Example 11 with AdapterConfig
use of org.keycloak.representations.adapters.config.AdapterConfig in project keycloak by keycloak.
the class DeploymentArchiveProcessor method modifyAdapterConfig.
protected void modifyAdapterConfig(Archive<?> archive, String adapterConfigPath, boolean relative) {
if (archive.contains(adapterConfigPath)) {
log.info("Modifying adapter config " + adapterConfigPath + " in " + archive.getName());
if (adapterConfigPath.endsWith(".xml")) {
// SAML adapter config
log.info("Modifying saml adapter config in " + archive.getName());
Document doc = loadXML(archive.get(adapterConfigPath).getAsset().openStream());
if (AUTH_SERVER_SSL_REQUIRED) {
modifyDocElementAttribute(doc, "SingleSignOnService", "bindingUrl", "8080", System.getProperty("auth.server.https.port"));
modifyDocElementAttribute(doc, "SingleSignOnService", "bindingUrl", "http", "https");
modifyDocElementAttribute(doc, "SingleSignOnService", "assertionConsumerServiceUrl", "8080", System.getProperty("app.server.https.port"));
modifyDocElementAttribute(doc, "SingleSignOnService", "assertionConsumerServiceUrl", "http", "https");
modifyDocElementAttribute(doc, "SingleLogoutService", "postBindingUrl", "8080", System.getProperty("auth.server.https.port"));
modifyDocElementAttribute(doc, "SingleLogoutService", "postBindingUrl", "http", "https");
modifyDocElementAttribute(doc, "SingleLogoutService", "redirectBindingUrl", "8080", System.getProperty("auth.server.https.port"));
modifyDocElementAttribute(doc, "SingleLogoutService", "redirectBindingUrl", "http", "https");
modifyDocElementAttribute(doc, "SP", "logoutPage", "8080", System.getProperty("app.server.https.port"));
modifyDocElementAttribute(doc, "SP", "logoutPage", "http", "https");
} else {
modifyDocElementAttribute(doc, "SingleSignOnService", "bindingUrl", "8080", System.getProperty("auth.server.http.port"));
modifyDocElementAttribute(doc, "SingleSignOnService", "assertionConsumerServiceUrl", "8080", System.getProperty("app.server.http.port"));
modifyDocElementAttribute(doc, "SingleLogoutService", "postBindingUrl", "8080", System.getProperty("auth.server.http.port"));
modifyDocElementAttribute(doc, "SingleLogoutService", "redirectBindingUrl", "8080", System.getProperty("auth.server.http.port"));
modifyDocElementAttribute(doc, "SP", "logoutPage", "8080", System.getProperty("app.server.http.port"));
}
archive.add(new StringAsset(IOUtil.documentToString(doc)), adapterConfigPath);
((WebArchive) archive).addAsResource(new File(DeploymentArchiveProcessor.class.getResource("/keystore/keycloak.truststore").getFile()));
// For running SAML tests it is necessary to have few dependencies on app-server side.
// Few of them are not in adapter zip so we need to add them manually here
} else {
// OIDC adapter config
try {
AdapterConfig adapterConfig = loadJson(archive.get(adapterConfigPath).getAsset().openStream(), AdapterConfig.class);
adapterConfig.setAuthServerUrl(getAuthServerContextRoot() + "/auth");
if (APP_SERVER_SSL_REQUIRED) {
adapterConfig.setSslRequired("all");
}
archive.add(new StringAsset(JsonSerialization.writeValueAsPrettyString(adapterConfig)), adapterConfigPath);
} catch (IOException ex) {
log.error("Cannot serialize adapter config to JSON.", ex);
}
}
}
}
Also used :
StringAsset(org.jboss.shrinkwrap.api.asset.StringAsset)
WebArchive(org.jboss.shrinkwrap.api.spec.WebArchive)
AdapterConfig(org.keycloak.representations.adapters.config.AdapterConfig)
IOException(java.io.IOException)
Document(org.w3c.dom.Document)
IOUtil.appendChildInDocument(org.keycloak.testsuite.utils.io.IOUtil.appendChildInDocument)
File(java.io.File)
Example 12 with AdapterConfig
use of org.keycloak.representations.adapters.config.AdapterConfig in project keycloak by keycloak.
the class AdapterInstallationConfigTest method getConfig.
@Test
public void getConfig() throws ClientRegistrationException {
reg.auth(Auth.client(client.getClientId(), "RegistrationAccessTokenTestClientSecret"));
AdapterConfig config = reg.getAdapterConfig(client.getClientId());
assertNotNull(config);
assertEquals(suiteContext.getAuthServerInfo().getContextRoot() + "/auth/", config.getAuthServerUrl());
assertEquals("test", config.getRealm());
assertEquals(1, config.getCredentials().size());
assertEquals("RegistrationAccessTokenTestClientSecret", config.getCredentials().get("secret"));
assertEquals(client.getClientId(), config.getResource());
if (AUTH_SERVER_SSL_REQUIRED)
assertEquals(SslRequired.EXTERNAL.name().toLowerCase(), config.getSslRequired());
}
Also used :
AdapterConfig(org.keycloak.representations.adapters.config.AdapterConfig)
Test(org.junit.Test)
Example 13 with AdapterConfig
use of org.keycloak.representations.adapters.config.AdapterConfig in project keycloak by keycloak.
the class DeploymentArchiveProcessorUtils method modifyOIDCAdapterConfig.
public static void modifyOIDCAdapterConfig(Archive<?> archive, String adapterConfigPath) {
try {
AdapterConfig adapterConfig = IOUtil.loadJson(archive.get(adapterConfigPath).getAsset().openStream(), AdapterConfig.class);
adapterConfig.setAuthServerUrl(getAuthServerUrl());
if (APP_SERVER_SSL_REQUIRED) {
adapterConfig.setSslRequired("all");
}
if (AUTH_SERVER_SSL_REQUIRED) {
String trustStorePathInDeployment = "keycloak.truststore";
if (adapterConfigPath.contains("WEB-INF")) {
// This is a Java adapter, we can use classpath
trustStorePathInDeployment = "classpath:keycloak.truststore";
}
adapterConfig.setTruststore(trustStorePathInDeployment);
adapterConfig.setTruststorePassword(TRUSTSTORE_PASSWORD);
String truststoreUrl = System.getProperty("dependency.keystore.root", "") + "/keycloak.truststore";
File truststore = new File(truststoreUrl);
if (!truststore.exists()) {
truststore = new File(DeploymentArchiveProcessorUtils.class.getResource("/keystore/keycloak.truststore").getFile());
}
((WebArchive) archive).addAsResource(truststore);
log.debugf("Adding Truststore to the deployment, path %s, password %s, adapter path %s", truststore.getAbsolutePath(), TRUSTSTORE_PASSWORD, trustStorePathInDeployment);
}
archive.add(new StringAsset(JsonSerialization.writeValueAsPrettyString(adapterConfig)), adapterConfigPath);
} catch (IOException ex) {
log.error("Cannot serialize adapter config to JSON.", ex);
}
}
Also used :
StringAsset(org.jboss.shrinkwrap.api.asset.StringAsset)
AdapterConfig(org.keycloak.representations.adapters.config.AdapterConfig)
WebArchive(org.jboss.shrinkwrap.api.spec.WebArchive)
IOException(java.io.IOException)
File(java.io.File)
Aggregations
AdapterConfig (org.keycloak.representations.adapters.config.AdapterConfig)13
Test (org.junit.Test)7
IOException (java.io.IOException)3
ByteArrayInputStream (java.io.ByteArrayInputStream)2
File (java.io.File)2
PathAddress (org.jboss.as.controller.PathAddress)2
AbstractSubsystemBaseTest (org.jboss.as.subsystem.test.AbstractSubsystemBaseTest)2
ModelNode (org.jboss.dmr.ModelNode)2
StringAsset (org.jboss.shrinkwrap.api.asset.StringAsset)2
WebArchive (org.jboss.shrinkwrap.api.spec.WebArchive)2
KeycloakDeployment (org.keycloak.adapters.KeycloakDeployment)2
SecurityException (com.canoo.platform.server.security.SecurityException)1
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1
CacheLoader (com.google.common.cache.CacheLoader)1
InputStream (java.io.InputStream)1
HashMap (java.util.HashMap)1
Map (java.util.Map)1
KeycloakConfigResolver (org.keycloak.adapters.KeycloakConfigResolver)1
Request (org.keycloak.adapters.spi.HttpFacade.Request)1
AdapterDeploymentContextFactoryBean (org.keycloak.adapters.springsecurity.AdapterDeploymentContextFactoryBean)1
