예제 #1
0
  @Test
  public void testParsingSystemProps() throws IOException {
    System.setProperty("my.host", "foo");
    System.setProperty("con.pool.size", "200");
    System.setProperty("allow.any.hostname", "true");

    InputStream is = getClass().getClassLoader().getResourceAsStream("keycloak.json");

    AdapterConfig config = JsonSerialization.readValue(is, AdapterConfig.class, true);
    Assert.assertEquals("http://foo:8080/auth", config.getAuthServerUrl());
    Assert.assertEquals("external", config.getSslRequired());
    Assert.assertEquals("angular-product${non.existing}", config.getResource());
    Assert.assertTrue(config.isPublicClient());
    Assert.assertTrue(config.isAllowAnyHostname());
    Assert.assertEquals(100, config.getCorsMaxAge());
    Assert.assertEquals(200, config.getConnectionPoolSize());
  }
  protected KeycloakDeployment internalBuild(AdapterConfig adapterConfig) {
    if (adapterConfig.getRealm() == null) throw new RuntimeException("Must set 'realm' in config");
    deployment.setRealm(adapterConfig.getRealm());
    String resource = adapterConfig.getResource();
    if (resource == null) throw new RuntimeException("Must set 'resource' in config");
    deployment.setResourceName(resource);

    String realmKeyPem = adapterConfig.getRealmKey();
    if (realmKeyPem != null) {
      PublicKey realmKey;
      try {
        realmKey = PemUtils.decodePublicKey(realmKeyPem);
      } catch (Exception e) {
        throw new RuntimeException(e);
      }
      deployment.setRealmKey(realmKey);
    }
    if (adapterConfig.getSslRequired() != null) {
      deployment.setSslRequired(SslRequired.valueOf(adapterConfig.getSslRequired().toUpperCase()));
    } else {
      deployment.setSslRequired(SslRequired.EXTERNAL);
    }
    if (adapterConfig.getTokenStore() != null) {
      deployment.setTokenStore(TokenStore.valueOf(adapterConfig.getTokenStore().toUpperCase()));
    } else {
      deployment.setTokenStore(TokenStore.SESSION);
    }
    if (adapterConfig.getPrincipalAttribute() != null)
      deployment.setPrincipalAttribute(adapterConfig.getPrincipalAttribute());
    deployment.setResourceCredentials(adapterConfig.getCredentials());
    deployment.setPublicClient(adapterConfig.isPublicClient());
    deployment.setUseResourceRoleMappings(adapterConfig.isUseResourceRoleMappings());

    deployment.setExposeToken(adapterConfig.isExposeToken());

    if (adapterConfig.isCors()) {
      deployment.setCors(true);
      deployment.setCorsMaxAge(adapterConfig.getCorsMaxAge());
      deployment.setCorsAllowedHeaders(adapterConfig.getCorsAllowedHeaders());
      deployment.setCorsAllowedMethods(adapterConfig.getCorsAllowedMethods());
    }

    deployment.setBearerOnly(adapterConfig.isBearerOnly());
    deployment.setEnableBasicAuth(adapterConfig.isEnableBasicAuth());
    deployment.setAlwaysRefreshToken(adapterConfig.isAlwaysRefreshToken());
    deployment.setRegisterNodeAtStartup(adapterConfig.isRegisterNodeAtStartup());
    deployment.setRegisterNodePeriod(adapterConfig.getRegisterNodePeriod());

    if (realmKeyPem == null
        && adapterConfig.isBearerOnly()
        && adapterConfig.getAuthServerUrl() == null) {
      throw new IllegalArgumentException(
          "For bearer auth, you must set the realm-public-key or auth-server-url");
    }
    if (realmKeyPem == null
        || !deployment.isBearerOnly()
        || deployment.isRegisterNodeAtStartup()
        || deployment.getRegisterNodePeriod() != -1) {
      deployment.setClient(new HttpClientBuilder().build(adapterConfig));
    }
    if (adapterConfig.getAuthServerUrl() == null
        && (!deployment.isBearerOnly() || realmKeyPem == null)) {
      throw new RuntimeException("You must specify auth-url");
    }
    deployment.setAuthServerBaseUrl(adapterConfig);

    log.debug(
        "Use authServerUrl: "
            + deployment.getAuthServerBaseUrl()
            + ", tokenUrl: "
            + deployment.getTokenUrl()
            + ", relativeUrls: "
            + deployment.getRelativeUrls());
    return deployment;
  }