From fa99b5415d2da8a31f1ca87446476ab7f0229208 Mon Sep 17 00:00:00 2001 From: Bill Burke Date: Thu, 11 Jun 2015 18:02:49 -0400 Subject: [PATCH] flow alias lookup --- .../main/java/org/keycloak/models/RealmModel.java | 1 + .../models/utils/DefaultAuthenticationFlows.java | 2 +- .../keycloak/models/file/adapter/RealmAdapter.java | 13 +++++++++++++ .../org/keycloak/models/cache/RealmAdapter.java | 10 ++++++++++ .../java/org/keycloak/models/jpa/RealmAdapter.java | 11 +++++++++++ .../mongo/keycloak/adapters/RealmAdapter.java | 11 +++++++++++ .../org/keycloak/protocol/saml/SamlService.java | 11 +++-------- .../authenticators/AbstractFormAuthenticator.java | 1 + .../LoginFormUsernameAuthenticator.java | 4 ++++ .../oidc/endpoints/AuthorizationEndpoint.java | 10 +++------- 10 files changed, 58 insertions(+), 16 deletions(-) diff --git a/model/api/src/main/java/org/keycloak/models/RealmModel.java b/model/api/src/main/java/org/keycloak/models/RealmModel.java index 187c3fd91e..6366325364 100755 --- a/model/api/src/main/java/org/keycloak/models/RealmModel.java +++ b/model/api/src/main/java/org/keycloak/models/RealmModel.java @@ -187,6 +187,7 @@ public interface RealmModel extends RoleContainerModel { void setSmtpConfig(Map smtpConfig); List getAuthenticationFlows(); + AuthenticationFlowModel getFlowByAlias(String alias); AuthenticationFlowModel addAuthenticationFlow(AuthenticationFlowModel model); AuthenticationFlowModel getAuthenticationFlowById(String id); void removeAuthenticationFlow(AuthenticationFlowModel model); diff --git a/model/api/src/main/java/org/keycloak/models/utils/DefaultAuthenticationFlows.java b/model/api/src/main/java/org/keycloak/models/utils/DefaultAuthenticationFlows.java index 1f37bf1094..f4bb81c2ff 100755 --- a/model/api/src/main/java/org/keycloak/models/utils/DefaultAuthenticationFlows.java +++ b/model/api/src/main/java/org/keycloak/models/utils/DefaultAuthenticationFlows.java @@ -90,7 +90,7 @@ public class DefaultAuthenticationFlows { execution.setRequirement(AuthenticationExecutionModel.Requirement.REQUIRED); execution.setAuthenticator(password.getId()); execution.setPriority(11); - execution.setUserSetupAllowed(false); + execution.setUserSetupAllowed(true); execution.setAutheticatorFlow(false); realm.addAuthenticatorExecution(execution); diff --git a/model/file/src/main/java/org/keycloak/models/file/adapter/RealmAdapter.java b/model/file/src/main/java/org/keycloak/models/file/adapter/RealmAdapter.java index bc2ff0ab3b..73200e81af 100755 --- a/model/file/src/main/java/org/keycloak/models/file/adapter/RealmAdapter.java +++ b/model/file/src/main/java/org/keycloak/models/file/adapter/RealmAdapter.java @@ -1213,6 +1213,19 @@ public class RealmAdapter implements RealmModel { return models; } + + + @Override + public AuthenticationFlowModel getFlowByAlias(String alias) { + for (AuthenticationFlowModel flow : getAuthenticationFlows()) { + if (flow.getAlias().equals(alias)) { + return flow; + } + } + return null; + } + + protected AuthenticationFlowModel entityToModel(AuthenticationFlowEntity entity) { AuthenticationFlowModel model = new AuthenticationFlowModel(); model.setId(entity.getId()); diff --git a/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/RealmAdapter.java b/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/RealmAdapter.java index db3339c577..2db7ca2be9 100755 --- a/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/RealmAdapter.java +++ b/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/RealmAdapter.java @@ -1024,6 +1024,16 @@ public class RealmAdapter implements RealmModel { return models; } + @Override + public AuthenticationFlowModel getFlowByAlias(String alias) { + for (AuthenticationFlowModel flow : getAuthenticationFlows()) { + if (flow.getAlias().equals(alias)) { + return flow; + } + } + return null; + } + @Override public AuthenticationFlowModel addAuthenticationFlow(AuthenticationFlowModel model) { getDelegateForUpdate(); diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java b/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java index f2f1929a87..ecf399addf 100755 --- a/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java +++ b/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java @@ -1519,6 +1519,17 @@ public class RealmAdapter implements RealmModel { return models; } + @Override + public AuthenticationFlowModel getFlowByAlias(String alias) { + for (AuthenticationFlowModel flow : getAuthenticationFlows()) { + if (flow.getAlias().equals(alias)) { + return flow; + } + } + return null; + } + + protected AuthenticationFlowModel entityToModel(AuthenticationFlowEntity entity) { AuthenticationFlowModel model = new AuthenticationFlowModel(); model.setId(entity.getId()); diff --git a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java index 24d907c02e..2b6b85bc26 100755 --- a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java +++ b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java @@ -1244,6 +1244,17 @@ public class RealmAdapter extends AbstractMongoAdapter impleme return models; } + @Override + public AuthenticationFlowModel getFlowByAlias(String alias) { + for (AuthenticationFlowModel flow : getAuthenticationFlows()) { + if (flow.getAlias().equals(alias)) { + return flow; + } + } + return null; + } + + protected AuthenticationFlowModel entityToModel(AuthenticationFlowEntity entity) { AuthenticationFlowModel model = new AuthenticationFlowModel(); model.setId(entity.getId()); diff --git a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlService.java b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlService.java index 69dcbeffa3..907bfb3cf0 100755 --- a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlService.java +++ b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlService.java @@ -25,6 +25,7 @@ import org.keycloak.models.IdentityProviderModel; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.models.UserSessionModel; +import org.keycloak.models.utils.DefaultAuthenticationFlows; import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.protocol.oidc.utils.RedirectUtils; import org.keycloak.saml.common.constants.GeneralConstants; @@ -335,14 +336,8 @@ public class SamlService { return buildRedirectToIdentityProvider(identityProvider.getAlias(), new ClientSessionCode(realm, clientSession).getCode() ); } } - - String flowId = null; - for (AuthenticationFlowModel flow : realm.getAuthenticationFlows()) { - if (flow.getAlias().equals("browser")) { - flowId = flow.getId(); - break; - } - } + AuthenticationFlowModel flow = realm.getFlowByAlias(DefaultAuthenticationFlows.BROWSER_FLOW); + String flowId = flow.getId(); AuthenticationProcessor processor = new AuthenticationProcessor(); processor.setClientSession(clientSession) .setFlowId(flowId) diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/AbstractFormAuthenticator.java b/services/src/main/java/org/keycloak/authentication/authenticators/AbstractFormAuthenticator.java index 22bba0e0b0..17a7360172 100755 --- a/services/src/main/java/org/keycloak/authentication/authenticators/AbstractFormAuthenticator.java +++ b/services/src/main/java/org/keycloak/authentication/authenticators/AbstractFormAuthenticator.java @@ -21,6 +21,7 @@ import java.net.URI; public class AbstractFormAuthenticator { public static final String LOGIN_FORM_ACTION = "login_form"; + public static final String REGISTRATION_FORM_ACTION = "registration_form"; public static final String ACTION = "action"; protected boolean isAction(AuthenticatorContext context, String action) { diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/LoginFormUsernameAuthenticator.java b/services/src/main/java/org/keycloak/authentication/authenticators/LoginFormUsernameAuthenticator.java index 7904470a48..33211f3816 100755 --- a/services/src/main/java/org/keycloak/authentication/authenticators/LoginFormUsernameAuthenticator.java +++ b/services/src/main/java/org/keycloak/authentication/authenticators/LoginFormUsernameAuthenticator.java @@ -33,6 +33,10 @@ public class LoginFormUsernameAuthenticator extends AbstractFormAuthenticator im @Override public void authenticate(AuthenticatorContext context) { + if (isAction(context, REGISTRATION_FORM_ACTION) && context.getUser() != null) { + context.success(); + return; + } if (!isAction(context, LOGIN_FORM_ACTION)) { MultivaluedMap formData = new MultivaluedMapImpl<>(); String loginHint = context.getClientSession().getNote(OIDCLoginProtocol.LOGIN_HINT_PARAM); diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java index 3c66dbeb38..5b15cb8366 100755 --- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java @@ -19,6 +19,7 @@ import org.keycloak.models.IdentityProviderModel; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.models.RequiredCredentialModel; +import org.keycloak.models.utils.DefaultAuthenticationFlows; import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.protocol.oidc.OIDCLoginProtocol; import org.keycloak.protocol.oidc.utils.RedirectUtils; @@ -259,13 +260,8 @@ public class AuthorizationEndpoint { } clientSession.setNote(Details.AUTH_TYPE, CODE_AUTH_TYPE); - String flowId = null; - for (AuthenticationFlowModel flow : realm.getAuthenticationFlows()) { - if (flow.getAlias().equals("browser")) { - flowId = flow.getId(); - break; - } - } + AuthenticationFlowModel flow = realm.getFlowByAlias(DefaultAuthenticationFlows.BROWSER_FLOW); + String flowId = flow.getId(); AuthenticationProcessor processor = new AuthenticationProcessor(); processor.setClientSession(clientSession) .setFlowId(flowId)