Incremental commit because I haven't done one in awhile.

This commit is contained in:
Stan Silvert 2014-10-21 13:04:18 -04:00
parent 4776582a6a
commit f9215e961d
30 changed files with 1015 additions and 384 deletions

View file

@ -48,7 +48,7 @@
</fileSet> </fileSet>
<fileSet> <fileSet>
<directory>${project.build.directory}/unpacked/deployments/auth-server.war/WEB-INF/classes/META-INF</directory> <directory>${project.build.directory}/unpacked/deployments/auth-server.war/WEB-INF/classes/META-INF</directory>
<outputDirectory>keycloak/standalone/configuration</outputDirectory> <outputDirectory>keycloak/modules/system/layers/base/org/keycloak/keycloak-wildfly-subsystem/main/overlays</outputDirectory>
<includes> <includes>
<include>keycloak-server.json</include> <include>keycloak-server.json</include>
</includes> </includes>

View file

@ -34,7 +34,12 @@
<xsl:template match="node()[name(.)='profile']"> <xsl:template match="node()[name(.)='profile']">
<xsl:copy> <xsl:copy>
<xsl:apply-templates select="node()|@*"/> <xsl:apply-templates select="node()|@*"/>
<subsystem xmlns="urn:jboss:domain:keycloak:1.0"/> <subsystem xmlns="urn:jboss:domain:keycloak:1.0">
<auth-server name="main-auth-server">
<enabled>true</enabled>
<web-context>auth</web-context>
</auth-server>
</subsystem>
</xsl:copy> </xsl:copy>
</xsl:template> </xsl:template>
@ -56,7 +61,7 @@
<!-- for some reason, Wildfly 8 final decided to turn off management-native which means jboss-as-maven-plugin no <!-- for some reason, Wildfly 8 final decided to turn off management-native which means jboss-as-maven-plugin no
longer works --> longer works -->
<xsl:template match="node()[name(.)='management-interfaces']"> <xsl:template match="node()[name(.)='management-interfaces']">
<xsl:copy> <xsl:copy>
<xsl:apply-templates select="node()|@*"/> <xsl:apply-templates select="node()|@*"/>
@ -67,13 +72,24 @@
</xsl:template> </xsl:template>
<!-- for some reason, Wildfly 8 final decided to turn off management-native which means jboss-as-maven-plugin no <!-- for some reason, Wildfly 8 final decided to turn off management-native which means jboss-as-maven-plugin no
longer works --> longer works -->
<xsl:template match="node()[name(.)='socket-binding-group']"> <xsl:template match="node()[name(.)='socket-binding-group']">
<xsl:copy> <xsl:copy>
<xsl:apply-templates select="node()|@*"/> <xsl:apply-templates select="node()|@*"/>
<socket-binding name="management-native" interface="management" port="9999"/> <socket-binding name="management-native" interface="management" port="9999"/>
</xsl:copy> </xsl:copy>
</xsl:template> </xsl:template>
<xsl:template match="node()[name(.)='server' and name(..) != 'subsystem' ]">
<xsl:copy>
<xsl:apply-templates select="node()|@*"/>
<deployment-overlays>
<deployment-overlay name="main-auth-server.war-keycloak-overlay">
<deployment name="main-auth-server.war"/>
</deployment-overlay>
</deployment-overlays>
</xsl:copy>
</xsl:template>
<xsl:template match="@*|node()"> <xsl:template match="@*|node()">
<xsl:copy> <xsl:copy>

View file

@ -52,7 +52,12 @@
<!-- Process the resource --> <!-- Process the resource -->
<resources/> <resources/>
<!-- Add keycloak version property to module xml -->
<replace file="${module.repo.output.dir}/${current.module.path}/${module.xml}"
token="$${project.version}"
value="${project.version}"/>
<!-- Some final cleanup --> <!-- Some final cleanup -->
<replace file="${module.repo.output.dir}/${current.module.path}/${module.xml}"> <replace file="${module.repo.output.dir}/${current.module.path}/${module.xml}">
<replacetoken> <replacetoken>

View file

@ -1,26 +1,26 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!-- <!--
~ JBoss, Home of Professional Open Source. ~ JBoss, Home of Professional Open Source.
~ Copyright 2010, Red Hat, Inc., and individual contributors ~ Copyright 2010, Red Hat, Inc., and individual contributors
~ as indicated by the @author tags. See the copyright.txt file in the ~ as indicated by the @author tags. See the copyright.txt file in the
~ distribution for a full listing of individual contributors. ~ distribution for a full listing of individual contributors.
~ ~
~ This is free software; you can redistribute it and/or modify it ~ This is free software; you can redistribute it and/or modify it
~ under the terms of the GNU Lesser General Public License as ~ under the terms of the GNU Lesser General Public License as
~ published by the Free Software Foundation; either version 2.1 of ~ published by the Free Software Foundation; either version 2.1 of
~ the License, or (at your option) any later version. ~ the License, or (at your option) any later version.
~ ~
~ This software is distributed in the hope that it will be useful, ~ This software is distributed in the hope that it will be useful,
~ but WITHOUT ANY WARRANTY; without even the implied warranty of ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
~ Lesser General Public License for more details. ~ Lesser General Public License for more details.
~ ~
~ You should have received a copy of the GNU Lesser General Public ~ You should have received a copy of the GNU Lesser General Public
~ License along with this software; if not, write to the Free ~ License along with this software; if not, write to the Free
~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org.
--> -->
<project xmlns="http://maven.apache.org/POM/4.0.0" <project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
@ -211,6 +211,31 @@
</execution> </execution>
</executions> </executions>
</plugin> </plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<executions>
<execution>
<id>copy</id>
<phase>compile</phase>
<goals>
<goal>copy</goal>
</goals>
<configuration>
<artifactItems>
<artifactItem>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-server</artifactId>
<version>${project.version}</version>
<type>war</type>
<overWrite>true</overWrite>
<outputDirectory>${project.build.directory}/modules/org/keycloak/keycloak-wildfly-subsystem/main/auth-server</outputDirectory>
</artifactItem>
</artifactItems>
</configuration>
</execution>
</executions>
</plugin>
</plugins> </plugins>
</build> </build>
</project> </project>

View file

@ -23,7 +23,13 @@
--> -->
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-wildfly-subsystem"> <module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-wildfly-subsystem">
<properties>
<property name="keycloak-version" value="${project.version}"/>
</properties>
<resources> <resources>
<resource-root path="auth-server"/>
<resource-root path="overlays"/>
<!-- Insert resources here --> <!-- Insert resources here -->
</resources> </resources>

View file

@ -0,0 +1,83 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2013 JBoss Inc
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-parent</artifactId>
<version>1.1.0-Alpha1-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<artifactId>keycloak-feature-pack</artifactId>
<name>Keycloak Feature Pack</name>
<description/>
<packaging>jar</packaging>
<dependencies>
<!-- feature pack dependencies -->
<dependency>
<groupId>org.wildfly.core</groupId>
<artifactId>wildfly-core-feature-pack</artifactId>
<type>zip</type>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- module and copy artifact dependencies -->
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<source>${maven.compiler.source}</source>
<target>${maven.compiler.target}</target>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>2.8.1</version>
<configuration>
<redirectTestOutputToFile>false</redirectTestOutputToFile>
<enableAssertions>true</enableAssertions>
<argLine>-Xmx512m</argLine>
<systemProperties>
<property>
<name>jboss.home</name>
<value>${jboss.home}</value>
</property>
</systemProperties>
<includes>
<include>**/*TestCase.java</include>
</includes>
<forkMode>once</forkMode>
</configuration>
</plugin>
</plugins>
</build>
</project>

View file

@ -0,0 +1,39 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ JBoss, Home of Professional Open Source.
~ Copyright 2010, Red Hat, Inc., and individual contributors
~ as indicated by the @author tags. See the copyright.txt file in the
~ distribution for a full listing of individual contributors.
~
~ This is free software; you can redistribute it and/or modify it
~ under the terms of the GNU Lesser General Public License as
~ published by the Free Software Foundation; either version 2.1 of
~ the License, or (at your option) any later version.
~
~ This software is distributed in the hope that it will be useful,
~ but WITHOUT ANY WARRANTY; without even the implied warranty of
~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
~ Lesser General Public License for more details.
~
~ You should have received a copy of the GNU Lesser General Public
~ License along with this software; if not, write to the Free
~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
~ 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-->
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-adapter-core">
<resources>
<artifact name="${org.keycloak:keycloak-adapter-core}"/>
</resources>
<dependencies>
<module name="javax.api"/>
<module name="org.codehaus.jackson.jackson-core-asl"/>
<module name="org.codehaus.jackson.jackson-mapper-asl"/>
<module name="org.codehaus.jackson.jackson-xc"/>
<module name="org.apache.httpcomponents" />
<module name="org.jboss.logging"/>
<module name="org.keycloak.keycloak-core"/>
</dependencies>
</module>

View file

@ -0,0 +1,38 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ JBoss, Home of Professional Open Source.
~ Copyright 2014, Red Hat, Inc., and individual contributors
~ as indicated by the @author tags. See the copyright.txt file in the
~ distribution for a full listing of individual contributors.
~
~ This is free software; you can redistribute it and/or modify it
~ under the terms of the GNU Lesser General Public License as
~ published by the Free Software Foundation; either version 2.1 of
~ the License, or (at your option) any later version.
~
~ This software is distributed in the hope that it will be useful,
~ but WITHOUT ANY WARRANTY; without even the implied warranty of
~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
~ Lesser General Public License for more details.
~
~ You should have received a copy of the GNU Lesser General Public
~ License along with this software; if not, write to the Free
~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
~ 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-->
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-core">
<resources>
<artifact name="${org.keycloak:keycloak-core}"/>
</resources>
<dependencies>
<module name="org.codehaus.jackson.jackson-core-asl"/>
<module name="org.codehaus.jackson.jackson-mapper-asl"/>
<module name="org.codehaus.jackson.jackson-xc"/>
<module name="org.bouncycastle"/>
<module name="net.iharder.base64"/>
<module name="javax.api"/>
</dependencies>
</module>

View file

@ -0,0 +1,38 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ JBoss, Home of Professional Open Source.
~ Copyright 2014, Red Hat, Inc., and individual contributors
~ as indicated by the @author tags. See the copyright.txt file in the
~ distribution for a full listing of individual contributors.
~
~ This is free software; you can redistribute it and/or modify it
~ under the terms of the GNU Lesser General Public License as
~ published by the Free Software Foundation; either version 2.1 of
~ the License, or (at your option) any later version.
~
~ This software is distributed in the hope that it will be useful,
~ but WITHOUT ANY WARRANTY; without even the implied warranty of
~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
~ Lesser General Public License for more details.
~
~ You should have received a copy of the GNU Lesser General Public
~ License along with this software; if not, write to the Free
~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
~ 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-->
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-jboss-adapter-core">
<resources>
<artifact name="${org.keycloak:keycloak-jboss-adapter-core}"/>
</resources>
<dependencies>
<module name="javax.api"/>
<module name="org.jboss.logging"/>
<module name="org.picketbox"/>
<module name="org.keycloak.keycloak-adapter-core"/>
<module name="org.keycloak.keycloak-core"/>
</dependencies>
</module>

View file

@ -0,0 +1,44 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ JBoss, Home of Professional Open Source.
~ Copyright 2014, Red Hat, Inc., and individual contributors
~ as indicated by the @author tags. See the copyright.txt file in the
~ distribution for a full listing of individual contributors.
~
~ This is free software; you can redistribute it and/or modify it
~ under the terms of the GNU Lesser General Public License as
~ published by the Free Software Foundation; either version 2.1 of
~ the License, or (at your option) any later version.
~
~ This software is distributed in the hope that it will be useful,
~ but WITHOUT ANY WARRANTY; without even the implied warranty of
~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
~ Lesser General Public License for more details.
~
~ You should have received a copy of the GNU Lesser General Public
~ License along with this software; if not, write to the Free
~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
~ 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-->
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-undertow-adapter">
<resources>
<artifact name="${org.keycloak:keycloak-undertow-adapter}"/>
</resources>
<dependencies>
<module name="javax.api"/>
<module name="org.bouncycastle"/>
<module name="org.codehaus.jackson.jackson-core-asl"/>
<module name="org.codehaus.jackson.jackson-mapper-asl"/>
<module name="org.codehaus.jackson.jackson-xc"/>
<module name="org.apache.httpcomponents" />
<module name="javax.servlet.api"/>
<module name="org.jboss.logging"/>
<module name="io.undertow.core"/>
<module name="io.undertow.servlet"/>
<module name="org.keycloak.keycloak-adapter-core"/>
<module name="org.keycloak.keycloak-core"/>
</dependencies>
</module>

View file

@ -0,0 +1,46 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ JBoss, Home of Professional Open Source.
~ Copyright 2014, Red Hat, Inc., and individual contributors
~ as indicated by the @author tags. See the copyright.txt file in the
~ distribution for a full listing of individual contributors.
~
~ This is free software; you can redistribute it and/or modify it
~ under the terms of the GNU Lesser General Public License as
~ published by the Free Software Foundation; either version 2.1 of
~ the License, or (at your option) any later version.
~
~ This software is distributed in the hope that it will be useful,
~ but WITHOUT ANY WARRANTY; without even the implied warranty of
~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
~ Lesser General Public License for more details.
~
~ You should have received a copy of the GNU Lesser General Public
~ License along with this software; if not, write to the Free
~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
~ 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-->
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-wildfly-adapter">
<resources>
<artifact name="${org.keycloak:keycloak-wildfly-adapter}"/>
</resources>
<dependencies>
<module name="javax.api"/>
<module name="org.bouncycastle"/>
<module name="org.codehaus.jackson.jackson-core-asl"/>
<module name="org.codehaus.jackson.jackson-mapper-asl"/>
<module name="org.codehaus.jackson.jackson-xc"/>
<module name="org.apache.httpcomponents" />
<module name="javax.servlet.api"/>
<module name="org.jboss.logging"/>
<module name="io.undertow.core"/>
<module name="io.undertow.servlet"/>
<module name="org.picketbox"/>
<module name="org.keycloak.keycloak-undertow-adapter"/>
<module name="org.keycloak.keycloak-adapter-core"/>
<module name="org.keycloak.keycloak-core"/>
</dependencies>
</module>

View file

@ -0,0 +1,47 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ JBoss, Home of Professional Open Source.
~ Copyright 2014, Red Hat, Inc., and individual contributors
~ as indicated by the @author tags. See the copyright.txt file in the
~ distribution for a full listing of individual contributors.
~
~ This is free software; you can redistribute it and/or modify it
~ under the terms of the GNU Lesser General Public License as
~ published by the Free Software Foundation; either version 2.1 of
~ the License, or (at your option) any later version.
~
~ This software is distributed in the hope that it will be useful,
~ but WITHOUT ANY WARRANTY; without even the implied warranty of
~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
~ Lesser General Public License for more details.
~
~ You should have received a copy of the GNU Lesser General Public
~ License along with this software; if not, write to the Free
~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
~ 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-->
<module xmlns="urn:jboss:module:1.3" name="org.keycloak.keycloak-wildfly-subsystem">
<properties>
<property name="keycloak-version" value="${project.version}"/>
</properties>
<resources>
<artifact name="${org.keycloak:keycloak-wildfly-subsystem}"/>
<resource-root path="auth-server"/>
</resources>
<dependencies>
<module name="javax.api"/>
<module name="org.jboss.staxmapper"/>
<module name="org.jboss.as.controller"/>
<module name="org.jboss.as.server"/>
<module name="org.jboss.modules"/>
<module name="org.jboss.msc"/>
<module name="org.jboss.logging"/>
<module name="org.jboss.vfs"/>
<module name="org.jboss.as.web-common"/>
<module name="org.jboss.metadata.web"/>
</dependencies>
</module>

View file

@ -28,5 +28,6 @@
<module>js</module> <module>js</module>
<module>installed</module> <module>installed</module>
<module>admin-client</module> <module>admin-client</module>
<module>keycloak-feature-pack</module>
</modules> </modules>
</project> </project>

View file

@ -55,33 +55,7 @@
<include>**/*TestCase.java</include> <include>**/*TestCase.java</include>
</includes> </includes>
</configuration> </configuration>
</plugin> </plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<executions>
<execution>
<id>copy</id>
<phase>compile</phase>
<goals>
<goal>copy</goal>
</goals>
<configuration>
<artifactItems>
<artifactItem>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-server</artifactId>
<version>${project.version}</version>
<type>war</type>
<overWrite>true</overWrite>
<outputDirectory>${project.build.directory}/classes/deployments</outputDirectory>
<destFileName>auth-server.war</destFileName>
</artifactItem>
</artifactItems>
</configuration>
</execution>
</executions>
</plugin>
</plugins> </plugins>
</build> </build>

View file

@ -31,7 +31,10 @@ import org.keycloak.subsystem.logging.KeycloakLogger;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
import java.util.Map;
import org.jboss.as.ee.component.EEModuleDescription; import org.jboss.as.ee.component.EEModuleDescription;
import org.jboss.as.server.deployment.Attachments;
import org.jboss.as.server.deployment.MountedDeploymentOverlay;
/** /**
* Pass authentication data (keycloak.json) as a servlet context param so it can be read by the KeycloakServletExtension. * Pass authentication data (keycloak.json) as a servlet context param so it can be read by the KeycloakServletExtension.
@ -53,7 +56,7 @@ public class KeycloakAdapterConfigDeploymentProcessor implements DeploymentUnitP
// not sure if we need this yet, keeping here just in case // not sure if we need this yet, keeping here just in case
protected void addSecurityDomain(DeploymentUnit deploymentUnit, KeycloakAdapterConfigService service) { protected void addSecurityDomain(DeploymentUnit deploymentUnit, KeycloakAdapterConfigService service) {
String deploymentName = deploymentUnit.getName(); String deploymentName = deploymentUnit.getName();
if (!service.isKeycloakDeployment(deploymentName)) { if (!service.isSecureDeployment(deploymentName)) {
return; return;
} }
WarMetaData warMetaData = deploymentUnit.getAttachment(WarMetaData.ATTACHMENT_KEY); WarMetaData warMetaData = deploymentUnit.getAttachment(WarMetaData.ATTACHMENT_KEY);
@ -74,14 +77,18 @@ public class KeycloakAdapterConfigDeploymentProcessor implements DeploymentUnitP
DeploymentUnit deploymentUnit = phaseContext.getDeploymentUnit(); DeploymentUnit deploymentUnit = phaseContext.getDeploymentUnit();
String deploymentName = deploymentUnit.getName(); String deploymentName = deploymentUnit.getName();
System.out.println(">>>>> deploymentName=" + deploymentName);
KeycloakAdapterConfigService service = KeycloakAdapterConfigService.find(phaseContext.getServiceRegistry()); KeycloakAdapterConfigService service = KeycloakAdapterConfigService.find(phaseContext.getServiceRegistry());
//log.info("********* CHECK KEYCLOAK DEPLOYMENT: " + deploymentName); //log.info("********* CHECK KEYCLOAK DEPLOYMENT: " + deploymentName);
if (service.isKeycloakDeployment(deploymentName)) { if (service.isSecureDeployment(deploymentName)) {
addKeycloakAuthData(phaseContext, deploymentName, service); addKeycloakAuthData(phaseContext, deploymentName, service);
} }
if (service.isKeycloakServerDeployment(deploymentName)) {
final EEModuleDescription description = deploymentUnit.getAttachment(org.jboss.as.ee.component.Attachments.EE_MODULE_DESCRIPTION);
String webContext = service.getWebContext(deploymentName);
if (webContext == null) throw new DeploymentUnitProcessingException("Can't determine web context/module for Keycloak Auth Server");
description.setModuleName(webContext);
}
// FYI, Undertow Extension will find deployments that have auth-method set to KEYCLOAK // FYI, Undertow Extension will find deployments that have auth-method set to KEYCLOAK
// todo notsure if we need this // todo notsure if we need this
@ -102,14 +109,6 @@ public class KeycloakAdapterConfigDeploymentProcessor implements DeploymentUnitP
warMetaData.setMergedJBossWebMetaData(webMetaData); warMetaData.setMergedJBossWebMetaData(webMetaData);
} }
if (service.isKeycloakServerDeployment(deploymentName)) {
final EEModuleDescription description = deploymentUnit.getAttachment(org.jboss.as.ee.component.Attachments.EE_MODULE_DESCRIPTION);
String webContext = service.getWebContext(deploymentName);
if (webContext == null) throw new DeploymentUnitProcessingException("Can't determine web context/module for Keycloak Auth Server");
description.setModuleName(webContext);
return;
}
LoginConfigMetaData loginConfig = webMetaData.getLoginConfig(); LoginConfigMetaData loginConfig = webMetaData.getLoginConfig();
if (loginConfig == null) { if (loginConfig == null) {
loginConfig = new LoginConfigMetaData(); loginConfig = new LoginConfigMetaData();

View file

@ -51,11 +51,11 @@ public final class KeycloakAdapterConfigService implements Service<KeycloakAdapt
public static final KeycloakAdapterConfigService INSTANCE = new KeycloakAdapterConfigService(); public static final KeycloakAdapterConfigService INSTANCE = new KeycloakAdapterConfigService();
private Map<String, ModelNode> realms = new HashMap<String, ModelNode>(); private Map<String, ModelNode> realms = new HashMap<String, ModelNode>();
private Map<String, ModelNode> deployments = new HashMap<String, ModelNode>();
// key=server deployment name; value=json // keycloak-secured deployments
private Map<String, String> serverDeployments = new HashMap<String, String>(); private Map<String, ModelNode> secureDeployments = new HashMap<String, ModelNode>();
// key=server deployment name; value=web-context
// key=auth-server deployment name; value=web-context
private Map<String, String> webContexts = new HashMap<String, String>(); private Map<String, String> webContexts = new HashMap<String, String>();
private KeycloakAdapterConfigService() { private KeycloakAdapterConfigService() {
@ -77,8 +77,8 @@ public final class KeycloakAdapterConfigService implements Service<KeycloakAdapt
return this; return this;
} }
public void addServerDeployment(String deploymentName, String json, String webContext) { public void addServerDeployment(String deploymentName, String webContext) {
this.serverDeployments.put(deploymentName, json); System.out.println("**** adding Server deployment=" + deploymentName);
this.webContexts.put(deploymentName, webContext); this.webContexts.put(deploymentName, webContext);
} }
@ -87,7 +87,6 @@ public final class KeycloakAdapterConfigService implements Service<KeycloakAdapt
} }
public void removeServerDeployment(String deploymentName) { public void removeServerDeployment(String deploymentName) {
this.serverDeployments.remove(deploymentName);
this.webContexts.remove(deploymentName); this.webContexts.remove(deploymentName);
} }
@ -110,16 +109,16 @@ public final class KeycloakAdapterConfigService implements Service<KeycloakAdapt
public void addSecureDeployment(ModelNode operation, ModelNode model) { public void addSecureDeployment(ModelNode operation, ModelNode model) {
ModelNode deployment = model.clone(); ModelNode deployment = model.clone();
this.deployments.put(deploymentNameFromOp(operation), deployment); this.secureDeployments.put(deploymentNameFromOp(operation), deployment);
} }
public void updateSecureDeployment(ModelNode operation, String attrName, ModelNode resolvedValue) { public void updateSecureDeployment(ModelNode operation, String attrName, ModelNode resolvedValue) {
ModelNode deployment = this.deployments.get(deploymentNameFromOp(operation)); ModelNode deployment = this.secureDeployments.get(deploymentNameFromOp(operation));
deployment.get(attrName).set(resolvedValue); deployment.get(attrName).set(resolvedValue);
} }
public void removeSecureDeployment(ModelNode operation) { public void removeSecureDeployment(ModelNode operation) {
this.deployments.remove(deploymentNameFromOp(operation)); this.secureDeployments.remove(deploymentNameFromOp(operation));
} }
public void addCredential(ModelNode operation, ModelNode model) { public void addCredential(ModelNode operation, ModelNode model) {
@ -131,7 +130,7 @@ public final class KeycloakAdapterConfigService implements Service<KeycloakAdapt
String credentialName = credentialNameFromOp(operation); String credentialName = credentialNameFromOp(operation);
credentials.get(credentialName).set(model.get("value").asString()); credentials.get(credentialName).set(model.get("value").asString());
ModelNode deployment = this.deployments.get(deploymentNameFromOp(operation)); ModelNode deployment = this.secureDeployments.get(deploymentNameFromOp(operation));
deployment.get(CREDENTIALS_JSON_NAME).set(credentials); deployment.get(CREDENTIALS_JSON_NAME).set(credentials);
} }
@ -156,7 +155,7 @@ public final class KeycloakAdapterConfigService implements Service<KeycloakAdapt
} }
private ModelNode credentialsFromOp(ModelNode operation) { private ModelNode credentialsFromOp(ModelNode operation) {
ModelNode deployment = this.deployments.get(deploymentNameFromOp(operation)); ModelNode deployment = this.secureDeployments.get(deploymentNameFromOp(operation));
return deployment.get(CREDENTIALS_JSON_NAME); return deployment.get(CREDENTIALS_JSON_NAME);
} }
@ -187,17 +186,13 @@ public final class KeycloakAdapterConfigService implements Service<KeycloakAdapt
} }
public String getRealmName(String deploymentName) { public String getRealmName(String deploymentName) {
ModelNode deployment = this.deployments.get(deploymentName); ModelNode deployment = this.secureDeployments.get(deploymentName);
return deployment.get(RealmDefinition.TAG_NAME).asString(); return deployment.get(RealmDefinition.TAG_NAME).asString();
} }
public String getJSON(String deploymentName) { public String getJSON(String deploymentName) {
if (serverDeployments.containsKey(deploymentName)) { ModelNode deployment = this.secureDeployments.get(deploymentName);
return serverDeployments.get(deploymentName);
}
ModelNode deployment = this.deployments.get(deploymentName);
String realmName = deployment.get(RealmDefinition.TAG_NAME).asString(); String realmName = deployment.get(RealmDefinition.TAG_NAME).asString();
ModelNode realm = this.realms.get(realmName); ModelNode realm = this.realms.get(realmName);
@ -220,14 +215,14 @@ public final class KeycloakAdapterConfigService implements Service<KeycloakAdapt
} }
} }
public boolean isKeycloakDeployment(String deploymentName) { public boolean isSecureDeployment(String deploymentName) {
//log.info("********* CHECK KEYCLOAK DEPLOYMENT: deployments.size()" + deployments.size()); //log.info("********* CHECK KEYCLOAK DEPLOYMENT: deployments.size()" + deployments.size());
return this.serverDeployments.containsKey(deploymentName) || this.deployments.containsKey(deploymentName); return this.secureDeployments.containsKey(deploymentName);
} }
public boolean isKeycloakServerDeployment(String deploymentName) { public boolean isKeycloakServerDeployment(String deploymentName) {
return this.serverDeployments.containsKey(deploymentName); return this.webContexts.containsKey(deploymentName);
} }
static KeycloakAdapterConfigService find(ServiceRegistry registry) { static KeycloakAdapterConfigService find(ServiceRegistry registry) {

View file

@ -17,10 +17,6 @@
package org.keycloak.subsystem.extension; package org.keycloak.subsystem.extension;
import java.io.Closeable;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import org.jboss.as.server.deployment.Attachments; import org.jboss.as.server.deployment.Attachments;
import org.jboss.as.server.deployment.DeploymentPhaseContext; import org.jboss.as.server.deployment.DeploymentPhaseContext;
import org.jboss.as.server.deployment.DeploymentUnit; import org.jboss.as.server.deployment.DeploymentUnit;
@ -28,14 +24,9 @@ import org.jboss.as.server.deployment.DeploymentUnitProcessingException;
import org.jboss.as.server.deployment.DeploymentUnitProcessor; import org.jboss.as.server.deployment.DeploymentUnitProcessor;
import org.jboss.as.server.deployment.module.ModuleDependency; import org.jboss.as.server.deployment.module.ModuleDependency;
import org.jboss.as.server.deployment.module.ModuleSpecification; import org.jboss.as.server.deployment.module.ModuleSpecification;
import org.jboss.as.server.deployment.module.MountHandle;
import org.jboss.as.server.deployment.module.ResourceRoot;
import org.jboss.as.server.deployment.module.TempFileProviderService;
import org.jboss.modules.Module; import org.jboss.modules.Module;
import org.jboss.modules.ModuleIdentifier; import org.jboss.modules.ModuleIdentifier;
import org.jboss.modules.ModuleLoader; import org.jboss.modules.ModuleLoader;
import org.jboss.vfs.VFS;
import org.jboss.vfs.VirtualFile;
/** /**
* *
@ -57,29 +48,7 @@ public class KeycloakDependencyProcessor implements DeploymentUnitProcessor {
String deploymentName = deploymentUnit.getName(); String deploymentName = deploymentUnit.getName();
KeycloakAdapterConfigService service = KeycloakAdapterConfigService.find(phaseContext.getServiceRegistry()); KeycloakAdapterConfigService service = KeycloakAdapterConfigService.find(phaseContext.getServiceRegistry());
if (service.isKeycloakDeployment(deploymentName)) { addModules(deploymentUnit);
addModules(deploymentUnit);
}
for (ResourceRoot root : deploymentUnit.getAttachment(Attachments.RESOURCE_ROOTS)) {
System.out.println("*** resource root=" + root);
}
}
private void addProvider(DeploymentUnit deploymentUnit) throws IOException, URISyntaxException {
System.out.println("#2");
deploymentUnit.addToAttachmentList(Attachments.RESOURCE_ROOTS, providerRoot());
System.out.println("#4");
}
private ResourceRoot providerRoot() throws IOException, URISyntaxException {
System.out.println("#3");
URI uri = new URI("file:/C:/GitHub/keycloak-temp/keycloak-appliance-dist-all-1.1.0-Alpha1-SNAPSHOT/keycloak/modules/system/layers/base/org/keycloak/keycloak-auth-server/main/./federation-properties-example.jar");
VirtualFile archive = VFS.getChild(uri);
Closeable closeable = VFS.mountZip(archive.getPhysicalFile(), archive, TempFileProviderService.provider());
return new ResourceRoot(archive.getName(), archive, new MountHandle(closeable));
} }
private void addModules(DeploymentUnit deploymentUnit) { private void addModules(DeploymentUnit deploymentUnit) {

View file

@ -1,80 +0,0 @@
/*
* Copyright 2014 Red Hat Inc. and/or its affiliates and other contributors
* as indicated by the @author tags. All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of
* the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations under
* the License.
*/
package org.keycloak.subsystem.extension;
import java.io.Closeable;
import java.io.IOException;
import org.jboss.as.server.deployment.Attachments;
import org.jboss.as.server.deployment.DeploymentPhaseContext;
import org.jboss.as.server.deployment.DeploymentUnit;
import org.jboss.as.server.deployment.DeploymentUnitProcessingException;
import org.jboss.as.server.deployment.DeploymentUnitProcessor;
import org.jboss.as.server.deployment.module.ModuleDependency;
import org.jboss.as.server.deployment.module.ModuleSpecification;
import org.jboss.as.server.deployment.module.MountHandle;
import org.jboss.as.server.deployment.module.ResourceRoot;
import org.jboss.as.server.deployment.module.TempFileProviderService;
import org.jboss.modules.Module;
import org.jboss.modules.ModuleIdentifier;
import org.jboss.modules.ModuleLoader;
import org.jboss.vfs.VFS;
import org.jboss.vfs.VirtualFile;
/**
*
* @author Stan Silvert ssilvert@redhat.com (C) 2013 Red Hat Inc.
*/
public class KeycloakStructureProcessor implements DeploymentUnitProcessor {
@Override
public void deploy(DeploymentPhaseContext phaseContext) throws DeploymentUnitProcessingException {
final DeploymentUnit deploymentUnit = phaseContext.getDeploymentUnit();
String deploymentName = deploymentUnit.getName();
KeycloakAdapterConfigService service = KeycloakAdapterConfigService.find(phaseContext.getServiceRegistry());
System.out.println("#0");
if (service.isKeycloakServerDeployment(deploymentName)) {
try {
System.out.println("#1");
addProvider(deploymentUnit);
} catch (IOException e) {
throw new DeploymentUnitProcessingException(e);
}
}
}
private void addProvider(DeploymentUnit deploymentUnit) throws IOException {
System.out.println("#2");
deploymentUnit.addToAttachmentList(Attachments.RESOURCE_ROOTS, providerRoot());
System.out.println("#4");
}
private ResourceRoot providerRoot() throws IOException {
System.out.println("#3");
VirtualFile archive = VFS.getChild("C:\\GitHub\\keycloak-temp\\keycloak-appliance-dist-all-1.1.0-Alpha1-SNAPSHOT\\keycloak\\modules\\system\\layers\\base\\org\\keycloak\\keycloak-auth-server\\main\\federation-properties-example.jar");
Closeable closeable = VFS.mountZip(archive.getPhysicalFile(), archive, TempFileProviderService.provider());
return new ResourceRoot(archive.getName(), archive, new MountHandle(closeable));
}
@Override
public void undeploy(DeploymentUnit du) {
}
}

View file

@ -51,7 +51,6 @@ class KeycloakSubsystemAdd extends AbstractBoottimeAddStepHandler {
context.addStep(new AbstractDeploymentChainStep() { context.addStep(new AbstractDeploymentChainStep() {
@Override @Override
protected void execute(DeploymentProcessorTarget processorTarget) { protected void execute(DeploymentProcessorTarget processorTarget) {
processorTarget.addDeploymentProcessor(KeycloakExtension.SUBSYSTEM_NAME, Phase.STRUCTURE, 0, new KeycloakStructureProcessor());
processorTarget.addDeploymentProcessor(KeycloakExtension.SUBSYSTEM_NAME, Phase.DEPENDENCIES, 0, new KeycloakDependencyProcessor()); processorTarget.addDeploymentProcessor(KeycloakExtension.SUBSYSTEM_NAME, Phase.DEPENDENCIES, 0, new KeycloakDependencyProcessor());
processorTarget.addDeploymentProcessor(KeycloakExtension.SUBSYSTEM_NAME, processorTarget.addDeploymentProcessor(KeycloakExtension.SUBSYSTEM_NAME,
KeycloakAdapterConfigDeploymentProcessor.PHASE, KeycloakAdapterConfigDeploymentProcessor.PHASE,

View file

@ -31,6 +31,7 @@ import java.util.ArrayList;
import java.util.HashMap; import java.util.HashMap;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import org.keycloak.subsystem.extension.authserver.ManageOverlayHandler;
/** /**
* Defines attributes and operations for a secure-deployment. * Defines attributes and operations for a secure-deployment.

View file

@ -0,0 +1,35 @@
/*
* Copyright 2014 Red Hat Inc. and/or its affiliates and other contributors
* as indicated by the @author tags. All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of
* the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations under
* the License.
*/
package org.keycloak.subsystem.extension.authserver;
import org.jboss.as.controller.AbstractModelUpdateHandler;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.dmr.ModelNode;
/**
*
* @author Stan Silvert ssilvert@redhat.com (C) 2014 Red Hat Inc.
*/
public class AddProviderHandler extends AbstractModelUpdateHandler {
@Override
protected void updateModel(ModelNode operation, ModelNode model) throws OperationFailedException {
}
}

View file

@ -21,11 +21,7 @@ import org.jboss.as.controller.AbstractAddStepHandler;
import org.jboss.as.controller.AttributeDefinition; import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.OperationContext; import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException; import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.ServiceVerificationHandler;
import org.jboss.dmr.ModelNode; import org.jboss.dmr.ModelNode;
import org.jboss.msc.service.ServiceController;
import java.util.List;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.ADD; import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.ADD;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.OP; import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.OP;
@ -41,7 +37,8 @@ public final class AuthServerAddHandler extends AbstractAddStepHandler {
public static AuthServerAddHandler INSTANCE = new AuthServerAddHandler(); public static AuthServerAddHandler INSTANCE = new AuthServerAddHandler();
private AuthServerAddHandler() {} private AuthServerAddHandler() {
}
@Override @Override
protected void populateModel(OperationContext context, ModelNode operation, Resource resource) throws OperationFailedException { protected void populateModel(OperationContext context, ModelNode operation, Resource resource) throws OperationFailedException {
@ -55,12 +52,6 @@ public final class AuthServerAddHandler extends AbstractAddStepHandler {
attr.validateAndSet(operation, model); attr.validateAndSet(operation, model);
} }
/* String serverJsonAttrName = AuthServerDefinition.KEYCLOAK_SERVER_JSON.getName();
ModelNode keycloakServerJson = model.get(serverJsonAttrName);
if (!keycloakServerJson.isDefined()) {
model.get(serverJsonAttrName).set(AuthServerUtil.getDefaultAuthServerJson());
} */
System.out.println("**************************"); System.out.println("**************************");
System.out.println("operation"); System.out.println("operation");
System.out.println(operation.toString()); System.out.println(operation.toString());
@ -69,20 +60,27 @@ public final class AuthServerAddHandler extends AbstractAddStepHandler {
System.out.println(model.toString()); System.out.println(model.toString());
System.out.println("**************************"); System.out.println("**************************");
if (!requiresRuntime(context)) return; // not sure I really need this // returns early if on domain controller
if (!requiresRuntime(context)) return;
// don't want to try to start server on host controller
if (!context.isNormalServer()) return;
ModelNode webContextNode = model.get(AuthServerDefinition.WEB_CONTEXT.getName());
if (!webContextNode.isDefined()) webContextNode = AuthServerDefinition.WEB_CONTEXT.getDefaultValue();
String webContext = webContextNode.asString();
ModelNode isEnabled = model.get("enabled"); ModelNode isEnabled = model.get("enabled");
if (!isEnabled.isDefined() || isEnabled.asBoolean()) { boolean enabled = isEnabled.isDefined() && isEnabled.asBoolean();
String deploymentName = AuthServerUtil.addStepToStartAuthServer(context, operation);
//String json = model.get(serverJsonAttrName).asString(); AuthServerUtil authServerUtil = new AuthServerUtil(operation);
ModelNode webContextNode = model.get(AuthServerDefinition.WEB_CONTEXT.getName()); authServerUtil.addStepToUploadAuthServer(context, enabled);
if (!webContextNode.isDefined()) webContextNode = AuthServerDefinition.WEB_CONTEXT.getDefaultValue(); KeycloakAdapterConfigService.INSTANCE.addServerDeployment(authServerUtil.getDeploymentName(), webContext);
String webContext = webContextNode.asString();
KeycloakAdapterConfigService.INSTANCE.addServerDeployment(deploymentName, json, webContext);
}
} }
@Override @Override
protected void performRuntime(OperationContext context, ModelNode operation, ModelNode model, ServiceVerificationHandler verificationHandler, List<ServiceController<?>> newControllers) throws OperationFailedException { protected boolean requiresRuntimeVerification() {
return false;
} }
} }

View file

@ -31,6 +31,7 @@ import java.util.HashMap;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import org.jboss.as.controller.OperationFailedException; import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.descriptions.ResourceDescriptionResolver;
import org.jboss.as.controller.operations.validation.ParameterValidator; import org.jboss.as.controller.operations.validation.ParameterValidator;
import org.jboss.as.controller.registry.OperationEntry; import org.jboss.as.controller.registry.OperationEntry;
import org.keycloak.subsystem.extension.KeycloakAdapterConfigService; import org.keycloak.subsystem.extension.KeycloakAdapterConfigService;
@ -49,7 +50,7 @@ public class AuthServerDefinition extends SimpleResourceDefinition {
new SimpleAttributeDefinitionBuilder("enabled", ModelType.BOOLEAN, true) new SimpleAttributeDefinitionBuilder("enabled", ModelType.BOOLEAN, true)
.setXmlName("enabled") .setXmlName("enabled")
.setAllowExpression(true) .setAllowExpression(true)
.setDefaultValue(new ModelNode(true)) .setDefaultValue(new ModelNode(false))
.setRestartAllServices() .setRestartAllServices()
.build(); .build();
@ -62,18 +63,12 @@ public class AuthServerDefinition extends SimpleResourceDefinition {
.setRestartAllServices() .setRestartAllServices()
.build(); .build();
/* protected static final SimpleAttributeDefinition KEYCLOAK_SERVER_JSON = protected static final ResourceDescriptionResolver rscDescriptionResolver = KeycloakExtension.getResourceDescriptionResolver(TAG_NAME);
new SimpleAttributeDefinitionBuilder("keycloak-server-json", ModelType.STRING, true)
.setXmlName("keycloak-server-json")
.setAllowExpression(true)
.setRestartAllServices()
.build(); */
public static final List<SimpleAttributeDefinition> ALL_ATTRIBUTES = new ArrayList<SimpleAttributeDefinition>(); public static final List<SimpleAttributeDefinition> ALL_ATTRIBUTES = new ArrayList<SimpleAttributeDefinition>();
static { static {
ALL_ATTRIBUTES.add(ENABLED); ALL_ATTRIBUTES.add(ENABLED);
ALL_ATTRIBUTES.add(WEB_CONTEXT); ALL_ATTRIBUTES.add(WEB_CONTEXT);
//ALL_ATTRIBUTES.add(KEYCLOAK_SERVER_JSON);
} }
private static final Map<String, SimpleAttributeDefinition> DEFINITION_LOOKUP = new HashMap<String, SimpleAttributeDefinition>(); private static final Map<String, SimpleAttributeDefinition> DEFINITION_LOOKUP = new HashMap<String, SimpleAttributeDefinition>();
@ -87,7 +82,7 @@ public class AuthServerDefinition extends SimpleResourceDefinition {
public AuthServerDefinition() { public AuthServerDefinition() {
super(PathElement.pathElement(TAG_NAME), super(PathElement.pathElement(TAG_NAME),
KeycloakExtension.getResourceDescriptionResolver(TAG_NAME), rscDescriptionResolver,
AuthServerAddHandler.INSTANCE, AuthServerAddHandler.INSTANCE,
AuthServerRemoveHandler.INSTANCE, AuthServerRemoveHandler.INSTANCE,
null, null,
@ -98,6 +93,7 @@ public class AuthServerDefinition extends SimpleResourceDefinition {
public void registerOperations(ManagementResourceRegistration resourceRegistration) { public void registerOperations(ManagementResourceRegistration resourceRegistration) {
super.registerOperations(resourceRegistration); super.registerOperations(resourceRegistration);
resourceRegistration.registerOperationHandler(GenericSubsystemDescribeHandler.DEFINITION, GenericSubsystemDescribeHandler.INSTANCE); resourceRegistration.registerOperationHandler(GenericSubsystemDescribeHandler.DEFINITION, GenericSubsystemDescribeHandler.INSTANCE);
resourceRegistration.registerOperationHandler(ManageOverlayHandler.DEFINITION, ManageOverlayHandler.INSTANCE);
} }
@Override @Override

View file

@ -20,11 +20,16 @@ package org.keycloak.subsystem.extension.authserver;
import org.jboss.as.controller.AbstractRemoveStepHandler; import org.jboss.as.controller.AbstractRemoveStepHandler;
import org.jboss.as.controller.OperationContext; import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException; import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.OperationStepHandler;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.PathElement;
import org.jboss.as.controller.operations.common.Util; import org.jboss.as.controller.operations.common.Util;
import org.jboss.dmr.ModelNode; import org.jboss.dmr.ModelNode;
import org.keycloak.subsystem.extension.KeycloakAdapterConfigService; import org.keycloak.subsystem.extension.KeycloakAdapterConfigService;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.ADDRESS; import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.DEPLOYMENT;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.REMOVE;
import org.jboss.as.controller.registry.ImmutableManagementResourceRegistration;
/** /**
* Remove an auth-server from a realm. * Remove an auth-server from a realm.
@ -38,17 +43,33 @@ public final class AuthServerRemoveHandler extends AbstractRemoveStepHandler {
private AuthServerRemoveHandler() {} private AuthServerRemoveHandler() {}
@Override @Override
protected void performRuntime(OperationContext context, ModelNode operation, ModelNode model) throws OperationFailedException { protected void performRemove(OperationContext context, ModelNode operation, ModelNode model) throws OperationFailedException {
//KeycloakAdapterConfigService.INSTANCE.removeAuthServer() //KeycloakAdapterConfigService.INSTANCE.removeAuthServer()
System.out.println("*** performRuntime ** operation"); System.out.println("*** performRuntime ** operation");
System.out.println(operation.toString()); System.out.println(operation.toString());
System.out.println("*** performRuntime ** model"); System.out.println("*** performRuntime ** model");
System.out.println(model.toString()); System.out.println(model.toString());
String deploymentName = Util.getNameFromAddress(operation.get(ADDRESS));
System.out.println("*** authServerName=" + deploymentName); String deploymentName = AuthServerUtil.getDeploymentName(operation);
if (!deploymentName.toLowerCase().endsWith(".war")) {
deploymentName += ".war";
}
KeycloakAdapterConfigService.INSTANCE.removeServerDeployment(deploymentName); KeycloakAdapterConfigService.INSTANCE.removeServerDeployment(deploymentName);
if (requiresRuntime(context)) { // don't do this on a domain controller
addStepToRemoveAuthServer(context, deploymentName);
}
super.performRemove(context, operation, model);
}
private void addStepToRemoveAuthServer(OperationContext context, String deploymentName) {
PathAddress deploymentAddress = PathAddress.pathAddress(PathElement.pathElement(DEPLOYMENT, deploymentName));
ModelNode op = Util.createOperation(REMOVE, deploymentAddress);
System.out.println("**** Removing deployment *****");
System.out.println(op.toString());
context.addStep(op, getRemoveHandler(context, deploymentAddress), OperationContext.Stage.MODEL);
}
private OperationStepHandler getRemoveHandler(OperationContext context, PathAddress address) {
ImmutableManagementResourceRegistration rootResourceRegistration = context.getRootResourceRegistration();
return rootResourceRegistration.getOperationHandler(address, REMOVE);
} }
} }

View file

@ -16,11 +16,10 @@
*/ */
package org.keycloak.subsystem.extension.authserver; package org.keycloak.subsystem.extension.authserver;
import java.io.ByteArrayOutputStream; import java.io.File;
import java.io.IOException; import java.net.URISyntaxException;
import java.net.URL; import java.net.URL;
import java.util.jar.JarEntry; import java.util.Iterator;
import java.util.jar.JarInputStream;
import org.jboss.as.controller.OperationContext; import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException; import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.OperationStepHandler; import org.jboss.as.controller.OperationStepHandler;
@ -29,9 +28,14 @@ import org.jboss.as.controller.PathElement;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.ADD; import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.ADD;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.ADDRESS; import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.ADDRESS;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.CONTENT; import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.CONTENT;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.DEPLOY;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.DEPLOYMENT; import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.DEPLOYMENT;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.ENABLED; import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.ENABLED;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.PERSISTENT; import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.PERSISTENT;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.REDEPLOY;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.ROLLBACK_ON_RUNTIME_FAILURE;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.RUNTIME_NAME;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.UNDEPLOY;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.URL; import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.URL;
import org.jboss.as.controller.operations.common.Util; import org.jboss.as.controller.operations.common.Util;
import org.jboss.as.controller.registry.ImmutableManagementResourceRegistration; import org.jboss.as.controller.registry.ImmutableManagementResourceRegistration;
@ -43,6 +47,7 @@ import org.jboss.modules.Resource;
import org.jboss.modules.filter.PathFilter; import org.jboss.modules.filter.PathFilter;
/** /**
* Utility methods that help assemble and start an auth server.
* *
* @author Stan Silvert ssilvert@redhat.com (C) 2014 Red Hat Inc. * @author Stan Silvert ssilvert@redhat.com (C) 2014 Red Hat Inc.
*/ */
@ -50,119 +55,301 @@ public class AuthServerUtil {
private static final ModuleIdentifier KEYCLOAK_SUBSYSTEM = ModuleIdentifier.create("org.keycloak.keycloak-wildfly-subsystem"); private static final ModuleIdentifier KEYCLOAK_SUBSYSTEM = ModuleIdentifier.create("org.keycloak.keycloak-wildfly-subsystem");
private static URL authServerUrl = null; private final String authServerName;
private final PathAddress pathAddress;
private String deploymentName;
private static String defaultAuthServerJson = ""; //private String overlayName;
private Module subsysModule;
private String keycloakVersion;
static String getDefaultAuthServerJson() { //private File overlaysDir;
if (authServerUrl == null) getWarUrl(); private URL authServerUrl = null;
return defaultAuthServerJson; //private URL serverConfig = null;
//private Set<URL> spiUrls = new HashSet<URL>();
AuthServerUtil(ModelNode operation) {
this.authServerName = getAuthServerName(operation);
this.pathAddress = getPathAddress(operation);
this.deploymentName = getDeploymentName(operation);
//this.overlayName = deploymentName + "-keycloak-overlay";
setModule();
findAuthServerUrl();
//findSpiUrls();
System.out.println("&&&&& " + authServerName + " authServerUrl=" + authServerUrl);
// System.out.println("&&&&& " + authServerName + " spiUrls=" + spiUrls);
// System.out.println("&&&&& " + authServerName + " serverConfig=" + serverConfig);
} }
// Can return the URL, null, or throw IllegalStateException String getDeploymentName() {
// This also finds the defaultAuthServerJson and sets the instance var for it. return this.deploymentName;
private static URL getWarUrl() throws IllegalStateException { }
if (authServerUrl != null) { // only need to find this once
return authServerUrl;
}
Module module; private void setModule() {
try { try {
module = Module.getModuleFromCallerModuleLoader(KEYCLOAK_AUTH_SERVER); this.subsysModule = Module.getModuleFromCallerModuleLoader(KEYCLOAK_SUBSYSTEM);
this.keycloakVersion = subsysModule.getProperty("keycloak-version");
} catch (ModuleLoadException e) { } catch (ModuleLoadException e) {
throw new IllegalStateException("Keycloak Auth Server not installed as a module.", e); throw new IllegalStateException("Can't find Keycloak subsystem.", e);
} }
}
URL warUrl = null; /*private void findSpiUrls() throws IllegalStateException {
try { try {
java.util.Iterator<org.jboss.modules.Resource> rscIterator = module.iterateResources(new PathFilter() { Iterator<Resource> rscIterator = this.subsysModule.iterateResources(new PathFilter() {
@Override @Override
public boolean accept(String string) { public boolean accept(String string) {
return true; return string.equals(AuthServerUtil.this.authServerName);
} }
}); });
// There should be only one war resource, the auth server
while (rscIterator.hasNext()) { while (rscIterator.hasNext()) {
Resource rsc = rscIterator.next(); Resource rsc = rscIterator.next();
System.out.println("rsc.getName()=" + rsc.getName()); System.out.println("rsc.getName()=" + rsc.getName());
URL url = rsc.getURL(); URL url = rsc.getURL();
if (url.toExternalForm().toLowerCase().endsWith(".war")) {
warUrl = url; if (isJar(rsc)) {
setDefaultAuthServerJson(rsc); this.spiUrls.add(url);
}
if (isServerConfig(rsc)) {
this.serverConfig = url;
}
}
} catch (ModuleLoadException e) {
throw new IllegalStateException(e);
}
}*/
private void findAuthServerUrl() throws IllegalStateException {
try {
Iterator<org.jboss.modules.Resource> rscIterator = this.subsysModule.iterateResources(new PathFilter() {
@Override
public boolean accept(String string) {
return string.equals("");
}
});
while (rscIterator.hasNext()) {
Resource rsc = rscIterator.next();
System.out.println("rsc.getName()=" + rsc.getName());
URL url = rsc.getURL();
String parent = "";
try {
parent = new File(url.toURI()).getParent();
} catch (URISyntaxException e) {
continue;
} catch (IllegalArgumentException e) {
continue;
}
if (isAuthServer(rsc, parent)) {
this.authServerUrl = url;
//File mainDir = new File(parent).getParentFile();
//this.overlaysDir = new File(mainDir, "overlays");
break; break;
} }
} }
} catch (ModuleLoadException e) { } catch (ModuleLoadException e) {
throw new IllegalStateException(e); throw new IllegalStateException(e);
} catch (IOException e) {
throw new IllegalStateException(e);
} }
authServerUrl = warUrl;
System.out.println("&&&&& authServerUrl=" + authServerUrl);
return authServerUrl;
} }
// return deploymentName this will be started under private boolean isAuthServer(Resource rsc, String parent) {
static String addStepToStartAuthServer(OperationContext context, ModelNode operation) throws OperationFailedException { return rsc.getName().equals("keycloak-server-" + keycloakVersion + ".war")
&& parent.toLowerCase().endsWith("auth-server");
}
PathAddress authServerAddr = PathAddress.pathAddress(operation.get(ADDRESS)); /*private boolean isServerConfig(Resource rsc) {
String deploymentName = authServerAddr.getElement(1).getValue(); return rsc.getName().endsWith("/keycloak-server.json");
}
private boolean isJar(Resource rsc) {
return rsc.getName().toLowerCase().endsWith(".jar");
}
boolean serverOverlayDirExists() {
return new File(overlaysDir, authServerName).exists();
}
private boolean hasOverlays() {
return (this.serverConfig != null) || (!this.spiUrls.isEmpty());
}*/
void addStepToUploadAuthServer(OperationContext context, boolean isEnabled) throws OperationFailedException {
PathAddress deploymentAddress = deploymentAddress();
ModelNode op = Util.createOperation(ADD, deploymentAddress);
op.get(ENABLED).set(isEnabled);
op.get(PERSISTENT).set(false); // prevents writing this deployment out to standalone.xml
if (authServerUrl == null) {
throw new OperationFailedException("Keycloak Auth Server WAR not found in keycloak-wildfly-subsystem module");
}
String urlString = authServerUrl.toExternalForm();
ModelNode contentItem = new ModelNode();
contentItem.get(URL).set(urlString);
op.get(CONTENT).add(contentItem);
System.out.println("*** add auth server operation");
System.out.println(op.toString());
context.addStep(op, getHandler(context, deploymentAddress, ADD), OperationContext.Stage.MODEL);
/*File authServerOverlaysDir = new File(this.overlaysDir, authServerName);
System.out.println("authServerOverlaysDir" + authServerOverlaysDir.getAbsolutePath());
if (!authServerOverlaysDir.exists()) {
authServerOverlaysDir.mkdir();
addOverlay(context);
linkToDeployment(context);
}*/
}
void addStepToRedeployAuthServer(OperationContext context) {
addDeploymentAction(context, REDEPLOY);
}
void addStepToUndeployAuthServer(OperationContext context) {
addDeploymentAction(context, UNDEPLOY);
}
void addStepToDeployAuthServer(OperationContext context) {
addDeploymentAction(context, DEPLOY);
}
private void addDeploymentAction(OperationContext context, String operation) {
PathAddress deploymentAddress = deploymentAddress();
ModelNode op = Util.createOperation(operation, deploymentAddress);
op.get(RUNTIME_NAME).set(deploymentName);
System.out.println(">>>> operation=" + operation);
System.out.println(op.toString());
context.addStep(op, getHandler(context, deploymentAddress, operation), OperationContext.Stage.MODEL);
}
private PathAddress deploymentAddress() {
return PathAddress.pathAddress(PathElement.pathElement(DEPLOYMENT, deploymentName));
}
/*void addStepsToAssembleOverlay(OperationContext context) throws OperationFailedException {
if (hasOverlays()) {
addOverlay(context);
addKeycloakServerJson(context);
addSpiJars(context);
linkToDeployment(context);
}
removeOverlayDir();
}
private void removeOverlayDir() {
// TODO implement as operation
}
private void addOverlay(OperationContext context) throws OperationFailedException {
if (!hasOverlays()) return;
PathAddress overlayAddress = PathAddress.pathAddress(PathElement.pathElement(DEPLOYMENT_OVERLAY, overlayName));
ModelNode addOp = Util.createOperation(ADD, overlayAddress);
//addOp.get(PERSISTENT).set(false);
addRollbackFalse(addOp);
System.out.println("*** add overlay operation");
System.out.println(addOp.toString());
context.addStep(addOp, getAddHandler(context, overlayAddress), OperationContext.Stage.MODEL);
}
private void addKeycloakServerJson(OperationContext context) throws OperationFailedException {
if (this.serverConfig == null) {
return;
}
addOveralyContent(context, this.serverConfig, "/WEB-INF/classes/META-INF/keycloak-server.json");
addChangeToOperation(context, this.serverConfig, ManageOverlayHandler.changeToEnum.deployed);
}
private void addSpiJars(OperationContext context) throws OperationFailedException {
if (this.spiUrls.isEmpty()) {
return;
}
for (URL source : this.spiUrls) {
try {
String fileName = new java.io.File(source.toURI()).getName();
addOveralyContent(context, source, "/WEB-INF/lib/" + fileName);
} catch (URISyntaxException e) {
throw new OperationFailedException(e);
} catch (IllegalArgumentException e) {
throw new OperationFailedException(e);
}
}
}
private void linkToDeployment(OperationContext context) throws OperationFailedException {
if (!hasOverlays()) return;
PathAddress linkAddress = PathAddress.pathAddress(PathElement.pathElement(DEPLOYMENT_OVERLAY, overlayName),
PathElement.pathElement(DEPLOYMENT, deploymentName));
ModelNode op = Util.createOperation(ADD, linkAddress);
addRollbackFalse(op);
System.out.println("*** link to deployment operation");
System.out.println(op.toString());
context.addStep(op, getAddHandler(context, linkAddress), OperationContext.Stage.MODEL);
}
private void addOveralyContent(OperationContext context, URL source, String destination) throws OperationFailedException {
PathAddress contentAddress = PathAddress.pathAddress(PathElement.pathElement(DEPLOYMENT_OVERLAY, overlayName),
PathElement.pathElement(CONTENT, destination));
ModelNode op = Util.createOperation(ADD, contentAddress);
ModelNode contentItem = new ModelNode();
contentItem.get(URL).set(source.toExternalForm());
op.get(CONTENT).set(contentItem);
addRollbackFalse(op);
System.out.println("*** add content operation");
System.out.println(op.toString());
context.addStep(op, getAddHandler(context, contentAddress), OperationContext.Stage.MODEL);
}
private void addChangeToOperation(OperationContext context, URL source, ManageOverlayHandler.changeToEnum changeTo) {
ModelNode op = Util.createOperation(ManageOverlayHandler.OP, this.pathAddress);
op.get(ManageOverlayHandler.URL.getName()).set(source.toExternalForm());
op.get(ManageOverlayHandler.CHANGE_TO.getName()).set(changeTo.toString());
System.out.println("************change-to operation********************");
System.out.println(op.toString());
context.addStep(op, ManageOverlayHandler.INSTANCE, OperationContext.Stage.RUNTIME, false);
}*/
private OperationStepHandler getHandler(OperationContext context, PathAddress address, String opName) {
ImmutableManagementResourceRegistration rootResourceRegistration = context.getRootResourceRegistration();
return rootResourceRegistration.getOperationHandler(address, opName);
//return new IgnoreIfResourceExistsHandler(handler);
}
private void addRollbackFalse(ModelNode modelNode) {
modelNode.get(ROLLBACK_ON_RUNTIME_FAILURE).set(false);
}
static String getDeploymentName(ModelNode operation) {
String deploymentName = Util.getNameFromAddress(operation.get(ADDRESS));
System.out.println("*** authServerName=" + deploymentName);
if (!deploymentName.toLowerCase().endsWith(".war")) { if (!deploymentName.toLowerCase().endsWith(".war")) {
deploymentName += ".war"; deploymentName += ".war";
} }
PathAddress deploymentAddress = PathAddress.pathAddress(PathElement.pathElement(DEPLOYMENT, deploymentName));
ModelNode op = Util.createOperation(ADD, deploymentAddress);
op.get(ENABLED).set(true);
op.get(PERSISTENT).set(false); // prevents writing this deployment out to standalone.xml
URL warUrl = null;
try {
warUrl = getWarUrl();
} catch (IllegalStateException e) {
throw new OperationFailedException(e);
}
if (warUrl == null) {
throw new OperationFailedException("Keycloak Auth Server WAR not found in keycloak-auth-server module");
}
String urlString = warUrl.toExternalForm();
System.out.println(warUrl);
ModelNode contentItem = new ModelNode();
contentItem.get(URL).set(urlString);
op.get(CONTENT).add(contentItem);
System.out.println("****** operation ************");
System.out.println(op.toString());
ImmutableManagementResourceRegistration rootResourceRegistration = context.getRootResourceRegistration();
OperationStepHandler handler = rootResourceRegistration.getOperationHandler(deploymentAddress, ADD);
context.addStep(op, handler, OperationContext.Stage.MODEL);
return deploymentName; return deploymentName;
} }
private static void setDefaultAuthServerJson(Resource rsc) throws IOException { static String getAuthServerName(ModelNode operation) {
JarInputStream jarStream = null; PathAddress pathAddr = getPathAddress(operation);
try { return pathAddr.getElement(pathAddr.size() - 1).getValue();
jarStream = new JarInputStream(rsc.openStream());
JarEntry je;
while ((je = jarStream.getNextJarEntry()) != null) {
if (!je.getName().equals("WEB-INF/classes/META-INF/keycloak-server.json")) continue;
int len = 0;
byte[] buffer = new byte[1024];
ByteArrayOutputStream baos = new ByteArrayOutputStream();
while ((len = jarStream.read(buffer)) != -1) {
baos.write(buffer, 0, len);
}
defaultAuthServerJson = baos.toString();
return;
}
} finally {
jarStream.close();
}
} }
static PathAddress getPathAddress(ModelNode operation) {
return PathAddress.pathAddress(operation.get(ADDRESS));
}
} }

View file

@ -21,14 +21,19 @@ import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinition; import org.jboss.as.controller.SimpleAttributeDefinition;
import java.util.List; import java.util.List;
import org.jboss.as.controller.ReloadRequiredWriteAttributeHandler; import org.jboss.as.controller.ModelOnlyWriteAttributeHandler;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.registry.Resource;
import org.jboss.dmr.ModelNode;
import org.keycloak.subsystem.extension.KeycloakAdapterConfigService;
/** /**
* Update an attribute on an Auth Server. * Update an attribute on an Auth Server.
* *
* @author Stan Silvert ssilvert@redhat.com (C) 2014 Red Hat Inc. * @author Stan Silvert ssilvert@redhat.com (C) 2014 Red Hat Inc.
*/ */
public class AuthServerWriteAttributeHandler extends ReloadRequiredWriteAttributeHandler { public class AuthServerWriteAttributeHandler extends ModelOnlyWriteAttributeHandler { //extends ReloadRequiredWriteAttributeHandler {
public AuthServerWriteAttributeHandler(List<SimpleAttributeDefinition> definitions) { public AuthServerWriteAttributeHandler(List<SimpleAttributeDefinition> definitions) {
this(definitions.toArray(new AttributeDefinition[definitions.size()])); this(definitions.toArray(new AttributeDefinition[definitions.size()]));
@ -38,4 +43,56 @@ public class AuthServerWriteAttributeHandler extends ReloadRequiredWriteAttribut
super(definitions); super(definitions);
} }
@Override
protected void finishModelStage(OperationContext context, ModelNode operation, String attributeName, ModelNode newValue, ModelNode oldValue, Resource model) throws OperationFailedException {
if (!context.isNormalServer() || attribNotChanging(attributeName, newValue, oldValue)) {
super.finishModelStage(context, operation, attributeName, newValue, oldValue, model);
return;
}
System.out.println("**** finishModelStage *****");
System.out.println("** operation **");
System.out.println(operation.toString());
System.out.println("** attributeName=" + attributeName);
System.out.println("** oldValue=" + oldValue);
System.out.println("** newValue=" + newValue);
AuthServerUtil authServerUtil = new AuthServerUtil(operation);
boolean isEnabled = isEnabled(model); // is server currently enabled?
if (attributeName.equals(AuthServerDefinition.WEB_CONTEXT.getName())) {
String deploymentName = AuthServerUtil.getDeploymentName(operation);
KeycloakAdapterConfigService.INSTANCE.removeServerDeployment(deploymentName);
KeycloakAdapterConfigService.INSTANCE.addServerDeployment(deploymentName, newValue.asString());
if (isEnabled) {
authServerUtil.addStepToRedeployAuthServer(context);
}
}
if (attributeName.equals(AuthServerDefinition.ENABLED.getName())) {
if (!isEnabled) { // we are disabling
authServerUtil.addStepToUndeployAuthServer(context);
} else { // we are enabling
authServerUtil.addStepToDeployAuthServer(context);
}
}
super.finishModelStage(context, operation, attributeName, newValue, oldValue, model);
}
// Is auth server currently enabled?
private boolean isEnabled(Resource model) {
ModelNode authServer = model.getModel();
ModelNode isEnabled = authServer.get(AuthServerDefinition.ENABLED.getName());
if (!isEnabled.isDefined()) isEnabled = AuthServerDefinition.ENABLED.getDefaultValue();
return isEnabled.asBoolean();
}
private boolean attribNotChanging(String attributeName, ModelNode newValue, ModelNode oldValue) {
SimpleAttributeDefinition attribDef = AuthServerDefinition.lookup(attributeName);
if (!oldValue.isDefined()) oldValue = attribDef.getDefaultValue();
if (!newValue.isDefined()) newValue = attribDef.getDefaultValue();
return newValue.equals(oldValue);
}
} }

View file

@ -0,0 +1,99 @@
/*
* Copyright 2014 Red Hat Inc. and/or its affiliates and other contributors
* as indicated by the @author tags. All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of
* the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations under
* the License.
*/
package org.keycloak.subsystem.extension.authserver;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.ServiceVerificationHandler;
import org.jboss.dmr.ModelNode;
import org.jboss.msc.service.ServiceController;
import java.util.List;
import java.util.Set;
import org.jboss.as.controller.AbstractRuntimeOnlyHandler;
import org.jboss.as.controller.OperationDefinition;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.PathElement;
import org.jboss.as.controller.ResourceDefinition;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.SimpleOperationDefinitionBuilder;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.ADDRESS;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.DEPLOYMENT_OVERLAY;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.OP;
import org.jboss.as.controller.operations.validation.EnumValidator;
import org.jboss.as.controller.registry.ImmutableManagementResourceRegistration;
import org.jboss.as.controller.registry.Resource;
import org.jboss.dmr.ModelType;
import org.keycloak.subsystem.extension.KeycloakAdapterConfigService;
/**
* Rename the extension of an overlay in the overlays/<auth server> directory.
*
* @author Stan Silvert ssilvert@redhat.com (C) 2014 Red Hat Inc.
*/
public final class ManageOverlayHandler extends AbstractRuntimeOnlyHandler {
public static final String OP = "change-to";
public static ManageOverlayHandler INSTANCE = new ManageOverlayHandler();
public enum changeToEnum {deployed, undeployed};
protected static final SimpleAttributeDefinition URL =
new SimpleAttributeDefinitionBuilder("url", ModelType.STRING, false)
.setAllowExpression(false)
.build();
protected static final SimpleAttributeDefinition CHANGE_TO =
new SimpleAttributeDefinitionBuilder(OP, ModelType.STRING, false)
.setAllowExpression(false)
.setValidator(new EnumValidator(changeToEnum.class, false, false))
.build();
public static OperationDefinition DEFINITION = new SimpleOperationDefinitionBuilder("manage-overlay", AuthServerDefinition.rscDescriptionResolver)
.addParameter(URL)
.addParameter(CHANGE_TO)
.build();
private ManageOverlayHandler() {
}
@Override
protected void executeRuntimeStep(OperationContext context, ModelNode mn) throws OperationFailedException {
System.out.println("Executing!!!!");
PathAddress pathAddress = PathAddress.pathAddress(PathElement.pathElement(DEPLOYMENT_OVERLAY, "main-auth-server.war-keycloak-overlay"));
//PathAddress pathAddress = PathAddress.pathAddress(PathElement.pathElement("path", "user.dir"));
ImmutableManagementResourceRegistration rootResourceRegistration = context.getRootResourceRegistration();
Resource resource = context.readResourceFromRoot(pathAddress);
Set<PathElement> childAddrs = rootResourceRegistration.getChildAddresses(pathAddress);
Set<String> children = rootResourceRegistration.getChildNames(pathAddress);
System.out.println("***************");
System.out.println("childAddrs=" + childAddrs);
System.out.println("children=" + children);
System.out.println("model=" + resource.getModel());
System.out.println("children=" + resource.getChildrenNames("deployment"));
context.completeStep(OperationContext.ResultHandler.NOOP_RESULT_HANDLER);
}
}

View file

@ -9,8 +9,10 @@ keycloak.subsystem.secure-deployment=A deployment secured by Keycloak.
keycloak.auth-server=A Keycloak Auth Server keycloak.auth-server=A Keycloak Auth Server
keycloak.auth-server.add=Add an Auth Server to the subsystem. keycloak.auth-server.add=Add an Auth Server to the subsystem.
keycloak.auth-server.remove=Remove an Auth Server from the subsystem. keycloak.auth-server.remove=Remove an Auth Server from the subsystem.
keycloak.auth-server.manage-overlay=Internal use only. Do not call from CLI!!
keycloak.auth-server.manage-overlay.url=Internal use only. Do not call from CLI!! The overlay URL that needs its extension to be changed.
keycloak.auth-server.manage-overlay.change-to=Internal use only. Do not call from CLI!! The extension the overlay will be changed to.
keycloak.auth-server.enabled=Enable or disable the Auth Server. keycloak.auth-server.enabled=Enable or disable the Auth Server.
keycloak.auth-server.keycloak-server-json=Externalized version of keycloak-server.json
keycloak.auth-server.web-context=Web context the auth-server will use. Also, the module name of the auth-server deployment. keycloak.auth-server.web-context=Web context the auth-server will use. Also, the module name of the auth-server deployment.
keycloak.realm=A Keycloak realm. keycloak.realm=A Keycloak realm.

94
pom.xml
View file

@ -35,7 +35,7 @@
<slf4j.version>1.5.10</slf4j.version> <slf4j.version>1.5.10</slf4j.version>
<jboss.version>7.1.1.Final</jboss.version> <jboss.version>7.1.1.Final</jboss.version>
<wildfly.version>8.1.0.Final</wildfly.version> <wildfly.version>8.1.0.Final</wildfly.version>
<wildfly.core.version>1.0.0.Alpha5</wildfly.core.version> <wildfly.core.version>1.0.0.Alpha9</wildfly.core.version>
<servlet.api.30.version>1.0.2.Final</servlet.api.30.version> <servlet.api.30.version>1.0.2.Final</servlet.api.30.version>
<google.zxing.version>2.2</google.zxing.version> <google.zxing.version>2.2</google.zxing.version>
<google.client.version>1.14.1-beta</google.client.version> <google.client.version>1.14.1-beta</google.client.version>
@ -346,24 +346,24 @@
<version>${twitter4j.version}</version> <version>${twitter4j.version}</version>
</dependency> </dependency>
<!-- QR Code Generator --> <!-- QR Code Generator -->
<dependency> <dependency>
<groupId>com.google.zxing</groupId> <groupId>com.google.zxing</groupId>
<artifactId>core</artifactId> <artifactId>core</artifactId>
<version>${google.zxing.version}</version> <version>${google.zxing.version}</version>
</dependency> </dependency>
<dependency> <dependency>
<groupId>com.google.zxing</groupId> <groupId>com.google.zxing</groupId>
<artifactId>javase</artifactId> <artifactId>javase</artifactId>
<version>${google.zxing.version}</version> <version>${google.zxing.version}</version>
</dependency> </dependency>
<!-- Email Test Servers --> <!-- Email Test Servers -->
<dependency> <dependency>
<groupId>com.icegreen</groupId> <groupId>com.icegreen</groupId>
<artifactId>greenmail</artifactId> <artifactId>greenmail</artifactId>
<version>1.3.1b</version> <version>1.3.1b</version>
</dependency> </dependency>
<!-- Encrypted ZIP --> <!-- Encrypted ZIP -->
<dependency> <dependency>
@ -372,18 +372,18 @@
<version>${winzipaes.version}</version> <version>${winzipaes.version}</version>
</dependency> </dependency>
<!-- Selenium --> <!-- Selenium -->
<dependency> <dependency>
<groupId>org.seleniumhq.selenium</groupId> <groupId>org.seleniumhq.selenium</groupId>
<artifactId>selenium-java</artifactId> <artifactId>selenium-java</artifactId>
<version>${selenium.version}</version> <version>${selenium.version}</version>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.seleniumhq.selenium</groupId> <groupId>org.seleniumhq.selenium</groupId>
<artifactId>selenium-chrome-driver</artifactId> <artifactId>selenium-chrome-driver</artifactId>
<version>${selenium.version}</version> <version>${selenium.version}</version>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.mongodb</groupId> <groupId>org.mongodb</groupId>
<artifactId>mongo-java-driver</artifactId> <artifactId>mongo-java-driver</artifactId>
@ -423,12 +423,12 @@
<version>${mysql.version}</version> <version>${mysql.version}</version>
</dependency> </dependency>
<!-- the dependency seems to override Resteasy 3.0.5's depending on 4.2.1 <!-- the dependency seems to override Resteasy 3.0.5's depending on 4.2.1
<dependency> <dependency>
<groupId>org.apache.httpcomponents</groupId> <groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId> <artifactId>httpclient</artifactId>
<version>${keycloak.apache.httpcomponents.version}</version> <version>${keycloak.apache.httpcomponents.version}</version>
</dependency> </dependency>
--> -->
<dependency> <dependency>
<groupId>org.wildfly.core</groupId> <groupId>org.wildfly.core</groupId>
<artifactId>wildfly-controller</artifactId> <artifactId>wildfly-controller</artifactId>
@ -451,6 +451,18 @@
<type>pom</type> <type>pom</type>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency>
<groupId>org.wildfly.core</groupId>
<artifactId>wildfly-core-feature-pack</artifactId>
<type>pom</type>
<version>${wildfly.core.version}</version>
</dependency>
<dependency>
<groupId>org.wildfly.core</groupId>
<artifactId>wildfly-core-feature-pack</artifactId>
<type>zip</type>
<version>${wildfly.core.version}</version>
</dependency>
<dependency> <dependency>
<groupId>org.wildfly</groupId> <groupId>org.wildfly</groupId>
<artifactId>wildfly-undertow</artifactId> <artifactId>wildfly-undertow</artifactId>
@ -597,14 +609,14 @@
<artifactId>maven-deploy-plugin</artifactId> <artifactId>maven-deploy-plugin</artifactId>
<version>2.5</version> <version>2.5</version>
</plugin> </plugin>
<plugin> <plugin>
<groupId>org.apache.maven.plugins</groupId> <groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId> <artifactId>maven-war-plugin</artifactId>
<version>2.3</version> <version>2.3</version>
<configuration> <configuration>
<failOnMissingWebXml>false</failOnMissingWebXml> <failOnMissingWebXml>false</failOnMissingWebXml>
</configuration> </configuration>
</plugin> </plugin>
<plugin> <plugin>
<groupId>com.lazerycode.jmeter</groupId> <groupId>com.lazerycode.jmeter</groupId>
<artifactId>jmeter-maven-plugin</artifactId> <artifactId>jmeter-maven-plugin</artifactId>

View file

@ -41,7 +41,6 @@ import java.util.Map;
import java.util.Properties; import java.util.Properties;
import java.util.Set; import java.util.Set;
import java.util.StringTokenizer; import java.util.StringTokenizer;
import org.keycloak.adapters.AdapterConstants;
/** /**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a> * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
@ -58,7 +57,7 @@ public class KeycloakApplication extends Application {
protected String contextPath; protected String contextPath;
public KeycloakApplication(@Context ServletContext context, @Context Dispatcher dispatcher) { public KeycloakApplication(@Context ServletContext context, @Context Dispatcher dispatcher) {
loadConfig(context); loadConfig();
this.sessionFactory = createSessionFactory(); this.sessionFactory = createSessionFactory();
@ -103,26 +102,6 @@ public class KeycloakApplication extends Application {
return uriInfo.getBaseUriBuilder().replacePath(getContextPath()).build(); return uriInfo.getBaseUriBuilder().replacePath(getContextPath()).build();
} }
private static void loadConfig(ServletContext context) {
String json = context.getInitParameter(AdapterConstants.AUTH_DATA_PARAM_NAME);
if (json == null) {
loadConfig(); // from file
} else {
loadConfig(json); // from ServletContext/Keycloak subsystem
}
}
private static void loadConfig(String json) {
try {
JsonNode node = new ObjectMapper().readTree(json);
Config.init(new JsonConfigProvider(node));
} catch (IOException e) {
throw new RuntimeException("Failed to load config", e);
}
log.info("Loaded config from Keycloak subsystem");
}
public static void loadConfig() { public static void loadConfig() {
try { try {
URL config = null; URL config = null;