAP groups to Keycloak DB
|
||||
ComponentModel mapperModel = LDAPTestUtils.getComponentByName(appRealm,ldapModel, "groupsMapper");
|
||||
ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(appRealm,ldapModel, "groupsMapper");
|
||||
new GroupLDAPStorageMapperFactory().create(session, mapperModel).syncDataFromFederationProviderToKeycloak(mapperModel, ldapFedProvider, session, appRealm);
|
||||
|
||||
// Delete all LDAP users
|
||||
|
@ -135,7 +135,7 @@ public class LDAPGroupMapperTest {
|
|||
try {
|
||||
RealmModel appRealm = session.realms().getRealmByName("test");
|
||||
|
||||
ComponentModel mapperModel = LDAPTestUtils.getComponentByName(appRealm,ldapModel, "groupsMapper");
|
||||
ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(appRealm,ldapModel, "groupsMapper");
|
||||
LDAPTestUtils.updateGroupMapperConfigOptions(mapperModel, GroupMapperConfig.MODE, LDAPGroupMapperMode.LDAP_ONLY.toString());
|
||||
appRealm.updateComponent(mapperModel);
|
||||
|
||||
|
@ -205,7 +205,7 @@ public class LDAPGroupMapperTest {
|
|||
System.out.println("starting test02_readOnlyGroupMappings");
|
||||
RealmModel appRealm = session.realms().getRealmByName("test");
|
||||
|
||||
ComponentModel mapperModel = LDAPTestUtils.getComponentByName(appRealm,ldapModel, "groupsMapper");
|
||||
ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(appRealm,ldapModel, "groupsMapper");
|
||||
LDAPTestUtils.updateGroupMapperConfigOptions(mapperModel, GroupMapperConfig.MODE, LDAPGroupMapperMode.READ_ONLY.toString());
|
||||
appRealm.updateComponent(mapperModel);
|
||||
|
||||
|
@ -273,7 +273,7 @@ public class LDAPGroupMapperTest {
|
|||
try {
|
||||
RealmModel appRealm = session.realms().getRealmByName("test");
|
||||
|
||||
ComponentModel mapperModel = LDAPTestUtils.getComponentByName(appRealm,ldapModel, "groupsMapper");
|
||||
ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(appRealm,ldapModel, "groupsMapper");
|
||||
LDAPTestUtils.updateGroupMapperConfigOptions(mapperModel, GroupMapperConfig.MODE, LDAPGroupMapperMode.IMPORT.toString());
|
||||
appRealm.updateComponent(mapperModel);
|
||||
|
||||
|
@ -328,7 +328,7 @@ public class LDAPGroupMapperTest {
|
|||
|
||||
RealmModel appRealm = session.realms().getRealmByName("test");
|
||||
|
||||
ComponentModel mapperModel = LDAPTestUtils.getComponentByName(appRealm,ldapModel, "groupsMapper");
|
||||
ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(appRealm,ldapModel, "groupsMapper");
|
||||
LDAPTestUtils.updateGroupMapperConfigOptions(mapperModel, GroupMapperConfig.MODE, LDAPGroupMapperMode.LDAP_ONLY.toString());
|
||||
appRealm.updateComponent(mapperModel);
|
||||
|
||||
|
|
|
@ -383,7 +383,7 @@ public class LDAPProvidersIntegrationTest {
|
|||
LDAPObject johnZip = LDAPTestUtils.addLDAPUser(ldapFedProvider, appRealm, "johnzip", "John", "Zip", "johnzip@email.org", null, "12398");
|
||||
|
||||
// Remove default zipcode mapper and add the mapper for "POstalCode" to test case sensitivity
|
||||
ComponentModel currentZipMapper = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "zipCodeMapper");
|
||||
ComponentModel currentZipMapper = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "zipCodeMapper");
|
||||
appRealm.removeComponent(currentZipMapper);
|
||||
LDAPTestUtils.addUserAttributeMapper(appRealm, ldapModel, "zipCodeMapper-cs", "postal_code", "POstalCode");
|
||||
|
||||
|
@ -480,12 +480,12 @@ public class LDAPProvidersIntegrationTest {
|
|||
RealmModel appRealm = new RealmManager(session).getRealmByName("test");
|
||||
|
||||
// Update postalCode mapper to always read the value from LDAP
|
||||
ComponentModel zipMapper = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "zipCodeMapper");
|
||||
ComponentModel zipMapper = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "zipCodeMapper");
|
||||
zipMapper.getConfig().putSingle(UserAttributeLDAPStorageMapper.ALWAYS_READ_VALUE_FROM_LDAP, "true");
|
||||
appRealm.updateComponent(zipMapper);
|
||||
|
||||
// Update lastName mapper to read the value from Keycloak DB
|
||||
ComponentModel lastNameMapper = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "last name");
|
||||
ComponentModel lastNameMapper = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "last name");
|
||||
lastNameMapper.getConfig().putSingle(UserAttributeLDAPStorageMapper.ALWAYS_READ_VALUE_FROM_LDAP, "false");
|
||||
appRealm.updateComponent(lastNameMapper);
|
||||
|
||||
|
@ -527,7 +527,7 @@ public class LDAPProvidersIntegrationTest {
|
|||
LDAPTestUtils.addLDAPUser(ldapFedProvider, appRealm, "fullname", "James Dee", "Dee", "fullname@email.org", null, "4578");
|
||||
|
||||
// add fullname mapper to the provider and remove "firstNameMapper". For this test, we will simply map full name to the LDAP attribute, which was before firstName ( "givenName" on active directory, "cn" on other LDAP servers)
|
||||
firstNameMapper = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "first name");
|
||||
firstNameMapper = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "first name");
|
||||
String ldapFirstNameAttributeName = firstNameMapper.getConfig().getFirst(UserAttributeLDAPStorageMapper.LDAP_ATTRIBUTE);
|
||||
appRealm.removeComponent(firstNameMapper);
|
||||
|
||||
|
@ -547,7 +547,7 @@ public class LDAPProvidersIntegrationTest {
|
|||
LDAPTestUtils.assertUserImported(session.users(), appRealm, "fullname", "James", "Dee", "fullname@email.org", "4578");
|
||||
|
||||
// change mapper to writeOnly
|
||||
ComponentModel fullNameMapperModel = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "full name");
|
||||
ComponentModel fullNameMapperModel = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "full name");
|
||||
fullNameMapperModel.getConfig().putSingle(FullNameLDAPStorageMapper.WRITE_ONLY, "true");
|
||||
appRealm.updateComponent(fullNameMapperModel);
|
||||
} finally {
|
||||
|
@ -581,7 +581,7 @@ public class LDAPProvidersIntegrationTest {
|
|||
session.users().removeUser(appRealm, fullnameUser);
|
||||
|
||||
// Revert mappers
|
||||
ComponentModel fullNameMapperModel = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "full name");
|
||||
ComponentModel fullNameMapperModel = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "full name");
|
||||
appRealm.removeComponent(fullNameMapperModel);
|
||||
|
||||
firstNameMapper.setId(null);
|
||||
|
@ -628,7 +628,7 @@ public class LDAPProvidersIntegrationTest {
|
|||
}
|
||||
|
||||
// Revert mappers
|
||||
ComponentModel hardcodedMapperModel = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "hardcoded role");
|
||||
ComponentModel hardcodedMapperModel = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "hardcoded role");
|
||||
appRealm.removeComponent(hardcodedMapperModel);
|
||||
} finally {
|
||||
keycloakRule.stopSession(session, true);
|
||||
|
|
|
@ -247,7 +247,7 @@ public class LDAPRoleMappingsTest {
|
|||
}
|
||||
|
||||
// Add some role mappings directly into LDAP
|
||||
ComponentModel roleMapperModel = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "realmRolesMapper");
|
||||
ComponentModel roleMapperModel = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "realmRolesMapper");
|
||||
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
|
||||
RoleLDAPStorageMapper roleMapper = LDAPTestUtils.getRoleMapper(roleMapperModel, ldapProvider, appRealm);
|
||||
|
||||
|
@ -309,7 +309,7 @@ public class LDAPRoleMappingsTest {
|
|||
LDAPTestUtils.addOrUpdateRoleLDAPMappers(appRealm, ldapModel, LDAPGroupMapperMode.IMPORT);
|
||||
|
||||
// Add some role mappings directly in LDAP
|
||||
ComponentModel roleMapperModel = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "realmRolesMapper");
|
||||
ComponentModel roleMapperModel = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "realmRolesMapper");
|
||||
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
|
||||
RoleLDAPStorageMapper roleMapper = LDAPTestUtils.getRoleMapper(roleMapperModel, ldapProvider, appRealm);
|
||||
|
||||
|
|
|
@ -360,7 +360,7 @@ public class LDAPSyncTest {
|
|||
UserStorageProviderModel providerModel = KeycloakModelUtils.findUserStorageProviderByName(ldapModel.getName(), testRealm);
|
||||
providerModel.getConfig().putSingle(LDAPConstants.USERNAME_LDAP_ATTRIBUTE, origUsernameAttrName);
|
||||
testRealm.updateComponent(providerModel);
|
||||
ComponentModel streetMapper = LDAPTestUtils.getComponentByName(testRealm, providerModel, "streetMapper");
|
||||
ComponentModel streetMapper = LDAPTestUtils.getSubcomponentByName(testRealm, providerModel, "streetMapper");
|
||||
testRealm.removeComponent(streetMapper);
|
||||
} finally {
|
||||
keycloakRule.stopSession(session, true);
|
||||
|
|
|
@ -167,7 +167,7 @@ public class LDAPTestUtils {
|
|||
}
|
||||
|
||||
public static void addOrUpdateRoleLDAPMappers(RealmModel realm, ComponentModel providerModel, LDAPGroupMapperMode mode) {
|
||||
ComponentModel mapperModel = getComponentByName(realm, providerModel, "realmRolesMapper");
|
||||
ComponentModel mapperModel = getSubcomponentByName(realm, providerModel, "realmRolesMapper");
|
||||
if (mapperModel != null) {
|
||||
mapperModel.getConfig().putSingle(RoleMapperConfig.MODE, mode.toString());
|
||||
realm.updateComponent(mapperModel);
|
||||
|
@ -180,7 +180,7 @@ public class LDAPTestUtils {
|
|||
realm.addComponentModel(mapperModel);
|
||||
}
|
||||
|
||||
mapperModel = getComponentByName(realm, providerModel, "financeRolesMapper");
|
||||
mapperModel = getSubcomponentByName(realm, providerModel, "financeRolesMapper");
|
||||
if (mapperModel != null) {
|
||||
mapperModel.getConfig().putSingle(RoleMapperConfig.MODE, mode.toString());
|
||||
realm.updateComponent(mapperModel);
|
||||
|
@ -195,7 +195,7 @@ public class LDAPTestUtils {
|
|||
}
|
||||
}
|
||||
|
||||
public static ComponentModel getComponentByName(RealmModel realm, ComponentModel providerModel, String name) {
|
||||
public static ComponentModel getSubcomponentByName(RealmModel realm, ComponentModel providerModel, String name) {
|
||||
List<ComponentModel> components = realm.getComponents(providerModel.getId(), LDAPStorageMapper.class.getName());
|
||||
for (ComponentModel component : components) {
|
||||
if (component.getName().equals(name)) {
|
||||
|
@ -206,7 +206,7 @@ public class LDAPTestUtils {
|
|||
}
|
||||
|
||||
public static void addOrUpdateGroupMapper(RealmModel realm, ComponentModel providerModel, LDAPGroupMapperMode mode, String descriptionAttrName, String... otherConfigOptions) {
|
||||
ComponentModel mapperModel = getComponentByName(realm, providerModel, "groupsMapper");
|
||||
ComponentModel mapperModel = getSubcomponentByName(realm, providerModel, "groupsMapper");
|
||||
if (mapperModel != null) {
|
||||
mapperModel.getConfig().putSingle(GroupMapperConfig.MODE, mode.toString());
|
||||
updateGroupMapperConfigOptions(mapperModel, otherConfigOptions);
|
||||
|
@ -234,12 +234,12 @@ public class LDAPTestUtils {
|
|||
// End CRUD model mappers
|
||||
|
||||
public static void syncRolesFromLDAP(RealmModel realm, LDAPStorageProvider ldapProvider, ComponentModel providerModel) {
|
||||
ComponentModel mapperModel = getComponentByName(realm, providerModel, "realmRolesMapper");
|
||||
ComponentModel mapperModel = getSubcomponentByName(realm, providerModel, "realmRolesMapper");
|
||||
RoleLDAPStorageMapper roleMapper = getRoleMapper(mapperModel, ldapProvider, realm);
|
||||
|
||||
roleMapper.syncDataFromFederationProviderToKeycloak();
|
||||
|
||||
mapperModel = getComponentByName(realm, providerModel, "financeRolesMapper");
|
||||
mapperModel = getSubcomponentByName(realm, providerModel, "financeRolesMapper");
|
||||
roleMapper = getRoleMapper(mapperModel, ldapProvider, realm);
|
||||
roleMapper.syncDataFromFederationProviderToKeycloak();
|
||||
}
|
||||
|
@ -255,7 +255,7 @@ public class LDAPTestUtils {
|
|||
}
|
||||
|
||||
public static void removeAllLDAPRoles(KeycloakSession session, RealmModel appRealm, ComponentModel ldapModel, String mapperName) {
|
||||
ComponentModel mapperModel = getComponentByName(appRealm, ldapModel, mapperName);
|
||||
ComponentModel mapperModel = getSubcomponentByName(appRealm, ldapModel, mapperName);
|
||||
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
|
||||
LDAPQuery roleQuery = getRoleMapper(mapperModel, ldapProvider, appRealm).createRoleQuery();
|
||||
List<LDAPObject> ldapRoles = roleQuery.getResultList();
|
||||
|
@ -265,7 +265,7 @@ public class LDAPTestUtils {
|
|||
}
|
||||
|
||||
public static void removeAllLDAPGroups(KeycloakSession session, RealmModel appRealm, ComponentModel ldapModel, String mapperName) {
|
||||
ComponentModel mapperModel = getComponentByName(appRealm, ldapModel, mapperName);
|
||||
ComponentModel mapperModel = getSubcomponentByName(appRealm, ldapModel, mapperName);
|
||||
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
|
||||
LDAPQuery roleQuery = getGroupMapper(mapperModel, ldapProvider, appRealm).createGroupQuery();
|
||||
List<LDAPObject> ldapRoles = roleQuery.getResultList();
|
||||
|
@ -275,13 +275,13 @@ public class LDAPTestUtils {
|
|||
}
|
||||
|
||||
public static void createLDAPRole(KeycloakSession session, RealmModel appRealm, ComponentModel ldapModel, String mapperName, String roleName) {
|
||||
ComponentModel mapperModel = getComponentByName(appRealm, ldapModel, mapperName);
|
||||
ComponentModel mapperModel = getSubcomponentByName(appRealm, ldapModel, mapperName);
|
||||
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
|
||||
getRoleMapper(mapperModel, ldapProvider, appRealm).createLDAPRole(roleName);
|
||||
}
|
||||
|
||||
public static LDAPObject createLDAPGroup(KeycloakSession session, RealmModel appRealm, ComponentModel ldapModel, String groupName, String... additionalAttrs) {
|
||||
ComponentModel mapperModel = getComponentByName(appRealm, ldapModel, "groupsMapper");
|
||||
ComponentModel mapperModel = getSubcomponentByName(appRealm, ldapModel, "groupsMapper");
|
||||
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
|
||||
|
||||
Map<String, Set<String>> additAttrs = new HashMap<>();
|
||||
|
|
Loading…
Reference in a new issue