From a0a85f62c62eecbaf3e879a7db6375adb539dd06 Mon Sep 17 00:00:00 2001 From: Martin Hardselius Date: Fri, 3 Mar 2017 16:40:49 +0100 Subject: [PATCH] KEYCLOAK-4524 possible to add identity prover mappers with same name into single identity provider - unique name enforcement working - test added --- .../src/main/java/org/keycloak/models/jpa/RealmAdapter.java | 2 +- .../services/resources/admin/IdentityProviderResource.java | 6 +++++- .../org/keycloak/testsuite/admin/IdentityProviderTest.java | 5 +++++ 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java b/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java index 1a1c1e9253..f285c05a70 100755 --- a/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java +++ b/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java @@ -1191,7 +1191,7 @@ public class RealmAdapter implements RealmModel, JpaModel { @Override public IdentityProviderMapperModel addIdentityProviderMapper(IdentityProviderMapperModel model) { - if (getIdentityProviderMapperByName(model.getIdentityProviderAlias(), model.getIdentityProviderMapper()) != null) { + if (getIdentityProviderMapperByName(model.getIdentityProviderAlias(), model.getName()) != null) { throw new RuntimeException("identity provider mapper name must be unique per identity provider"); } String id = KeycloakModelUtils.generateId(); diff --git a/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java b/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java index 285f36153f..aa4a054118 100644 --- a/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java @@ -319,7 +319,11 @@ public class IdentityProviderResource { } IdentityProviderMapperModel model = RepresentationToModel.toModel(mapper); - model = realm.addIdentityProviderMapper(model); + try { + model = realm.addIdentityProviderMapper(model); + } catch (Exception e) { + return ErrorResponse.error("Failed to add mapper '" + model.getName() + "' to identity provider [" + identityProviderModel.getProviderId() + "].", Response.Status.BAD_REQUEST); + } adminEvent.operation(OperationType.CREATE).resource(ResourceType.IDENTITY_PROVIDER_MAPPER).resourcePath(uriInfo, model.getId()) .representation(mapper).success(); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/IdentityProviderTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/IdentityProviderTest.java index 5d93d39212..bb2aee6dcd 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/IdentityProviderTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/IdentityProviderTest.java @@ -424,6 +424,11 @@ public class IdentityProviderTest extends AbstractAdminTest { Assert.assertNotNull("mapper.config exists", mapper.getConfig()); Assert.assertEquals("config retained", "offline_access", mapper.getConfig().get("role")); + // add duplicate mapper + Response error = provider.addMapper(mapper); + Assert.assertEquals("mapper unique name", 400, error.getStatus()); + error.close(); + // update mapper mapper.getConfig().put("role", "master-realm.manage-realm"); provider.update(id, mapper);