Example 6 with UserStorageProviderModel
use of org.keycloak.storage.UserStorageProviderModel in project keycloak by keycloak.
the class UserStorageProvidersTestUtils method getStorageProvider.
public static UserStorageProvider getStorageProvider(KeycloakSession session, RealmModel realm, String componentId) {
ComponentModel model = realm.getComponent(componentId);
if (model == null)
return null;
UserStorageProviderModel storageModel = new UserStorageProviderModel(model);
UserStorageProviderFactory factory = (UserStorageProviderFactory) session.getKeycloakSessionFactory().getProviderFactory(UserStorageProvider.class, model.getProviderId());
if (factory == null) {
throw new ModelException("Could not find UserStorageProviderFactory for: " + model.getProviderId());
}
return getStorageProviderInstance(session, storageModel, factory);
}
Also used :
UserStorageProvider(org.keycloak.storage.UserStorageProvider)
ModelException(org.keycloak.models.ModelException)
UserStorageProviderFactory(org.keycloak.storage.UserStorageProviderFactory)
ComponentModel(org.keycloak.component.ComponentModel)
UserStorageProviderModel(org.keycloak.storage.UserStorageProviderModel)
Example 7 with UserStorageProviderModel
use of org.keycloak.storage.UserStorageProviderModel in project keycloak by keycloak.
the class SyncFederationTest method test01PeriodicSyncOnCreate.
/**
* Test that period sync is triggered when creating a synchronized User Storage Provider
*/
@Test
public void test01PeriodicSyncOnCreate() {
final Map<String, Integer> state = testingClient.server().fetch(session -> {
KeycloakSessionFactory sessionFactory = session.getKeycloakSessionFactory();
DummyUserFederationProviderFactory dummyFedFactory = (DummyUserFederationProviderFactory) sessionFactory.getProviderFactory(UserStorageProvider.class, DummyUserFederationProviderFactory.PROVIDER_NAME);
int full = dummyFedFactory.getFullSyncCounter();
int changed = dummyFedFactory.getChangedSyncCounter();
Map<String, Integer> state1 = new HashMap<>();
state1.put("full", full);
state1.put("changed", changed);
return state1;
}, Map.class);
// Enable timer for SyncDummyUserFederationProvider
testingClient.server().run(session -> {
RealmModel appRealm = session.realms().getRealmByName(AuthRealm.TEST);
UserStorageProviderModel model = new UserStorageProviderModel();
model.setProviderId(DummyUserFederationProviderFactory.PROVIDER_NAME);
model.setPriority(1);
model.setName("test-sync-dummy");
model.setFullSyncPeriod(-1);
model.setChangedSyncPeriod(1);
model.setLastSync(0);
ComponentModel dummyModel = new UserStorageProviderModel(appRealm.addComponentModel(model));
});
testingClient.server().run(session -> {
RealmModel appRealm = session.realms().getRealmByName(AuthRealm.TEST);
UserStorageProviderModel dummyModel = findDummyProviderModel(appRealm);
KeycloakSessionFactory sessionFactory = session.getKeycloakSessionFactory();
DummyUserFederationProviderFactory dummyFedFactory = (DummyUserFederationProviderFactory) sessionFactory.getProviderFactory(UserStorageProvider.class, DummyUserFederationProviderFactory.PROVIDER_NAME);
// Assert that after some period was DummyUserFederationProvider triggered
UserStorageSyncManager usersSyncManager = new UserStorageSyncManager();
sleep(1800);
// Cancel timer
usersSyncManager.notifyToRefreshPeriodicSync(session, appRealm, dummyModel, true);
log.infof("Notified sync manager about cancel periodic sync");
// This sync is here just to ensure that we have lock (doublecheck that periodic sync, which was possibly triggered before canceling timer is finished too)
while (true) {
SynchronizationResult result = usersSyncManager.syncChangedUsers(session.getKeycloakSessionFactory(), appRealm.getId(), dummyModel);
if (result.isIgnored()) {
log.infof("Still waiting for lock before periodic sync is finished", result.toString());
sleep(1000);
} else {
break;
}
}
int full = state.get("full");
int changed = state.get("changed");
// Assert that DummyUserFederationProviderFactory.syncChangedUsers was invoked at least 2 times (once periodically and once for us)
int newChanged = dummyFedFactory.getChangedSyncCounter();
Assert.assertEquals(full, dummyFedFactory.getFullSyncCounter());
Assert.assertTrue("Assertion failed. newChanged=" + newChanged + ", changed=" + changed, newChanged > (changed + 1));
// Assert that dummy provider won't be invoked anymore
sleep(1800);
Assert.assertEquals(full, dummyFedFactory.getFullSyncCounter());
int newestChanged = dummyFedFactory.getChangedSyncCounter();
Assert.assertEquals("Assertion failed. newChanged=" + newChanged + ", newestChanged=" + newestChanged, newChanged, newestChanged);
});
// remove dummyProvider
testingClient.server().run(session -> {
RealmModel appRealm = session.realms().getRealmByName(AuthRealm.TEST);
UserStorageProviderModel dummyModel = findDummyProviderModel(appRealm);
appRealm.removeComponent(dummyModel);
});
}
Also used :
UserStorageSyncManager(org.keycloak.services.managers.UserStorageSyncManager)
HashMap(java.util.HashMap)
KeycloakSessionFactory(org.keycloak.models.KeycloakSessionFactory)
DummyUserFederationProviderFactory(org.keycloak.testsuite.federation.DummyUserFederationProviderFactory)
RealmModel(org.keycloak.models.RealmModel)
UserStorageProvider(org.keycloak.storage.UserStorageProvider)
ComponentModel(org.keycloak.component.ComponentModel)
UserStorageProviderModel(org.keycloak.storage.UserStorageProviderModel)
SynchronizationResult(org.keycloak.storage.user.SynchronizationResult)
Test(org.junit.Test)
AbstractAuthTest(org.keycloak.testsuite.AbstractAuthTest)
Example 8 with UserStorageProviderModel
use of org.keycloak.storage.UserStorageProviderModel in project keycloak by keycloak.
the class SyncFederationTest method test02PeriodicSyncOnUpdate.
/**
* Test that period sync is triggered when updating a synchronized User Storage Provider to have a non-negative sync period
*/
@Test
public void test02PeriodicSyncOnUpdate() {
final Map<String, Integer> state = testingClient.server().fetch(session -> {
KeycloakSessionFactory sessionFactory = session.getKeycloakSessionFactory();
DummyUserFederationProviderFactory dummyFedFactory = (DummyUserFederationProviderFactory) sessionFactory.getProviderFactory(UserStorageProvider.class, DummyUserFederationProviderFactory.PROVIDER_NAME);
int full = dummyFedFactory.getFullSyncCounter();
int changed = dummyFedFactory.getChangedSyncCounter();
Map<String, Integer> state1 = new HashMap<>();
state1.put("full", full);
state1.put("changed", changed);
return state1;
}, Map.class);
// Configure sync without timer for SyncDummyUserFederationProvider
testingClient.server().run(session -> {
RealmModel appRealm = session.realms().getRealmByName(AuthRealm.TEST);
UserStorageProviderModel model = new UserStorageProviderModel();
model.setProviderId(DummyUserFederationProviderFactory.PROVIDER_NAME);
model.setPriority(1);
model.setName("test-sync-dummy");
model.setFullSyncPeriod(-1);
model.setChangedSyncPeriod(-1);
model.setLastSync(0);
ComponentModel dummyModel = new UserStorageProviderModel(appRealm.addComponentModel(model));
});
testingClient.server().run(session -> {
KeycloakSessionFactory sessionFactory = session.getKeycloakSessionFactory();
DummyUserFederationProviderFactory dummyFedFactory = (DummyUserFederationProviderFactory) sessionFactory.getProviderFactory(UserStorageProvider.class, DummyUserFederationProviderFactory.PROVIDER_NAME);
// Assert that after some period was DummyUserFederationProvider triggered
UserStorageSyncManager usersSyncManager = new UserStorageSyncManager();
// Assert that dummy provider wasn't invoked anymore
sleep(1800);
int full = state.get("full");
int changed = state.get("changed");
Assert.assertEquals(full, dummyFedFactory.getFullSyncCounter());
int newChanged = dummyFedFactory.getChangedSyncCounter();
Assert.assertEquals("Assertion failed. changed=" + changed + ", newChanged=" + newChanged, changed, newChanged);
});
// Re-enable periodic sync for changed users
testingClient.server().run(session -> {
RealmModel appRealm = session.realms().getRealmByName(AuthRealm.TEST);
UserStorageProviderModel dummyModel = findDummyProviderModel(appRealm);
dummyModel.setChangedSyncPeriod(1);
appRealm.updateComponent(dummyModel);
});
testingClient.server().run(session -> {
RealmModel appRealm = session.realms().getRealmByName(AuthRealm.TEST);
UserStorageProviderModel dummyModel = findDummyProviderModel(appRealm);
KeycloakSessionFactory sessionFactory = session.getKeycloakSessionFactory();
DummyUserFederationProviderFactory dummyFedFactory = (DummyUserFederationProviderFactory) sessionFactory.getProviderFactory(UserStorageProvider.class, DummyUserFederationProviderFactory.PROVIDER_NAME);
// Assert that after some period was DummyUserFederationProvider triggered
UserStorageSyncManager usersSyncManager = new UserStorageSyncManager();
sleep(1800);
// Cancel timer
usersSyncManager.notifyToRefreshPeriodicSync(session, appRealm, dummyModel, true);
log.infof("Notified sync manager about cancel periodic sync");
// This sync is here just to ensure that we have lock (doublecheck that periodic sync, which was possibly triggered before canceling timer is finished too)
while (true) {
SynchronizationResult result = usersSyncManager.syncChangedUsers(session.getKeycloakSessionFactory(), appRealm.getId(), dummyModel);
if (result.isIgnored()) {
log.infof("Still waiting for lock before periodic sync is finished", result.toString());
sleep(1000);
} else {
break;
}
}
int full = state.get("full");
int changed = state.get("changed");
// Assert that DummyUserFederationProviderFactory.syncChangedUsers was invoked at least 1 time
int newChanged = dummyFedFactory.getChangedSyncCounter();
Assert.assertEquals(full, dummyFedFactory.getFullSyncCounter());
log.info("Asserting. newChanged=" + newChanged + " > changed=" + changed);
Assert.assertTrue("Assertion failed. newChanged=" + newChanged + ", changed=" + changed, newChanged > (changed + 1));
// Assert that dummy provider won't be invoked anymore
sleep(1800);
Assert.assertEquals(full, dummyFedFactory.getFullSyncCounter());
int newestChanged = dummyFedFactory.getChangedSyncCounter();
Assert.assertEquals("Assertion failed. newChanged=" + newChanged + ", newestChanged=" + newestChanged, newChanged, newestChanged);
});
// remove dummyProvider
testingClient.server().run(session -> {
RealmModel appRealm = session.realms().getRealmByName(AuthRealm.TEST);
UserStorageProviderModel dummyModel = findDummyProviderModel(appRealm);
appRealm.removeComponent(dummyModel);
});
}
Also used :
UserStorageSyncManager(org.keycloak.services.managers.UserStorageSyncManager)
HashMap(java.util.HashMap)
KeycloakSessionFactory(org.keycloak.models.KeycloakSessionFactory)
DummyUserFederationProviderFactory(org.keycloak.testsuite.federation.DummyUserFederationProviderFactory)
RealmModel(org.keycloak.models.RealmModel)
UserStorageProvider(org.keycloak.storage.UserStorageProvider)
ComponentModel(org.keycloak.component.ComponentModel)
UserStorageProviderModel(org.keycloak.storage.UserStorageProviderModel)
SynchronizationResult(org.keycloak.storage.user.SynchronizationResult)
Test(org.junit.Test)
AbstractAuthTest(org.keycloak.testsuite.AbstractAuthTest)
Example 9 with UserStorageProviderModel
use of org.keycloak.storage.UserStorageProviderModel in project keycloak by keycloak.
the class SyncDummyFederationProviderCommand method doRunCommand.
@Override
protected void doRunCommand(KeycloakSession session) {
int waitTime = getIntArg(0);
int changedSyncPeriod = getIntArg(1);
RealmModel realm = session.realms().getRealmByName("master");
UserStorageProviderModel fedProviderModel = KeycloakModelUtils.findUserStorageProviderByName("cluster-dummy", realm);
if (fedProviderModel == null) {
MultivaluedHashMap<String, String> cfg = fedProviderModel.getConfig();
updateConfig(cfg, waitTime);
UserStorageProviderModel model = new UserStorageProviderModel();
model.setProviderId("sync-dummy");
model.setPriority(1);
model.setName("cluster-dummy");
model.setFullSyncPeriod(-1);
model.setChangedSyncPeriod(changedSyncPeriod);
model.setLastSync(-1);
fedProviderModel = new UserStorageProviderModel(realm.addComponentModel(model));
} else {
MultivaluedHashMap<String, String> cfg = fedProviderModel.getConfig();
updateConfig(cfg, waitTime);
fedProviderModel.setChangedSyncPeriod(changedSyncPeriod);
realm.updateComponent(fedProviderModel);
}
new UserStorageSyncManager().notifyToRefreshPeriodicSync(session, realm, fedProviderModel, false);
log.infof("User federation provider created and sync was started", waitTime);
}
Also used :
RealmModel(org.keycloak.models.RealmModel)
UserStorageSyncManager(org.keycloak.services.managers.UserStorageSyncManager)
UserStorageProviderModel(org.keycloak.storage.UserStorageProviderModel)
Example 10 with UserStorageProviderModel
use of org.keycloak.storage.UserStorageProviderModel in project keycloak by keycloak.
the class UserCredentialStoreManager method disableCredentialType.
@Override
public void disableCredentialType(RealmModel realm, UserModel user, String credentialType) {
String providerId = StorageId.isLocalStorage(user) ? user.getFederationLink() : StorageId.resolveProviderId(user);
if (!StorageId.isLocalStorage(user))
throwExceptionIfInvalidUser(user);
if (providerId != null) {
UserStorageProviderModel model = getStorageProviderModel(realm, providerId);
if (model == null || !model.isEnabled())
return;
CredentialInputUpdater updater = getStorageProviderInstance(model, CredentialInputUpdater.class);
if (updater.supportsCredentialType(credentialType)) {
updater.disableCredentialType(realm, user, credentialType);
}
}
getCredentialProviders(session, CredentialInputUpdater.class).filter(updater -> updater.supportsCredentialType(credentialType)).forEach(updater -> updater.disableCredentialType(realm, user, credentialType));
}
Also used :
Arrays(java.util.Arrays)
RealmModel(org.keycloak.models.RealmModel)
Types(org.keycloak.common.util.reflections.Types)
UserStorageProvider(org.keycloak.storage.UserStorageProvider)
KeycloakSession(org.keycloak.models.KeycloakSession)
CachedUserModel(org.keycloak.models.cache.CachedUserModel)
OnUserCache(org.keycloak.models.cache.OnUserCache)
AbstractStorageManager(org.keycloak.storage.AbstractStorageManager)
StorageId(org.keycloak.storage.StorageId)
Objects(java.util.Objects)
List(java.util.List)
UserModel(org.keycloak.models.UserModel)
Stream(java.util.stream.Stream)
UserCache(org.keycloak.models.cache.UserCache)
UserCredentialManager(org.keycloak.models.UserCredentialManager)
CredentialValidationOutput(org.keycloak.models.CredentialValidationOutput)
UserStorageProviderModel(org.keycloak.storage.UserStorageProviderModel)
LinkedList(java.util.LinkedList)
UserStorageProviderFactory(org.keycloak.storage.UserStorageProviderFactory)
UserStorageProviderModel(org.keycloak.storage.UserStorageProviderModel)
Aggregations
UserStorageProviderModel (org.keycloak.storage.UserStorageProviderModel)40
ComponentModel (org.keycloak.component.ComponentModel)19
RealmModel (org.keycloak.models.RealmModel)17
UserStorageProvider (org.keycloak.storage.UserStorageProvider)12
LDAPStorageProvider (org.keycloak.storage.ldap.LDAPStorageProvider)8
Test (org.junit.Test)7
UserStorageSyncManager (org.keycloak.services.managers.UserStorageSyncManager)7
SynchronizationResult (org.keycloak.storage.user.SynchronizationResult)6
LinkedList (java.util.LinkedList)5
UserModel (org.keycloak.models.UserModel)5
LDAPObject (org.keycloak.storage.ldap.idm.model.LDAPObject)5
HashMap (java.util.HashMap)4
KeycloakSession (org.keycloak.models.KeycloakSession)4
UserStorageProviderFactory (org.keycloak.storage.UserStorageProviderFactory)4
AbstractAuthTest (org.keycloak.testsuite.AbstractAuthTest)4
Path (javax.ws.rs.Path)3
CachedUserModel (org.keycloak.models.cache.CachedUserModel)3
ProviderConfigurationBuilder (org.keycloak.provider.ProviderConfigurationBuilder)3
Arrays (java.util.Arrays)2
List (java.util.List)2
