Merge pull request Baeldung#224 from rozagerardo/rozagerardo/JAVA-322…

…3_Update-Keycloak--version-11 [JAVA-3223] Update Keycloak version to 11 in oauth project
insamniac · Oct 27, 2020 · 49f86bb · 49f86bb
2 parents 0d1839e + 6724938
commit 49f86bb
Show file tree

Hide file tree

Showing 19 changed files with 719 additions and 163 deletions.
diff --git a/oauth-jwt/jwt-auth-server/pom.xml b/oauth-jwt/jwt-auth-server/pom.xml
@@ -15,7 +15,7 @@
         <relativePath />
     </parent>
 
-     <dependencies>
+    <dependencies>
 
         <!-- web -->
 
@@ -55,8 +55,18 @@
             <artifactId>keycloak-dependencies-server-all</artifactId>
             <version>${keycloak.version}</version>
             <type>pom</type>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.slf4j</groupId>
+                    <artifactId>slf4j-log4j12</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>log4j</groupId>
+                    <artifactId>log4j</artifactId>
+                </exclusion>
+            </exclusions>
         </dependency>
-        
+
         <!-- config properties processor -->
         <dependency>
             <groupId>org.springframework.boot</groupId>
@@ -81,22 +91,22 @@
 
     <build>
         <plugins>
-        	<plugin>
+            <plugin>
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-maven-plugin</artifactId>
                 <configuration>
-					<addResources>true</addResources>
-				</configuration>
+                    <addResources>true</addResources>
+                </configuration>
             </plugin>
             <plugin>
-				<groupId>org.apache.maven.plugins</groupId>
-				<artifactId>maven-resources-plugin</artifactId>
-				<configuration>
-					<nonFilteredFileExtensions>
-						<nonFilteredFileExtension>jks</nonFilteredFileExtension>
-					</nonFilteredFileExtensions>
-				</configuration>
-			</plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-resources-plugin</artifactId>
+                <configuration>
+                    <nonFilteredFileExtensions>
+                        <nonFilteredFileExtension>jks</nonFilteredFileExtension>
+                    </nonFilteredFileExtensions>
+                </configuration>
+            </plugin>
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-surefire-plugin</artifactId>
@@ -123,8 +133,12 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <java.version>13</java.version>
 
-        <keycloak.version>10.0.1</keycloak.version>
-        <resteasy.version>3.11.2.Final</resteasy.version>
+        <keycloak.version>11.0.2</keycloak.version>
+
+        <!-- these should be updated together with Keycloak -->
+        <!-- check keycloak-dependencies-server-all effective pom -->
+        <infinispan.version>10.1.8.Final</infinispan.version>
+        <resteasy.version>3.12.1.Final</resteasy.version>
     </properties>
 
 </project>
diff --git a/oauth-jwt/jwt-auth-server/src/main/java/com/baeldung/jwt/config/EmbeddedKeycloakConfig.java b/oauth-jwt/jwt-auth-server/src/main/java/com/baeldung/jwt/config/EmbeddedKeycloakConfig.java
@@ -10,16 +10,13 @@
 
 import org.jboss.resteasy.plugins.server.servlet.HttpServlet30Dispatcher;
 import org.jboss.resteasy.plugins.server.servlet.ResteasyContextParameters;
-import org.keycloak.services.filters.KeycloakSessionServletFilter;
 import org.springframework.boot.web.servlet.FilterRegistrationBean;
 import org.springframework.boot.web.servlet.ServletRegistrationBean;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 
 @Configuration
 public class EmbeddedKeycloakConfig {
-
-
 
     @Bean
     ServletRegistrationBean<HttpServlet30Dispatcher> keycloakJaxRsApplication(KeycloakServerProperties keycloakServerProperties, DataSource dataSource) throws Exception {
@@ -39,11 +36,11 @@ ServletRegistrationBean<HttpServlet30Dispatcher> keycloakJaxRsApplication(Keyclo
     }
 
     @Bean
-    FilterRegistrationBean<KeycloakSessionServletFilter> keycloakSessionManagement(KeycloakServerProperties keycloakServerProperties) {
+    FilterRegistrationBean<EmbeddedKeycloakRequestFilter> keycloakSessionManagement(KeycloakServerProperties keycloakServerProperties) {
 
-        FilterRegistrationBean<KeycloakSessionServletFilter> filter = new FilterRegistrationBean<>();
+        FilterRegistrationBean<EmbeddedKeycloakRequestFilter> filter = new FilterRegistrationBean<>();
         filter.setName("Keycloak Session Management");
-        filter.setFilter(new KeycloakSessionServletFilter());
+        filter.setFilter(new EmbeddedKeycloakRequestFilter());
         filter.addUrlPatterns(keycloakServerProperties.getContextPath() + "/*");
 
         return filter;

diff --git a/.../jwt-auth-server/src/main/java/com/baeldung/jwt/config/EmbeddedKeycloakRequestFilter.java b/.../jwt-auth-server/src/main/java/com/baeldung/jwt/config/EmbeddedKeycloakRequestFilter.java
@@ -0,0 +1,58 @@
+package com.baeldung.jwt.config;
+
+import java.io.UnsupportedEncodingException;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+
+import org.keycloak.common.ClientConnection;
+import org.keycloak.services.filters.AbstractRequestFilter;
+
+public class EmbeddedKeycloakRequestFilter extends AbstractRequestFilter implements Filter {
+
+    @Override
+    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws UnsupportedEncodingException {
+        servletRequest.setCharacterEncoding("UTF-8");
+        ClientConnection clientConnection = createConnection((HttpServletRequest) servletRequest);
+
+        filter(clientConnection, (session) -> {
+            try {
+                filterChain.doFilter(servletRequest, servletResponse);
+            } catch (Exception e) {
+                throw new RuntimeException(e);
+            }
+        });
+    }
+
+    private ClientConnection createConnection(HttpServletRequest request) {
+        return new ClientConnection() {
+            @Override
+            public String getRemoteAddr() {
+                return request.getRemoteAddr();
+            }
+
+            @Override
+            public String getRemoteHost() {
+                return request.getRemoteHost();
+            }
+
+            @Override
+            public int getRemotePort() {
+                return request.getRemotePort();
+            }
+
+            @Override
+            public String getLocalAddr() {
+                return request.getLocalAddr();
+            }
+
+            @Override
+            public int getLocalPort() {
+                return request.getLocalPort();
+            }
+        };
+    }
+}
diff --git a/oauth-jwt/jwt-auth-server/src/main/java/com/baeldung/jwt/config/Resteasy3Provider.java b/oauth-jwt/jwt-auth-server/src/main/java/com/baeldung/jwt/config/Resteasy3Provider.java
@@ -6,28 +6,32 @@
 
 public class Resteasy3Provider implements ResteasyProvider {
 
-	@Override
-	public <R> R getContextData(Class<R> type) {
-		ResteasyProviderFactory.getInstance();
-		return ResteasyProviderFactory.getContextData(type);
-	}
+    @Override
+    public <R> R getContextData(Class<R> type) {
+        ResteasyProviderFactory.getInstance();
+        return ResteasyProviderFactory.getContextData(type);
+    }
 
-	@Override
-	public void pushDefaultContextObject(Class type, Object instance) {
-		ResteasyProviderFactory.getInstance();
-		ResteasyProviderFactory.getContextData(Dispatcher.class).getDefaultContextObjects().put(type, instance);
-	}
+    @SuppressWarnings("rawtypes")
+    @Override
+    public void pushDefaultContextObject(Class type, Object instance) {
+        ResteasyProviderFactory.getInstance();
+        ResteasyProviderFactory.getContextData(Dispatcher.class)
+            .getDefaultContextObjects()
+            .put(type, instance);
+    }
 
-	@Override
-	public void pushContext(Class type, Object instance) {
-		ResteasyProviderFactory.getInstance();
-		ResteasyProviderFactory.pushContext(type, instance);
-	}
+    @SuppressWarnings({ "unchecked", "rawtypes" })
+    @Override
+    public void pushContext(Class type, Object instance) {
+        ResteasyProviderFactory.getInstance();
+        ResteasyProviderFactory.pushContext(type, instance);
+    }
 
-	@Override
-	public void clearContextData() {
-		ResteasyProviderFactory.getInstance();
-		ResteasyProviderFactory.clearContextData();
-	}
+    @Override
+    public void clearContextData() {
+        ResteasyProviderFactory.getInstance();
+        ResteasyProviderFactory.clearContextData();
+    }
 
 }
diff --git a/oauth-jwt/jwt-auth-server/src/main/resources/META-INF/keycloak-server.json b/oauth-jwt/jwt-auth-server/src/main/resources/META-INF/keycloak-server.json
@@ -1,10 +1,16 @@
 {
 	"hostname": {
-		"provider": "request",
+		"provider": "${keycloak.hostname.provider:default}",
 		"fixed": {
-			"hostname": "${keycloak.override.hostname:localhost}",
-			"httpPort": "${keycloak.override.httpPort:-1}",
-			"httpsPort": "${keycloak.override.httpsPort:-1}"
+			"hostname": "${keycloak.hostname.fixed.hostname:localhost}",
+			"httpPort": "${keycloak.hostname.fixed.httpPort:-1}",
+			"httpsPort": "${keycloak.hostname.fixed.httpsPort:-1}",
+			"alwaysHttps": "${keycloak.hostname.fixed.alwaysHttps:false}"
+		},
+		"default": {
+			"frontendUrl": "${keycloak.frontendUrl:}",
+			"adminUrl": "${keycloak.adminUrl:}",
+			"forceBackendUrlToFrontendUrl": "${keycloak.hostname.default.forceBackendUrlToFrontendUrl:false}"
 		}
 	},
 	"admin": {
@@ -13,15 +19,16 @@
 	"eventsStore": {
 		"provider": "${keycloak.eventsStore.provider:jpa}",
 		"jpa": {
-			"exclude-events": [
-				"REFRESH_TOKEN"
-			]
+			"max-detail-length": "${keycloak.eventsStore.maxDetailLength:1000}"
 		}
 	},
 	"eventsListener": {
 		"jboss-logging": {
 			"success-level": "debug",
 			"error-level": "warn"
+		},
+		"event-queue": {
+
 		}
 	},
 	"realm": {
@@ -30,6 +37,15 @@
 	"user": {
 		"provider": "${keycloak.user.provider:jpa}"
 	},
+	"client": {
+		"provider": "${keycloak.client.provider:jpa}"
+	},
+	"mapStorage": {
+		"provider": "${keycloak.mapStorage.provider:concurrenthashmap}",
+		"concurrenthashmap": {
+			"dir": "${project.build.directory:target}"
+		}
+	},
 	"userFederatedStorage": {
 		"provider": "${keycloak.userFederatedStorage.provider:jpa}"
 	},
@@ -40,10 +56,17 @@
 		"provider": "${keycloak.authorization.provider:jpa}"
 	},
 	"userCache": {
+		"provider": "${keycloak.user.cache.provider:default}",
 		"default": {
 			"enabled": true
+		},
+		"mem": {
+			"maxSize": 20000
 		}
 	},
+	"userSessions": {
+		"provider": "${keycloak.userSessions.provider:infinispan}"
+	},
 	"timer": {
 		"provider": "basic"
 	},
@@ -56,19 +79,26 @@
 			"dir": "src/main/resources/themes"
 		}
 	},
+	"login": {
+		"provider": "freemarker"
+	},
+	"account": {
+		"provider": "freemarker"
+	},
+	"email": {
+		"provider": "freemarker"
+	},
 	"scheduled": {
 		"interval": 900
 	},
 	"connectionsHttpClient": {
 		"default": {
-
+			"max-connection-idle-time-millis": 1000
 		}
 	},
 	"connectionsJpa": {
-		"provider": "default",
 		"default": {
-			"dataSource": "spring/datasource",
-			"url": "${env.KEYCLOAK_DATABASE_URL:jdbc:h2:./target/keycloak}",
+			"url": "${keycloak.connectionsJpa.url:jdbc:h2:./target/keycloak}",
 			"driver": "${keycloak.connectionsJpa.driver:org.h2.Driver}",
 			"driverDialect": "${keycloak.connectionsJpa.driverDialect:}",
 			"user": "${keycloak.connectionsJpa.user:sa}",
@@ -81,22 +111,58 @@
 		}
 	},
 	"realmCache": {
+		"provider": "${keycloak.realm.cache.provider:default}",
 		"default": {
 			"enabled": true
 		}
 	},
 	"connectionsInfinispan": {
 		"default": {
-			"embedded": "true"
+			"embedded": "${keycloak.connectionsInfinispan.embedded:true}"
 		}
-	},
-	"scripting": {
-
 	},
 	"jta-lookup": {
 		"provider": "${keycloak.jta.lookup.provider:jboss}",
 		"jboss": {
 			"enabled": true
 		}
+	},
+	"login-protocol": {
+		"saml": {
+			"knownProtocols": [
+				"http=${auth.server.http.port}",
+				"https=${auth.server.https.port}"
+			]
+		}
+	},
+	"x509cert-lookup": {
+		"provider": "${keycloak.x509cert.lookup.provider:default}",
+		"default": {
+			"enabled": true
+		},
+		"haproxy": {
+			"enabled": true,
+			"sslClientCert": "x-ssl-client-cert",
+			"sslCertChainPrefix": "x-ssl-client-cert-chain",
+			"certificateChainLength": 1
+		},
+		"apache": {
+			"enabled": true,
+			"sslClientCert": "x-ssl-client-cert",
+			"sslCertChainPrefix": "x-ssl-client-cert-chain",
+			"certificateChainLength": 1
+		},
+		"nginx": {
+			"enabled": true,
+			"sslClientCert": "x-ssl-client-cert",
+			"sslCertChainPrefix": "x-ssl-client-cert-chain",
+			"certificateChainLength": 1
+		}
+	},
+	"vault": {
+		"files-plaintext": {
+			"dir": "target/dependency/vault",
+			"enabled": "${keycloak.vault.files-plaintext.provider.enabled:false}"
+		}
 	}
-}
+}