Search in sources :

Example 6 with CachedUserModel

use of org.keycloak.models.cache.CachedUserModel in project keycloak by keycloak.

the class LDAPProvidersIntegrationTest method testLDAPUserRefreshCache.

@Test
public void testLDAPUserRefreshCache() {
    testingClient.server().run(session -> {
        session.userCache().clear();
    });
    testingClient.server().run(session -> {
        LDAPTestContext ctx = LDAPTestContext.init(session);
        RealmModel appRealm = ctx.getRealm();
        LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ctx.getLdapModel());
        LDAPTestUtils.addLDAPUser(ldapProvider, appRealm, "johndirect", "John", "Direct", "johndirect@email.org", null, "1234");
        // Fetch user from LDAP and check that postalCode is filled
        UserModel user = session.users().getUserByUsername(appRealm, "johndirect");
        String postalCode = user.getFirstAttribute("postal_code");
        Assert.assertEquals("1234", postalCode);
        LDAPTestUtils.removeLDAPUserByUsername(ldapProvider, appRealm, ldapProvider.getLdapIdentityStore().getConfig(), "johndirect");
    });
    // 5 minutes in future, user should be cached still
    setTimeOffset(60 * 5);
    testingClient.server().run(session -> {
        RealmModel appRealm = new RealmManager(session).getRealmByName("test");
        CachedUserModel user = (CachedUserModel) session.users().getUserByUsername(appRealm, "johndirect");
        String postalCode = user.getFirstAttribute("postal_code");
        String email = user.getEmail();
        Assert.assertEquals("1234", postalCode);
        Assert.assertEquals("johndirect@email.org", email);
    });
    // 20 minutes into future, cache will be invalidated
    setTimeOffset(60 * 20);
    testingClient.server().run(session -> {
        RealmModel appRealm = new RealmManager(session).getRealmByName("test");
        UserModel user = session.users().getUserByUsername(appRealm, "johndirect");
        Assert.assertNull(user);
    });
    setTimeOffset(0);
}
Also used : RealmModel(org.keycloak.models.RealmModel) CachedUserModel(org.keycloak.models.cache.CachedUserModel) UserModel(org.keycloak.models.UserModel) LDAPStorageProvider(org.keycloak.storage.ldap.LDAPStorageProvider) CachedUserModel(org.keycloak.models.cache.CachedUserModel) RealmManager(org.keycloak.services.managers.RealmManager) AbstractAuthTest(org.keycloak.testsuite.AbstractAuthTest) Test(org.junit.Test)

Example 7 with CachedUserModel

use of org.keycloak.models.cache.CachedUserModel in project keycloak by keycloak.

the class UserStorageTest method testDailyEviction.

/**
 * Test daily eviction behaviour
 */
@Test
public void testDailyEviction() {
    // We need to test both cases: eviction the same day, and eviction the next day
    // Simplest is to take full control of the clock
    // set clock to 23:30 of current day
    setTimeOfDay(23, 30, 0);
    // test same day eviction behaviour
    // set eviction at 23:45
    setDailyEvictionTime(23, 45);
    // there are users in cache already from before-test import
    // and they didn't use any time offset clock so they may have timestamps in the 'future'
    // let's clear cache
    testingClient.server().run(session -> {
        session.userCache().clear();
    });
    testingClient.server().run(session -> {
        RealmModel realm = session.realms().getRealmByName("test");
        UserModel user = session.users().getUserByUsername(realm, "thor");
        // should be newly cached
        Assert.assertTrue(user instanceof CachedUserModel);
    });
    setTimeOfDay(23, 40, 0);
    // lookup user again - make sure it's returned from cache
    testingClient.server().run(session -> {
        RealmModel realm = session.realms().getRealmByName("test");
        UserModel user = session.users().getUserByUsername(realm, "thor");
        // should be returned from cache
        Assert.assertTrue(user instanceof CachedUserModel);
    });
    setTimeOfDay(23, 50, 0);
    testingClient.server().run(session -> {
        RealmModel realm = session.realms().getRealmByName("test");
        UserModel user = session.users().getUserByUsername(realm, "thor");
        // should have been invalidated
        Assert.assertFalse(user instanceof CachedUserModel);
    });
    testingClient.server().run(session -> {
        RealmModel realm = session.realms().getRealmByName("test");
        UserModel user = session.users().getUserByUsername(realm, "thor");
        // should have been newly cached
        Assert.assertTrue(user instanceof CachedUserModel);
    });
    testingClient.server().run(session -> {
        RealmModel realm = session.realms().getRealmByName("test");
        UserModel user = session.users().getUserByUsername(realm, "thor");
        // should be returned from cache
        Assert.assertTrue(user instanceof CachedUserModel);
    });
    setTimeOfDay(23, 55, 0);
    testingClient.server().run(session -> {
        RealmModel realm = session.realms().getRealmByName("test");
        UserModel user = session.users().getUserByUsername(realm, "thor");
        // should be returned from cache
        Assert.assertTrue(user instanceof CachedUserModel);
    });
    // at 00:30
    // it's next day now. the daily eviction time is now in the future
    setTimeOfDay(0, 30, 0, 24 * 60 * 60);
    testingClient.server().run(session -> {
        RealmModel realm = session.realms().getRealmByName("test");
        UserModel user = session.users().getUserByUsername(realm, "thor");
        // should be returned from cache - it's still good for almost the whole day
        Assert.assertTrue(user instanceof CachedUserModel);
    });
    // at 23:30 next day
    setTimeOfDay(23, 30, 0, 24 * 60 * 60);
    testingClient.server().run(session -> {
        RealmModel realm = session.realms().getRealmByName("test");
        UserModel user = session.users().getUserByUsername(realm, "thor");
        // should be returned from cache - it's still good until 23:45
        Assert.assertTrue(user instanceof CachedUserModel);
    });
    // at 23:50
    setTimeOfDay(23, 50, 0, 24 * 60 * 60);
    testingClient.server().run(session -> {
        RealmModel realm = session.realms().getRealmByName("test");
        UserModel user = session.users().getUserByUsername(realm, "thor");
        // should be invalidated
        Assert.assertFalse(user instanceof CachedUserModel);
    });
    setTimeOfDay(23, 55, 0, 24 * 60 * 60);
    testingClient.server().run(session -> {
        RealmModel realm = session.realms().getRealmByName("test");
        UserModel user = session.users().getUserByUsername(realm, "thor");
        // should be newly cached
        Assert.assertTrue(user instanceof CachedUserModel);
    });
    setTimeOfDay(23, 40, 0, 2 * 24 * 60 * 60);
    testingClient.server().run(session -> {
        RealmModel realm = session.realms().getRealmByName("test");
        UserModel user = session.users().getUserByUsername(realm, "thor");
        // should be returned from cache
        Assert.assertTrue(user instanceof CachedUserModel);
    });
    setTimeOfDay(23, 50, 0, 2 * 24 * 60 * 60);
    testingClient.server().run(session -> {
        RealmModel realm = session.realms().getRealmByName("test");
        UserModel user = session.users().getUserByUsername(realm, "thor");
        // should be invalidated
        Assert.assertFalse(user instanceof CachedUserModel);
    });
    testingClient.server().run(session -> {
        RealmModel realm = session.realms().getRealmByName("test");
        UserModel user = session.users().getUserByUsername(realm, "thor");
        // should be newly cached
        Assert.assertTrue(user instanceof CachedUserModel);
    });
    testingClient.server().run(session -> {
        RealmModel realm = session.realms().getRealmByName("test");
        UserModel user = session.users().getUserByUsername(realm, "thor");
        // should be returned from cache
        Assert.assertTrue(user instanceof CachedUserModel);
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) CachedUserModel(org.keycloak.models.cache.CachedUserModel) UserModel(org.keycloak.models.UserModel) CachedUserModel(org.keycloak.models.cache.CachedUserModel) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) AbstractAuthTest(org.keycloak.testsuite.AbstractAuthTest) Test(org.junit.Test)

Example 8 with CachedUserModel

use of org.keycloak.models.cache.CachedUserModel in project keycloak by keycloak.

the class UserStorageTest method testWeeklyEviction.

@Test
public void testWeeklyEviction() {
    ApiUtil.findUserByUsername(testRealmResource(), "thor");
    // set eviction to 4 days from now
    Calendar eviction = Calendar.getInstance();
    eviction.add(Calendar.HOUR, 4 * 24);
    ComponentRepresentation propProviderRW = testRealmResource().components().component(propProviderRWId).toRepresentation();
    propProviderRW.getConfig().putSingle(CACHE_POLICY, CachePolicy.EVICT_WEEKLY.name());
    propProviderRW.getConfig().putSingle(EVICTION_DAY, Integer.toString(eviction.get(DAY_OF_WEEK)));
    propProviderRW.getConfig().putSingle(EVICTION_HOUR, Integer.toString(eviction.get(HOUR_OF_DAY)));
    propProviderRW.getConfig().putSingle(EVICTION_MINUTE, Integer.toString(eviction.get(MINUTE)));
    testRealmResource().components().component(propProviderRWId).update(propProviderRW);
    // now
    testingClient.server().run(session -> {
        RealmModel realm = session.realms().getRealmByName("test");
        UserModel user = session.users().getUserByUsername(realm, "thor");
        System.out.println("User class: " + user.getClass());
        // should still be cached
        Assert.assertTrue(user instanceof CachedUserModel);
    });
    // 2 days in future
    setTimeOffset(2 * 24 * 60 * 60);
    // now
    testingClient.server().run(session -> {
        RealmModel realm = session.realms().getRealmByName("test");
        UserModel user = session.users().getUserByUsername(realm, "thor");
        System.out.println("User class: " + user.getClass());
        // should still be cached
        Assert.assertTrue(user instanceof CachedUserModel);
    });
    // 5 days in future
    setTimeOffset(5 * 24 * 60 * 60);
    testingClient.server().run(session -> {
        RealmModel realm = session.realms().getRealmByName("test");
        UserModel user = session.users().getUserByUsername(realm, "thor");
        System.out.println("User class: " + user.getClass());
        // should be evicted
        Assert.assertFalse(user instanceof CachedUserModel);
    });
}
Also used : ComponentRepresentation(org.keycloak.representations.idm.ComponentRepresentation) RealmModel(org.keycloak.models.RealmModel) CachedUserModel(org.keycloak.models.cache.CachedUserModel) UserModel(org.keycloak.models.UserModel) Calendar(java.util.Calendar) CachedUserModel(org.keycloak.models.cache.CachedUserModel) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) AbstractAuthTest(org.keycloak.testsuite.AbstractAuthTest) Test(org.junit.Test)

Example 9 with CachedUserModel

use of org.keycloak.models.cache.CachedUserModel in project keycloak by keycloak.

the class PasswordCredentialProvider method getPassword.

public PasswordCredentialModel getPassword(RealmModel realm, UserModel user) {
    List<CredentialModel> passwords = null;
    if (user instanceof CachedUserModel && !((CachedUserModel) user).isMarkedForEviction()) {
        CachedUserModel cached = (CachedUserModel) user;
        passwords = (List<CredentialModel>) cached.getCachedWith().get(PASSWORD_CACHE_KEY);
    }
    // if the model was marked for eviction while passwords were initialized, override it from credentialStore
    if (!(user instanceof CachedUserModel) || ((CachedUserModel) user).isMarkedForEviction()) {
        passwords = getCredentialStore().getStoredCredentialsByTypeStream(realm, user, getType()).collect(Collectors.toList());
    }
    if (passwords == null || passwords.isEmpty())
        return null;
    return PasswordCredentialModel.createFromCredentialModel(passwords.get(0));
}
Also used : UserCredentialModel(org.keycloak.models.UserCredentialModel) PasswordCredentialModel(org.keycloak.models.credential.PasswordCredentialModel) CachedUserModel(org.keycloak.models.cache.CachedUserModel)

Aggregations

CachedUserModel (org.keycloak.models.cache.CachedUserModel)9 UserModel (org.keycloak.models.UserModel)8 Test (org.junit.Test)7 RealmModel (org.keycloak.models.RealmModel)7 AbstractAuthTest (org.keycloak.testsuite.AbstractAuthTest)6 ModelTest (org.keycloak.testsuite.arquillian.annotation.ModelTest)4 ComponentRepresentation (org.keycloak.representations.idm.ComponentRepresentation)3 Calendar (java.util.Calendar)1 HashMap (java.util.HashMap)1 AtomicReference (java.util.concurrent.atomic.AtomicReference)1 MultivaluedHashMap (org.keycloak.common.util.MultivaluedHashMap)1 ModelException (org.keycloak.models.ModelException)1 UserCredentialModel (org.keycloak.models.UserCredentialModel)1 PasswordCredentialModel (org.keycloak.models.credential.PasswordCredentialModel)1 ReadOnlyUserModelDelegate (org.keycloak.models.utils.ReadOnlyUserModelDelegate)1 RealmManager (org.keycloak.services.managers.RealmManager)1 UpdateOnlyChangeUserModelDelegate (org.keycloak.storage.adapter.UpdateOnlyChangeUserModelDelegate)1 LDAPStorageProvider (org.keycloak.storage.ldap.LDAPStorageProvider)1 LDAPStorageMapper (org.keycloak.storage.ldap.mappers.LDAPStorageMapper)1 AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)1