Merge pull request #1945 from raehalme/KEYCLOAK-1579
KEYCLOAK-1579: Replaced AdapterDeploymentContextBean with AdapterDeploymentContextFactoryBean
This commit is contained in:
Bill Burke
commit
f7ac5fae2a
11 changed files with 223 additions and 151 deletions
|
|
@ -1,7 +1,7 @@
|
|||
<section id="spring-security-adapter">
|
||||
<title>Spring Security Adapter</title>
|
||||
<para>
|
||||
To to secure an application with Spring Security and Keyloak, add this adapter as a dependency to your project.
|
||||
To secure an application with Spring Security and Keycloak, add this adapter as a dependency to your project.
|
||||
You then have to provide some extra beans in your Spring Security configuration file and add the Keycloak security
|
||||
filter to your pipeline.
|
||||
</para>
|
||||
|
|
@ -115,7 +115,10 @@ public class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter
|
|||
<security:authentication-provider ref="keycloakAuthenticationProvider" />
|
||||
</security:authentication-manager>
|
||||
|
||||
<bean id="adapterDeploymentContextBean" class="org.keycloak.adapters.springsecurity.AdapterDeploymentContextBean" />
|
||||
<bean id="adapterDeploymentContext" class="org.keycloak.adapters.springsecurity.AdapterDeploymentContextFactoryBean">
|
||||
<constructor-arg value="/WEB-INF/keycloak.json" />
|
||||
</bean>
|
||||
|
||||
<bean id="keycloakAuthenticationEntryPoint" class="org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationEntryPoint" />
|
||||
<bean id="keycloakAuthenticationProvider" class="org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationProvider" />
|
||||
<bean id="keycloakPreAuthActionsFilter" class="org.keycloak.adapters.springsecurity.filter.KeycloakPreAuthActionsFilter" />
|
||||
|
|
@ -124,7 +127,7 @@ public class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter
|
|||
</bean>
|
||||
|
||||
<bean id="keycloakLogoutHandler" class="org.keycloak.adapters.springsecurity.authentication.KeycloakLogoutHandler">
|
||||
<constructor-arg ref="adapterDeploymentContextBean" />
|
||||
<constructor-arg ref="adapterDeploymentContext" />
|
||||
</bean>
|
||||
|
||||
<bean id="logoutFilter" class="org.springframework.security.web.authentication.logout.LogoutFilter">
|
||||
|
|
@ -157,6 +160,15 @@ public class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter
|
|||
</para>
|
||||
</section>
|
||||
</section>
|
||||
<section>
|
||||
<title>Multi Tenancy</title>
|
||||
<para>
|
||||
The Keycloak Spring Security adapter also supports multi tenancy. Instead of injecting
|
||||
<literal>AdapterDeploymentContextFactoryBean</literal> with the path to <literal>keycloak.json</literal> you
|
||||
can inject an implementation of the <literal>KeycloakConfigResolver</literal> interface. More details on how
|
||||
to implement the <literal>KeycloakConfigResolver</literal> can be found in <xref linkend="multi_tenancy" />.
|
||||
</para>
|
||||
</section>
|
||||
<section>
|
||||
<title>Naming Security Roles</title>
|
||||
<para>
|
||||
|
|
@ -164,6 +176,14 @@ public class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter
|
|||
For example, an administrator role must be declared in Keycloak as <code>ROLE_ADMIN</code> or similar, not simply
|
||||
<code>ADMIN</code>.
|
||||
</para>
|
||||
<para>
|
||||
The class <code>org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationProvider</code>
|
||||
supports an optional <code>org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper</code>
|
||||
which can be used to map roles coming from Keycloak to roles recognized by Spring Security. Use, for example,
|
||||
<code>org.springframework.security.core.authority.mapping.SimpleAuthorityMapper</code> to insert the
|
||||
<code>ROLE_</code> prefix and convert the role name to upper case. The class is part of Spring Security
|
||||
Core module.
|
||||
</para>
|
||||
</section>
|
||||
<section>
|
||||
<title>Client to Client Support</title>
|
||||
|
|
|
|||
|
|
@ -1,64 +0,0 @@
|
|||
package org.keycloak.adapters.springsecurity;
|
||||
|
||||
import org.keycloak.adapters.AdapterDeploymentContext;
|
||||
import org.keycloak.adapters.KeycloakDeployment;
|
||||
import org.keycloak.adapters.KeycloakDeploymentBuilder;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.core.io.Resource;
|
||||
|
||||
import java.io.FileNotFoundException;
|
||||
import java.io.IOException;
|
||||
|
||||
/**
|
||||
* Bean holding the {@link KeycloakDeployment} and {@link AdapterDeploymentContext} for this
|
||||
* Spring application context. The Keycloak deployment is loaded from the required
|
||||
* <code>keycloak.json</code> resource file.
|
||||
*
|
||||
* @author <a href="mailto:srossillo@smartling.com">Scott Rossillo</a>
|
||||
* @version $Revision: 1 $
|
||||
*/
|
||||
public class AdapterDeploymentContextBean implements InitializingBean {
|
||||
|
||||
private final Resource keycloakConfigFileResource;
|
||||
|
||||
private AdapterDeploymentContext deploymentContext;
|
||||
private KeycloakDeployment deployment;
|
||||
|
||||
public AdapterDeploymentContextBean(Resource keycloakConfigFileResource) {
|
||||
this.keycloakConfigFileResource = keycloakConfigFileResource;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
this.deployment = loadKeycloakDeployment();
|
||||
this.deploymentContext = new AdapterDeploymentContext(deployment);
|
||||
}
|
||||
|
||||
private KeycloakDeployment loadKeycloakDeployment() throws IOException {
|
||||
|
||||
if (!keycloakConfigFileResource.isReadable()) {
|
||||
throw new FileNotFoundException(String.format("Unable to locate Keycloak configuration file: %s",
|
||||
keycloakConfigFileResource.getFilename()));
|
||||
}
|
||||
|
||||
return KeycloakDeploymentBuilder.build(keycloakConfigFileResource.getInputStream());
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the Keycloak {@link AdapterDeploymentContext} for this application context.
|
||||
*
|
||||
* @return the Keycloak {@link AdapterDeploymentContext} for this application context
|
||||
*/
|
||||
public AdapterDeploymentContext getDeploymentContext() {
|
||||
return deploymentContext;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the {@link KeycloakDeployment} for this application context.
|
||||
*
|
||||
* @return the {@link KeycloakDeployment} for this application context
|
||||
*/
|
||||
public KeycloakDeployment getDeployment() {
|
||||
return deployment;
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,79 @@
|
|||
package org.keycloak.adapters.springsecurity;
|
||||
|
||||
import java.io.FileNotFoundException;
|
||||
import java.io.IOException;
|
||||
import java.util.Objects;
|
||||
|
||||
import org.keycloak.adapters.AdapterDeploymentContext;
|
||||
import org.keycloak.adapters.KeycloakConfigResolver;
|
||||
import org.keycloak.adapters.KeycloakDeployment;
|
||||
import org.keycloak.adapters.KeycloakDeploymentBuilder;
|
||||
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import org.springframework.beans.factory.FactoryBean;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.core.io.Resource;
|
||||
|
||||
/**
|
||||
* {@link FactoryBean} that creates an {@link AdapterDeploymentContext} given a {@link Resource} defining the Keycloak
|
||||
* client configuration or a {@link KeycloakConfigResolver} for multi-tenant environments.
|
||||
*
|
||||
* @author <a href="mailto:thomas.raehalme@aitiofinland.com">Thomas Raehalme</a>
|
||||
*/
|
||||
public class AdapterDeploymentContextFactoryBean
|
||||
implements FactoryBean<AdapterDeploymentContext>, InitializingBean {
|
||||
private static final Logger log =
|
||||
LoggerFactory.getLogger(AdapterDeploymentContextFactoryBean.class);
|
||||
private final Resource keycloakConfigFileResource;
|
||||
private final KeycloakConfigResolver keycloakConfigResolver;
|
||||
private AdapterDeploymentContext adapterDeploymentContext;
|
||||
|
||||
public AdapterDeploymentContextFactoryBean(Resource keycloakConfigFileResource) {
|
||||
this.keycloakConfigFileResource = Objects.requireNonNull(keycloakConfigFileResource);
|
||||
this.keycloakConfigResolver = null;
|
||||
}
|
||||
|
||||
public AdapterDeploymentContextFactoryBean(KeycloakConfigResolver keycloakConfigResolver) {
|
||||
this.keycloakConfigResolver = Objects.requireNonNull(keycloakConfigResolver);
|
||||
this.keycloakConfigFileResource = null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Class<?> getObjectType() {
|
||||
return AdapterDeploymentContext.class;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isSingleton() {
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
if (keycloakConfigResolver != null) {
|
||||
adapterDeploymentContext = new AdapterDeploymentContext(keycloakConfigResolver);
|
||||
}
|
||||
else {
|
||||
log.info("Loading Keycloak deployment from configuration file: {}", keycloakConfigFileResource);
|
||||
|
||||
KeycloakDeployment deployment = loadKeycloakDeployment();
|
||||
adapterDeploymentContext = new AdapterDeploymentContext(deployment);
|
||||
}
|
||||
}
|
||||
|
||||
private KeycloakDeployment loadKeycloakDeployment() throws IOException {
|
||||
if (!keycloakConfigFileResource.isReadable()) {
|
||||
throw new FileNotFoundException(String.format("Unable to locate Keycloak configuration file: %s",
|
||||
keycloakConfigFileResource.getFilename()));
|
||||
}
|
||||
|
||||
return KeycloakDeploymentBuilder.build(keycloakConfigFileResource.getInputStream());
|
||||
}
|
||||
|
||||
@Override
|
||||
public AdapterDeploymentContext getObject() throws Exception {
|
||||
return adapterDeploymentContext;
|
||||
}
|
||||
}
|
||||
|
|
@ -1,8 +1,10 @@
|
|||
package org.keycloak.adapters.springsecurity.authentication;
|
||||
|
||||
import org.keycloak.adapters.AdapterDeploymentContext;
|
||||
import org.keycloak.adapters.KeycloakDeployment;
|
||||
import org.keycloak.adapters.RefreshableKeycloakSecurityContext;
|
||||
import org.keycloak.adapters.springsecurity.AdapterDeploymentContextBean;
|
||||
import org.keycloak.adapters.spi.HttpFacade;
|
||||
import org.keycloak.adapters.springsecurity.facade.SimpleHttpFacade;
|
||||
import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
|
@ -23,11 +25,11 @@ public class KeycloakLogoutHandler implements LogoutHandler {
|
|||
|
||||
private static final Logger log = LoggerFactory.getLogger(KeycloakLogoutHandler.class);
|
||||
|
||||
private AdapterDeploymentContextBean deploymentContextBean;
|
||||
private AdapterDeploymentContext adapterDeploymentContext;
|
||||
|
||||
public KeycloakLogoutHandler(AdapterDeploymentContextBean deploymentContextBean) {
|
||||
Assert.notNull(deploymentContextBean);
|
||||
this.deploymentContextBean = deploymentContextBean;
|
||||
public KeycloakLogoutHandler(AdapterDeploymentContext adapterDeploymentContext) {
|
||||
Assert.notNull(adapterDeploymentContext);
|
||||
this.adapterDeploymentContext = adapterDeploymentContext;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
@ -45,7 +47,8 @@ public class KeycloakLogoutHandler implements LogoutHandler {
|
|||
}
|
||||
|
||||
protected void handleSingleSignOut(HttpServletRequest request, HttpServletResponse response, KeycloakAuthenticationToken authenticationToken) {
|
||||
KeycloakDeployment deployment = deploymentContextBean.getDeployment();
|
||||
HttpFacade facade = new SimpleHttpFacade(request, response);
|
||||
KeycloakDeployment deployment = adapterDeploymentContext.resolveDeployment(facade);
|
||||
RefreshableKeycloakSecurityContext session = (RefreshableKeycloakSecurityContext) authenticationToken.getAccount().getKeycloakSecurityContext();
|
||||
session.logout(deployment);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,8 @@
|
|||
package org.keycloak.adapters.springsecurity.config;
|
||||
|
||||
import org.keycloak.adapters.springsecurity.AdapterDeploymentContextBean;
|
||||
import org.keycloak.adapters.AdapterDeploymentContext;
|
||||
import org.keycloak.adapters.KeycloakConfigResolver;
|
||||
import org.keycloak.adapters.springsecurity.AdapterDeploymentContextFactoryBean;
|
||||
import org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationEntryPoint;
|
||||
import org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationProvider;
|
||||
import org.keycloak.adapters.springsecurity.authentication.KeycloakLogoutHandler;
|
||||
|
|
@ -8,6 +10,7 @@ import org.keycloak.adapters.springsecurity.filter.KeycloakAuthenticationProcess
|
|||
import org.keycloak.adapters.springsecurity.filter.KeycloakCsrfRequestMatcher;
|
||||
import org.keycloak.adapters.springsecurity.filter.KeycloakPreAuthActionsFilter;
|
||||
import org.keycloak.adapters.springsecurity.management.HttpSessionManager;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.core.io.Resource;
|
||||
|
|
@ -35,10 +38,20 @@ public abstract class KeycloakWebSecurityConfigurerAdapter extends WebSecurityCo
|
|||
|
||||
@Value("${keycloak.configurationFile:WEB-INF/keycloak.json}")
|
||||
private Resource keycloakConfigFileResource;
|
||||
@Autowired(required = false)
|
||||
private KeycloakConfigResolver keycloakConfigResolver;
|
||||
|
||||
@Bean
|
||||
protected AdapterDeploymentContextBean adapterDeploymentContextBean() {
|
||||
return new AdapterDeploymentContextBean(keycloakConfigFileResource);
|
||||
protected AdapterDeploymentContext adapterDeploymentContext() throws Exception {
|
||||
AdapterDeploymentContextFactoryBean factoryBean;
|
||||
if (keycloakConfigResolver != null) {
|
||||
factoryBean = new AdapterDeploymentContextFactoryBean(keycloakConfigResolver);
|
||||
}
|
||||
else {
|
||||
factoryBean = new AdapterDeploymentContextFactoryBean(keycloakConfigFileResource);
|
||||
}
|
||||
factoryBean.afterPropertiesSet();
|
||||
return factoryBean.getObject();
|
||||
}
|
||||
|
||||
protected AuthenticationEntryPoint authenticationEntryPoint() {
|
||||
|
|
@ -70,8 +83,8 @@ public abstract class KeycloakWebSecurityConfigurerAdapter extends WebSecurityCo
|
|||
return new HttpSessionManager();
|
||||
}
|
||||
|
||||
protected KeycloakLogoutHandler keycloakLogoutHandler() {
|
||||
return new KeycloakLogoutHandler(adapterDeploymentContextBean());
|
||||
protected KeycloakLogoutHandler keycloakLogoutHandler() throws Exception {
|
||||
return new KeycloakLogoutHandler(adapterDeploymentContext());
|
||||
}
|
||||
|
||||
protected abstract SessionAuthenticationStrategy sessionAuthenticationStrategy();
|
||||
|
|
|
|||
|
|
@ -1,11 +1,12 @@
|
|||
package org.keycloak.adapters.springsecurity.filter;
|
||||
|
||||
import org.keycloak.adapters.AdapterDeploymentContext;
|
||||
import org.keycloak.adapters.AdapterTokenStore;
|
||||
import org.keycloak.adapters.spi.AuthChallenge;
|
||||
import org.keycloak.adapters.spi.AuthOutcome;
|
||||
import org.keycloak.adapters.KeycloakDeployment;
|
||||
import org.keycloak.adapters.RequestAuthenticator;
|
||||
import org.keycloak.adapters.springsecurity.AdapterDeploymentContextBean;
|
||||
import org.keycloak.adapters.spi.HttpFacade;
|
||||
import org.keycloak.adapters.springsecurity.KeycloakAuthenticationException;
|
||||
import org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationEntryPoint;
|
||||
import org.keycloak.adapters.springsecurity.authentication.SpringSecurityRequestAuthenticator;
|
||||
|
|
@ -56,7 +57,7 @@ public class KeycloakAuthenticationProcessingFilter extends AbstractAuthenticati
|
|||
private static final Logger log = LoggerFactory.getLogger(KeycloakAuthenticationProcessingFilter.class);
|
||||
|
||||
private ApplicationContext applicationContext;
|
||||
private AdapterDeploymentContextBean adapterDeploymentContextBean;
|
||||
private AdapterDeploymentContext adapterDeploymentContext;
|
||||
private AdapterTokenStoreFactory adapterTokenStoreFactory = new SpringSecurityAdapterTokenStoreFactory();
|
||||
private AuthenticationManager authenticationManager;
|
||||
|
||||
|
|
@ -100,7 +101,7 @@ public class KeycloakAuthenticationProcessingFilter extends AbstractAuthenticati
|
|||
|
||||
@Override
|
||||
public void afterPropertiesSet() {
|
||||
adapterDeploymentContextBean = applicationContext.getBean(AdapterDeploymentContextBean.class);
|
||||
adapterDeploymentContext = applicationContext.getBean(AdapterDeploymentContext.class);
|
||||
super.afterPropertiesSet();
|
||||
}
|
||||
|
||||
|
|
@ -110,8 +111,8 @@ public class KeycloakAuthenticationProcessingFilter extends AbstractAuthenticati
|
|||
|
||||
log.debug("Attempting Keycloak authentication");
|
||||
|
||||
KeycloakDeployment deployment = adapterDeploymentContextBean.getDeployment();
|
||||
SimpleHttpFacade facade = new SimpleHttpFacade(request, response);
|
||||
HttpFacade facade = new SimpleHttpFacade(request, response);
|
||||
KeycloakDeployment deployment = adapterDeploymentContext.resolveDeployment(facade);
|
||||
AdapterTokenStore tokenStore = adapterTokenStoreFactory.createAdapterTokenStore(deployment, request);
|
||||
RequestAuthenticator authenticator
|
||||
= new SpringSecurityRequestAuthenticator(facade, request, deployment, tokenStore, -1);
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@ import org.keycloak.adapters.spi.HttpFacade;
|
|||
import org.keycloak.adapters.NodesRegistrationManagement;
|
||||
import org.keycloak.adapters.PreAuthActionsHandler;
|
||||
import org.keycloak.adapters.spi.UserSessionManagement;
|
||||
import org.keycloak.adapters.springsecurity.AdapterDeploymentContextBean;
|
||||
import org.keycloak.adapters.springsecurity.facade.SimpleHttpFacade;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
|
@ -47,9 +46,7 @@ public class KeycloakPreAuthActionsFilter extends GenericFilterBean implements A
|
|||
|
||||
@Override
|
||||
protected void initFilterBean() throws ServletException {
|
||||
AdapterDeploymentContextBean contextBean = applicationContext.getBean(AdapterDeploymentContextBean.class);
|
||||
deploymentContext = contextBean.getDeploymentContext();
|
||||
management.tryRegister(contextBean.getDeployment());
|
||||
deploymentContext = applicationContext.getBean(AdapterDeploymentContext.class);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -1,56 +0,0 @@
|
|||
package org.keycloak.adapters.springsecurity;
|
||||
|
||||
|
||||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
import org.junit.rules.ExpectedException;
|
||||
import org.springframework.core.io.ClassPathResource;
|
||||
import org.springframework.core.io.Resource;
|
||||
|
||||
import java.io.FileNotFoundException;
|
||||
|
||||
import static org.junit.Assert.assertNotNull;
|
||||
|
||||
public class AdapterDeploymentContextBeanTest {
|
||||
|
||||
@Rule
|
||||
public ExpectedException expectedException = ExpectedException.none();
|
||||
|
||||
private AdapterDeploymentContextBean adapterDeploymentContextBean;
|
||||
|
||||
@Test
|
||||
public void should_create_deployment_and_deployment_context() throws Exception {
|
||||
|
||||
//given:
|
||||
adapterDeploymentContextBean = new AdapterDeploymentContextBean(getCorrectResource());
|
||||
|
||||
//when:
|
||||
adapterDeploymentContextBean.afterPropertiesSet();
|
||||
|
||||
//then
|
||||
assertNotNull(adapterDeploymentContextBean.getDeployment());
|
||||
assertNotNull(adapterDeploymentContextBean.getDeploymentContext());
|
||||
}
|
||||
|
||||
private Resource getCorrectResource() {
|
||||
return new ClassPathResource("keycloak.json");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void should_throw_exception_when_configuration_file_was_not_found() throws Exception {
|
||||
|
||||
//given:
|
||||
adapterDeploymentContextBean = new AdapterDeploymentContextBean(getEmptyResource());
|
||||
|
||||
//then:
|
||||
expectedException.expect(FileNotFoundException.class);
|
||||
expectedException.expectMessage("Unable to locate Keycloak configuration file: no-file.json");
|
||||
|
||||
//when:
|
||||
adapterDeploymentContextBean.afterPropertiesSet();
|
||||
}
|
||||
|
||||
private Resource getEmptyResource() {
|
||||
return new ClassPathResource("no-file.json");
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,77 @@
|
|||
package org.keycloak.adapters.springsecurity;
|
||||
|
||||
import java.io.FileNotFoundException;
|
||||
|
||||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
import org.junit.rules.ExpectedException;
|
||||
|
||||
import org.keycloak.adapters.KeycloakConfigResolver;
|
||||
import org.keycloak.adapters.KeycloakDeployment;
|
||||
import org.keycloak.adapters.spi.HttpFacade;
|
||||
|
||||
import org.springframework.core.io.ClassPathResource;
|
||||
import org.springframework.core.io.Resource;
|
||||
|
||||
import static org.junit.Assert.assertNotNull;
|
||||
|
||||
public class AdapterDeploymentContextFactoryBeanTest {
|
||||
@Rule
|
||||
public ExpectedException expectedException = ExpectedException.none();
|
||||
|
||||
private AdapterDeploymentContextFactoryBean adapterDeploymentContextFactoryBean;
|
||||
|
||||
@Test
|
||||
public void should_create_adapter_deployment_context_from_configuration_file() throws Exception {
|
||||
// given:
|
||||
adapterDeploymentContextFactoryBean = new AdapterDeploymentContextFactoryBean(getCorrectResource());
|
||||
|
||||
// when:
|
||||
adapterDeploymentContextFactoryBean.afterPropertiesSet();
|
||||
|
||||
// then
|
||||
assertNotNull(adapterDeploymentContextFactoryBean.getObject());
|
||||
}
|
||||
|
||||
private Resource getCorrectResource() {
|
||||
return new ClassPathResource("keycloak.json");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void should_throw_exception_when_configuration_file_was_not_found() throws Exception {
|
||||
// given:
|
||||
adapterDeploymentContextFactoryBean = new AdapterDeploymentContextFactoryBean(getEmptyResource());
|
||||
|
||||
// then:
|
||||
expectedException.expect(FileNotFoundException.class);
|
||||
expectedException.expectMessage("Unable to locate Keycloak configuration file: no-file.json");
|
||||
|
||||
// when:
|
||||
adapterDeploymentContextFactoryBean.afterPropertiesSet();
|
||||
}
|
||||
|
||||
private Resource getEmptyResource() {
|
||||
return new ClassPathResource("no-file.json");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void should_create_adapter_deployment_context_from_keycloak_config_resolver() throws Exception {
|
||||
// given:
|
||||
adapterDeploymentContextFactoryBean = new AdapterDeploymentContextFactoryBean(getKeycloakConfigResolver());
|
||||
|
||||
// when:
|
||||
adapterDeploymentContextFactoryBean.afterPropertiesSet();
|
||||
|
||||
// then:
|
||||
assertNotNull(adapterDeploymentContextFactoryBean.getObject());
|
||||
}
|
||||
|
||||
private KeycloakConfigResolver getKeycloakConfigResolver() {
|
||||
return new KeycloakConfigResolver() {
|
||||
@Override
|
||||
public KeycloakDeployment resolve(HttpFacade.Request facade) {
|
||||
return null;
|
||||
}
|
||||
};
|
||||
}
|
||||
}
|
||||
|
|
@ -2,10 +2,11 @@ package org.keycloak.adapters.springsecurity.authentication;
|
|||
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.adapters.AdapterDeploymentContext;
|
||||
import org.keycloak.adapters.KeycloakDeployment;
|
||||
import org.keycloak.adapters.OidcKeycloakAccount;
|
||||
import org.keycloak.adapters.RefreshableKeycloakSecurityContext;
|
||||
import org.keycloak.adapters.springsecurity.AdapterDeploymentContextBean;
|
||||
import org.keycloak.adapters.spi.HttpFacade;
|
||||
import org.keycloak.adapters.springsecurity.account.KeycloakRole;
|
||||
import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken;
|
||||
import org.mockito.Mock;
|
||||
|
|
@ -35,7 +36,7 @@ public class KeycloakLogoutHandlerTest {
|
|||
private MockHttpServletResponse response;
|
||||
|
||||
@Mock
|
||||
private AdapterDeploymentContextBean adapterDeploymentContextBean;
|
||||
private AdapterDeploymentContext adapterDeploymentContext;
|
||||
|
||||
@Mock
|
||||
private OidcKeycloakAccount keycloakAccount;
|
||||
|
|
@ -52,11 +53,11 @@ public class KeycloakLogoutHandlerTest {
|
|||
public void setUp() throws Exception {
|
||||
MockitoAnnotations.initMocks(this);
|
||||
keycloakAuthenticationToken = mock(KeycloakAuthenticationToken.class);
|
||||
keycloakLogoutHandler = new KeycloakLogoutHandler(adapterDeploymentContextBean);
|
||||
keycloakLogoutHandler = new KeycloakLogoutHandler(adapterDeploymentContext);
|
||||
request = new MockHttpServletRequest();
|
||||
response = new MockHttpServletResponse();
|
||||
|
||||
when(adapterDeploymentContextBean.getDeployment()).thenReturn(keycloakDeployment);
|
||||
when(adapterDeploymentContext.resolveDeployment(any(HttpFacade.class))).thenReturn(keycloakDeployment);
|
||||
when(keycloakAuthenticationToken.getAccount()).thenReturn(keycloakAccount);
|
||||
when(keycloakAccount.getKeycloakSecurityContext()).thenReturn(session);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,9 +4,10 @@ import org.junit.Before;
|
|||
import org.junit.Test;
|
||||
import org.keycloak.KeycloakPrincipal;
|
||||
import org.keycloak.KeycloakSecurityContext;
|
||||
import org.keycloak.adapters.AdapterDeploymentContext;
|
||||
import org.keycloak.adapters.KeycloakDeployment;
|
||||
import org.keycloak.adapters.OidcKeycloakAccount;
|
||||
import org.keycloak.adapters.springsecurity.AdapterDeploymentContextBean;
|
||||
import org.keycloak.adapters.spi.HttpFacade;
|
||||
import org.keycloak.adapters.springsecurity.KeycloakAuthenticationException;
|
||||
import org.keycloak.adapters.springsecurity.account.KeycloakRole;
|
||||
import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken;
|
||||
|
|
@ -45,7 +46,7 @@ public class KeycloakAuthenticationProcessingFilterTest {
|
|||
private AuthenticationManager authenticationManager;
|
||||
|
||||
@Mock
|
||||
private AdapterDeploymentContextBean adapterDeploymentContextBean;
|
||||
private AdapterDeploymentContext adapterDeploymentContext;
|
||||
|
||||
@Mock
|
||||
private FilterChain chain;
|
||||
|
|
@ -85,8 +86,8 @@ public class KeycloakAuthenticationProcessingFilterTest {
|
|||
filter.setAuthenticationSuccessHandler(successHandler);
|
||||
filter.setAuthenticationFailureHandler(failureHandler);
|
||||
|
||||
when(applicationContext.getBean(eq(AdapterDeploymentContextBean.class))).thenReturn(adapterDeploymentContextBean);
|
||||
when(adapterDeploymentContextBean.getDeployment()).thenReturn(keycloakDeployment);
|
||||
when(applicationContext.getBean(eq(AdapterDeploymentContext.class))).thenReturn(adapterDeploymentContext);
|
||||
when(adapterDeploymentContext.resolveDeployment(any(HttpFacade.class))).thenReturn(keycloakDeployment);
|
||||
when(keycloakAccount.getPrincipal()).thenReturn(
|
||||
new KeycloakPrincipal<KeycloakSecurityContext>(UUID.randomUUID().toString(), keycloakSecurityContext));
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue