mirror of
https://github.com/keycloak/keycloak.git
synced 2025-12-30 11:29:57 -06:00
redirect calls to userLocalStorage from legacy modules (federation, ldap, sssd, kerberos)
This commit is contained in:
Alexander Schwartz
committed by
Hynek Mlnařík
Hynek Mlnařík
parent
a109e28be7
commit
1bc6133e4e
@@ -37,6 +37,7 @@ import org.keycloak.models.UserModel;
|
||||
import org.keycloak.models.UserManager;
|
||||
import org.keycloak.models.credential.PasswordCredentialModel;
|
||||
import org.keycloak.storage.ReadOnlyException;
|
||||
import org.keycloak.storage.UserStoragePrivateUtil;
|
||||
import org.keycloak.storage.UserStorageProvider;
|
||||
import org.keycloak.storage.UserStorageProviderModel;
|
||||
import org.keycloak.storage.user.ImportedUserValidation;
|
||||
@@ -236,7 +237,7 @@ public class KerberosFederationProvider implements UserStorageProvider,
|
||||
* @return user if found or successfully created. Null if user with same username already exists, but is not linked to this provider
|
||||
*/
|
||||
protected UserModel findOrCreateAuthenticatedUser(RealmModel realm, String username) {
|
||||
UserModel user = session.userLocalStorage().getUserByUsername(realm, username);
|
||||
UserModel user = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(realm, username);
|
||||
if (user != null) {
|
||||
user = session.users().getUserById(realm, user.getId()); // make sure we get a cached instance
|
||||
logger.debug("Kerberos authenticated user " + username + " found in Keycloak storage");
|
||||
@@ -252,7 +253,7 @@ public class KerberosFederationProvider implements UserStorageProvider,
|
||||
logger.warn("User with username " + username + " already exists and is linked to provider [" + model.getName() +
|
||||
"] but kerberos principal is not correct. Kerberos principal on user is: " + user.getFirstAttribute(KERBEROS_PRINCIPAL));
|
||||
logger.warn("Will re-create user");
|
||||
new UserManager(session).removeUser(realm, user, session.userLocalStorage());
|
||||
new UserManager(session).removeUser(realm, user, UserStoragePrivateUtil.userLocalStorage(session));
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -266,7 +267,7 @@ public class KerberosFederationProvider implements UserStorageProvider,
|
||||
String email = username + "@" + kerberosConfig.getKerberosRealm().toLowerCase();
|
||||
|
||||
logger.debugf("Creating kerberos user: %s, email: %s to local Keycloak storage", username, email);
|
||||
UserModel user = session.userLocalStorage().addUser(realm, username);
|
||||
UserModel user = UserStoragePrivateUtil.userLocalStorage(session).addUser(realm, username);
|
||||
user.setEnabled(true);
|
||||
user.setEmail(email);
|
||||
user.setFederationLink(model.getId());
|
||||
|
||||
@@ -61,6 +61,7 @@ import org.keycloak.storage.DatastoreProvider;
|
||||
import org.keycloak.storage.LegacyStoreManagers;
|
||||
import org.keycloak.storage.ReadOnlyException;
|
||||
import org.keycloak.storage.StorageId;
|
||||
import org.keycloak.storage.UserStoragePrivateUtil;
|
||||
import org.keycloak.storage.UserStorageProvider;
|
||||
import org.keycloak.storage.UserStorageProviderModel;
|
||||
import org.keycloak.storage.adapter.InMemoryUserAdapter;
|
||||
@@ -263,7 +264,7 @@ public class LDAPStorageProvider implements UserStorageProvider,
|
||||
|
||||
return ldapObjects.stream().map(ldapUser -> {
|
||||
String ldapUsername = LDAPUtils.getUsername(ldapUser, this.ldapIdentityStore.getConfig());
|
||||
UserModel localUser = session.userLocalStorage().getUserByUsername(realm, ldapUsername);
|
||||
UserModel localUser = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(realm, ldapUsername);
|
||||
if (localUser == null) {
|
||||
return importUserFromLDAP(session, realm, ldapUser);
|
||||
} else {
|
||||
@@ -284,7 +285,7 @@ public class LDAPStorageProvider implements UserStorageProvider,
|
||||
}
|
||||
UserModel user = null;
|
||||
if (model.isImportEnabled()) {
|
||||
user = session.userLocalStorage().addUser(realm, username);
|
||||
user = UserStoragePrivateUtil.userLocalStorage(session).addUser(realm, username);
|
||||
user.setFederationLink(model.getId());
|
||||
} else {
|
||||
user = new InMemoryUserAdapter(session, realm, new StorageId(model.getId(), username).getId());
|
||||
@@ -383,7 +384,7 @@ public class LDAPStorageProvider implements UserStorageProvider,
|
||||
Stream<LDAPObject> stream = searchLDAP(realm, params).stream()
|
||||
.filter(ldapObject -> {
|
||||
String ldapUsername = LDAPUtils.getUsername(ldapObject, this.ldapIdentityStore.getConfig());
|
||||
return (session.userLocalStorage().getUserByUsername(realm, ldapUsername) == null);
|
||||
return (UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(realm, ldapUsername) == null);
|
||||
});
|
||||
|
||||
return paginatedStream(stream, firstResult, maxResults).map(ldapObject -> importUserFromLDAP(session, realm, ldapObject));
|
||||
@@ -524,7 +525,7 @@ public class LDAPStorageProvider implements UserStorageProvider,
|
||||
UserModel imported = null;
|
||||
if (model.isImportEnabled()) {
|
||||
// Search if there is already an existing user, which means the username might have changed in LDAP without Keycloak knowing about it
|
||||
UserModel existingLocalUser = session.userLocalStorage()
|
||||
UserModel existingLocalUser = UserStoragePrivateUtil.userLocalStorage(session)
|
||||
.searchForUserByUserAttributeStream(realm, LDAPConstants.LDAP_ID, ldapUser.getUuid()).findFirst().orElse(null);
|
||||
if(existingLocalUser != null){
|
||||
imported = existingLocalUser;
|
||||
@@ -533,7 +534,7 @@ public class LDAPStorageProvider implements UserStorageProvider,
|
||||
session.userCache().evict(realm, existingLocalUser);
|
||||
}
|
||||
} else {
|
||||
imported = session.userLocalStorage().addUser(realm, ldapUsername);
|
||||
imported = UserStoragePrivateUtil.userLocalStorage(session).addUser(realm, ldapUsername);
|
||||
}
|
||||
|
||||
} else {
|
||||
@@ -589,7 +590,7 @@ public class LDAPStorageProvider implements UserStorageProvider,
|
||||
|
||||
// Check here if user already exists
|
||||
String ldapUsername = LDAPUtils.getUsername(ldapUser, ldapIdentityStore.getConfig());
|
||||
UserModel user = session.userLocalStorage().getUserByUsername(realm, ldapUsername);
|
||||
UserModel user = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(realm, ldapUsername);
|
||||
|
||||
if (user != null) {
|
||||
LDAPUtils.checkUuid(ldapUser, ldapIdentityStore.getConfig());
|
||||
@@ -777,7 +778,7 @@ public class LDAPStorageProvider implements UserStorageProvider,
|
||||
* @return finded or newly created user
|
||||
*/
|
||||
protected UserModel findOrCreateAuthenticatedUser(RealmModel realm, String username) {
|
||||
UserModel user = session.userLocalStorage().getUserByUsername(realm, username);
|
||||
UserModel user = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(realm, username);
|
||||
if (user != null) {
|
||||
logger.debugf("Kerberos authenticated user [%s] found in Keycloak storage", username);
|
||||
if (!model.getId().equals(user.getFederationLink())) {
|
||||
@@ -795,7 +796,7 @@ public class LDAPStorageProvider implements UserStorageProvider,
|
||||
if (userCache != null) {
|
||||
userCache.evict(realm, user);
|
||||
}
|
||||
new UserManager(session).removeUser(realm, user, session.userLocalStorage());
|
||||
new UserManager(session).removeUser(realm, user, UserStoragePrivateUtil.userLocalStorage(session));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -39,6 +39,7 @@ import org.keycloak.models.utils.KeycloakModelUtils;
|
||||
import org.keycloak.provider.ProviderConfigProperty;
|
||||
import org.keycloak.provider.ProviderConfigurationBuilder;
|
||||
import org.keycloak.representations.idm.CredentialRepresentation;
|
||||
import org.keycloak.storage.UserStoragePrivateUtil;
|
||||
import org.keycloak.storage.UserStorageProvider;
|
||||
import org.keycloak.storage.UserStorageProviderFactory;
|
||||
import org.keycloak.storage.UserStorageProviderModel;
|
||||
@@ -606,8 +607,8 @@ public class LDAPStorageProviderFactory implements UserStorageProviderFactory<LD
|
||||
String username = LDAPUtils.getUsername(ldapUser, ldapFedProvider.getLdapIdentityStore().getConfig());
|
||||
exists.value = true;
|
||||
LDAPUtils.checkUuid(ldapUser, ldapFedProvider.getLdapIdentityStore().getConfig());
|
||||
UserModel currentUserLocal = session.userLocalStorage().getUserByUsername(currentRealm, username);
|
||||
Optional<UserModel> userModelOptional = session.userLocalStorage()
|
||||
UserModel currentUserLocal = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(currentRealm, username);
|
||||
Optional<UserModel> userModelOptional = UserStoragePrivateUtil.userLocalStorage(session)
|
||||
.searchForUserByUserAttributeStream(currentRealm, LDAPConstants.LDAP_ID, ldapUser.getUuid())
|
||||
.findFirst();
|
||||
if (!userModelOptional.isPresent() && currentUserLocal == null) {
|
||||
@@ -664,13 +665,13 @@ public class LDAPStorageProviderFactory implements UserStorageProviderFactory<LD
|
||||
}
|
||||
|
||||
if (username != null) {
|
||||
UserModel existing = session.userLocalStorage().getUserByUsername(currentRealm, username);
|
||||
UserModel existing = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(currentRealm, username);
|
||||
if (existing != null) {
|
||||
UserCache userCache = session.userCache();
|
||||
if (userCache != null) {
|
||||
userCache.evict(currentRealm, existing);
|
||||
}
|
||||
session.userLocalStorage().removeUser(currentRealm, existing);
|
||||
UserStoragePrivateUtil.userLocalStorage(session).removeUser(currentRealm, existing);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -28,6 +28,7 @@ import org.keycloak.models.UserModel;
|
||||
import org.keycloak.models.utils.KeycloakModelUtils;
|
||||
import org.keycloak.models.utils.UserModelDelegate;
|
||||
import org.keycloak.models.utils.reflection.Property;
|
||||
import org.keycloak.storage.UserStoragePrivateUtil;
|
||||
import org.keycloak.storage.UserStorageProvider;
|
||||
import org.keycloak.storage.ldap.LDAPStorageProvider;
|
||||
import org.keycloak.storage.ldap.LDAPUtils;
|
||||
@@ -149,7 +150,7 @@ public class UserAttributeLDAPStorageMapper extends AbstractLDAPStorageMapper {
|
||||
// lowercase before search
|
||||
email = KeycloakModelUtils.toLowerCaseSafe(email);
|
||||
|
||||
UserModel that = session.userLocalStorage().getUserByEmail(realm, email);
|
||||
UserModel that = UserStoragePrivateUtil.userLocalStorage(session).getUserByEmail(realm, email);
|
||||
if (that != null && !that.getId().equals(user.getId())) {
|
||||
session.getTransactionManager().setRollbackOnly();
|
||||
String exceptionMessage = String.format("Can't import user '%s' from LDAP because email '%s' already exists in Keycloak. Existing user with this email is '%s'", user.getUsername(), email, that.getUsername());
|
||||
|
||||
@@ -27,6 +27,7 @@ import org.keycloak.federation.sssd.impl.PAMAuthenticator;
|
||||
import org.keycloak.models.*;
|
||||
import org.keycloak.models.credential.PasswordCredentialModel;
|
||||
import org.keycloak.models.utils.KeycloakModelUtils;
|
||||
import org.keycloak.storage.UserStoragePrivateUtil;
|
||||
import org.keycloak.storage.UserStorageProvider;
|
||||
import org.keycloak.storage.UserStorageProviderModel;
|
||||
import org.keycloak.storage.user.ImportedUserValidation;
|
||||
@@ -85,7 +86,7 @@ public class SSSDFederationProvider implements UserStorageProvider,
|
||||
* @return user if found or successfully created. Null if user with same username already exists, but is not linked to this provider
|
||||
*/
|
||||
protected UserModel findOrCreateAuthenticatedUser(RealmModel realm, String username) {
|
||||
UserModel user = session.userLocalStorage().getUserByUsername(realm, username);
|
||||
UserModel user = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(realm, username);
|
||||
if (user != null) {
|
||||
logger.debug("SSSD authenticated user " + username + " found in Keycloak storage");
|
||||
|
||||
@@ -100,7 +101,7 @@ public class SSSDFederationProvider implements UserStorageProvider,
|
||||
logger.warn("User with username " + username + " already exists and is linked to provider [" + model.getName() +
|
||||
"] but principal is not correct.");
|
||||
logger.warn("Will re-create user");
|
||||
new UserManager(session).removeUser(realm, user, session.userLocalStorage());
|
||||
new UserManager(session).removeUser(realm, user, UserStoragePrivateUtil.userLocalStorage(session));
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -113,7 +114,7 @@ public class SSSDFederationProvider implements UserStorageProvider,
|
||||
Sssd sssd = new Sssd(username);
|
||||
User sssdUser = sssd.getUser();
|
||||
logger.debugf("Creating SSSD user: %s to local Keycloak storage", username);
|
||||
UserModel user = session.userLocalStorage().addUser(realm, username);
|
||||
UserModel user = UserStoragePrivateUtil.userLocalStorage(session).addUser(realm, username);
|
||||
user.setEnabled(true);
|
||||
user.setEmail(sssdUser.getEmail());
|
||||
user.setFirstName(sssdUser.getFirstName());
|
||||
|
||||
@@ -29,6 +29,7 @@ import org.keycloak.models.utils.DefaultAuthenticationFlows;
|
||||
import org.keycloak.models.utils.DefaultRequiredActions;
|
||||
import org.keycloak.models.utils.KeycloakModelUtils;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.storage.UserStoragePrivateUtil;
|
||||
import org.keycloak.storage.UserStorageUtil;
|
||||
|
||||
import java.util.Arrays;
|
||||
@@ -80,7 +81,7 @@ public class MigrateTo1_4_0 implements Migration {
|
||||
}
|
||||
|
||||
private void migrateUsers(KeycloakSession session, RealmModel realm) {
|
||||
session.userLocalStorage().getUsersStream(realm, false)
|
||||
UserStoragePrivateUtil.userLocalStorage(session).getUsersStream(realm, false)
|
||||
.forEach(user -> {
|
||||
String email = KeycloakModelUtils.toLowerCaseSafe(user.getEmail());
|
||||
if (email != null && !email.equals(user.getEmail())) {
|
||||
|
||||
@@ -165,10 +165,10 @@ public class UserStorageManager extends AbstractStorageManager<UserStorageProvid
|
||||
runJobInTransaction(session.getKeycloakSessionFactory(), session -> {
|
||||
RealmModel realmModel = session.realms().getRealm(realm.getId());
|
||||
if (realmModel == null) return;
|
||||
UserModel deletedUser = session.userLocalStorage().getUserById(realmModel, userId);
|
||||
UserModel deletedUser = UserStoragePrivateUtil.userLocalStorage(session).getUserById(realmModel, userId);
|
||||
if (deletedUser != null) {
|
||||
try {
|
||||
new UserManager(session).removeUser(realmModel, deletedUser, session.userLocalStorage());
|
||||
new UserManager(session).removeUser(realmModel, deletedUser, UserStoragePrivateUtil.userLocalStorage(session));
|
||||
logger.debugf("Removed invalid user '%s'", userName);
|
||||
} catch (ModelException ex) {
|
||||
// Ignore exception, possible cause may be concurrent deleteInvalidUser calls which means
|
||||
@@ -769,8 +769,8 @@ public class UserStorageManager extends AbstractStorageManager<UserStorageProvid
|
||||
@Override
|
||||
public void onCache(RealmModel realm, CachedUserModel user, UserModel delegate) {
|
||||
if (StorageId.isLocalStorage(user)) {
|
||||
if (session.userLocalStorage() instanceof OnUserCache) {
|
||||
((OnUserCache)session.userLocalStorage()).onCache(realm, user, delegate);
|
||||
if (UserStoragePrivateUtil.userLocalStorage(session) instanceof OnUserCache) {
|
||||
((OnUserCache)UserStoragePrivateUtil.userLocalStorage(session)).onCache(realm, user, delegate);
|
||||
}
|
||||
} else {
|
||||
OnUserCache provider = getStorageProviderInstance(realm, StorageId.resolveProviderId(user), OnUserCache.class);
|
||||
|
||||
@@ -0,0 +1,14 @@
|
||||
package org.keycloak.storage;
|
||||
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.UserProvider;
|
||||
import org.keycloak.storage.datastore.LegacyDatastoreProvider;
|
||||
|
||||
/**
|
||||
* @author Alexander Schwartz
|
||||
*/
|
||||
public class UserStoragePrivateUtil {
|
||||
public static UserProvider userLocalStorage(KeycloakSession session) {
|
||||
return ((LegacyDatastoreProvider) session.getProvider(DatastoreProvider.class)).userLocalStorage();
|
||||
}
|
||||
}
|
||||
@@ -65,6 +65,7 @@ import org.keycloak.representations.idm.UserFederationMapperRepresentation;
|
||||
import org.keycloak.representations.idm.UserFederationProviderRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.storage.ExportImportManager;
|
||||
import org.keycloak.storage.UserStoragePrivateUtil;
|
||||
import org.keycloak.storage.UserStorageProvider;
|
||||
import org.keycloak.storage.UserStorageProviderModel;
|
||||
import org.keycloak.storage.federated.UserFederatedStorageProvider;
|
||||
@@ -781,7 +782,7 @@ public class LegacyExportImportManager implements ExportImportManager {
|
||||
convertDeprecatedSocialProviders(userRep);
|
||||
|
||||
// Import users just to user storage. Don't federate
|
||||
UserModel user = session.userLocalStorage().addUser(newRealm, userRep.getId(), userRep.getUsername(), false, false);
|
||||
UserModel user = UserStoragePrivateUtil.userLocalStorage(session).addUser(newRealm, userRep.getId(), userRep.getUsername(), false, false);
|
||||
user.setEnabled(userRep.isEnabled() != null && userRep.isEnabled());
|
||||
user.setCreatedTimestamp(userRep.getCreatedTimestamp());
|
||||
user.setEmail(userRep.getEmail());
|
||||
|
||||
@@ -27,6 +27,7 @@ import org.keycloak.models.RoleModel;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.models.credential.OTPCredentialModel;
|
||||
import org.keycloak.models.credential.PasswordCredentialModel;
|
||||
import org.keycloak.storage.UserStoragePrivateUtil;
|
||||
import org.keycloak.storage.UserStorageProvider;
|
||||
import org.keycloak.storage.user.UserLookupProvider;
|
||||
import org.keycloak.storage.user.UserRegistrationProvider;
|
||||
@@ -67,7 +68,7 @@ public class DummyUserFederationProvider implements UserStorageProvider,
|
||||
|
||||
@Override
|
||||
public UserModel addUser(RealmModel realm, String username) {
|
||||
UserModel local = session.userLocalStorage().addUser(realm, username);
|
||||
UserModel local = UserStoragePrivateUtil.userLocalStorage(session).addUser(realm, username);
|
||||
local.setFederationLink(component.getId());
|
||||
|
||||
users.put(username, local);
|
||||
|
||||
@@ -28,6 +28,7 @@ import org.keycloak.models.UserCredentialModel;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.models.credential.PasswordCredentialModel;
|
||||
import org.keycloak.models.utils.UserModelDelegate;
|
||||
import org.keycloak.storage.UserStoragePrivateUtil;
|
||||
import org.keycloak.storage.UserStorageProvider;
|
||||
import org.keycloak.storage.user.ImportedUserValidation;
|
||||
import org.keycloak.storage.user.UserLookupProvider;
|
||||
@@ -181,12 +182,12 @@ public class FailableHardcodedStorageProvider implements UserStorageProvider, Us
|
||||
public UserModel getUserByUsername(RealmModel realm, String uname) {
|
||||
checkForceFail();
|
||||
if (!username.equals(uname)) return null;
|
||||
UserModel local = session.userLocalStorage().getUserByUsername(realm, uname);
|
||||
UserModel local = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(realm, uname);
|
||||
if (local != null && !model.getId().equals(local.getFederationLink())) {
|
||||
throw new RuntimeException("local storage has wrong federation link");
|
||||
}
|
||||
if (local != null) return new Delegate(local);
|
||||
local = session.userLocalStorage().addUser(realm, uname);
|
||||
local = UserStoragePrivateUtil.userLocalStorage(session).addUser(realm, uname);
|
||||
local.setEnabled(true);
|
||||
local.setFirstName(first);
|
||||
local.setLastName(last);
|
||||
|
||||
@@ -34,6 +34,7 @@ import org.keycloak.models.credential.PasswordCredentialModel;
|
||||
import org.keycloak.models.credential.PasswordUserCredentialModel;
|
||||
import org.keycloak.storage.ReadOnlyException;
|
||||
import org.keycloak.storage.StorageId;
|
||||
import org.keycloak.storage.UserStoragePrivateUtil;
|
||||
import org.keycloak.storage.UserStorageProvider;
|
||||
import org.keycloak.storage.adapter.AbstractUserAdapterFederatedStorage;
|
||||
import org.keycloak.storage.federated.UserGroupMembershipFederatedStorage;
|
||||
@@ -112,7 +113,7 @@ public class UserMapStorage implements UserLookupProvider.Streams, UserStoragePr
|
||||
private UserModel createUser(RealmModel realm, String username) {
|
||||
UserModel user;
|
||||
if (isImportEnabled()) {
|
||||
user = session.userLocalStorage().addUser(realm, username);
|
||||
user = UserStoragePrivateUtil.userLocalStorage(session).addUser(realm, username);
|
||||
user.setEnabled(true);
|
||||
user.setFederationLink(model.getId());
|
||||
} else {
|
||||
@@ -366,7 +367,7 @@ public class UserMapStorage implements UserLookupProvider.Streams, UserStoragePr
|
||||
@Override
|
||||
public Stream<UserModel> searchForUserByUserAttributeStream(RealmModel realm, String attrName, String attrValue) {
|
||||
if (isImportEnabled()) {
|
||||
return session.userLocalStorage().searchForUserByUserAttributeStream(realm, attrName, attrValue);
|
||||
return UserStoragePrivateUtil.userLocalStorage(session).searchForUserByUserAttributeStream(realm, attrName, attrValue);
|
||||
} else {
|
||||
return session.userFederatedStorage().getUsersByUserAttributeStream(realm, attrName, attrValue)
|
||||
.map(userName -> createUser(realm, userName));
|
||||
|
||||
@@ -26,6 +26,7 @@ import org.keycloak.models.UserModel;
|
||||
import org.keycloak.models.utils.KeycloakModelUtils;
|
||||
import org.keycloak.provider.ProviderConfigProperty;
|
||||
import org.keycloak.provider.ProviderConfigurationBuilder;
|
||||
import org.keycloak.storage.UserStoragePrivateUtil;
|
||||
import org.keycloak.storage.UserStorageProviderModel;
|
||||
import org.keycloak.storage.user.SynchronizationResult;
|
||||
import org.keycloak.testsuite.federation.DummyUserFederationProviderFactory;
|
||||
@@ -90,13 +91,13 @@ public class SyncDummyUserFederationProviderFactory extends DummyUserFederationP
|
||||
// KEYCLOAK-2412 : Just remove and add some users for testing purposes
|
||||
for (int i = 0; i < 10; i++) {
|
||||
String username = "dummyuser-" + i;
|
||||
UserModel user = session.userLocalStorage().getUserByUsername(realm, username);
|
||||
UserModel user = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(realm, username);
|
||||
|
||||
if (user != null) {
|
||||
session.userLocalStorage().removeUser(realm, user);
|
||||
UserStoragePrivateUtil.userLocalStorage(session).removeUser(realm, user);
|
||||
}
|
||||
|
||||
user = session.userLocalStorage().addUser(realm, username);
|
||||
user = UserStoragePrivateUtil.userLocalStorage(session).addUser(realm, username);
|
||||
}
|
||||
|
||||
logger.infof("Finished sync of changed users. Waiting now for %d seconds", waitTime);
|
||||
|
||||
@@ -25,6 +25,7 @@ import org.keycloak.models.UserCredentialModel;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.models.utils.KeycloakModelUtils;
|
||||
import org.keycloak.models.utils.UserModelDelegate;
|
||||
import org.keycloak.storage.UserStoragePrivateUtil;
|
||||
import org.keycloak.storage.UserStorageProvider;
|
||||
import org.keycloak.storage.ldap.LDAPStorageProvider;
|
||||
import org.keycloak.storage.ldap.LDAPConfig;
|
||||
@@ -64,7 +65,7 @@ import java.util.stream.Stream;
|
||||
public class LDAPTestUtils {
|
||||
|
||||
public static UserModel addLocalUser(KeycloakSession session, RealmModel realm, String username, String email, String password) {
|
||||
UserModel user = session.userLocalStorage().addUser(realm, username);
|
||||
UserModel user = UserStoragePrivateUtil.userLocalStorage(session).addUser(realm, username);
|
||||
user.setEmail(email);
|
||||
user.setEnabled(true);
|
||||
|
||||
|
||||
@@ -31,6 +31,7 @@ import org.keycloak.models.UserModel;
|
||||
import org.keycloak.models.utils.UserModelDelegate;
|
||||
import org.keycloak.representations.idm.ComponentRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.storage.UserStoragePrivateUtil;
|
||||
import org.keycloak.storage.ldap.LDAPStorageProvider;
|
||||
import org.keycloak.storage.ldap.LDAPUtils;
|
||||
import org.keycloak.storage.ldap.idm.model.LDAPObject;
|
||||
@@ -162,7 +163,7 @@ public class LDAPBinaryAttributesTest extends AbstractLDAPTest {
|
||||
String joeId = joe.getId();
|
||||
testingClient.server().run(session -> {
|
||||
RealmModel test = session.realms().getRealmByName("test");
|
||||
UserModel userById = session.userLocalStorage().getUserById(test, joeId);
|
||||
UserModel userById = UserStoragePrivateUtil.userLocalStorage(session).getUserById(test, joeId);
|
||||
|
||||
assertThat(userById.getAttributes().get(LDAPConstants.JPEG_PHOTO), is(nullValue()));
|
||||
});
|
||||
|
||||
@@ -30,6 +30,7 @@ import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.models.utils.KeycloakModelUtils;
|
||||
import org.keycloak.representations.idm.ComponentRepresentation;
|
||||
import org.keycloak.storage.UserStoragePrivateUtil;
|
||||
import org.keycloak.storage.ldap.LDAPConfig;
|
||||
import org.keycloak.storage.ldap.LDAPStorageProvider;
|
||||
import org.keycloak.storage.ldap.LDAPUtils;
|
||||
@@ -127,7 +128,7 @@ public class LDAPGroupMapperTest extends AbstractLDAPTest {
|
||||
LDAPTestContext ctx = LDAPTestContext.init(session);
|
||||
RealmModel appRealm = ctx.getRealm();
|
||||
|
||||
UserModel johnDb = session.userLocalStorage().getUserByUsername(appRealm, "johnkeycloak");
|
||||
UserModel johnDb = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "johnkeycloak");
|
||||
Assert.assertEquals(2, johnDb.getGroupsStream().count());
|
||||
Assert.assertEquals(2, johnDb.getGroupsStream("Gr", 0, 10).count());
|
||||
Assert.assertEquals(1, johnDb.getGroupsStream("Gr", 1, 10).count());
|
||||
@@ -316,7 +317,7 @@ public class LDAPGroupMapperTest extends AbstractLDAPTest {
|
||||
GroupModel group11 = KeycloakModelUtils.findGroupByPath(appRealm, "/group1/group11");
|
||||
GroupModel group12 = KeycloakModelUtils.findGroupByPath(appRealm, "/group1/group12");
|
||||
|
||||
UserModel maryDB = session.userLocalStorage().getUserByUsername(appRealm, "marykeycloak");
|
||||
UserModel maryDB = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "marykeycloak");
|
||||
|
||||
Set<GroupModel> maryDBGroups = maryDB.getGroupsStream().collect(Collectors.toSet());
|
||||
Assert.assertFalse(maryDBGroups.contains(group1));
|
||||
|
||||
@@ -30,6 +30,7 @@ import org.keycloak.models.UserModel;
|
||||
import org.keycloak.protocol.oidc.OIDCLoginProtocol;
|
||||
import org.keycloak.protocol.oidc.mappers.UserAttributeMapper;
|
||||
import org.keycloak.representations.IDToken;
|
||||
import org.keycloak.storage.UserStoragePrivateUtil;
|
||||
import org.keycloak.storage.ldap.LDAPStorageProvider;
|
||||
import org.keycloak.storage.ldap.idm.model.LDAPObject;
|
||||
import org.keycloak.testsuite.util.LDAPRule;
|
||||
@@ -113,8 +114,8 @@ public class LDAPMultipleAttributesTest extends AbstractLDAPTest {
|
||||
|
||||
// Test user imported in local storage now
|
||||
UserModel user = session.users().getUserByUsername(appRealm, "jbrown");
|
||||
Assert.assertNotNull(session.userLocalStorage().getUserById(appRealm, user.getId()));
|
||||
LDAPTestAsserts.assertUserImported(session.userLocalStorage(), appRealm, "jbrown", "James", "Brown", "jbrown@keycloak.org", "88441");
|
||||
Assert.assertNotNull(UserStoragePrivateUtil.userLocalStorage(session).getUserById(appRealm, user.getId()));
|
||||
LDAPTestAsserts.assertUserImported(UserStoragePrivateUtil.userLocalStorage(session), appRealm, "jbrown", "James", "Brown", "jbrown@keycloak.org", "88441");
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
@@ -37,6 +37,7 @@ import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.models.UserProvider;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.storage.UserStoragePrivateUtil;
|
||||
import org.keycloak.storage.UserStorageProviderModel;
|
||||
import org.keycloak.storage.ldap.LDAPStorageProvider;
|
||||
import org.keycloak.storage.ldap.idm.model.LDAPObject;
|
||||
@@ -224,7 +225,7 @@ public class LDAPNoCacheTest extends AbstractLDAPTest {
|
||||
ctx.getLdapModel().setImportEnabled(true);
|
||||
realm.updateComponent(ctx.getLdapModel());
|
||||
|
||||
UserProvider localStorage = session.userLocalStorage();
|
||||
UserProvider localStorage = UserStoragePrivateUtil.userLocalStorage(session);
|
||||
LDAPStorageProvider ldapProvider = ctx.getLdapProvider();
|
||||
|
||||
// assume no user imported
|
||||
|
||||
@@ -48,6 +48,7 @@ import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.services.managers.RealmManager;
|
||||
import org.keycloak.storage.ReadOnlyException;
|
||||
import org.keycloak.storage.StorageId;
|
||||
import org.keycloak.storage.UserStoragePrivateUtil;
|
||||
import org.keycloak.storage.UserStorageProvider;
|
||||
import org.keycloak.storage.UserStorageProviderModel;
|
||||
import org.keycloak.storage.ldap.LDAPConfig;
|
||||
@@ -160,7 +161,7 @@ public class LDAPProvidersIntegrationTest extends AbstractLDAPTest {
|
||||
testingClient.server().run(session -> {
|
||||
RealmManager manager = new RealmManager(session);
|
||||
RealmModel appRealm = manager.getRealmByName("test");
|
||||
UserModel user = session.userLocalStorage().getUserByUsername(appRealm, "johnkeycloak");
|
||||
UserModel user = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "johnkeycloak");
|
||||
Assert.assertNull(user);
|
||||
});
|
||||
}
|
||||
@@ -828,26 +829,26 @@ public class LDAPProvidersIntegrationTest extends AbstractLDAPTest {
|
||||
LDAPTestUtils.addLDAPUser(ctx.getLdapProvider(), appRealm, "username4", "John4", "Doel4", "user4@email.org", null, "124");
|
||||
|
||||
// Users are not at local store at this moment
|
||||
Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "username1"));
|
||||
Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "username2"));
|
||||
Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "username3"));
|
||||
Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "username4"));
|
||||
Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "username1"));
|
||||
Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "username2"));
|
||||
Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "username3"));
|
||||
Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "username4"));
|
||||
|
||||
// search by username (we use a terminal operation on the stream to ensure it is consumed)
|
||||
session.users().searchForUserStream(appRealm, "username1").count();
|
||||
LDAPTestAsserts.assertUserImported(session.userLocalStorage(), appRealm, "username1", "John1", "Doel1", "user1@email.org", "121");
|
||||
LDAPTestAsserts.assertUserImported(UserStoragePrivateUtil.userLocalStorage(session), appRealm, "username1", "John1", "Doel1", "user1@email.org", "121");
|
||||
|
||||
// search by email (we use a terminal operation on the stream to ensure it is consumed)
|
||||
session.users().searchForUserStream(appRealm, "user2@email.org").count();
|
||||
LDAPTestAsserts.assertUserImported(session.userLocalStorage(), appRealm, "username2", "John2", "Doel2", "user2@email.org", "122");
|
||||
LDAPTestAsserts.assertUserImported(UserStoragePrivateUtil.userLocalStorage(session), appRealm, "username2", "John2", "Doel2", "user2@email.org", "122");
|
||||
|
||||
// search by lastName (we use a terminal operation on the stream to ensure it is consumed)
|
||||
session.users().searchForUserStream(appRealm, "Doel3").count();
|
||||
LDAPTestAsserts.assertUserImported(session.userLocalStorage(), appRealm, "username3", "John3", "Doel3", "user3@email.org", "123");
|
||||
LDAPTestAsserts.assertUserImported(UserStoragePrivateUtil.userLocalStorage(session), appRealm, "username3", "John3", "Doel3", "user3@email.org", "123");
|
||||
|
||||
// search by firstName + lastName (we use a terminal operation on the stream to ensure it is consumed)
|
||||
session.users().searchForUserStream(appRealm, "John4 Doel4").count();
|
||||
LDAPTestAsserts.assertUserImported(session.userLocalStorage(), appRealm, "username4", "John4", "Doel4", "user4@email.org", "124");
|
||||
LDAPTestAsserts.assertUserImported(UserStoragePrivateUtil.userLocalStorage(session), appRealm, "username4", "John4", "Doel4", "user4@email.org", "124");
|
||||
});
|
||||
}
|
||||
|
||||
@@ -873,14 +874,14 @@ public class LDAPProvidersIntegrationTest extends AbstractLDAPTest {
|
||||
|
||||
// search by email (we use a terminal operation on the stream to ensure it is consumed)
|
||||
session.users().searchForUserStream(appRealm, "user5@email.org").count();
|
||||
LDAPTestAsserts.assertUserImported(session.userLocalStorage(), appRealm, "username5", "John5", "Doel5", "user5@email.org", "125");
|
||||
LDAPTestAsserts.assertUserImported(UserStoragePrivateUtil.userLocalStorage(session), appRealm, "username5", "John5", "Doel5", "user5@email.org", "125");
|
||||
|
||||
session.users().searchForUserStream(appRealm, "John6 Doel6").count();
|
||||
LDAPTestAsserts.assertUserImported(session.userLocalStorage(), appRealm, "username6", "John6", "Doel6", "user6@email.org", "126");
|
||||
LDAPTestAsserts.assertUserImported(UserStoragePrivateUtil.userLocalStorage(session), appRealm, "username6", "John6", "Doel6", "user6@email.org", "126");
|
||||
|
||||
session.users().searchForUserStream(appRealm, "user7@email.org").count();
|
||||
session.users().searchForUserStream(appRealm, "John7 Doel7").count();
|
||||
Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "username7"));
|
||||
Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "username7"));
|
||||
|
||||
// Remove custom filter
|
||||
ctx.getLdapModel().getConfig().remove(LDAPConstants.CUSTOM_USER_SEARCH_FILTER);
|
||||
@@ -991,7 +992,7 @@ public class LDAPProvidersIntegrationTest extends AbstractLDAPTest {
|
||||
Assert.assertTrue(session.users().removeUser(appRealm, user));
|
||||
|
||||
// Assert user not available locally, but will be reimported from LDAP once searched
|
||||
Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "johnkeycloak"));
|
||||
Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "johnkeycloak"));
|
||||
Assert.assertNotNull(session.users().getUserByUsername(appRealm, "johnkeycloak"));
|
||||
});
|
||||
|
||||
@@ -1023,9 +1024,9 @@ public class LDAPProvidersIntegrationTest extends AbstractLDAPTest {
|
||||
LDAPTestUtils.addLDAPUser(ctx.getLdapProvider(), appRealm, "username10", "John10", "Doel10", "user10@email.org", null, "1210");
|
||||
|
||||
// Users are not at local store at this moment
|
||||
Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "username8"));
|
||||
Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "username9"));
|
||||
Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "username10"));
|
||||
Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "username8"));
|
||||
Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "username9"));
|
||||
Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "username10"));
|
||||
|
||||
// search for user by attribute
|
||||
List<UserModel> users = ctx.getLdapProvider().searchForUserByUserAttributeStream(appRealm, ATTRIBUTE, ATTRIBUTE_VALUE)
|
||||
@@ -1040,10 +1041,10 @@ public class LDAPProvidersIntegrationTest extends AbstractLDAPTest {
|
||||
assertEquals(ATTRIBUTE_VALUE, attrList.get(0));
|
||||
|
||||
// user are now imported to local store
|
||||
LDAPTestAsserts.assertUserImported(session.userLocalStorage(), appRealm, "username8", "John8", "Doel8", "user8@email.org", ATTRIBUTE_VALUE);
|
||||
LDAPTestAsserts.assertUserImported(session.userLocalStorage(), appRealm, "username9", "John9", "Doel9", "user9@email.org", ATTRIBUTE_VALUE);
|
||||
LDAPTestAsserts.assertUserImported(UserStoragePrivateUtil.userLocalStorage(session), appRealm, "username8", "John8", "Doel8", "user8@email.org", ATTRIBUTE_VALUE);
|
||||
LDAPTestAsserts.assertUserImported(UserStoragePrivateUtil.userLocalStorage(session), appRealm, "username9", "John9", "Doel9", "user9@email.org", ATTRIBUTE_VALUE);
|
||||
// but the one not looked up is not
|
||||
Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "username10"));
|
||||
Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "username10"));
|
||||
|
||||
});
|
||||
}
|
||||
@@ -1256,7 +1257,7 @@ public class LDAPProvidersIntegrationTest extends AbstractLDAPTest {
|
||||
LDAPTestContext ctx = LDAPTestContext.init(session);
|
||||
RealmModel testRealm = ctx.getRealm();
|
||||
|
||||
UserModel importedUser = session.userLocalStorage().getUserByUsername(testRealm, "beckybecks");
|
||||
UserModel importedUser = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(testRealm, "beckybecks");
|
||||
|
||||
// Update user 'beckybecks' in LDAP
|
||||
LDAPObject becky = ctx.getLdapProvider().loadLDAPUserByUsername(testRealm, importedUser.getUsername());
|
||||
|
||||
@@ -157,7 +157,7 @@ public class LDAPRoleMappingsTest extends AbstractLDAPTest {
|
||||
|
||||
// 2 - Check that role mappings are not in local Keycloak DB (They are in LDAP).
|
||||
|
||||
UserModel johnDb = session.userLocalStorage().getUserByUsername(appRealm, "johnkeycloak");
|
||||
UserModel johnDb = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "johnkeycloak");
|
||||
Set<RoleModel> johnDbRoles = johnDb.getRoleMappingsStream().collect(Collectors.toSet());
|
||||
Assert.assertFalse(johnDbRoles.contains(realmRole1));
|
||||
Assert.assertFalse(johnDbRoles.contains(realmRole2));
|
||||
@@ -236,7 +236,7 @@ public class LDAPRoleMappingsTest extends AbstractLDAPTest {
|
||||
Assert.assertTrue(maryRoles.contains(realmRole3));
|
||||
|
||||
// Assert that access through DB will have just DB mapped role
|
||||
UserModel maryDB = session.userLocalStorage().getUserByUsername(appRealm, "marykeycloak");
|
||||
UserModel maryDB = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "marykeycloak");
|
||||
Set<RoleModel> maryDBRoles = maryDB.getRealmRoleMappingsStream().collect(Collectors.toSet());
|
||||
Assert.assertFalse(maryDBRoles.contains(realmRole1));
|
||||
Assert.assertFalse(maryDBRoles.contains(realmRole2));
|
||||
|
||||
@@ -137,7 +137,7 @@ public class LDAPSyncTest extends AbstractLDAPTest {
|
||||
testingClient.server().run(session -> {
|
||||
LDAPTestContext ctx = LDAPTestContext.init(session);
|
||||
RealmModel testRealm = ctx.getRealm();
|
||||
UserProvider userProvider = session.userLocalStorage();
|
||||
UserProvider userProvider = UserStoragePrivateUtil.userLocalStorage(session);
|
||||
|
||||
// Assert users imported
|
||||
LDAPTestAsserts.assertUserImported(userProvider, testRealm, "user1", "User1FN", "User1LN", "user1@email.org", "121");
|
||||
@@ -164,7 +164,7 @@ public class LDAPSyncTest extends AbstractLDAPTest {
|
||||
testingClient.server().run(session -> {
|
||||
LDAPTestContext ctx = LDAPTestContext.init(session);
|
||||
RealmModel testRealm = ctx.getRealm();
|
||||
UserProvider userProvider = session.userLocalStorage();
|
||||
UserProvider userProvider = UserStoragePrivateUtil.userLocalStorage(session);
|
||||
UserStorageSyncManager usersSyncManager = new UserStorageSyncManager();
|
||||
|
||||
// Add user to LDAP and update 'user5' in LDAP
|
||||
@@ -187,7 +187,7 @@ public class LDAPSyncTest extends AbstractLDAPTest {
|
||||
|
||||
testingClient.server().run(session -> {
|
||||
RealmModel testRealm = session.realms().getRealmByName(TEST_REALM_NAME);
|
||||
UserProvider userProvider = session.userLocalStorage();
|
||||
UserProvider userProvider = UserStoragePrivateUtil.userLocalStorage(session);
|
||||
// Assert users updated in local provider
|
||||
LDAPTestAsserts.assertUserImported(userProvider, testRealm, "user5", "User5FN", "User5LN", "user5updated@email.org", "521");
|
||||
LDAPTestAsserts.assertUserImported(userProvider, testRealm, "user6", "User6FN", "User6LN", "user6@email.org", "126");
|
||||
@@ -229,7 +229,7 @@ public class LDAPSyncTest extends AbstractLDAPTest {
|
||||
// Assert syncing from LDAP fails due to duplicated email
|
||||
SynchronizationResult result = new UserStorageSyncManager().syncAllUsers(session.getKeycloakSessionFactory(), ctx.getRealm().getId(), ctx.getLdapModel());
|
||||
Assert.assertEquals(1, result.getFailed());
|
||||
Assert.assertNull(session.userLocalStorage().getUserByUsername(ctx.getRealm(), "user7-something"));
|
||||
Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(ctx.getRealm(), "user7-something"));
|
||||
|
||||
// Update LDAP user to avoid duplicated email
|
||||
LDAPObject duplicatedLdapUser = ctx.getLdapProvider().loadLDAPUserByUsername(ctx.getRealm(), "user7-something");
|
||||
@@ -244,7 +244,7 @@ public class LDAPSyncTest extends AbstractLDAPTest {
|
||||
// Assert user was imported. Use another transaction for that
|
||||
testingClient.server().run(session -> {
|
||||
RealmModel testRealm = session.realms().getRealmByName(TEST_REALM_NAME);
|
||||
LDAPTestAsserts.assertUserImported(session.userLocalStorage(), testRealm, "user7-something", "User7FNN", "User7LNL", "user7-changed@email.org", "126");
|
||||
LDAPTestAsserts.assertUserImported(UserStoragePrivateUtil.userLocalStorage(session), testRealm, "user7-something", "User7FNN", "User7LNL", "user7-changed@email.org", "126");
|
||||
});
|
||||
}
|
||||
|
||||
@@ -275,7 +275,7 @@ public class LDAPSyncTest extends AbstractLDAPTest {
|
||||
ctx.getLdapProvider().getLdapIdentityStore().update(ldapUser);
|
||||
|
||||
// Assert still old users in local provider
|
||||
LDAPTestAsserts.assertUserImported(session.userLocalStorage(), testRealm, "beckybecks", "Becky", "Becks", "becky-becks@email.org", "123");
|
||||
LDAPTestAsserts.assertUserImported(UserStoragePrivateUtil.userLocalStorage(session), testRealm, "beckybecks", "Becky", "Becks", "becky-becks@email.org", "123");
|
||||
|
||||
// Trigger partial sync
|
||||
KeycloakSessionFactory sessionFactory = session.getKeycloakSessionFactory();
|
||||
@@ -286,7 +286,7 @@ public class LDAPSyncTest extends AbstractLDAPTest {
|
||||
testingClient.server().run(session -> {
|
||||
LDAPTestContext ctx = LDAPTestContext.init(session);
|
||||
RealmModel testRealm = session.realms().getRealmByName(TEST_REALM_NAME);
|
||||
UserProvider userProvider = session.userLocalStorage();
|
||||
UserProvider userProvider = UserStoragePrivateUtil.userLocalStorage(session);
|
||||
// Assert users updated in local provider
|
||||
LDAPTestAsserts.assertUserImported(session.users(), testRealm, "beckyupdated", "Becky", "Becks", "becky-updated@email.org", "123");
|
||||
UserModel updatedLocalUser = userProvider.getUserByUsername(testRealm, "beckyupdated");
|
||||
@@ -306,9 +306,9 @@ public class LDAPSyncTest extends AbstractLDAPTest {
|
||||
LDAPTestContext ctx = LDAPTestContext.init(session);
|
||||
|
||||
// Remove all users from model
|
||||
session.userLocalStorage().getUsersStream(ctx.getRealm(), true)
|
||||
UserStoragePrivateUtil.userLocalStorage(session).getUsersStream(ctx.getRealm(), true)
|
||||
.collect(Collectors.toList())
|
||||
.forEach(user -> session.userLocalStorage().removeUser(ctx.getRealm(), user));
|
||||
.forEach(user -> UserStoragePrivateUtil.userLocalStorage(session).removeUser(ctx.getRealm(), user));
|
||||
|
||||
// Change name of UUID attribute to same like usernameAttribute
|
||||
String uidAttrName = ctx.getLdapProvider().getLdapIdentityStore().getConfig().getUsernameLdapAttribute();
|
||||
@@ -355,7 +355,7 @@ public class LDAPSyncTest extends AbstractLDAPTest {
|
||||
LDAPTestContext ctx = LDAPTestContext.init(session);
|
||||
|
||||
// Remove all users from model
|
||||
session.userLocalStorage().getUsersStream(ctx.getRealm(), true)
|
||||
UserStoragePrivateUtil.userLocalStorage(session).getUsersStream(ctx.getRealm(), true)
|
||||
.peek(user -> System.out.println("trying to delete user: " + user.getUsername()))
|
||||
.collect(Collectors.toList())
|
||||
.forEach(user -> {
|
||||
@@ -363,7 +363,7 @@ public class LDAPSyncTest extends AbstractLDAPTest {
|
||||
if (userCache != null) {
|
||||
userCache.evict(ctx.getRealm(), user);
|
||||
}
|
||||
session.userLocalStorage().removeUser(ctx.getRealm(), user);
|
||||
UserStoragePrivateUtil.userLocalStorage(session).removeUser(ctx.getRealm(), user);
|
||||
});
|
||||
|
||||
// Add street mapper and add some user including street
|
||||
@@ -509,7 +509,7 @@ public class LDAPSyncTest extends AbstractLDAPTest {
|
||||
RealmModel appRealm = ctx.getRealm();
|
||||
|
||||
// Remove all users from model
|
||||
session.userLocalStorage().getUsersStream(ctx.getRealm(), true)
|
||||
UserStoragePrivateUtil.userLocalStorage(session).getUsersStream(ctx.getRealm(), true)
|
||||
.peek(user -> System.out.println("trying to delete user: " + user.getUsername()))
|
||||
.collect(Collectors.toList())
|
||||
.forEach(user -> {
|
||||
@@ -517,7 +517,7 @@ public class LDAPSyncTest extends AbstractLDAPTest {
|
||||
if (userCache != null) {
|
||||
userCache.evict(ctx.getRealm(), user);
|
||||
}
|
||||
session.userLocalStorage().removeUser(ctx.getRealm(), user);
|
||||
UserStoragePrivateUtil.userLocalStorage(session).removeUser(ctx.getRealm(), user);
|
||||
});
|
||||
|
||||
Map<String, String> orig = new HashMap<>();
|
||||
|
||||
@@ -24,6 +24,7 @@ import org.junit.Test;
|
||||
import org.junit.runners.MethodSorters;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.storage.UserStoragePrivateUtil;
|
||||
import org.keycloak.testsuite.federation.ldap.LDAPMultipleAttributesTest;
|
||||
import org.keycloak.testsuite.federation.ldap.LDAPTestAsserts;
|
||||
import org.keycloak.testsuite.federation.ldap.LDAPTestContext;
|
||||
@@ -52,7 +53,7 @@ public class LDAPMultipleAttributesNoImportTest extends LDAPMultipleAttributesTe
|
||||
// Test user NOT imported in local storage now. He is available just through "session.users()"
|
||||
UserModel user = session.users().getUserByUsername(appRealm, "jbrown");
|
||||
Assert.assertNotNull(user);
|
||||
Assert.assertNull(session.userLocalStorage().getUserById(appRealm, user.getId()));
|
||||
Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserById(appRealm, user.getId()));
|
||||
LDAPTestAsserts.assertUserImported(session.users(), appRealm, "jbrown", "James", "Brown", "jbrown@keycloak.org", "88441");
|
||||
});
|
||||
}
|
||||
|
||||
@@ -32,6 +32,7 @@ import org.keycloak.models.LDAPConstants;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.models.RoleModel;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.storage.UserStoragePrivateUtil;
|
||||
import org.keycloak.storage.UserStorageProviderModel;
|
||||
import org.keycloak.storage.ldap.LDAPStorageProvider;
|
||||
import org.keycloak.storage.ldap.idm.model.LDAPObject;
|
||||
@@ -151,7 +152,7 @@ public class LDAPRoleMappingsNoImportTest extends AbstractLDAPTest {
|
||||
|
||||
UserModel mary = session.users().getUserByUsername(appRealm, "marykeycloak");
|
||||
// make sure we are in no-import mode!
|
||||
Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "marykeycloak"));
|
||||
Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "marykeycloak"));
|
||||
|
||||
// This role should already exists as it was imported from LDAP
|
||||
RoleModel realmRole1 = appRealm.getRole("realmRole1");
|
||||
@@ -205,8 +206,8 @@ public class LDAPRoleMappingsNoImportTest extends AbstractLDAPTest {
|
||||
UserModel mary = session.users().getUserByUsername(appRealm, "marykeycloak");
|
||||
|
||||
// make sure we are in no-import mode
|
||||
Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "johnkeycloak"));
|
||||
Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "marykeycloak"));
|
||||
Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "johnkeycloak"));
|
||||
Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "marykeycloak"));
|
||||
|
||||
// 1 - Grant some roles in LDAP
|
||||
|
||||
@@ -245,8 +246,8 @@ public class LDAPRoleMappingsNoImportTest extends AbstractLDAPTest {
|
||||
UserModel mary = session.users().getUserByUsername(appRealm, "marykeycloak");
|
||||
|
||||
// make sure we are in no-import mode
|
||||
Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "johnkeycloak"));
|
||||
Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "marykeycloak"));
|
||||
Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "johnkeycloak"));
|
||||
Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "marykeycloak"));
|
||||
|
||||
RoleModel realmRole1 = appRealm.getRole("realmRole1");
|
||||
RoleModel realmRole2 = appRealm.getRole("realmRole2");
|
||||
@@ -306,7 +307,7 @@ public class LDAPRoleMappingsNoImportTest extends AbstractLDAPTest {
|
||||
UserModel david = session.users().addUser(appRealm, "davidkeycloak");
|
||||
|
||||
// make sure we are in no-import mode
|
||||
Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "davidkeycloak"));
|
||||
Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "davidkeycloak"));
|
||||
|
||||
RoleModel defaultRole = appRealm.getRole("realmRole1");
|
||||
RoleModel realmRole2 = appRealm.getRole("realmRole2");
|
||||
|
||||
@@ -42,6 +42,7 @@ import org.keycloak.representations.idm.ComponentRepresentation;
|
||||
import org.keycloak.representations.idm.EventRepresentation;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.services.managers.RealmManager;
|
||||
import org.keycloak.storage.UserStoragePrivateUtil;
|
||||
import org.keycloak.storage.UserStorageProvider;
|
||||
import org.keycloak.storage.UserStorageProviderModel;
|
||||
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
||||
@@ -134,7 +135,7 @@ public class UserStorageFailureTest extends AbstractTestRealmKeycloakTest {
|
||||
serviceAccount.grantRole(role);
|
||||
serviceAccount.setServiceAccountClientLink(offlineClient.getClientId());
|
||||
|
||||
UserModel localUser = manager.getSession().userLocalStorage().addUser(appRealm, LOCAL_USER);
|
||||
UserModel localUser = UserStoragePrivateUtil.userLocalStorage(manager.getSession()).addUser(appRealm, LOCAL_USER);
|
||||
localUser.setEnabled(true);
|
||||
});
|
||||
|
||||
@@ -272,9 +273,9 @@ public class UserStorageFailureTest extends AbstractTestRealmKeycloakTest {
|
||||
testingClient.server().run(session -> {
|
||||
RealmModel realm = session.realms().getRealmByName(AuthRealm.TEST);
|
||||
|
||||
UserModel user = session.userLocalStorage().getUserByUsername(realm, FailableHardcodedStorageProvider.username);
|
||||
UserModel user = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(realm, FailableHardcodedStorageProvider.username);
|
||||
if (user != null) {
|
||||
session.userLocalStorage().removeUser(realm, user);
|
||||
UserStoragePrivateUtil.userLocalStorage(session).removeUser(realm, user);
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
@@ -34,6 +34,7 @@ import org.keycloak.representations.idm.RoleRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.storage.CacheableStorageProviderModel.CachePolicy;
|
||||
import org.keycloak.storage.StorageId;
|
||||
import org.keycloak.storage.UserStoragePrivateUtil;
|
||||
import org.keycloak.storage.UserStorageProvider;
|
||||
import org.keycloak.testsuite.AbstractAuthTest;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
@@ -167,7 +168,7 @@ public class UserStorageTest extends AbstractAuthTest {
|
||||
|
||||
UserModel user = session.users().getUserByUsername(realm, "thor");
|
||||
if (user != null) {
|
||||
session.userLocalStorage().removeUser(realm, user);
|
||||
UserStoragePrivateUtil.userLocalStorage(session).removeUser(realm, user);
|
||||
session.userCache().clear();
|
||||
}
|
||||
|
||||
|
||||
@@ -87,7 +87,7 @@ public class UserSyncTest extends KeycloakModelTest {
|
||||
return null;
|
||||
}));
|
||||
|
||||
assertThat(withRealm(realmId, (session, realm) -> session.userLocalStorage().getUsersCount(realm)), is(0));
|
||||
assertThat(withRealm(realmId, (session, realm) -> UserStoragePrivateUtil.userLocalStorage(session).getUsersCount(realm)), is(0));
|
||||
|
||||
long start = System.currentTimeMillis();
|
||||
SynchronizationResult res = withRealm(realmId, (session, realm) -> {
|
||||
@@ -101,7 +101,7 @@ public class UserSyncTest extends KeycloakModelTest {
|
||||
assertThat(String.format("User sync took %f seconds per user, but it should take less than 18 seconds",
|
||||
(float)(timeNeeded) / NUMBER_OF_USERS), timeNeeded, Matchers.lessThan((long) (18 * NUMBER_OF_USERS)));
|
||||
assertThat(res.getAdded(), is(NUMBER_OF_USERS));
|
||||
assertThat(withRealm(realmId, (session, realm) -> session.userLocalStorage().getUsersCount(realm)), is(NUMBER_OF_USERS));
|
||||
assertThat(withRealm(realmId, (session, realm) -> UserStoragePrivateUtil.userLocalStorage(session).getUsersCount(realm)), is(NUMBER_OF_USERS));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user