From 1bc6133e4ecee8f4ebd9b10f8f92d0fca4e11d8e Mon Sep 17 00:00:00 2001 From: Alexander Schwartz Date: Tue, 17 May 2022 17:24:01 +0200 Subject: [PATCH] redirect calls to userLocalStorage from legacy modules (federation, ldap, sssd, kerberos) --- .../kerberos/KerberosFederationProvider.java | 7 ++-- .../storage/ldap/LDAPStorageProvider.java | 17 ++++---- .../ldap/LDAPStorageProviderFactory.java | 9 ++-- .../UserAttributeLDAPStorageMapper.java | 3 +- .../sssd/SSSDFederationProvider.java | 7 ++-- .../migration/migrators/MigrateTo1_4_0.java | 3 +- .../keycloak/storage/UserStorageManager.java | 8 ++-- .../storage/UserStoragePrivateUtil.java | 14 +++++++ .../datastore/LegacyExportImportManager.java | 3 +- .../DummyUserFederationProvider.java | 3 +- .../FailableHardcodedStorageProvider.java | 5 ++- .../testsuite/federation/UserMapStorage.java | 5 ++- ...yncDummyUserFederationProviderFactory.java | 7 ++-- .../testsuite/util/LDAPTestUtils.java | 3 +- .../ldap/LDAPBinaryAttributesTest.java | 3 +- .../federation/ldap/LDAPGroupMapperTest.java | 5 ++- .../ldap/LDAPMultipleAttributesTest.java | 5 ++- .../federation/ldap/LDAPNoCacheTest.java | 3 +- .../ldap/LDAPProvidersIntegrationTest.java | 41 ++++++++++--------- .../federation/ldap/LDAPRoleMappingsTest.java | 4 +- .../federation/ldap/LDAPSyncTest.java | 26 ++++++------ .../LDAPMultipleAttributesNoImportTest.java | 3 +- .../LDAPRoleMappingsNoImportTest.java | 13 +++--- .../storage/UserStorageFailureTest.java | 7 ++-- .../federation/storage/UserStorageTest.java | 3 +- .../testsuite/model/UserSyncTest.java | 4 +- 26 files changed, 123 insertions(+), 88 deletions(-) create mode 100644 model/legacy-private/src/main/java/org/keycloak/storage/UserStoragePrivateUtil.java diff --git a/federation/kerberos/src/main/java/org/keycloak/federation/kerberos/KerberosFederationProvider.java b/federation/kerberos/src/main/java/org/keycloak/federation/kerberos/KerberosFederationProvider.java index b872718b664..eee8e710b35 100755 --- a/federation/kerberos/src/main/java/org/keycloak/federation/kerberos/KerberosFederationProvider.java +++ b/federation/kerberos/src/main/java/org/keycloak/federation/kerberos/KerberosFederationProvider.java @@ -37,6 +37,7 @@ import org.keycloak.models.UserModel; import org.keycloak.models.UserManager; import org.keycloak.models.credential.PasswordCredentialModel; import org.keycloak.storage.ReadOnlyException; +import org.keycloak.storage.UserStoragePrivateUtil; import org.keycloak.storage.UserStorageProvider; import org.keycloak.storage.UserStorageProviderModel; import org.keycloak.storage.user.ImportedUserValidation; @@ -236,7 +237,7 @@ public class KerberosFederationProvider implements UserStorageProvider, * @return user if found or successfully created. Null if user with same username already exists, but is not linked to this provider */ protected UserModel findOrCreateAuthenticatedUser(RealmModel realm, String username) { - UserModel user = session.userLocalStorage().getUserByUsername(realm, username); + UserModel user = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(realm, username); if (user != null) { user = session.users().getUserById(realm, user.getId()); // make sure we get a cached instance logger.debug("Kerberos authenticated user " + username + " found in Keycloak storage"); @@ -252,7 +253,7 @@ public class KerberosFederationProvider implements UserStorageProvider, logger.warn("User with username " + username + " already exists and is linked to provider [" + model.getName() + "] but kerberos principal is not correct. Kerberos principal on user is: " + user.getFirstAttribute(KERBEROS_PRINCIPAL)); logger.warn("Will re-create user"); - new UserManager(session).removeUser(realm, user, session.userLocalStorage()); + new UserManager(session).removeUser(realm, user, UserStoragePrivateUtil.userLocalStorage(session)); } } } @@ -266,7 +267,7 @@ public class KerberosFederationProvider implements UserStorageProvider, String email = username + "@" + kerberosConfig.getKerberosRealm().toLowerCase(); logger.debugf("Creating kerberos user: %s, email: %s to local Keycloak storage", username, email); - UserModel user = session.userLocalStorage().addUser(realm, username); + UserModel user = UserStoragePrivateUtil.userLocalStorage(session).addUser(realm, username); user.setEnabled(true); user.setEmail(email); user.setFederationLink(model.getId()); diff --git a/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProvider.java b/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProvider.java index 9dd694f0042..dbf9803b1b8 100755 --- a/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProvider.java +++ b/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProvider.java @@ -61,6 +61,7 @@ import org.keycloak.storage.DatastoreProvider; import org.keycloak.storage.LegacyStoreManagers; import org.keycloak.storage.ReadOnlyException; import org.keycloak.storage.StorageId; +import org.keycloak.storage.UserStoragePrivateUtil; import org.keycloak.storage.UserStorageProvider; import org.keycloak.storage.UserStorageProviderModel; import org.keycloak.storage.adapter.InMemoryUserAdapter; @@ -263,7 +264,7 @@ public class LDAPStorageProvider implements UserStorageProvider, return ldapObjects.stream().map(ldapUser -> { String ldapUsername = LDAPUtils.getUsername(ldapUser, this.ldapIdentityStore.getConfig()); - UserModel localUser = session.userLocalStorage().getUserByUsername(realm, ldapUsername); + UserModel localUser = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(realm, ldapUsername); if (localUser == null) { return importUserFromLDAP(session, realm, ldapUser); } else { @@ -284,7 +285,7 @@ public class LDAPStorageProvider implements UserStorageProvider, } UserModel user = null; if (model.isImportEnabled()) { - user = session.userLocalStorage().addUser(realm, username); + user = UserStoragePrivateUtil.userLocalStorage(session).addUser(realm, username); user.setFederationLink(model.getId()); } else { user = new InMemoryUserAdapter(session, realm, new StorageId(model.getId(), username).getId()); @@ -383,7 +384,7 @@ public class LDAPStorageProvider implements UserStorageProvider, Stream stream = searchLDAP(realm, params).stream() .filter(ldapObject -> { String ldapUsername = LDAPUtils.getUsername(ldapObject, this.ldapIdentityStore.getConfig()); - return (session.userLocalStorage().getUserByUsername(realm, ldapUsername) == null); + return (UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(realm, ldapUsername) == null); }); return paginatedStream(stream, firstResult, maxResults).map(ldapObject -> importUserFromLDAP(session, realm, ldapObject)); @@ -524,7 +525,7 @@ public class LDAPStorageProvider implements UserStorageProvider, UserModel imported = null; if (model.isImportEnabled()) { // Search if there is already an existing user, which means the username might have changed in LDAP without Keycloak knowing about it - UserModel existingLocalUser = session.userLocalStorage() + UserModel existingLocalUser = UserStoragePrivateUtil.userLocalStorage(session) .searchForUserByUserAttributeStream(realm, LDAPConstants.LDAP_ID, ldapUser.getUuid()).findFirst().orElse(null); if(existingLocalUser != null){ imported = existingLocalUser; @@ -533,7 +534,7 @@ public class LDAPStorageProvider implements UserStorageProvider, session.userCache().evict(realm, existingLocalUser); } } else { - imported = session.userLocalStorage().addUser(realm, ldapUsername); + imported = UserStoragePrivateUtil.userLocalStorage(session).addUser(realm, ldapUsername); } } else { @@ -589,7 +590,7 @@ public class LDAPStorageProvider implements UserStorageProvider, // Check here if user already exists String ldapUsername = LDAPUtils.getUsername(ldapUser, ldapIdentityStore.getConfig()); - UserModel user = session.userLocalStorage().getUserByUsername(realm, ldapUsername); + UserModel user = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(realm, ldapUsername); if (user != null) { LDAPUtils.checkUuid(ldapUser, ldapIdentityStore.getConfig()); @@ -777,7 +778,7 @@ public class LDAPStorageProvider implements UserStorageProvider, * @return finded or newly created user */ protected UserModel findOrCreateAuthenticatedUser(RealmModel realm, String username) { - UserModel user = session.userLocalStorage().getUserByUsername(realm, username); + UserModel user = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(realm, username); if (user != null) { logger.debugf("Kerberos authenticated user [%s] found in Keycloak storage", username); if (!model.getId().equals(user.getFederationLink())) { @@ -795,7 +796,7 @@ public class LDAPStorageProvider implements UserStorageProvider, if (userCache != null) { userCache.evict(realm, user); } - new UserManager(session).removeUser(realm, user, session.userLocalStorage()); + new UserManager(session).removeUser(realm, user, UserStoragePrivateUtil.userLocalStorage(session)); } } } diff --git a/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProviderFactory.java b/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProviderFactory.java index b17197c8932..6a95317974f 100755 --- a/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProviderFactory.java +++ b/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProviderFactory.java @@ -39,6 +39,7 @@ import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.provider.ProviderConfigProperty; import org.keycloak.provider.ProviderConfigurationBuilder; import org.keycloak.representations.idm.CredentialRepresentation; +import org.keycloak.storage.UserStoragePrivateUtil; import org.keycloak.storage.UserStorageProvider; import org.keycloak.storage.UserStorageProviderFactory; import org.keycloak.storage.UserStorageProviderModel; @@ -606,8 +607,8 @@ public class LDAPStorageProviderFactory implements UserStorageProviderFactory userModelOptional = session.userLocalStorage() + UserModel currentUserLocal = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(currentRealm, username); + Optional userModelOptional = UserStoragePrivateUtil.userLocalStorage(session) .searchForUserByUserAttributeStream(currentRealm, LDAPConstants.LDAP_ID, ldapUser.getUuid()) .findFirst(); if (!userModelOptional.isPresent() && currentUserLocal == null) { @@ -664,13 +665,13 @@ public class LDAPStorageProviderFactory implements UserStorageProviderFactory { String email = KeycloakModelUtils.toLowerCaseSafe(user.getEmail()); if (email != null && !email.equals(user.getEmail())) { diff --git a/model/legacy-private/src/main/java/org/keycloak/storage/UserStorageManager.java b/model/legacy-private/src/main/java/org/keycloak/storage/UserStorageManager.java index 07e919ad7a0..4b588a815bb 100755 --- a/model/legacy-private/src/main/java/org/keycloak/storage/UserStorageManager.java +++ b/model/legacy-private/src/main/java/org/keycloak/storage/UserStorageManager.java @@ -165,10 +165,10 @@ public class UserStorageManager extends AbstractStorageManager { RealmModel realmModel = session.realms().getRealm(realm.getId()); if (realmModel == null) return; - UserModel deletedUser = session.userLocalStorage().getUserById(realmModel, userId); + UserModel deletedUser = UserStoragePrivateUtil.userLocalStorage(session).getUserById(realmModel, userId); if (deletedUser != null) { try { - new UserManager(session).removeUser(realmModel, deletedUser, session.userLocalStorage()); + new UserManager(session).removeUser(realmModel, deletedUser, UserStoragePrivateUtil.userLocalStorage(session)); logger.debugf("Removed invalid user '%s'", userName); } catch (ModelException ex) { // Ignore exception, possible cause may be concurrent deleteInvalidUser calls which means @@ -769,8 +769,8 @@ public class UserStorageManager extends AbstractStorageManager searchForUserByUserAttributeStream(RealmModel realm, String attrName, String attrValue) { if (isImportEnabled()) { - return session.userLocalStorage().searchForUserByUserAttributeStream(realm, attrName, attrValue); + return UserStoragePrivateUtil.userLocalStorage(session).searchForUserByUserAttributeStream(realm, attrName, attrValue); } else { return session.userFederatedStorage().getUsersByUserAttributeStream(realm, attrName, attrValue) .map(userName -> createUser(realm, userName)); diff --git a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/sync/SyncDummyUserFederationProviderFactory.java b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/sync/SyncDummyUserFederationProviderFactory.java index 3486832c382..d01e03ee3d9 100644 --- a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/sync/SyncDummyUserFederationProviderFactory.java +++ b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/sync/SyncDummyUserFederationProviderFactory.java @@ -26,6 +26,7 @@ import org.keycloak.models.UserModel; import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.provider.ProviderConfigProperty; import org.keycloak.provider.ProviderConfigurationBuilder; +import org.keycloak.storage.UserStoragePrivateUtil; import org.keycloak.storage.UserStorageProviderModel; import org.keycloak.storage.user.SynchronizationResult; import org.keycloak.testsuite.federation.DummyUserFederationProviderFactory; @@ -90,13 +91,13 @@ public class SyncDummyUserFederationProviderFactory extends DummyUserFederationP // KEYCLOAK-2412 : Just remove and add some users for testing purposes for (int i = 0; i < 10; i++) { String username = "dummyuser-" + i; - UserModel user = session.userLocalStorage().getUserByUsername(realm, username); + UserModel user = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(realm, username); if (user != null) { - session.userLocalStorage().removeUser(realm, user); + UserStoragePrivateUtil.userLocalStorage(session).removeUser(realm, user); } - user = session.userLocalStorage().addUser(realm, username); + user = UserStoragePrivateUtil.userLocalStorage(session).addUser(realm, username); } logger.infof("Finished sync of changed users. Waiting now for %d seconds", waitTime); diff --git a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/util/LDAPTestUtils.java b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/util/LDAPTestUtils.java index a3352b986ba..9c0449a18e9 100644 --- a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/util/LDAPTestUtils.java +++ b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/util/LDAPTestUtils.java @@ -25,6 +25,7 @@ import org.keycloak.models.UserCredentialModel; import org.keycloak.models.UserModel; import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.models.utils.UserModelDelegate; +import org.keycloak.storage.UserStoragePrivateUtil; import org.keycloak.storage.UserStorageProvider; import org.keycloak.storage.ldap.LDAPStorageProvider; import org.keycloak.storage.ldap.LDAPConfig; @@ -64,7 +65,7 @@ import java.util.stream.Stream; public class LDAPTestUtils { public static UserModel addLocalUser(KeycloakSession session, RealmModel realm, String username, String email, String password) { - UserModel user = session.userLocalStorage().addUser(realm, username); + UserModel user = UserStoragePrivateUtil.userLocalStorage(session).addUser(realm, username); user.setEmail(email); user.setEnabled(true); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPBinaryAttributesTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPBinaryAttributesTest.java index d10c81edf07..5ccbbbc16d1 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPBinaryAttributesTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPBinaryAttributesTest.java @@ -31,6 +31,7 @@ import org.keycloak.models.UserModel; import org.keycloak.models.utils.UserModelDelegate; import org.keycloak.representations.idm.ComponentRepresentation; import org.keycloak.representations.idm.UserRepresentation; +import org.keycloak.storage.UserStoragePrivateUtil; import org.keycloak.storage.ldap.LDAPStorageProvider; import org.keycloak.storage.ldap.LDAPUtils; import org.keycloak.storage.ldap.idm.model.LDAPObject; @@ -162,7 +163,7 @@ public class LDAPBinaryAttributesTest extends AbstractLDAPTest { String joeId = joe.getId(); testingClient.server().run(session -> { RealmModel test = session.realms().getRealmByName("test"); - UserModel userById = session.userLocalStorage().getUserById(test, joeId); + UserModel userById = UserStoragePrivateUtil.userLocalStorage(session).getUserById(test, joeId); assertThat(userById.getAttributes().get(LDAPConstants.JPEG_PHOTO), is(nullValue())); }); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPGroupMapperTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPGroupMapperTest.java index 96efa0cf1a1..ec40fae48ad 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPGroupMapperTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPGroupMapperTest.java @@ -30,6 +30,7 @@ import org.keycloak.models.RealmModel; import org.keycloak.models.UserModel; import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.representations.idm.ComponentRepresentation; +import org.keycloak.storage.UserStoragePrivateUtil; import org.keycloak.storage.ldap.LDAPConfig; import org.keycloak.storage.ldap.LDAPStorageProvider; import org.keycloak.storage.ldap.LDAPUtils; @@ -127,7 +128,7 @@ public class LDAPGroupMapperTest extends AbstractLDAPTest { LDAPTestContext ctx = LDAPTestContext.init(session); RealmModel appRealm = ctx.getRealm(); - UserModel johnDb = session.userLocalStorage().getUserByUsername(appRealm, "johnkeycloak"); + UserModel johnDb = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "johnkeycloak"); Assert.assertEquals(2, johnDb.getGroupsStream().count()); Assert.assertEquals(2, johnDb.getGroupsStream("Gr", 0, 10).count()); Assert.assertEquals(1, johnDb.getGroupsStream("Gr", 1, 10).count()); @@ -316,7 +317,7 @@ public class LDAPGroupMapperTest extends AbstractLDAPTest { GroupModel group11 = KeycloakModelUtils.findGroupByPath(appRealm, "/group1/group11"); GroupModel group12 = KeycloakModelUtils.findGroupByPath(appRealm, "/group1/group12"); - UserModel maryDB = session.userLocalStorage().getUserByUsername(appRealm, "marykeycloak"); + UserModel maryDB = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "marykeycloak"); Set maryDBGroups = maryDB.getGroupsStream().collect(Collectors.toSet()); Assert.assertFalse(maryDBGroups.contains(group1)); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPMultipleAttributesTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPMultipleAttributesTest.java index 5c991cb5257..2339846425b 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPMultipleAttributesTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPMultipleAttributesTest.java @@ -30,6 +30,7 @@ import org.keycloak.models.UserModel; import org.keycloak.protocol.oidc.OIDCLoginProtocol; import org.keycloak.protocol.oidc.mappers.UserAttributeMapper; import org.keycloak.representations.IDToken; +import org.keycloak.storage.UserStoragePrivateUtil; import org.keycloak.storage.ldap.LDAPStorageProvider; import org.keycloak.storage.ldap.idm.model.LDAPObject; import org.keycloak.testsuite.util.LDAPRule; @@ -113,8 +114,8 @@ public class LDAPMultipleAttributesTest extends AbstractLDAPTest { // Test user imported in local storage now UserModel user = session.users().getUserByUsername(appRealm, "jbrown"); - Assert.assertNotNull(session.userLocalStorage().getUserById(appRealm, user.getId())); - LDAPTestAsserts.assertUserImported(session.userLocalStorage(), appRealm, "jbrown", "James", "Brown", "jbrown@keycloak.org", "88441"); + Assert.assertNotNull(UserStoragePrivateUtil.userLocalStorage(session).getUserById(appRealm, user.getId())); + LDAPTestAsserts.assertUserImported(UserStoragePrivateUtil.userLocalStorage(session), appRealm, "jbrown", "James", "Brown", "jbrown@keycloak.org", "88441"); }); } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPNoCacheTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPNoCacheTest.java index ffe58622be0..2652cc618b8 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPNoCacheTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPNoCacheTest.java @@ -37,6 +37,7 @@ import org.keycloak.models.RealmModel; import org.keycloak.models.UserModel; import org.keycloak.models.UserProvider; import org.keycloak.representations.idm.UserRepresentation; +import org.keycloak.storage.UserStoragePrivateUtil; import org.keycloak.storage.UserStorageProviderModel; import org.keycloak.storage.ldap.LDAPStorageProvider; import org.keycloak.storage.ldap.idm.model.LDAPObject; @@ -224,7 +225,7 @@ public class LDAPNoCacheTest extends AbstractLDAPTest { ctx.getLdapModel().setImportEnabled(true); realm.updateComponent(ctx.getLdapModel()); - UserProvider localStorage = session.userLocalStorage(); + UserProvider localStorage = UserStoragePrivateUtil.userLocalStorage(session); LDAPStorageProvider ldapProvider = ctx.getLdapProvider(); // assume no user imported diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPProvidersIntegrationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPProvidersIntegrationTest.java index 21f08eabfa4..30d2cfc5414 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPProvidersIntegrationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPProvidersIntegrationTest.java @@ -48,6 +48,7 @@ import org.keycloak.representations.idm.UserRepresentation; import org.keycloak.services.managers.RealmManager; import org.keycloak.storage.ReadOnlyException; import org.keycloak.storage.StorageId; +import org.keycloak.storage.UserStoragePrivateUtil; import org.keycloak.storage.UserStorageProvider; import org.keycloak.storage.UserStorageProviderModel; import org.keycloak.storage.ldap.LDAPConfig; @@ -160,7 +161,7 @@ public class LDAPProvidersIntegrationTest extends AbstractLDAPTest { testingClient.server().run(session -> { RealmManager manager = new RealmManager(session); RealmModel appRealm = manager.getRealmByName("test"); - UserModel user = session.userLocalStorage().getUserByUsername(appRealm, "johnkeycloak"); + UserModel user = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "johnkeycloak"); Assert.assertNull(user); }); } @@ -828,26 +829,26 @@ public class LDAPProvidersIntegrationTest extends AbstractLDAPTest { LDAPTestUtils.addLDAPUser(ctx.getLdapProvider(), appRealm, "username4", "John4", "Doel4", "user4@email.org", null, "124"); // Users are not at local store at this moment - Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "username1")); - Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "username2")); - Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "username3")); - Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "username4")); + Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "username1")); + Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "username2")); + Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "username3")); + Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "username4")); // search by username (we use a terminal operation on the stream to ensure it is consumed) session.users().searchForUserStream(appRealm, "username1").count(); - LDAPTestAsserts.assertUserImported(session.userLocalStorage(), appRealm, "username1", "John1", "Doel1", "user1@email.org", "121"); + LDAPTestAsserts.assertUserImported(UserStoragePrivateUtil.userLocalStorage(session), appRealm, "username1", "John1", "Doel1", "user1@email.org", "121"); // search by email (we use a terminal operation on the stream to ensure it is consumed) session.users().searchForUserStream(appRealm, "user2@email.org").count(); - LDAPTestAsserts.assertUserImported(session.userLocalStorage(), appRealm, "username2", "John2", "Doel2", "user2@email.org", "122"); + LDAPTestAsserts.assertUserImported(UserStoragePrivateUtil.userLocalStorage(session), appRealm, "username2", "John2", "Doel2", "user2@email.org", "122"); // search by lastName (we use a terminal operation on the stream to ensure it is consumed) session.users().searchForUserStream(appRealm, "Doel3").count(); - LDAPTestAsserts.assertUserImported(session.userLocalStorage(), appRealm, "username3", "John3", "Doel3", "user3@email.org", "123"); + LDAPTestAsserts.assertUserImported(UserStoragePrivateUtil.userLocalStorage(session), appRealm, "username3", "John3", "Doel3", "user3@email.org", "123"); // search by firstName + lastName (we use a terminal operation on the stream to ensure it is consumed) session.users().searchForUserStream(appRealm, "John4 Doel4").count(); - LDAPTestAsserts.assertUserImported(session.userLocalStorage(), appRealm, "username4", "John4", "Doel4", "user4@email.org", "124"); + LDAPTestAsserts.assertUserImported(UserStoragePrivateUtil.userLocalStorage(session), appRealm, "username4", "John4", "Doel4", "user4@email.org", "124"); }); } @@ -873,14 +874,14 @@ public class LDAPProvidersIntegrationTest extends AbstractLDAPTest { // search by email (we use a terminal operation on the stream to ensure it is consumed) session.users().searchForUserStream(appRealm, "user5@email.org").count(); - LDAPTestAsserts.assertUserImported(session.userLocalStorage(), appRealm, "username5", "John5", "Doel5", "user5@email.org", "125"); + LDAPTestAsserts.assertUserImported(UserStoragePrivateUtil.userLocalStorage(session), appRealm, "username5", "John5", "Doel5", "user5@email.org", "125"); session.users().searchForUserStream(appRealm, "John6 Doel6").count(); - LDAPTestAsserts.assertUserImported(session.userLocalStorage(), appRealm, "username6", "John6", "Doel6", "user6@email.org", "126"); + LDAPTestAsserts.assertUserImported(UserStoragePrivateUtil.userLocalStorage(session), appRealm, "username6", "John6", "Doel6", "user6@email.org", "126"); session.users().searchForUserStream(appRealm, "user7@email.org").count(); session.users().searchForUserStream(appRealm, "John7 Doel7").count(); - Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "username7")); + Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "username7")); // Remove custom filter ctx.getLdapModel().getConfig().remove(LDAPConstants.CUSTOM_USER_SEARCH_FILTER); @@ -991,7 +992,7 @@ public class LDAPProvidersIntegrationTest extends AbstractLDAPTest { Assert.assertTrue(session.users().removeUser(appRealm, user)); // Assert user not available locally, but will be reimported from LDAP once searched - Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "johnkeycloak")); + Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "johnkeycloak")); Assert.assertNotNull(session.users().getUserByUsername(appRealm, "johnkeycloak")); }); @@ -1023,9 +1024,9 @@ public class LDAPProvidersIntegrationTest extends AbstractLDAPTest { LDAPTestUtils.addLDAPUser(ctx.getLdapProvider(), appRealm, "username10", "John10", "Doel10", "user10@email.org", null, "1210"); // Users are not at local store at this moment - Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "username8")); - Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "username9")); - Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "username10")); + Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "username8")); + Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "username9")); + Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "username10")); // search for user by attribute List users = ctx.getLdapProvider().searchForUserByUserAttributeStream(appRealm, ATTRIBUTE, ATTRIBUTE_VALUE) @@ -1040,10 +1041,10 @@ public class LDAPProvidersIntegrationTest extends AbstractLDAPTest { assertEquals(ATTRIBUTE_VALUE, attrList.get(0)); // user are now imported to local store - LDAPTestAsserts.assertUserImported(session.userLocalStorage(), appRealm, "username8", "John8", "Doel8", "user8@email.org", ATTRIBUTE_VALUE); - LDAPTestAsserts.assertUserImported(session.userLocalStorage(), appRealm, "username9", "John9", "Doel9", "user9@email.org", ATTRIBUTE_VALUE); + LDAPTestAsserts.assertUserImported(UserStoragePrivateUtil.userLocalStorage(session), appRealm, "username8", "John8", "Doel8", "user8@email.org", ATTRIBUTE_VALUE); + LDAPTestAsserts.assertUserImported(UserStoragePrivateUtil.userLocalStorage(session), appRealm, "username9", "John9", "Doel9", "user9@email.org", ATTRIBUTE_VALUE); // but the one not looked up is not - Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "username10")); + Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "username10")); }); } @@ -1256,7 +1257,7 @@ public class LDAPProvidersIntegrationTest extends AbstractLDAPTest { LDAPTestContext ctx = LDAPTestContext.init(session); RealmModel testRealm = ctx.getRealm(); - UserModel importedUser = session.userLocalStorage().getUserByUsername(testRealm, "beckybecks"); + UserModel importedUser = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(testRealm, "beckybecks"); // Update user 'beckybecks' in LDAP LDAPObject becky = ctx.getLdapProvider().loadLDAPUserByUsername(testRealm, importedUser.getUsername()); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPRoleMappingsTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPRoleMappingsTest.java index edfdc67db50..44c4dfb9b19 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPRoleMappingsTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPRoleMappingsTest.java @@ -157,7 +157,7 @@ public class LDAPRoleMappingsTest extends AbstractLDAPTest { // 2 - Check that role mappings are not in local Keycloak DB (They are in LDAP). - UserModel johnDb = session.userLocalStorage().getUserByUsername(appRealm, "johnkeycloak"); + UserModel johnDb = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "johnkeycloak"); Set johnDbRoles = johnDb.getRoleMappingsStream().collect(Collectors.toSet()); Assert.assertFalse(johnDbRoles.contains(realmRole1)); Assert.assertFalse(johnDbRoles.contains(realmRole2)); @@ -236,7 +236,7 @@ public class LDAPRoleMappingsTest extends AbstractLDAPTest { Assert.assertTrue(maryRoles.contains(realmRole3)); // Assert that access through DB will have just DB mapped role - UserModel maryDB = session.userLocalStorage().getUserByUsername(appRealm, "marykeycloak"); + UserModel maryDB = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "marykeycloak"); Set maryDBRoles = maryDB.getRealmRoleMappingsStream().collect(Collectors.toSet()); Assert.assertFalse(maryDBRoles.contains(realmRole1)); Assert.assertFalse(maryDBRoles.contains(realmRole2)); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPSyncTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPSyncTest.java index 2e16186a784..a847d925c46 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPSyncTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPSyncTest.java @@ -137,7 +137,7 @@ public class LDAPSyncTest extends AbstractLDAPTest { testingClient.server().run(session -> { LDAPTestContext ctx = LDAPTestContext.init(session); RealmModel testRealm = ctx.getRealm(); - UserProvider userProvider = session.userLocalStorage(); + UserProvider userProvider = UserStoragePrivateUtil.userLocalStorage(session); // Assert users imported LDAPTestAsserts.assertUserImported(userProvider, testRealm, "user1", "User1FN", "User1LN", "user1@email.org", "121"); @@ -164,7 +164,7 @@ public class LDAPSyncTest extends AbstractLDAPTest { testingClient.server().run(session -> { LDAPTestContext ctx = LDAPTestContext.init(session); RealmModel testRealm = ctx.getRealm(); - UserProvider userProvider = session.userLocalStorage(); + UserProvider userProvider = UserStoragePrivateUtil.userLocalStorage(session); UserStorageSyncManager usersSyncManager = new UserStorageSyncManager(); // Add user to LDAP and update 'user5' in LDAP @@ -187,7 +187,7 @@ public class LDAPSyncTest extends AbstractLDAPTest { testingClient.server().run(session -> { RealmModel testRealm = session.realms().getRealmByName(TEST_REALM_NAME); - UserProvider userProvider = session.userLocalStorage(); + UserProvider userProvider = UserStoragePrivateUtil.userLocalStorage(session); // Assert users updated in local provider LDAPTestAsserts.assertUserImported(userProvider, testRealm, "user5", "User5FN", "User5LN", "user5updated@email.org", "521"); LDAPTestAsserts.assertUserImported(userProvider, testRealm, "user6", "User6FN", "User6LN", "user6@email.org", "126"); @@ -229,7 +229,7 @@ public class LDAPSyncTest extends AbstractLDAPTest { // Assert syncing from LDAP fails due to duplicated email SynchronizationResult result = new UserStorageSyncManager().syncAllUsers(session.getKeycloakSessionFactory(), ctx.getRealm().getId(), ctx.getLdapModel()); Assert.assertEquals(1, result.getFailed()); - Assert.assertNull(session.userLocalStorage().getUserByUsername(ctx.getRealm(), "user7-something")); + Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(ctx.getRealm(), "user7-something")); // Update LDAP user to avoid duplicated email LDAPObject duplicatedLdapUser = ctx.getLdapProvider().loadLDAPUserByUsername(ctx.getRealm(), "user7-something"); @@ -244,7 +244,7 @@ public class LDAPSyncTest extends AbstractLDAPTest { // Assert user was imported. Use another transaction for that testingClient.server().run(session -> { RealmModel testRealm = session.realms().getRealmByName(TEST_REALM_NAME); - LDAPTestAsserts.assertUserImported(session.userLocalStorage(), testRealm, "user7-something", "User7FNN", "User7LNL", "user7-changed@email.org", "126"); + LDAPTestAsserts.assertUserImported(UserStoragePrivateUtil.userLocalStorage(session), testRealm, "user7-something", "User7FNN", "User7LNL", "user7-changed@email.org", "126"); }); } @@ -275,7 +275,7 @@ public class LDAPSyncTest extends AbstractLDAPTest { ctx.getLdapProvider().getLdapIdentityStore().update(ldapUser); // Assert still old users in local provider - LDAPTestAsserts.assertUserImported(session.userLocalStorage(), testRealm, "beckybecks", "Becky", "Becks", "becky-becks@email.org", "123"); + LDAPTestAsserts.assertUserImported(UserStoragePrivateUtil.userLocalStorage(session), testRealm, "beckybecks", "Becky", "Becks", "becky-becks@email.org", "123"); // Trigger partial sync KeycloakSessionFactory sessionFactory = session.getKeycloakSessionFactory(); @@ -286,7 +286,7 @@ public class LDAPSyncTest extends AbstractLDAPTest { testingClient.server().run(session -> { LDAPTestContext ctx = LDAPTestContext.init(session); RealmModel testRealm = session.realms().getRealmByName(TEST_REALM_NAME); - UserProvider userProvider = session.userLocalStorage(); + UserProvider userProvider = UserStoragePrivateUtil.userLocalStorage(session); // Assert users updated in local provider LDAPTestAsserts.assertUserImported(session.users(), testRealm, "beckyupdated", "Becky", "Becks", "becky-updated@email.org", "123"); UserModel updatedLocalUser = userProvider.getUserByUsername(testRealm, "beckyupdated"); @@ -306,9 +306,9 @@ public class LDAPSyncTest extends AbstractLDAPTest { LDAPTestContext ctx = LDAPTestContext.init(session); // Remove all users from model - session.userLocalStorage().getUsersStream(ctx.getRealm(), true) + UserStoragePrivateUtil.userLocalStorage(session).getUsersStream(ctx.getRealm(), true) .collect(Collectors.toList()) - .forEach(user -> session.userLocalStorage().removeUser(ctx.getRealm(), user)); + .forEach(user -> UserStoragePrivateUtil.userLocalStorage(session).removeUser(ctx.getRealm(), user)); // Change name of UUID attribute to same like usernameAttribute String uidAttrName = ctx.getLdapProvider().getLdapIdentityStore().getConfig().getUsernameLdapAttribute(); @@ -355,7 +355,7 @@ public class LDAPSyncTest extends AbstractLDAPTest { LDAPTestContext ctx = LDAPTestContext.init(session); // Remove all users from model - session.userLocalStorage().getUsersStream(ctx.getRealm(), true) + UserStoragePrivateUtil.userLocalStorage(session).getUsersStream(ctx.getRealm(), true) .peek(user -> System.out.println("trying to delete user: " + user.getUsername())) .collect(Collectors.toList()) .forEach(user -> { @@ -363,7 +363,7 @@ public class LDAPSyncTest extends AbstractLDAPTest { if (userCache != null) { userCache.evict(ctx.getRealm(), user); } - session.userLocalStorage().removeUser(ctx.getRealm(), user); + UserStoragePrivateUtil.userLocalStorage(session).removeUser(ctx.getRealm(), user); }); // Add street mapper and add some user including street @@ -509,7 +509,7 @@ public class LDAPSyncTest extends AbstractLDAPTest { RealmModel appRealm = ctx.getRealm(); // Remove all users from model - session.userLocalStorage().getUsersStream(ctx.getRealm(), true) + UserStoragePrivateUtil.userLocalStorage(session).getUsersStream(ctx.getRealm(), true) .peek(user -> System.out.println("trying to delete user: " + user.getUsername())) .collect(Collectors.toList()) .forEach(user -> { @@ -517,7 +517,7 @@ public class LDAPSyncTest extends AbstractLDAPTest { if (userCache != null) { userCache.evict(ctx.getRealm(), user); } - session.userLocalStorage().removeUser(ctx.getRealm(), user); + UserStoragePrivateUtil.userLocalStorage(session).removeUser(ctx.getRealm(), user); }); Map orig = new HashMap<>(); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/noimport/LDAPMultipleAttributesNoImportTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/noimport/LDAPMultipleAttributesNoImportTest.java index 9564e142a33..c7e674aaca4 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/noimport/LDAPMultipleAttributesNoImportTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/noimport/LDAPMultipleAttributesNoImportTest.java @@ -24,6 +24,7 @@ import org.junit.Test; import org.junit.runners.MethodSorters; import org.keycloak.models.RealmModel; import org.keycloak.models.UserModel; +import org.keycloak.storage.UserStoragePrivateUtil; import org.keycloak.testsuite.federation.ldap.LDAPMultipleAttributesTest; import org.keycloak.testsuite.federation.ldap.LDAPTestAsserts; import org.keycloak.testsuite.federation.ldap.LDAPTestContext; @@ -52,7 +53,7 @@ public class LDAPMultipleAttributesNoImportTest extends LDAPMultipleAttributesTe // Test user NOT imported in local storage now. He is available just through "session.users()" UserModel user = session.users().getUserByUsername(appRealm, "jbrown"); Assert.assertNotNull(user); - Assert.assertNull(session.userLocalStorage().getUserById(appRealm, user.getId())); + Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserById(appRealm, user.getId())); LDAPTestAsserts.assertUserImported(session.users(), appRealm, "jbrown", "James", "Brown", "jbrown@keycloak.org", "88441"); }); } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/noimport/LDAPRoleMappingsNoImportTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/noimport/LDAPRoleMappingsNoImportTest.java index 709423c4d05..58bf620813f 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/noimport/LDAPRoleMappingsNoImportTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/noimport/LDAPRoleMappingsNoImportTest.java @@ -32,6 +32,7 @@ import org.keycloak.models.LDAPConstants; import org.keycloak.models.RealmModel; import org.keycloak.models.RoleModel; import org.keycloak.models.UserModel; +import org.keycloak.storage.UserStoragePrivateUtil; import org.keycloak.storage.UserStorageProviderModel; import org.keycloak.storage.ldap.LDAPStorageProvider; import org.keycloak.storage.ldap.idm.model.LDAPObject; @@ -151,7 +152,7 @@ public class LDAPRoleMappingsNoImportTest extends AbstractLDAPTest { UserModel mary = session.users().getUserByUsername(appRealm, "marykeycloak"); // make sure we are in no-import mode! - Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "marykeycloak")); + Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "marykeycloak")); // This role should already exists as it was imported from LDAP RoleModel realmRole1 = appRealm.getRole("realmRole1"); @@ -205,8 +206,8 @@ public class LDAPRoleMappingsNoImportTest extends AbstractLDAPTest { UserModel mary = session.users().getUserByUsername(appRealm, "marykeycloak"); // make sure we are in no-import mode - Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "johnkeycloak")); - Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "marykeycloak")); + Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "johnkeycloak")); + Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "marykeycloak")); // 1 - Grant some roles in LDAP @@ -245,8 +246,8 @@ public class LDAPRoleMappingsNoImportTest extends AbstractLDAPTest { UserModel mary = session.users().getUserByUsername(appRealm, "marykeycloak"); // make sure we are in no-import mode - Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "johnkeycloak")); - Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "marykeycloak")); + Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "johnkeycloak")); + Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "marykeycloak")); RoleModel realmRole1 = appRealm.getRole("realmRole1"); RoleModel realmRole2 = appRealm.getRole("realmRole2"); @@ -306,7 +307,7 @@ public class LDAPRoleMappingsNoImportTest extends AbstractLDAPTest { UserModel david = session.users().addUser(appRealm, "davidkeycloak"); // make sure we are in no-import mode - Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "davidkeycloak")); + Assert.assertNull(UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(appRealm, "davidkeycloak")); RoleModel defaultRole = appRealm.getRole("realmRole1"); RoleModel realmRole2 = appRealm.getRole("realmRole2"); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/UserStorageFailureTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/UserStorageFailureTest.java index 631ab3ebfa5..2f25fe0efbd 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/UserStorageFailureTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/UserStorageFailureTest.java @@ -42,6 +42,7 @@ import org.keycloak.representations.idm.ComponentRepresentation; import org.keycloak.representations.idm.EventRepresentation; import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.services.managers.RealmManager; +import org.keycloak.storage.UserStoragePrivateUtil; import org.keycloak.storage.UserStorageProvider; import org.keycloak.storage.UserStorageProviderModel; import org.keycloak.testsuite.AbstractTestRealmKeycloakTest; @@ -134,7 +135,7 @@ public class UserStorageFailureTest extends AbstractTestRealmKeycloakTest { serviceAccount.grantRole(role); serviceAccount.setServiceAccountClientLink(offlineClient.getClientId()); - UserModel localUser = manager.getSession().userLocalStorage().addUser(appRealm, LOCAL_USER); + UserModel localUser = UserStoragePrivateUtil.userLocalStorage(manager.getSession()).addUser(appRealm, LOCAL_USER); localUser.setEnabled(true); }); @@ -272,9 +273,9 @@ public class UserStorageFailureTest extends AbstractTestRealmKeycloakTest { testingClient.server().run(session -> { RealmModel realm = session.realms().getRealmByName(AuthRealm.TEST); - UserModel user = session.userLocalStorage().getUserByUsername(realm, FailableHardcodedStorageProvider.username); + UserModel user = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(realm, FailableHardcodedStorageProvider.username); if (user != null) { - session.userLocalStorage().removeUser(realm, user); + UserStoragePrivateUtil.userLocalStorage(session).removeUser(realm, user); } }); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/UserStorageTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/UserStorageTest.java index f2b6229e87c..9e5c225f9fd 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/UserStorageTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/UserStorageTest.java @@ -34,6 +34,7 @@ import org.keycloak.representations.idm.RoleRepresentation; import org.keycloak.representations.idm.UserRepresentation; import org.keycloak.storage.CacheableStorageProviderModel.CachePolicy; import org.keycloak.storage.StorageId; +import org.keycloak.storage.UserStoragePrivateUtil; import org.keycloak.storage.UserStorageProvider; import org.keycloak.testsuite.AbstractAuthTest; import org.keycloak.testsuite.admin.ApiUtil; @@ -167,7 +168,7 @@ public class UserStorageTest extends AbstractAuthTest { UserModel user = session.users().getUserByUsername(realm, "thor"); if (user != null) { - session.userLocalStorage().removeUser(realm, user); + UserStoragePrivateUtil.userLocalStorage(session).removeUser(realm, user); session.userCache().clear(); } diff --git a/testsuite/model/src/test/java/org/keycloak/testsuite/model/UserSyncTest.java b/testsuite/model/src/test/java/org/keycloak/testsuite/model/UserSyncTest.java index b6b5d2b0c35..705fdf77021 100644 --- a/testsuite/model/src/test/java/org/keycloak/testsuite/model/UserSyncTest.java +++ b/testsuite/model/src/test/java/org/keycloak/testsuite/model/UserSyncTest.java @@ -87,7 +87,7 @@ public class UserSyncTest extends KeycloakModelTest { return null; })); - assertThat(withRealm(realmId, (session, realm) -> session.userLocalStorage().getUsersCount(realm)), is(0)); + assertThat(withRealm(realmId, (session, realm) -> UserStoragePrivateUtil.userLocalStorage(session).getUsersCount(realm)), is(0)); long start = System.currentTimeMillis(); SynchronizationResult res = withRealm(realmId, (session, realm) -> { @@ -101,7 +101,7 @@ public class UserSyncTest extends KeycloakModelTest { assertThat(String.format("User sync took %f seconds per user, but it should take less than 18 seconds", (float)(timeNeeded) / NUMBER_OF_USERS), timeNeeded, Matchers.lessThan((long) (18 * NUMBER_OF_USERS))); assertThat(res.getAdded(), is(NUMBER_OF_USERS)); - assertThat(withRealm(realmId, (session, realm) -> session.userLocalStorage().getUsersCount(realm)), is(NUMBER_OF_USERS)); + assertThat(withRealm(realmId, (session, realm) -> UserStoragePrivateUtil.userLocalStorage(session).getUsersCount(realm)), is(NUMBER_OF_USERS)); } }