Merge pull request #155 from patriot1burke/master
auth-server-url and realm/app name changes
This commit is contained in:
commit
f52883333a
24 changed files with 97 additions and 63 deletions
|
@ -26,13 +26,12 @@ module.controller('HomeCtrl', function(Realm, $location) {
|
||||||
if (realms.length == 1) {
|
if (realms.length == 1) {
|
||||||
realm = realms[0].realm;
|
realm = realms[0].realm;
|
||||||
} else if (realms.length == 2) {
|
} else if (realms.length == 2) {
|
||||||
if (realms[0].realm == 'Keycloak Administration') {
|
if (realms[0].realm == 'keycloak-admin') {
|
||||||
realm = realms[1].realm;
|
realm = realms[1].realm;
|
||||||
} else if (realms[1].realm == 'Keycloak Administration') {
|
} else if (realms[1].realm == 'keycloak-admin') {
|
||||||
realm = realms[0].realm;
|
realm = realms[0].realm;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
console.log("****** HomeCtrl ******");
|
|
||||||
if (realm) {
|
if (realm) {
|
||||||
$location.url('/realms/' + realm);
|
$location.url('/realms/' + realm);
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -11,7 +11,7 @@
|
||||||
<a href="#" class="dropdown-toggle" data-toggle="dropdown">
|
<a href="#" class="dropdown-toggle" data-toggle="dropdown">
|
||||||
<span class="icon-user">Icon: user</span>{{auth.user.displayName}}<i class="caret"></i></a>
|
<span class="icon-user">Icon: user</span>{{auth.user.displayName}}<i class="caret"></i></a>
|
||||||
<ul class="dropdown-menu">
|
<ul class="dropdown-menu">
|
||||||
<li><a href="/auth/rest/realms/Keycloak Administration/account">Manage Account</a></li>
|
<li><a href="/auth/rest/realms/keycloak-admin/account">Manage Account</a></li>
|
||||||
<li class="separator"><a href="/auth/rest/admin/logout">Sign Out</a></li>
|
<li class="separator"><a href="/auth/rest/admin/logout">Sign Out</a></li>
|
||||||
</ul>
|
</ul>
|
||||||
</li>
|
</li>
|
||||||
|
|
11
core/src/main/java/org/keycloak/ServiceUrlConstants.java
Executable file
11
core/src/main/java/org/keycloak/ServiceUrlConstants.java
Executable file
|
@ -0,0 +1,11 @@
|
||||||
|
package org.keycloak;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||||
|
* @version $Revision: 1 $
|
||||||
|
*/
|
||||||
|
public interface ServiceUrlConstants {
|
||||||
|
|
||||||
|
public static final String TOKEN_SERVICE_LOGIN_PATH = "/rest/realms/{realm-name}/tokens/login";
|
||||||
|
public static final String TOKEN_SERVICE_ACCESS_CODE_PATH = "/rest/realms/{realm-name}/tokens/access/codes";
|
||||||
|
}
|
|
@ -9,7 +9,7 @@ import org.codehaus.jackson.annotate.JsonPropertyOrder;
|
||||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||||
* @version $Revision: 1 $
|
* @version $Revision: 1 $
|
||||||
*/
|
*/
|
||||||
@JsonPropertyOrder({"realm", "realm-public-key", "auth-url", "code-url", "ssl-not-required",
|
@JsonPropertyOrder({"realm", "realm-public-key", "auth-server-url", "ssl-not-required",
|
||||||
"resource", "credentials",
|
"resource", "credentials",
|
||||||
"use-resource-role-mappings",
|
"use-resource-role-mappings",
|
||||||
"enable-cors", "cors-max-age", "cors-allowed-methods",
|
"enable-cors", "cors-max-age", "cors-allowed-methods",
|
||||||
|
|
|
@ -13,7 +13,7 @@ import java.util.Map;
|
||||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||||
* @version $Revision: 1 $
|
* @version $Revision: 1 $
|
||||||
*/
|
*/
|
||||||
@JsonPropertyOrder({"realm", "realm-public-key", "auth-url", "code-url", "ssl-not-required",
|
@JsonPropertyOrder({"realm", "realm-public-key", "auth-server-url", "ssl-not-required",
|
||||||
"resource", "credentials",
|
"resource", "credentials",
|
||||||
"use-resource-role-mappings",
|
"use-resource-role-mappings",
|
||||||
"enable-cors", "cors-max-age", "cors-allowed-methods",
|
"enable-cors", "cors-max-age", "cors-allowed-methods",
|
||||||
|
|
|
@ -9,16 +9,14 @@ import org.codehaus.jackson.annotate.JsonPropertyOrder;
|
||||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||||
* @version $Revision: 1 $
|
* @version $Revision: 1 $
|
||||||
*/
|
*/
|
||||||
@JsonPropertyOrder({"realm", "realm-public-key", "auth-url", "code-url", "ssl-not-required"})
|
@JsonPropertyOrder({"realm", "realm-public-key", "auth-server-url", "ssl-not-required"})
|
||||||
public class BaseRealmConfig {
|
public class BaseRealmConfig {
|
||||||
@JsonProperty("realm")
|
@JsonProperty("realm")
|
||||||
protected String realm;
|
protected String realm;
|
||||||
@JsonProperty("realm-public-key")
|
@JsonProperty("realm-public-key")
|
||||||
protected String realmKey;
|
protected String realmKey;
|
||||||
@JsonProperty("auth-url")
|
@JsonProperty("auth-server-url")
|
||||||
protected String authUrl;
|
protected String authServerUrl;
|
||||||
@JsonProperty("code-url")
|
|
||||||
protected String codeUrl;
|
|
||||||
@JsonProperty("ssl-not-required")
|
@JsonProperty("ssl-not-required")
|
||||||
protected boolean sslNotRequired;
|
protected boolean sslNotRequired;
|
||||||
|
|
||||||
|
@ -46,19 +44,11 @@ public class BaseRealmConfig {
|
||||||
this.realmKey = realmKey;
|
this.realmKey = realmKey;
|
||||||
}
|
}
|
||||||
|
|
||||||
public String getAuthUrl() {
|
public String getAuthServerUrl() {
|
||||||
return authUrl;
|
return authServerUrl;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void setAuthUrl(String authUrl) {
|
public void setAuthServerUrl(String authServerUrl) {
|
||||||
this.authUrl = authUrl;
|
this.authServerUrl = authServerUrl;
|
||||||
}
|
|
||||||
|
|
||||||
public String getCodeUrl() {
|
|
||||||
return codeUrl;
|
|
||||||
}
|
|
||||||
|
|
||||||
public void setCodeUrl(String codeUrl) {
|
|
||||||
this.codeUrl = codeUrl;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,8 +2,7 @@
|
||||||
"realm" : "demo",
|
"realm" : "demo",
|
||||||
"resource" : "customer-portal",
|
"resource" : "customer-portal",
|
||||||
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
||||||
"auth-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/login",
|
"auth-server-url" : "http://localhost:8080/auth",
|
||||||
"code-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/access/codes",
|
|
||||||
"ssl-not-required" : true,
|
"ssl-not-required" : true,
|
||||||
"expose-token" : true,
|
"expose-token" : true,
|
||||||
"credentials" : {
|
"credentials" : {
|
||||||
|
|
|
@ -2,8 +2,7 @@
|
||||||
"realm" : "demo",
|
"realm" : "demo",
|
||||||
"resource" : "product-portal",
|
"resource" : "product-portal",
|
||||||
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
||||||
"auth-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/login",
|
"auth-server-url" : "http://localhost:8080/auth",
|
||||||
"code-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/access/codes",
|
|
||||||
"ssl-not-required" : true,
|
"ssl-not-required" : true,
|
||||||
"credentials" : {
|
"credentials" : {
|
||||||
"password" : "password"
|
"password" : "password"
|
||||||
|
|
|
@ -96,7 +96,7 @@
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"applicationRoleMappings": {
|
"applicationRoleMappings": {
|
||||||
"Account": [
|
"account": [
|
||||||
{
|
{
|
||||||
"username": "bburke@redhat.com",
|
"username": "bburke@redhat.com",
|
||||||
"roles": ["manage-account"]
|
"roles": ["manage-account"]
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
{
|
{
|
||||||
"resource" : "third-party",
|
"resource" : "third-party",
|
||||||
"auth-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/login",
|
"auth-server-url" : "http://localhost:8080/auth",
|
||||||
"code-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/access/codes",
|
|
||||||
"ssl-not-required" : true,
|
"ssl-not-required" : true,
|
||||||
"credentials" : {
|
"credentials" : {
|
||||||
"password" : "password"
|
"password" : "password"
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
{
|
{
|
||||||
"resource" : "third-party",
|
"resource" : "third-party",
|
||||||
"auth-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/login",
|
"auth-server-url" : "http://localhost:8080/auth",
|
||||||
"code-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/access/codes",
|
|
||||||
"ssl-not-required" : true,
|
"ssl-not-required" : true,
|
||||||
"credentials" : {
|
"credentials" : {
|
||||||
"password" : "password"
|
"password" : "password"
|
||||||
|
|
|
@ -2,8 +2,7 @@
|
||||||
"realm" : "demo",
|
"realm" : "demo",
|
||||||
"resource" : "customer-portal",
|
"resource" : "customer-portal",
|
||||||
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
||||||
"auth-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/login",
|
"auth-server-url" : "http://localhost:8080/auth",
|
||||||
"code-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/access/codes",
|
|
||||||
"ssl-not-required" : true,
|
"ssl-not-required" : true,
|
||||||
"expose-token" : true,
|
"expose-token" : true,
|
||||||
"credentials" : {
|
"credentials" : {
|
||||||
|
|
|
@ -2,8 +2,7 @@
|
||||||
"realm" : "demo",
|
"realm" : "demo",
|
||||||
"resource" : "product-portal",
|
"resource" : "product-portal",
|
||||||
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
||||||
"auth-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/login",
|
"auth-server-url" : "http://localhost:8080/auth",
|
||||||
"code-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/access/codes",
|
|
||||||
"ssl-not-required" : true,
|
"ssl-not-required" : true,
|
||||||
"credentials" : {
|
"credentials" : {
|
||||||
"password" : "password"
|
"password" : "password"
|
||||||
|
|
|
@ -96,7 +96,7 @@
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"applicationRoleMappings": {
|
"applicationRoleMappings": {
|
||||||
"Account": [
|
"account": [
|
||||||
{
|
{
|
||||||
"username": "bburke@redhat.com",
|
"username": "bburke@redhat.com",
|
||||||
"roles": ["manage-account"]
|
"roles": ["manage-account"]
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
{
|
{
|
||||||
|
"realm" : "demo",
|
||||||
"resource" : "third-party",
|
"resource" : "third-party",
|
||||||
"auth-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/login",
|
"auth-server-url" : "http://localhost:8080/auth",
|
||||||
"code-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/access/codes",
|
|
||||||
"ssl-not-required" : true,
|
"ssl-not-required" : true,
|
||||||
"credentials" : {
|
"credentials" : {
|
||||||
"password" : "password"
|
"password" : "password"
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
{
|
{
|
||||||
|
"realm" : "demo",
|
||||||
"resource" : "third-party",
|
"resource" : "third-party",
|
||||||
"auth-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/login",
|
"auth-server-url" : "http://localhost:8080/auth",
|
||||||
"code-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/access/codes",
|
|
||||||
"ssl-not-required" : true,
|
"ssl-not-required" : true,
|
||||||
"credentials" : {
|
"credentials" : {
|
||||||
"password" : "password"
|
"password" : "password"
|
||||||
|
|
12
integration/adapter-core/src/main/java/org/keycloak/adapters/config/OAuthClientConfigLoader.java
Normal file → Executable file
12
integration/adapter-core/src/main/java/org/keycloak/adapters/config/OAuthClientConfigLoader.java
Normal file → Executable file
|
@ -3,6 +3,8 @@ package org.keycloak.adapters.config;
|
||||||
import java.io.InputStream;
|
import java.io.InputStream;
|
||||||
|
|
||||||
import org.keycloak.AbstractOAuthClient;
|
import org.keycloak.AbstractOAuthClient;
|
||||||
|
import org.keycloak.ServiceUrlConstants;
|
||||||
|
import org.keycloak.util.KeycloakUriBuilder;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
|
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
|
||||||
|
@ -27,8 +29,14 @@ public abstract class OAuthClientConfigLoader extends RealmConfigurationLoader {
|
||||||
public void configureOAuthClient(AbstractOAuthClient oauthClient) {
|
public void configureOAuthClient(AbstractOAuthClient oauthClient) {
|
||||||
oauthClient.setClientId(adapterConfig.getResource());
|
oauthClient.setClientId(adapterConfig.getResource());
|
||||||
oauthClient.setPassword(adapterConfig.getCredentials().get("password"));
|
oauthClient.setPassword(adapterConfig.getCredentials().get("password"));
|
||||||
oauthClient.setAuthUrl(adapterConfig.getAuthUrl());
|
if (adapterConfig.getAuthServerUrl() == null) {
|
||||||
oauthClient.setCodeUrl(adapterConfig.getCodeUrl());
|
throw new RuntimeException("You must specify auth-url");
|
||||||
|
}
|
||||||
|
KeycloakUriBuilder serverBuilder = KeycloakUriBuilder.fromUri(adapterConfig.getAuthServerUrl());
|
||||||
|
String authUrl = serverBuilder.clone().path(ServiceUrlConstants.TOKEN_SERVICE_LOGIN_PATH).build(adapterConfig.getRealm()).toString();
|
||||||
|
String tokenUrl = serverBuilder.clone().path(ServiceUrlConstants.TOKEN_SERVICE_ACCESS_CODE_PATH).build(adapterConfig.getRealm()).toString();
|
||||||
|
oauthClient.setAuthUrl(authUrl);
|
||||||
|
oauthClient.setCodeUrl(tokenUrl);
|
||||||
oauthClient.setTruststore(truststore);
|
oauthClient.setTruststore(truststore);
|
||||||
if (adapterConfig.getScope() != null) {
|
if (adapterConfig.getScope() != null) {
|
||||||
String scope = encodeScope(adapterConfig.getScope());
|
String scope = encodeScope(adapterConfig.getScope());
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
package org.keycloak.adapters.config;
|
package org.keycloak.adapters.config;
|
||||||
|
|
||||||
import org.apache.http.client.HttpClient;
|
import org.apache.http.client.HttpClient;
|
||||||
|
import org.keycloak.ServiceUrlConstants;
|
||||||
import org.keycloak.adapters.HttpClientBuilder;
|
import org.keycloak.adapters.HttpClientBuilder;
|
||||||
import org.keycloak.util.KeycloakUriBuilder;
|
import org.keycloak.util.KeycloakUriBuilder;
|
||||||
|
|
||||||
|
@ -30,14 +31,13 @@ public class RealmConfigurationLoader extends AdapterConfigLoader {
|
||||||
if (!setupClient || adapterConfig.isBearerOnly()) return;
|
if (!setupClient || adapterConfig.isBearerOnly()) return;
|
||||||
initClient();
|
initClient();
|
||||||
realmConfiguration = new RealmConfiguration();
|
realmConfiguration = new RealmConfiguration();
|
||||||
String authUrl = adapterConfig.getAuthUrl();
|
if (adapterConfig.getAuthServerUrl() == null) {
|
||||||
if (authUrl == null) {
|
|
||||||
throw new RuntimeException("You must specify auth-url");
|
throw new RuntimeException("You must specify auth-url");
|
||||||
}
|
}
|
||||||
String tokenUrl = adapterConfig.getCodeUrl();
|
KeycloakUriBuilder serverBuilder = KeycloakUriBuilder.fromUri(adapterConfig.getAuthServerUrl());
|
||||||
if (tokenUrl == null) {
|
String authUrl = serverBuilder.clone().path(ServiceUrlConstants.TOKEN_SERVICE_LOGIN_PATH).build(adapterConfig.getRealm()).toString();
|
||||||
throw new RuntimeException("You mut specify code-url");
|
String tokenUrl = serverBuilder.clone().path(ServiceUrlConstants.TOKEN_SERVICE_ACCESS_CODE_PATH).build(adapterConfig.getRealm()).toString();
|
||||||
}
|
|
||||||
realmConfiguration.setMetadata(resourceMetadata);
|
realmConfiguration.setMetadata(resourceMetadata);
|
||||||
realmConfiguration.setSslRequired(!adapterConfig.isSslNotRequired());
|
realmConfiguration.setSslRequired(!adapterConfig.isSslNotRequired());
|
||||||
realmConfiguration.setResourceCredentials(adapterConfig.getCredentials());
|
realmConfiguration.setResourceCredentials(adapterConfig.getCredentials());
|
||||||
|
|
|
@ -6,13 +6,13 @@ package org.keycloak.models;
|
||||||
*/
|
*/
|
||||||
public interface Constants {
|
public interface Constants {
|
||||||
String INTERNAL_ROLE = "KEYCLOAK_";
|
String INTERNAL_ROLE = "KEYCLOAK_";
|
||||||
String ADMIN_REALM = "Keycloak Administration";
|
String ADMIN_REALM = "keycloak-admin";
|
||||||
String ADMIN_CONSOLE_APPLICATION = "Admin Console";
|
String ADMIN_CONSOLE_APPLICATION = "admin-console";
|
||||||
String ADMIN_CONSOLE_ADMIN_ROLE = "admin";
|
String ADMIN_CONSOLE_ADMIN_ROLE = "admin";
|
||||||
String APPLICATION_ROLE = INTERNAL_ROLE + "_APPLICATION";
|
String APPLICATION_ROLE = INTERNAL_ROLE + "_APPLICATION";
|
||||||
String IDENTITY_REQUESTER_ROLE = INTERNAL_ROLE + "_IDENTITY_REQUESTER";
|
String IDENTITY_REQUESTER_ROLE = INTERNAL_ROLE + "_IDENTITY_REQUESTER";
|
||||||
|
|
||||||
String ACCOUNT_APPLICATION = "Account";
|
String ACCOUNT_APPLICATION = "account";
|
||||||
String ACCOUNT_PROFILE_ROLE = "view-profile";
|
String ACCOUNT_PROFILE_ROLE = "view-profile";
|
||||||
String ACCOUNT_MANAGE_ROLE = "manage-account";
|
String ACCOUNT_MANAGE_ROLE = "manage-account";
|
||||||
}
|
}
|
||||||
|
|
|
@ -181,8 +181,7 @@ public class ApplicationManager {
|
||||||
rep.setRealmKey(realmModel.getPublicKeyPem());
|
rep.setRealmKey(realmModel.getPublicKeyPem());
|
||||||
rep.setSslNotRequired(realmModel.isSslNotRequired());
|
rep.setSslNotRequired(realmModel.isSslNotRequired());
|
||||||
|
|
||||||
rep.setAuthUrl(Urls.realmLoginPage(baseUri, realmModel.getName()).toString());
|
rep.setAuthServerUrl(baseUri.toString());
|
||||||
rep.setCodeUrl(Urls.realmCode(baseUri, realmModel.getName()).toString());
|
|
||||||
rep.setUseResourceRoleMappings(applicationModel.getRoles().size() > 0);
|
rep.setUseResourceRoleMappings(applicationModel.getRoles().size() > 0);
|
||||||
|
|
||||||
rep.setResource(applicationModel.getName());
|
rep.setResource(applicationModel.getName());
|
||||||
|
|
|
@ -88,9 +88,7 @@ public class OAuthClientManager {
|
||||||
rep.setRealm(realmModel.getName());
|
rep.setRealm(realmModel.getName());
|
||||||
rep.setRealmKey(realmModel.getPublicKeyPem());
|
rep.setRealmKey(realmModel.getPublicKeyPem());
|
||||||
rep.setSslNotRequired(realmModel.isSslNotRequired());
|
rep.setSslNotRequired(realmModel.isSslNotRequired());
|
||||||
|
rep.setAuthServerUrl(baseUri.toString());
|
||||||
rep.setAuthUrl(Urls.realmLoginPage(baseUri, realmModel.getName()).toString());
|
|
||||||
rep.setCodeUrl(Urls.realmCode(baseUri, realmModel.getName()).toString());
|
|
||||||
rep.setUseResourceRoleMappings(false);
|
rep.setUseResourceRoleMappings(false);
|
||||||
|
|
||||||
rep.setResource(model.getOAuthAgent().getLoginName());
|
rep.setResource(model.getOAuthAgent().getLoginName());
|
||||||
|
|
|
@ -12,6 +12,8 @@ import org.keycloak.services.resources.admin.AdminService;
|
||||||
import javax.servlet.ServletContext;
|
import javax.servlet.ServletContext;
|
||||||
import javax.ws.rs.core.Application;
|
import javax.ws.rs.core.Application;
|
||||||
import javax.ws.rs.core.Context;
|
import javax.ws.rs.core.Context;
|
||||||
|
import javax.ws.rs.core.UriInfo;
|
||||||
|
import java.net.URI;
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
import java.util.ServiceLoader;
|
import java.util.ServiceLoader;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
@ -31,10 +33,11 @@ public class KeycloakApplication extends Application {
|
||||||
protected Set<Class<?>> classes = new HashSet<Class<?>>();
|
protected Set<Class<?>> classes = new HashSet<Class<?>>();
|
||||||
|
|
||||||
protected KeycloakSessionFactory factory;
|
protected KeycloakSessionFactory factory;
|
||||||
|
protected String contextPath;
|
||||||
|
|
||||||
public KeycloakApplication(@Context ServletContext context) {
|
public KeycloakApplication(@Context ServletContext context) {
|
||||||
this.factory = createSessionFactory();
|
this.factory = createSessionFactory();
|
||||||
|
this.contextPath = context.getContextPath();
|
||||||
context.setAttribute(KeycloakSessionFactory.class.getName(), factory);
|
context.setAttribute(KeycloakSessionFactory.class.getName(), factory);
|
||||||
//classes.add(KeycloakSessionCleanupFilter.class);
|
//classes.add(KeycloakSessionCleanupFilter.class);
|
||||||
|
|
||||||
|
@ -49,6 +52,20 @@ public class KeycloakApplication extends Application {
|
||||||
setupDefaultRealm();
|
setupDefaultRealm();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public String getContextPath() {
|
||||||
|
return contextPath;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get base URI of WAR distribution, not JAX-RS
|
||||||
|
*
|
||||||
|
* @param uriInfo
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
public URI getBaseUri(UriInfo uriInfo) {
|
||||||
|
return uriInfo.getBaseUriBuilder().replacePath(getContextPath()).build();
|
||||||
|
}
|
||||||
|
|
||||||
protected void setupDefaultRealm() {
|
protected void setupDefaultRealm() {
|
||||||
new ApplianceBootstrap().bootstrap(factory);
|
new ApplianceBootstrap().bootstrap(factory);
|
||||||
}
|
}
|
||||||
|
|
|
@ -11,6 +11,7 @@ import org.keycloak.representations.idm.ApplicationRepresentation;
|
||||||
import org.keycloak.representations.idm.CredentialRepresentation;
|
import org.keycloak.representations.idm.CredentialRepresentation;
|
||||||
import org.keycloak.services.managers.ApplicationManager;
|
import org.keycloak.services.managers.ApplicationManager;
|
||||||
import org.keycloak.services.managers.RealmManager;
|
import org.keycloak.services.managers.RealmManager;
|
||||||
|
import org.keycloak.services.resources.KeycloakApplication;
|
||||||
import org.keycloak.util.JsonSerialization;
|
import org.keycloak.util.JsonSerialization;
|
||||||
|
|
||||||
import javax.ws.rs.Consumes;
|
import javax.ws.rs.Consumes;
|
||||||
|
@ -19,6 +20,7 @@ import javax.ws.rs.GET;
|
||||||
import javax.ws.rs.PUT;
|
import javax.ws.rs.PUT;
|
||||||
import javax.ws.rs.Path;
|
import javax.ws.rs.Path;
|
||||||
import javax.ws.rs.Produces;
|
import javax.ws.rs.Produces;
|
||||||
|
import javax.ws.rs.core.Application;
|
||||||
import javax.ws.rs.core.Context;
|
import javax.ws.rs.core.Context;
|
||||||
import javax.ws.rs.core.MediaType;
|
import javax.ws.rs.core.MediaType;
|
||||||
import javax.ws.rs.core.UriInfo;
|
import javax.ws.rs.core.UriInfo;
|
||||||
|
@ -38,6 +40,13 @@ public class ApplicationResource extends RoleContainerResource {
|
||||||
@Context
|
@Context
|
||||||
protected UriInfo uriInfo;
|
protected UriInfo uriInfo;
|
||||||
|
|
||||||
|
@Context
|
||||||
|
protected Application keycloak;
|
||||||
|
|
||||||
|
protected KeycloakApplication getKeycloakApplication() {
|
||||||
|
return (KeycloakApplication)keycloak;
|
||||||
|
}
|
||||||
|
|
||||||
public ApplicationResource(RealmModel realm, ApplicationModel applicationModel, KeycloakSession session) {
|
public ApplicationResource(RealmModel realm, ApplicationModel applicationModel, KeycloakSession session) {
|
||||||
super(applicationModel);
|
super(applicationModel);
|
||||||
this.realm = realm;
|
this.realm = realm;
|
||||||
|
@ -68,7 +77,7 @@ public class ApplicationResource extends RoleContainerResource {
|
||||||
@Produces(MediaType.APPLICATION_JSON)
|
@Produces(MediaType.APPLICATION_JSON)
|
||||||
public String getInstallation() throws IOException {
|
public String getInstallation() throws IOException {
|
||||||
ApplicationManager applicationManager = new ApplicationManager(new RealmManager(session));
|
ApplicationManager applicationManager = new ApplicationManager(new RealmManager(session));
|
||||||
BaseAdapterConfig rep = applicationManager.toInstallationRepresentation(realm, application, uriInfo.getBaseUri());
|
BaseAdapterConfig rep = applicationManager.toInstallationRepresentation(realm, application, getKeycloakApplication().getBaseUri(uriInfo));
|
||||||
|
|
||||||
// TODO Temporary solution to pretty-print
|
// TODO Temporary solution to pretty-print
|
||||||
return JsonSerialization.mapper.writerWithDefaultPrettyPrinter().writeValueAsString(rep);
|
return JsonSerialization.mapper.writerWithDefaultPrettyPrinter().writeValueAsString(rep);
|
||||||
|
|
|
@ -12,6 +12,7 @@ import org.keycloak.representations.idm.OAuthClientRepresentation;
|
||||||
import org.keycloak.services.managers.ApplicationManager;
|
import org.keycloak.services.managers.ApplicationManager;
|
||||||
import org.keycloak.services.managers.OAuthClientManager;
|
import org.keycloak.services.managers.OAuthClientManager;
|
||||||
import org.keycloak.services.managers.RealmManager;
|
import org.keycloak.services.managers.RealmManager;
|
||||||
|
import org.keycloak.services.resources.KeycloakApplication;
|
||||||
import org.keycloak.util.JsonSerialization;
|
import org.keycloak.util.JsonSerialization;
|
||||||
|
|
||||||
import javax.ws.rs.Consumes;
|
import javax.ws.rs.Consumes;
|
||||||
|
@ -20,6 +21,7 @@ import javax.ws.rs.GET;
|
||||||
import javax.ws.rs.PUT;
|
import javax.ws.rs.PUT;
|
||||||
import javax.ws.rs.Path;
|
import javax.ws.rs.Path;
|
||||||
import javax.ws.rs.Produces;
|
import javax.ws.rs.Produces;
|
||||||
|
import javax.ws.rs.core.Application;
|
||||||
import javax.ws.rs.core.Context;
|
import javax.ws.rs.core.Context;
|
||||||
import javax.ws.rs.core.MediaType;
|
import javax.ws.rs.core.MediaType;
|
||||||
import javax.ws.rs.core.UriInfo;
|
import javax.ws.rs.core.UriInfo;
|
||||||
|
@ -38,6 +40,13 @@ public class OAuthClientResource {
|
||||||
@Context
|
@Context
|
||||||
protected UriInfo uriInfo;
|
protected UriInfo uriInfo;
|
||||||
|
|
||||||
|
@Context
|
||||||
|
protected Application application;
|
||||||
|
|
||||||
|
protected KeycloakApplication getApplication() {
|
||||||
|
return (KeycloakApplication)application;
|
||||||
|
}
|
||||||
|
|
||||||
public OAuthClientResource(RealmModel realm, OAuthClientModel oauthClient, KeycloakSession session) {
|
public OAuthClientResource(RealmModel realm, OAuthClientModel oauthClient, KeycloakSession session) {
|
||||||
this.realm = realm;
|
this.realm = realm;
|
||||||
this.oauthClient = oauthClient;
|
this.oauthClient = oauthClient;
|
||||||
|
@ -65,7 +74,7 @@ public class OAuthClientResource {
|
||||||
@Produces(MediaType.APPLICATION_JSON)
|
@Produces(MediaType.APPLICATION_JSON)
|
||||||
public String getInstallation() throws IOException {
|
public String getInstallation() throws IOException {
|
||||||
OAuthClientManager manager = new OAuthClientManager(realm);
|
OAuthClientManager manager = new OAuthClientManager(realm);
|
||||||
BaseAdapterConfig rep = manager.toInstallationRepresentation(realm, oauthClient, uriInfo.getBaseUri());
|
BaseAdapterConfig rep = manager.toInstallationRepresentation(realm, oauthClient, getApplication().getBaseUri(uriInfo));
|
||||||
|
|
||||||
// TODO Temporary solution to pretty-print
|
// TODO Temporary solution to pretty-print
|
||||||
return JsonSerialization.mapper.writerWithDefaultPrettyPrinter().writeValueAsString(rep);
|
return JsonSerialization.mapper.writerWithDefaultPrettyPrinter().writeValueAsString(rep);
|
||||||
|
|
Loading…
Reference in a new issue