mirror of
https://github.com/bmlong137/alfresco-keycloak.git
synced 2025-09-10 14:11:09 +00:00
Merge branch 'feature/login-plugin' into feature/newuser-concurrency
This commit is contained in:
41
pom.xml
41
pom.xml
@@ -20,13 +20,13 @@
|
|||||||
|
|
||||||
<parent>
|
<parent>
|
||||||
<groupId>de.acosix.alfresco.maven</groupId>
|
<groupId>de.acosix.alfresco.maven</groupId>
|
||||||
<artifactId>de.acosix.alfresco.maven.project.parent-6.0.7</artifactId>
|
<artifactId>de.acosix.alfresco.maven.project.parent-23.1.0</artifactId>
|
||||||
<version>1.4.1</version>
|
<version>1.5.0</version>
|
||||||
</parent>
|
</parent>
|
||||||
|
|
||||||
<groupId>de.acosix.alfresco.keycloak</groupId>
|
<groupId>de.acosix.alfresco.keycloak</groupId>
|
||||||
<artifactId>de.acosix.alfresco.keycloak.parent</artifactId>
|
<artifactId>de.acosix.alfresco.keycloak.parent</artifactId>
|
||||||
<version>1.1.0-rc8-SNAPSHOT</version>
|
<version>1.2.0-rc2-SNAPSHOT</version>
|
||||||
<packaging>pom</packaging>
|
<packaging>pom</packaging>
|
||||||
|
|
||||||
<name>Acosix Alfresco Keycloak - Parent</name>
|
<name>Acosix Alfresco Keycloak - Parent</name>
|
||||||
@@ -61,6 +61,15 @@
|
|||||||
<twitter>twitter.com/ReluctantBird83</twitter>
|
<twitter>twitter.com/ReluctantBird83</twitter>
|
||||||
</properties>
|
</properties>
|
||||||
</developer>
|
</developer>
|
||||||
|
<developer>
|
||||||
|
<id>blong</id>
|
||||||
|
<name>Brian Long</name>
|
||||||
|
<email>brian@inteligr8.com</email>
|
||||||
|
<organization>Inteligr8 LLC</organization>
|
||||||
|
<properties>
|
||||||
|
<twitter>twitter.com/brian_m_long</twitter>
|
||||||
|
</properties>
|
||||||
|
</developer>
|
||||||
</developers>
|
</developers>
|
||||||
|
|
||||||
<properties>
|
<properties>
|
||||||
@@ -68,18 +77,16 @@
|
|||||||
<messages.packageId>acosix.keycloak</messages.packageId>
|
<messages.packageId>acosix.keycloak</messages.packageId>
|
||||||
<moduleId>acosix-keycloak</moduleId>
|
<moduleId>acosix-keycloak</moduleId>
|
||||||
|
|
||||||
<maven.compiler.source>1.8</maven.compiler.source>
|
<maven.compiler.version>3.13.0</maven.compiler.version>
|
||||||
<maven.compiler.target>1.8</maven.compiler.target>
|
<maven.shade.version>3.6.0</maven.shade.version>
|
||||||
|
|
||||||
<maven.shade.version>3.2.4</maven.shade.version>
|
<keycloak.version>22.0.3</keycloak.version>
|
||||||
|
|
||||||
<keycloak.version>16.1.0</keycloak.version>
|
|
||||||
<resteasy.version>3.15.1.Final</resteasy.version>
|
<resteasy.version>3.15.1.Final</resteasy.version>
|
||||||
<!-- lowest common denominator of Repository / Share in 6.0 -->
|
<!-- lowest common denominator of Repository / Share in 6.0 -->
|
||||||
<apache.httpclient.version>4.5.13</apache.httpclient.version>
|
<apache.httpclient.version>4.5.13</apache.httpclient.version>
|
||||||
<apache.httpcore.version>4.4.14</apache.httpcore.version>
|
<apache.httpcore.version>4.4.16</apache.httpcore.version>
|
||||||
|
|
||||||
<acosix.utility.version>1.2.5</acosix.utility.version>
|
<acosix.utility.version>1.4.3</acosix.utility.version>
|
||||||
<ootbee.support-tools.version>1.1.0.0</ootbee.support-tools.version>
|
<ootbee.support-tools.version>1.1.0.0</ootbee.support-tools.version>
|
||||||
|
|
||||||
<docker.tests.repositoryImageBuilder.preRun></docker.tests.repositoryImageBuilder.preRun>
|
<docker.tests.repositoryImageBuilder.preRun></docker.tests.repositoryImageBuilder.preRun>
|
||||||
@@ -132,13 +139,13 @@
|
|||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.keycloak</groupId>
|
<groupId>org.keycloak</groupId>
|
||||||
<artifactId>keycloak-servlet-adapter-spi</artifactId>
|
<artifactId>keycloak-jakarta-servlet-adapter-spi</artifactId>
|
||||||
<version>${keycloak.version}</version>
|
<version>${keycloak.version}</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.keycloak</groupId>
|
<groupId>org.keycloak</groupId>
|
||||||
<artifactId>keycloak-servlet-filter-adapter</artifactId>
|
<artifactId>keycloak-jakarta-servlet-filter-adapter</artifactId>
|
||||||
<version>${keycloak.version}</version>
|
<version>${keycloak.version}</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
@@ -150,7 +157,7 @@
|
|||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.keycloak</groupId>
|
<groupId>org.keycloak</groupId>
|
||||||
<artifactId>keycloak-admin-client</artifactId>
|
<artifactId>keycloak-admin-client-jakarta</artifactId>
|
||||||
<version>${keycloak.version}</version>
|
<version>${keycloak.version}</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
@@ -298,6 +305,14 @@
|
|||||||
<build>
|
<build>
|
||||||
<pluginManagement>
|
<pluginManagement>
|
||||||
<plugins>
|
<plugins>
|
||||||
|
<plugin>
|
||||||
|
<artifactId>maven-source-plugin</artifactId>
|
||||||
|
<version>${maven.source.version}</version>
|
||||||
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<artifactId>maven-compiler-plugin</artifactId>
|
||||||
|
<version>${maven.compiler.version}</version>
|
||||||
|
</plugin>
|
||||||
<plugin>
|
<plugin>
|
||||||
<artifactId>maven-shade-plugin</artifactId>
|
<artifactId>maven-shade-plugin</artifactId>
|
||||||
<version>${maven.shade.version}</version>
|
<version>${maven.shade.version}</version>
|
||||||
|
|||||||
@@ -21,7 +21,7 @@
|
|||||||
<parent>
|
<parent>
|
||||||
<groupId>de.acosix.alfresco.keycloak</groupId>
|
<groupId>de.acosix.alfresco.keycloak</groupId>
|
||||||
<artifactId>de.acosix.alfresco.keycloak.parent</artifactId>
|
<artifactId>de.acosix.alfresco.keycloak.parent</artifactId>
|
||||||
<version>1.1.0-rc8-SNAPSHOT</version>
|
<version>1.2.0-rc2-SNAPSHOT</version>
|
||||||
</parent>
|
</parent>
|
||||||
|
|
||||||
<artifactId>de.acosix.alfresco.keycloak.repo</artifactId>
|
<artifactId>de.acosix.alfresco.keycloak.repo</artifactId>
|
||||||
@@ -44,12 +44,12 @@
|
|||||||
</exclusion>
|
</exclusion>
|
||||||
</exclusions>
|
</exclusions>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>javax.servlet</groupId>
|
<groupId>jakarta.servlet</groupId>
|
||||||
<artifactId>javax.servlet-api</artifactId>
|
<artifactId>jakarta.servlet-api</artifactId>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.keycloak</groupId>
|
<groupId>org.keycloak</groupId>
|
||||||
<artifactId>keycloak-adapter-core</artifactId>
|
<artifactId>keycloak-adapter-core</artifactId>
|
||||||
@@ -71,12 +71,17 @@
|
|||||||
<groupId>org.jboss.resteasy</groupId>
|
<groupId>org.jboss.resteasy</groupId>
|
||||||
<artifactId>*</artifactId>
|
<artifactId>*</artifactId>
|
||||||
</exclusion>
|
</exclusion>
|
||||||
|
<!-- use default from Alfresco Repository -->
|
||||||
|
<exclusion>
|
||||||
|
<groupId>org.apache.httpcomponents</groupId>
|
||||||
|
<artifactId>httpclient</artifactId>
|
||||||
|
</exclusion>
|
||||||
</exclusions>
|
</exclusions>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.keycloak</groupId>
|
<groupId>org.keycloak</groupId>
|
||||||
<artifactId>keycloak-servlet-adapter-spi</artifactId>
|
<artifactId>keycloak-jakarta-servlet-adapter-spi</artifactId>
|
||||||
<exclusions>
|
<exclusions>
|
||||||
<!-- don't include activation standalone JAR - rely on JDK inclusion since Java 6 -->
|
<!-- don't include activation standalone JAR - rely on JDK inclusion since Java 6 -->
|
||||||
<exclusion>
|
<exclusion>
|
||||||
@@ -105,7 +110,7 @@
|
|||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.keycloak</groupId>
|
<groupId>org.keycloak</groupId>
|
||||||
<artifactId>keycloak-servlet-filter-adapter</artifactId>
|
<artifactId>keycloak-jakarta-servlet-filter-adapter</artifactId>
|
||||||
<exclusions>
|
<exclusions>
|
||||||
<!-- don't include activation standalone JAR - rely on JDK inclusion since Java 6 -->
|
<!-- don't include activation standalone JAR - rely on JDK inclusion since Java 6 -->
|
||||||
<exclusion>
|
<exclusion>
|
||||||
@@ -233,7 +238,8 @@
|
|||||||
<goal>shade</goal>
|
<goal>shade</goal>
|
||||||
</goals>
|
</goals>
|
||||||
<configuration>
|
<configuration>
|
||||||
<createSourcesJar>true</createSourcesJar>
|
<!-- generating using `sources` classifier, which conflicts with the main `sources` -->
|
||||||
|
<createSourcesJar>false</createSourcesJar>
|
||||||
<shadeSourcesContent>true</shadeSourcesContent>
|
<shadeSourcesContent>true</shadeSourcesContent>
|
||||||
<keepDependenciesWithProvidedScope>false</keepDependenciesWithProvidedScope>
|
<keepDependenciesWithProvidedScope>false</keepDependenciesWithProvidedScope>
|
||||||
<artifactSet>
|
<artifactSet>
|
||||||
|
|||||||
12
repository/src/main/config/log4j2.properties
Normal file
12
repository/src/main/config/log4j2.properties
Normal file
@@ -0,0 +1,12 @@
|
|||||||
|
|
||||||
|
logger.acosix-alfresco-keycloak.name=${project.artifactId}
|
||||||
|
logger.acosix-alfresco-keycloak.level=INFO
|
||||||
|
|
||||||
|
logger.acosix-alfresco-keycloak-deps.name=${project.artifactId}.deps
|
||||||
|
logger.acosix-alfresco-keycloak-deps.level=ERROR
|
||||||
|
|
||||||
|
logger.acosix-alfresco-keycloak-deps-keycloak.name=${project.artifactId}.deps.keycloak
|
||||||
|
logger.acosix-alfresco-keycloak-deps-keycloak.level=ERROR
|
||||||
|
|
||||||
|
logger.acosix-alfresco-keycloak-deps-jboss.name=${project.artifactId}.deps.jboss
|
||||||
|
logger.acosix-alfresco-keycloak-deps-jboss.level=ERROR
|
||||||
@@ -21,16 +21,16 @@ import java.util.Arrays;
|
|||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Locale;
|
import java.util.Locale;
|
||||||
|
|
||||||
import javax.servlet.FilterChain;
|
import jakarta.servlet.FilterChain;
|
||||||
import javax.servlet.ServletContext;
|
import jakarta.servlet.ServletContext;
|
||||||
import javax.servlet.ServletException;
|
import jakarta.servlet.ServletException;
|
||||||
import javax.servlet.ServletRequest;
|
import jakarta.servlet.ServletRequest;
|
||||||
import javax.servlet.ServletResponse;
|
import jakarta.servlet.ServletResponse;
|
||||||
import javax.servlet.http.Cookie;
|
import jakarta.servlet.http.Cookie;
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
import javax.servlet.http.HttpServletRequestWrapper;
|
import jakarta.servlet.http.HttpServletRequestWrapper;
|
||||||
import javax.servlet.http.HttpServletResponse;
|
import jakarta.servlet.http.HttpServletResponse;
|
||||||
import javax.servlet.http.HttpSession;
|
import jakarta.servlet.http.HttpSession;
|
||||||
|
|
||||||
import org.alfresco.repo.SessionUser;
|
import org.alfresco.repo.SessionUser;
|
||||||
import org.alfresco.repo.cache.SimpleCache;
|
import org.alfresco.repo.cache.SimpleCache;
|
||||||
|
|||||||
@@ -17,8 +17,8 @@ package de.acosix.alfresco.keycloak.repo.authentication;
|
|||||||
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
import javax.servlet.http.HttpSession;
|
import jakarta.servlet.http.HttpSession;
|
||||||
|
|
||||||
import org.alfresco.repo.management.subsystems.ActivateableBean;
|
import org.alfresco.repo.management.subsystems.ActivateableBean;
|
||||||
import org.alfresco.repo.security.authentication.AuthenticationException;
|
import org.alfresco.repo.security.authentication.AuthenticationException;
|
||||||
|
|||||||
@@ -17,13 +17,13 @@ package de.acosix.alfresco.keycloak.repo.authentication;
|
|||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
|
||||||
import javax.servlet.FilterChain;
|
import jakarta.servlet.FilterChain;
|
||||||
import javax.servlet.ServletContext;
|
import jakarta.servlet.ServletContext;
|
||||||
import javax.servlet.ServletException;
|
import jakarta.servlet.ServletException;
|
||||||
import javax.servlet.ServletRequest;
|
import jakarta.servlet.ServletRequest;
|
||||||
import javax.servlet.ServletResponse;
|
import jakarta.servlet.ServletResponse;
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
import javax.servlet.http.HttpSession;
|
import jakarta.servlet.http.HttpSession;
|
||||||
|
|
||||||
import org.alfresco.repo.SessionUser;
|
import org.alfresco.repo.SessionUser;
|
||||||
import org.alfresco.repo.web.scripts.bean.LoginPost;
|
import org.alfresco.repo.web.scripts.bean.LoginPost;
|
||||||
|
|||||||
@@ -17,12 +17,12 @@ package de.acosix.alfresco.keycloak.repo.authentication;
|
|||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
|
||||||
import javax.servlet.FilterChain;
|
import jakarta.servlet.FilterChain;
|
||||||
import javax.servlet.ServletContext;
|
import jakarta.servlet.ServletContext;
|
||||||
import javax.servlet.ServletException;
|
import jakarta.servlet.ServletException;
|
||||||
import javax.servlet.ServletRequest;
|
import jakarta.servlet.ServletRequest;
|
||||||
import javax.servlet.ServletResponse;
|
import jakarta.servlet.ServletResponse;
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
|
|
||||||
import org.alfresco.repo.management.subsystems.ActivateableBean;
|
import org.alfresco.repo.management.subsystems.ActivateableBean;
|
||||||
import org.alfresco.repo.web.filter.beans.DependencyInjectedFilter;
|
import org.alfresco.repo.web.filter.beans.DependencyInjectedFilter;
|
||||||
|
|||||||
@@ -23,7 +23,7 @@ import java.util.HashMap;
|
|||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
|
|
||||||
import org.alfresco.util.Pair;
|
import org.alfresco.util.Pair;
|
||||||
import org.keycloak.adapters.servlet.ServletHttpFacade;
|
import org.keycloak.adapters.servlet.ServletHttpFacade;
|
||||||
@@ -39,7 +39,7 @@ import org.keycloak.adapters.spi.HttpFacade;
|
|||||||
public class ResponseHeaderCookieCaptureServletHttpFacade extends ServletHttpFacade
|
public class ResponseHeaderCookieCaptureServletHttpFacade extends ServletHttpFacade
|
||||||
{
|
{
|
||||||
|
|
||||||
protected final Map<Pair<String, String>, javax.servlet.http.Cookie> cookies = new HashMap<>();
|
protected final Map<Pair<String, String>, jakarta.servlet.http.Cookie> cookies = new HashMap<>();
|
||||||
|
|
||||||
protected final Map<String, List<String>> headers = new HashMap<>();
|
protected final Map<String, List<String>> headers = new HashMap<>();
|
||||||
|
|
||||||
@@ -71,7 +71,7 @@ public class ResponseHeaderCookieCaptureServletHttpFacade extends ServletHttpFac
|
|||||||
/**
|
/**
|
||||||
* @return the cookies
|
* @return the cookies
|
||||||
*/
|
*/
|
||||||
public List<javax.servlet.http.Cookie> getCookies()
|
public List<jakarta.servlet.http.Cookie> getCookies()
|
||||||
{
|
{
|
||||||
return new ArrayList<>(this.cookies.values());
|
return new ArrayList<>(this.cookies.values());
|
||||||
}
|
}
|
||||||
@@ -157,7 +157,7 @@ public class ResponseHeaderCookieCaptureServletHttpFacade extends ServletHttpFac
|
|||||||
public void setCookie(final String name, final String value, final String path, final String domain, final int maxAge,
|
public void setCookie(final String name, final String value, final String path, final String domain, final int maxAge,
|
||||||
final boolean secure, final boolean httpOnly)
|
final boolean secure, final boolean httpOnly)
|
||||||
{
|
{
|
||||||
final javax.servlet.http.Cookie cookie = new javax.servlet.http.Cookie(name, value);
|
final jakarta.servlet.http.Cookie cookie = new jakarta.servlet.http.Cookie(name, value);
|
||||||
cookie.setPath(path);
|
cookie.setPath(path);
|
||||||
if (domain != null)
|
if (domain != null)
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -6,7 +6,10 @@ import java.io.IOException;
|
|||||||
import java.io.InputStream;
|
import java.io.InputStream;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.Collection;
|
import java.util.Collection;
|
||||||
|
import java.util.Collections;
|
||||||
|
import java.util.HashMap;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
import java.util.Map;
|
||||||
import java.util.function.Consumer;
|
import java.util.function.Consumer;
|
||||||
|
|
||||||
import org.alfresco.util.ParameterCheck;
|
import org.alfresco.util.ParameterCheck;
|
||||||
@@ -22,13 +25,13 @@ import org.keycloak.TokenVerifier;
|
|||||||
import org.keycloak.adapters.KeycloakDeployment;
|
import org.keycloak.adapters.KeycloakDeployment;
|
||||||
import org.keycloak.adapters.ServerRequest;
|
import org.keycloak.adapters.ServerRequest;
|
||||||
import org.keycloak.adapters.ServerRequest.HttpFailure;
|
import org.keycloak.adapters.ServerRequest.HttpFailure;
|
||||||
import org.keycloak.adapters.authentication.ClientCredentialsProviderUtils;
|
|
||||||
import org.keycloak.adapters.rotation.AdapterTokenVerifier;
|
import org.keycloak.adapters.rotation.AdapterTokenVerifier;
|
||||||
import org.keycloak.adapters.rotation.AdapterTokenVerifier.VerifiedTokens;
|
import org.keycloak.adapters.rotation.AdapterTokenVerifier.VerifiedTokens;
|
||||||
import org.keycloak.common.VerificationException;
|
import org.keycloak.common.VerificationException;
|
||||||
import org.keycloak.common.util.KeycloakUriBuilder;
|
import org.keycloak.common.util.KeycloakUriBuilder;
|
||||||
import org.keycloak.common.util.Time;
|
import org.keycloak.common.util.Time;
|
||||||
import org.keycloak.constants.ServiceUrlConstants;
|
import org.keycloak.constants.ServiceUrlConstants;
|
||||||
|
import org.keycloak.protocol.oidc.client.authentication.ClientCredentialsProviderUtils;
|
||||||
import org.keycloak.representations.AccessToken;
|
import org.keycloak.representations.AccessToken;
|
||||||
import org.keycloak.representations.AccessTokenResponse;
|
import org.keycloak.representations.AccessTokenResponse;
|
||||||
import org.keycloak.util.JsonSerialization;
|
import org.keycloak.util.JsonSerialization;
|
||||||
@@ -284,8 +287,16 @@ public class AccessTokenClient
|
|||||||
final List<NameValuePair> formParams = new ArrayList<>();
|
final List<NameValuePair> formParams = new ArrayList<>();
|
||||||
|
|
||||||
postParamProvider.accept(formParams);
|
postParamProvider.accept(formParams);
|
||||||
|
|
||||||
|
Map<String, String> formMap = new HashMap<>();
|
||||||
|
for (NameValuePair pair : formParams)
|
||||||
|
formMap.put(pair.getName(), pair.getValue());
|
||||||
|
|
||||||
ClientCredentialsProviderUtils.setClientCredentials(this.deployment, post, formParams);
|
ClientCredentialsProviderUtils.setClientCredentials(
|
||||||
|
this.deployment.getAdapterConfig(),
|
||||||
|
this.deployment.getClientAuthenticator(),
|
||||||
|
Collections.emptyMap(),
|
||||||
|
formMap);
|
||||||
|
|
||||||
final UrlEncodedFormEntity form = new UrlEncodedFormEntity(formParams, "UTF-8");
|
final UrlEncodedFormEntity form = new UrlEncodedFormEntity(formParams, "UTF-8");
|
||||||
post.setEntity(form);
|
post.setEntity(form);
|
||||||
|
|||||||
@@ -21,7 +21,7 @@
|
|||||||
<parent>
|
<parent>
|
||||||
<groupId>de.acosix.alfresco.keycloak</groupId>
|
<groupId>de.acosix.alfresco.keycloak</groupId>
|
||||||
<artifactId>de.acosix.alfresco.keycloak.parent</artifactId>
|
<artifactId>de.acosix.alfresco.keycloak.parent</artifactId>
|
||||||
<version>1.1.0-rc8-SNAPSHOT</version>
|
<version>1.2.0-rc2-SNAPSHOT</version>
|
||||||
</parent>
|
</parent>
|
||||||
|
|
||||||
<artifactId>de.acosix.alfresco.keycloak.share</artifactId>
|
<artifactId>de.acosix.alfresco.keycloak.share</artifactId>
|
||||||
@@ -61,8 +61,8 @@
|
|||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>javax.servlet</groupId>
|
<groupId>jakarta.servlet</groupId>
|
||||||
<artifactId>javax.servlet-api</artifactId>
|
<artifactId>jakarta.servlet-api</artifactId>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
@@ -83,7 +83,7 @@
|
|||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.keycloak</groupId>
|
<groupId>org.keycloak</groupId>
|
||||||
<artifactId>keycloak-servlet-adapter-spi</artifactId>
|
<artifactId>keycloak-jakarta-servlet-adapter-spi</artifactId>
|
||||||
<exclusions>
|
<exclusions>
|
||||||
<!-- don't include activation standalone JAR - rely on JDK inclusion since Java 6 -->
|
<!-- don't include activation standalone JAR - rely on JDK inclusion since Java 6 -->
|
||||||
<exclusion>
|
<exclusion>
|
||||||
@@ -104,7 +104,7 @@
|
|||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.keycloak</groupId>
|
<groupId>org.keycloak</groupId>
|
||||||
<artifactId>keycloak-servlet-filter-adapter</artifactId>
|
<artifactId>keycloak-jakarta-servlet-filter-adapter</artifactId>
|
||||||
<exclusions>
|
<exclusions>
|
||||||
<!-- don't include activation standalone JAR - rely on JDK inclusion since Java 6 -->
|
<!-- don't include activation standalone JAR - rely on JDK inclusion since Java 6 -->
|
||||||
<exclusion>
|
<exclusion>
|
||||||
@@ -284,7 +284,8 @@
|
|||||||
<goal>shade</goal>
|
<goal>shade</goal>
|
||||||
</goals>
|
</goals>
|
||||||
<configuration>
|
<configuration>
|
||||||
<createSourcesJar>true</createSourcesJar>
|
<!-- generating using `sources` classifier, which conflicts with the main `sources` -->
|
||||||
|
<createSourcesJar>false</createSourcesJar>
|
||||||
<shadeSourcesContent>true</shadeSourcesContent>
|
<shadeSourcesContent>true</shadeSourcesContent>
|
||||||
<keepDependenciesWithProvidedScope>false</keepDependenciesWithProvidedScope>
|
<keepDependenciesWithProvidedScope>false</keepDependenciesWithProvidedScope>
|
||||||
<artifactSet>
|
<artifactSet>
|
||||||
|
|||||||
15
share/src/main/config/log4j2.properties
Normal file
15
share/src/main/config/log4j2.properties
Normal file
@@ -0,0 +1,15 @@
|
|||||||
|
|
||||||
|
logger.acosix-alfresco-keycloak.name=${project.artifactId}
|
||||||
|
logger.acosix-alfresco-keycloak.level=INFO
|
||||||
|
|
||||||
|
logger.acosix-alfresco-keycloak-deps.name=${project.artifactId}.deps
|
||||||
|
logger.acosix-alfresco-keycloak-deps.level=ERROR
|
||||||
|
|
||||||
|
logger.acosix-alfresco-keycloak-deps-keycloak.name=${project.artifactId}.deps.keycloak
|
||||||
|
logger.acosix-alfresco-keycloak-deps-keycloak.level=ERROR
|
||||||
|
|
||||||
|
logger.acosix-alfresco-keycloak-deps-jackson.name=${project.artifactId}.deps.jackson
|
||||||
|
logger.acosix-alfresco-keycloak-deps-jackson.level=ERROR
|
||||||
|
|
||||||
|
logger.acosix-alfresco-keycloak-deps-jboss.name=${project.artifactId}.deps.jboss
|
||||||
|
logger.acosix-alfresco-keycloak-deps-jboss.level=ERROR
|
||||||
@@ -15,7 +15,7 @@
|
|||||||
*/
|
*/
|
||||||
package de.acosix.alfresco.keycloak.share.remote;
|
package de.acosix.alfresco.keycloak.share.remote;
|
||||||
|
|
||||||
import javax.servlet.http.HttpSession;
|
import jakarta.servlet.http.HttpSession;
|
||||||
|
|
||||||
import org.keycloak.adapters.OidcKeycloakAccount;
|
import org.keycloak.adapters.OidcKeycloakAccount;
|
||||||
import org.keycloak.adapters.spi.KeycloakAccount;
|
import org.keycloak.adapters.spi.KeycloakAccount;
|
||||||
|
|||||||
@@ -17,7 +17,7 @@ package de.acosix.alfresco.keycloak.share.remote;
|
|||||||
|
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
|
|
||||||
import javax.servlet.http.HttpSession;
|
import jakarta.servlet.http.HttpSession;
|
||||||
|
|
||||||
import org.alfresco.web.site.servlet.SlingshotAlfrescoConnector;
|
import org.alfresco.web.site.servlet.SlingshotAlfrescoConnector;
|
||||||
import org.keycloak.KeycloakSecurityContext;
|
import org.keycloak.KeycloakSecurityContext;
|
||||||
|
|||||||
@@ -26,23 +26,25 @@ import java.net.InetAddress;
|
|||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
|
import java.util.HashMap;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Locale;
|
import java.util.Locale;
|
||||||
|
import java.util.Map;
|
||||||
import java.util.function.BiFunction;
|
import java.util.function.BiFunction;
|
||||||
import java.util.regex.Matcher;
|
import java.util.regex.Matcher;
|
||||||
import java.util.regex.Pattern;
|
import java.util.regex.Pattern;
|
||||||
import java.util.stream.Collectors;
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
import javax.servlet.FilterChain;
|
import jakarta.servlet.FilterChain;
|
||||||
import javax.servlet.ServletContext;
|
import jakarta.servlet.ServletContext;
|
||||||
import javax.servlet.ServletException;
|
import jakarta.servlet.ServletException;
|
||||||
import javax.servlet.ServletRequest;
|
import jakarta.servlet.ServletRequest;
|
||||||
import javax.servlet.ServletResponse;
|
import jakarta.servlet.ServletResponse;
|
||||||
import javax.servlet.http.Cookie;
|
import jakarta.servlet.http.Cookie;
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
import javax.servlet.http.HttpServletRequestWrapper;
|
import jakarta.servlet.http.HttpServletRequestWrapper;
|
||||||
import javax.servlet.http.HttpServletResponse;
|
import jakarta.servlet.http.HttpServletResponse;
|
||||||
import javax.servlet.http.HttpSession;
|
import jakarta.servlet.http.HttpSession;
|
||||||
|
|
||||||
import org.alfresco.error.AlfrescoRuntimeException;
|
import org.alfresco.error.AlfrescoRuntimeException;
|
||||||
import org.alfresco.util.EqualsHelper;
|
import org.alfresco.util.EqualsHelper;
|
||||||
@@ -73,7 +75,6 @@ import org.keycloak.adapters.OAuthRequestAuthenticator;
|
|||||||
import org.keycloak.adapters.OIDCAuthenticationError;
|
import org.keycloak.adapters.OIDCAuthenticationError;
|
||||||
import org.keycloak.adapters.OidcKeycloakAccount;
|
import org.keycloak.adapters.OidcKeycloakAccount;
|
||||||
import org.keycloak.adapters.PreAuthActionsHandler;
|
import org.keycloak.adapters.PreAuthActionsHandler;
|
||||||
import org.keycloak.adapters.authentication.ClientCredentialsProviderUtils;
|
|
||||||
import org.keycloak.adapters.rotation.AdapterTokenVerifier;
|
import org.keycloak.adapters.rotation.AdapterTokenVerifier;
|
||||||
import org.keycloak.adapters.rotation.AdapterTokenVerifier.VerifiedTokens;
|
import org.keycloak.adapters.rotation.AdapterTokenVerifier.VerifiedTokens;
|
||||||
import org.keycloak.adapters.servlet.FilterRequestAuthenticator;
|
import org.keycloak.adapters.servlet.FilterRequestAuthenticator;
|
||||||
@@ -88,6 +89,7 @@ import org.keycloak.common.VerificationException;
|
|||||||
import org.keycloak.common.util.KeycloakUriBuilder;
|
import org.keycloak.common.util.KeycloakUriBuilder;
|
||||||
import org.keycloak.common.util.Time;
|
import org.keycloak.common.util.Time;
|
||||||
import org.keycloak.constants.ServiceUrlConstants;
|
import org.keycloak.constants.ServiceUrlConstants;
|
||||||
|
import org.keycloak.protocol.oidc.client.authentication.ClientCredentialsProviderUtils;
|
||||||
import org.keycloak.representations.AccessToken;
|
import org.keycloak.representations.AccessToken;
|
||||||
import org.keycloak.representations.AccessTokenResponse;
|
import org.keycloak.representations.AccessTokenResponse;
|
||||||
import org.keycloak.util.JsonSerialization;
|
import org.keycloak.util.JsonSerialization;
|
||||||
@@ -1748,8 +1750,16 @@ public class KeycloakAuthenticationFilter implements DependencyInjectedFilter, I
|
|||||||
throw new IllegalStateException(
|
throw new IllegalStateException(
|
||||||
"Either an active security context or access token should be present in the session, or previous validations have caught their non-existence and prevented this operation form being called");
|
"Either an active security context or access token should be present in the session, or previous validations have caught their non-existence and prevented this operation form being called");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Map<String, String> formMap = new HashMap<>();
|
||||||
|
for (NameValuePair formParam : formParams)
|
||||||
|
formMap.put(formParam.getName(), formParam.getValue());
|
||||||
|
|
||||||
ClientCredentialsProviderUtils.setClientCredentials(this.keycloakDeployment, post, formParams);
|
ClientCredentialsProviderUtils.setClientCredentials(
|
||||||
|
this.keycloakDeployment.getAdapterConfig(),
|
||||||
|
this.keycloakDeployment.getClientAuthenticator(),
|
||||||
|
Collections.emptyMap(),
|
||||||
|
formMap);
|
||||||
|
|
||||||
final UrlEncodedFormEntity form = new UrlEncodedFormEntity(formParams, "UTF-8");
|
final UrlEncodedFormEntity form = new UrlEncodedFormEntity(formParams, "UTF-8");
|
||||||
post.setEntity(form);
|
post.setEntity(form);
|
||||||
|
|||||||
@@ -15,7 +15,7 @@
|
|||||||
*/
|
*/
|
||||||
package de.acosix.alfresco.keycloak.share.web;
|
package de.acosix.alfresco.keycloak.share.web;
|
||||||
|
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
|
|
||||||
import org.springframework.extensions.surf.RequestContext;
|
import org.springframework.extensions.surf.RequestContext;
|
||||||
import org.springframework.extensions.surf.RequestContextUtil;
|
import org.springframework.extensions.surf.RequestContextUtil;
|
||||||
@@ -27,7 +27,7 @@ import org.springframework.web.context.request.WebRequest;
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* This specialisation of the request context interceptor exists only to ensure that a newly created request context is properly
|
* This specialisation of the request context interceptor exists only to ensure that a newly created request context is properly
|
||||||
* {@link RequestContextUtil#populateRequestContext(org.springframework.extensions.surf.RequestContext, javax.servlet.http.HttpServletRequest)
|
* {@link RequestContextUtil#populateRequestContext(org.springframework.extensions.surf.RequestContext, jakarta.servlet.http.HttpServletRequest)
|
||||||
* populated} as to ensure that somewhat important data, such as the user object, is properly initialised.
|
* populated} as to ensure that somewhat important data, such as the user object, is properly initialised.
|
||||||
*
|
*
|
||||||
* @author Axel Faust
|
* @author Axel Faust
|
||||||
|
|||||||
@@ -23,7 +23,7 @@ import java.util.HashMap;
|
|||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
|
|
||||||
import org.alfresco.util.Pair;
|
import org.alfresco.util.Pair;
|
||||||
import org.keycloak.adapters.servlet.ServletHttpFacade;
|
import org.keycloak.adapters.servlet.ServletHttpFacade;
|
||||||
@@ -39,7 +39,7 @@ import org.keycloak.adapters.spi.HttpFacade;
|
|||||||
public class ResponseHeaderCookieCaptureServletHttpFacade extends ServletHttpFacade
|
public class ResponseHeaderCookieCaptureServletHttpFacade extends ServletHttpFacade
|
||||||
{
|
{
|
||||||
|
|
||||||
protected final Map<Pair<String, String>, javax.servlet.http.Cookie> cookies = new HashMap<>();
|
protected final Map<Pair<String, String>, jakarta.servlet.http.Cookie> cookies = new HashMap<>();
|
||||||
|
|
||||||
protected final Map<String, List<String>> headers = new HashMap<>();
|
protected final Map<String, List<String>> headers = new HashMap<>();
|
||||||
|
|
||||||
@@ -67,7 +67,7 @@ public class ResponseHeaderCookieCaptureServletHttpFacade extends ServletHttpFac
|
|||||||
/**
|
/**
|
||||||
* @return the cookies
|
* @return the cookies
|
||||||
*/
|
*/
|
||||||
public List<javax.servlet.http.Cookie> getCookies()
|
public List<jakarta.servlet.http.Cookie> getCookies()
|
||||||
{
|
{
|
||||||
return new ArrayList<>(this.cookies.values());
|
return new ArrayList<>(this.cookies.values());
|
||||||
}
|
}
|
||||||
@@ -137,7 +137,7 @@ public class ResponseHeaderCookieCaptureServletHttpFacade extends ServletHttpFac
|
|||||||
public void setCookie(final String name, final String value, final String path, final String domain, final int maxAge,
|
public void setCookie(final String name, final String value, final String path, final String domain, final int maxAge,
|
||||||
final boolean secure, final boolean httpOnly)
|
final boolean secure, final boolean httpOnly)
|
||||||
{
|
{
|
||||||
final javax.servlet.http.Cookie cookie = new javax.servlet.http.Cookie(name, value);
|
final jakarta.servlet.http.Cookie cookie = new jakarta.servlet.http.Cookie(name, value);
|
||||||
cookie.setPath(path);
|
cookie.setPath(path);
|
||||||
if (domain != null)
|
if (domain != null)
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -18,13 +18,13 @@ package de.acosix.alfresco.keycloak.share.web;
|
|||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.util.Date;
|
import java.util.Date;
|
||||||
|
|
||||||
import javax.servlet.FilterChain;
|
import jakarta.servlet.FilterChain;
|
||||||
import javax.servlet.ServletContext;
|
import jakarta.servlet.ServletContext;
|
||||||
import javax.servlet.ServletException;
|
import jakarta.servlet.ServletException;
|
||||||
import javax.servlet.ServletRequest;
|
import jakarta.servlet.ServletRequest;
|
||||||
import javax.servlet.ServletResponse;
|
import jakarta.servlet.ServletResponse;
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
import javax.servlet.http.HttpSession;
|
import jakarta.servlet.http.HttpSession;
|
||||||
|
|
||||||
import org.alfresco.util.PropertyCheck;
|
import org.alfresco.util.PropertyCheck;
|
||||||
import org.alfresco.web.site.SlingshotUserFactory;
|
import org.alfresco.web.site.SlingshotUserFactory;
|
||||||
|
|||||||
@@ -18,10 +18,10 @@ package de.acosix.alfresco.keycloak.share.web;
|
|||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
import javax.servlet.http.HttpServletRequestWrapper;
|
import jakarta.servlet.http.HttpServletRequestWrapper;
|
||||||
import javax.servlet.http.HttpServletResponse;
|
import jakarta.servlet.http.HttpServletResponse;
|
||||||
import javax.servlet.http.HttpSession;
|
import jakarta.servlet.http.HttpSession;
|
||||||
|
|
||||||
import org.alfresco.util.PropertyCheck;
|
import org.alfresco.util.PropertyCheck;
|
||||||
import org.alfresco.web.site.servlet.SlingshotLoginController;
|
import org.alfresco.web.site.servlet.SlingshotLoginController;
|
||||||
|
|||||||
Reference in New Issue
Block a user