├── .gitignore
├── .travis.yml
├── CONTRIBUTING.md
├── LICENSE
├── README.md
├── app-angular2
├── README.md
├── config
│ ├── client-import.json
│ └── keycloak-example.json
├── pom.xml
└── src
│ ├── main
│ └── webapp
│ │ ├── app
│ │ ├── app.component.css
│ │ ├── app.component.html
│ │ ├── app.component.js
│ │ ├── app.component.js.map
│ │ ├── app.component.ts
│ │ ├── app.module.js
│ │ ├── app.module.js.map
│ │ ├── app.module.ts
│ │ └── keycloak-service
│ │ │ ├── keycloak.d.ts
│ │ │ ├── keycloak.http.js
│ │ │ ├── keycloak.http.js.map
│ │ │ ├── keycloak.http.ts
│ │ │ ├── keycloak.js
│ │ │ ├── keycloak.service.js
│ │ │ ├── keycloak.service.js.map
│ │ │ └── keycloak.service.ts
│ │ ├── index.html
│ │ ├── main.js
│ │ ├── main.js.map
│ │ ├── main.ts
│ │ ├── package.json
│ │ ├── styles.css
│ │ ├── systemjs-angular-loader.js
│ │ ├── systemjs.config.extras.js
│ │ ├── systemjs.config.js
│ │ ├── tsconfig.json
│ │ └── yarn.lock
│ └── test
│ ├── java
│ └── org
│ │ └── keycloak
│ │ └── quickstart
│ │ └── ArquillianAngular2Test.java
│ └── resources
│ ├── arquillian.xml
│ └── quickstart-realm.json
├── app-authz-jee-servlet
├── README.md
├── config
│ ├── keycloak-example.json
│ └── realm-import.json
├── pom.xml
└── src
│ ├── main
│ ├── java
│ │ └── org
│ │ │ └── keycloak
│ │ │ └── quickstart
│ │ │ └── Controller.java
│ └── webapp
│ │ ├── META-INF
│ │ └── jboss-deployment-structure.xml
│ │ ├── WEB-INF
│ │ └── web.xml
│ │ ├── accessDenied.jsp
│ │ ├── include-logout.jsp
│ │ ├── index.jsp
│ │ ├── protected
│ │ ├── admin
│ │ │ └── onlyAdmin.jsp
│ │ ├── dynamicMenu.jsp
│ │ └── premium
│ │ │ └── onlyPremium.jsp
│ │ └── styles.css
│ └── test
│ ├── java
│ └── org
│ │ └── keycloak
│ │ └── quickstart
│ │ ├── ArquillianJeeAuthzTest.java
│ │ └── page
│ │ └── AuthzPage.java
│ └── resources
│ ├── arquillian.xml
│ ├── keycloak.json
│ └── quickstart-realm.json
├── app-authz-jee-vanilla
├── README.md
├── config
│ ├── client-import.json
│ ├── keycloak-example.json
│ └── realm-import.json
├── pom.xml
└── src
│ ├── main
│ ├── java
│ │ └── org
│ │ │ └── keycloak
│ │ │ └── quickstart
│ │ │ └── Controller.java
│ └── webapp
│ │ ├── META-INF
│ │ └── jboss-deployment-structure.xml
│ │ ├── WEB-INF
│ │ └── web.xml
│ │ ├── error.jsp
│ │ ├── include-logout.jsp
│ │ └── index.jsp
│ └── test
│ ├── java
│ └── org
│ │ └── keycloak
│ │ └── quickstart
│ │ ├── ArquillianJeeAuthzVanillaTest.java
│ │ └── page
│ │ └── AuthzPage.java
│ └── resources
│ ├── arquillian.xml
│ ├── keycloak.json
│ └── quickstart-realm.json
├── app-authz-photoz
├── README.md
├── photoz-html5-client
│ ├── pom.xml
│ └── src
│ │ └── main
│ │ └── webapp
│ │ ├── WEB-INF
│ │ └── web.xml
│ │ ├── index.html
│ │ ├── js
│ │ ├── app.js
│ │ └── identity.js
│ │ ├── keycloak.json
│ │ ├── lib
│ │ ├── angular
│ │ │ ├── angular-resource.min.js
│ │ │ ├── angular-route.min.js
│ │ │ └── angular.min.js
│ │ └── jwt-decode.min.js
│ │ └── partials
│ │ ├── admin
│ │ └── albums.html
│ │ ├── album
│ │ ├── create.html
│ │ └── detail.html
│ │ ├── home.html
│ │ └── profile.html
├── photoz-js-policies
│ ├── pom.xml
│ └── src
│ │ └── main
│ │ └── resources
│ │ ├── META-INF
│ │ └── keycloak-scripts.json
│ │ ├── only-from-specific-client-address.js
│ │ ├── only-keycloak-domain-or-admin.js
│ │ └── only-owner.js
├── photoz-realm.json
├── photoz-restful-api
│ ├── pom.xml
│ └── src
│ │ └── main
│ │ ├── java
│ │ └── org
│ │ │ └── keycloak
│ │ │ └── example
│ │ │ └── photoz
│ │ │ ├── ErrorResponse.java
│ │ │ ├── PhotozApplication.java
│ │ │ ├── admin
│ │ │ └── AdminAlbumService.java
│ │ │ ├── album
│ │ │ ├── AlbumService.java
│ │ │ ├── ProfileService.java
│ │ │ └── SharedAlbum.java
│ │ │ ├── entity
│ │ │ ├── Album.java
│ │ │ └── Photo.java
│ │ │ └── util
│ │ │ ├── Resources.java
│ │ │ ├── Transaction.java
│ │ │ └── TransactionInterceptor.java
│ │ ├── resources
│ │ ├── META-INF
│ │ │ ├── beans.xml
│ │ │ └── persistence.xml
│ │ └── photoz-restful-api-authz-service.json
│ │ └── webapp
│ │ ├── META-INF
│ │ └── jboss-deployment-structure.xml
│ │ └── WEB-INF
│ │ └── web.xml
├── photoz-testsuite
│ ├── pom.xml
│ └── src
│ │ └── test
│ │ ├── java
│ │ └── org
│ │ │ └── keycloak
│ │ │ └── quickstart
│ │ │ └── uma
│ │ │ ├── ArquillianAuthzUMATest.java
│ │ │ └── page
│ │ │ ├── ConsentPage.java
│ │ │ └── PhotozPage.java
│ │ └── resources
│ │ ├── arquillian.xml
│ │ └── quickstart-realm.json
└── pom.xml
├── app-authz-rest-employee
├── README.md
├── config
│ └── quickstart-realm.json
├── pom.xml
└── src
│ ├── main
│ ├── java
│ │ └── org
│ │ │ └── keycloak
│ │ │ └── quickstart
│ │ │ └── springboot
│ │ │ ├── MyApplication.java
│ │ │ └── web
│ │ │ └── ApplicationController.java
│ └── resources
│ │ └── application.properties
│ └── test
│ ├── java
│ └── org
│ │ └── keycloak
│ │ └── quickstart
│ │ └── springboot
│ │ └── MyAppTest.java
│ └── resources
│ ├── application.properties
│ └── quickstart-realm.json
├── app-authz-rest-springboot
├── README.md
├── config
│ └── quickstart-realm.json
├── pom.xml
└── src
│ ├── main
│ ├── java
│ │ └── org
│ │ │ └── keycloak
│ │ │ └── quickstart
│ │ │ └── springboot
│ │ │ ├── MyApplication.java
│ │ │ └── web
│ │ │ └── ApplicationController.java
│ └── resources
│ │ └── application.properties
│ └── test
│ ├── java
│ └── org
│ │ └── keycloak
│ │ └── quickstart
│ │ └── springboot
│ │ └── MyAppTest.java
│ └── resources
│ ├── application.properties
│ └── quickstart-realm.json
├── app-authz-spring-security
├── README.md
├── config
│ └── quickstart-realm.json
├── pom.xml
└── src
│ ├── main
│ ├── java
│ │ └── org
│ │ │ └── keycloak
│ │ │ └── quickstart
│ │ │ └── springsecurity
│ │ │ └── web
│ │ │ ├── ApplicationController.java
│ │ │ ├── Identity.java
│ │ │ ├── MyApplication.java
│ │ │ └── SecurityConfig.java
│ └── resources
│ │ ├── application.properties
│ │ ├── keycloak.json
│ │ └── templates
│ │ ├── access-denied.ftl
│ │ ├── alice.ftl
│ │ ├── home.ftl
│ │ ├── premium.ftl
│ │ └── protected.ftl
│ └── test
│ ├── java
│ └── org
│ │ └── keycloak
│ │ └── quickstart
│ │ └── springsecurity
│ │ └── MyAppTest.java
│ └── resources
│ ├── application.properties
│ └── quickstart-realm.json
├── app-authz-springboot
├── README.md
├── config
│ └── quickstart-realm.json
├── pom.xml
└── src
│ ├── main
│ ├── java
│ │ └── org
│ │ │ └── keycloak
│ │ │ └── quickstart
│ │ │ └── springboot
│ │ │ ├── MyApplication.java
│ │ │ ├── security
│ │ │ └── Identity.java
│ │ │ └── web
│ │ │ └── ApplicationController.java
│ └── resources
│ │ ├── application.properties
│ │ ├── application.properties.path.entitlements
│ │ └── templates
│ │ ├── access-denied.ftl
│ │ ├── home.ftl
│ │ ├── premium.ftl
│ │ └── protected.ftl
│ └── test
│ ├── java
│ └── org
│ │ └── keycloak
│ │ └── quickstart
│ │ └── springboot
│ │ └── MyAppTest.java
│ └── resources
│ ├── application.properties
│ └── quickstart-realm.json
├── app-authz-uma-photoz
├── README.md
├── photoz-html5-client
│ ├── pom.xml
│ └── src
│ │ └── main
│ │ └── webapp
│ │ ├── WEB-INF
│ │ └── web.xml
│ │ ├── index.html
│ │ ├── js
│ │ ├── app.js
│ │ └── identity.js
│ │ ├── keycloak.json
│ │ ├── lib
│ │ ├── angular
│ │ │ ├── angular-resource.min.js
│ │ │ ├── angular-route.min.js
│ │ │ └── angular.min.js
│ │ └── jwt-decode.min.js
│ │ └── partials
│ │ ├── admin
│ │ └── albums.html
│ │ ├── album
│ │ ├── create.html
│ │ └── detail.html
│ │ ├── home.html
│ │ └── profile.html
├── photoz-js-policies
│ ├── pom.xml
│ └── src
│ │ └── main
│ │ └── resources
│ │ ├── META-INF
│ │ └── keycloak-scripts.json
│ │ ├── only-from-specific-client-address.js
│ │ ├── only-keycloak-domain-or-admin.js
│ │ └── only-owner.js
├── photoz-realm.json
├── photoz-restful-api
│ ├── pom.xml
│ └── src
│ │ └── main
│ │ ├── java
│ │ └── org
│ │ │ └── keycloak
│ │ │ └── example
│ │ │ └── photoz
│ │ │ ├── ErrorResponse.java
│ │ │ ├── PhotozApplication.java
│ │ │ ├── admin
│ │ │ └── AdminAlbumService.java
│ │ │ ├── album
│ │ │ ├── AlbumService.java
│ │ │ ├── ProfileService.java
│ │ │ └── SharedAlbum.java
│ │ │ ├── entity
│ │ │ ├── Album.java
│ │ │ └── Photo.java
│ │ │ └── util
│ │ │ ├── Resources.java
│ │ │ ├── Transaction.java
│ │ │ └── TransactionInterceptor.java
│ │ ├── resources
│ │ └── META-INF
│ │ │ ├── beans.xml
│ │ │ └── persistence.xml
│ │ └── webapp
│ │ ├── META-INF
│ │ └── jboss-deployment-structure.xml
│ │ └── WEB-INF
│ │ ├── keycloak.json
│ │ └── web.xml
├── photoz-testsuite
│ ├── pom.xml
│ └── src
│ │ └── test
│ │ ├── java
│ │ └── org
│ │ │ └── keycloak
│ │ │ └── quickstart
│ │ │ └── uma
│ │ │ ├── ArquillianAuthzUMATest.java
│ │ │ └── page
│ │ │ ├── ConsentPage.java
│ │ │ └── PhotozPage.java
│ │ └── resources
│ │ ├── arquillian.xml
│ │ └── quickstart-realm.json
└── pom.xml
├── app-jee-html5
├── README.md
├── config
│ ├── client-import.json
│ └── keycloak-example.json
├── pom.xml
└── src
│ ├── main
│ └── webapp
│ │ ├── app.js
│ │ ├── index.html
│ │ ├── keycloak.js
│ │ └── styles.css
│ └── test
│ ├── java
│ └── org
│ │ └── keycloak
│ │ └── quickstart
│ │ └── ArquillianJeeHtml5Test.java
│ └── resources
│ ├── arquillian.xml
│ └── quickstart-realm.json
├── app-jee-jsp
├── README.md
├── config
│ ├── client-import.json
│ └── keycloak-example.json
├── pom.xml
└── src
│ ├── main
│ ├── java
│ │ └── org
│ │ │ └── keycloak
│ │ │ └── quickstart
│ │ │ └── appjee
│ │ │ ├── Controller.java
│ │ │ ├── ServiceClient.java
│ │ │ └── ServiceLocator.java
│ └── webapp
│ │ ├── WEB-INF
│ │ └── web.xml
│ │ ├── index.jsp
│ │ ├── protected.jsp
│ │ └── styles.css
│ └── test
│ ├── java
│ └── org
│ │ └── keycloak
│ │ └── quickstart
│ │ └── ArquillianJeeJspTest.java
│ └── resources
│ ├── arquillian.xml
│ └── quickstart-realm.json
├── app-profile-jee-html5
├── README.md
├── config
│ ├── client-import.json
│ └── keycloak-example.json
├── pom.xml
└── src
│ ├── main
│ └── webapp
│ │ ├── app.js
│ │ ├── index.html
│ │ ├── keycloak.js
│ │ └── styles.css
│ └── test
│ ├── java
│ └── org
│ │ └── keycloak
│ │ └── quickstart
│ │ └── ArquillianProfileJeeHtml5Test.java
│ └── resources
│ ├── arquillian.xml
│ └── quickstart-realm.json
├── app-profile-jee-jsp
├── README.md
├── config
│ ├── client-import.json
│ └── keycloak-example.json
├── pom.xml
└── src
│ ├── main
│ ├── java
│ │ └── org
│ │ │ └── keycloak
│ │ │ └── quickstart
│ │ │ └── profilejee
│ │ │ └── Controller.java
│ └── webapp
│ │ ├── WEB-INF
│ │ ├── jboss-deployment-structure.xml
│ │ └── web.xml
│ │ ├── index.jsp
│ │ ├── profile.jsp
│ │ └── styles.css
│ └── test
│ ├── java
│ └── org
│ │ └── keycloak
│ │ └── quickstart
│ │ └── ArquillianProfileJeeJspTest.java
│ └── resources
│ ├── arquillian.xml
│ └── quickstart-realm.json
├── app-profile-jee-vanilla
├── README.md
├── config
│ └── client-import.json
├── pom.xml
└── src
│ ├── main
│ ├── java
│ │ └── org
│ │ │ └── keycloak
│ │ │ └── quickstart
│ │ │ └── profilejee
│ │ │ └── Controller.java
│ └── webapp
│ │ ├── WEB-INF
│ │ └── web.xml
│ │ ├── index.jsp
│ │ ├── profile.jsp
│ │ └── styles.css
│ └── test
│ ├── java
│ └── org
│ │ └── keycloak
│ │ └── quickstart
│ │ └── ArquillianProfileJeeVanillaTest.java
│ └── resources
│ ├── arquillian.xml
│ ├── quickstart-realm.json
│ └── standalone-test.xml
├── app-profile-saml-jee-jsp
├── README.md
├── config
│ ├── client-import.json
│ └── keycloak-saml-example.xml
├── pom.xml
└── src
│ ├── main
│ ├── java
│ │ └── org
│ │ │ └── keycloak
│ │ │ └── quickstart
│ │ │ └── profilejee
│ │ │ └── Controller.java
│ └── webapp
│ │ ├── WEB-INF
│ │ └── web.xml
│ │ ├── index.jsp
│ │ ├── profile.jsp
│ │ └── styles.css
│ └── test
│ ├── java
│ └── org
│ │ └── keycloak
│ │ └── quickstart
│ │ └── ArquillianProfileSamlJeeJspTest.java
│ └── resources
│ ├── arquillian.xml
│ ├── keycloak-saml.xml
│ ├── quickstart-realm.json
│ └── standalone-test.xml
├── authz-js-policies
├── pom.xml
└── src
│ └── main
│ └── resources
│ ├── META-INF
│ └── keycloak-scripts.json
│ ├── always-grant.js
│ ├── match-user-from-uri.js
│ ├── only-owner.js
│ └── pushed-claim-from-request.js
├── config
└── partial-import.json
├── docs
├── getting-started.md
├── pull_request_template.md
└── test-development.md
├── fuse63
├── README.md
├── app-war
│ ├── README.md
│ ├── config
│ │ ├── client-import.json
│ │ └── keycloak-example.json
│ ├── pom.xml
│ └── src
│ │ └── main
│ │ ├── java
│ │ └── org
│ │ │ └── keycloak
│ │ │ └── quickstart
│ │ │ └── fuse
│ │ │ └── appjee
│ │ │ ├── Controller.java
│ │ │ ├── ProtectedServlet.java
│ │ │ ├── ServiceClient.java
│ │ │ └── ServiceLocator.java
│ │ └── webapp
│ │ ├── WEB-INF
│ │ ├── jetty-web.xml
│ │ └── web.xml
│ │ ├── index.jsp
│ │ └── styles.css
├── features
│ ├── README.md
│ ├── pom.xml
│ └── src
│ │ └── main
│ │ └── resources
│ │ └── features.xml
├── pom.xml
├── server
│ ├── pom.xml
│ └── src
│ │ └── main
│ │ └── resources
│ │ ├── install-features.cli
│ │ ├── install-features.sh
│ │ ├── update-config.cli
│ │ └── users.properties
├── service-camel
│ ├── README.md
│ ├── config
│ │ ├── client-import.json
│ │ └── keycloak-example.json
│ ├── pom.xml
│ └── src
│ │ └── main
│ │ ├── java
│ │ └── org
│ │ │ └── keycloak
│ │ │ └── quickstart
│ │ │ └── fuse
│ │ │ └── camel
│ │ │ ├── CamelHelloProcessor.java
│ │ │ └── Message.java
│ │ └── resources
│ │ ├── OSGI-INF
│ │ └── blueprint
│ │ │ └── blueprint.xml
│ │ └── config
│ │ └── .gitkeep
└── service-cxf-jaxrs
│ ├── README.md
│ ├── config
│ ├── client-import.json
│ └── keycloak-example.json
│ ├── pom.xml
│ └── src
│ └── main
│ ├── java
│ └── org
│ │ └── keycloak
│ │ └── quickstart
│ │ └── fuse
│ │ └── cxf
│ │ └── rs
│ │ ├── Message.java
│ │ └── Resource.java
│ └── resources
│ ├── META-INF
│ └── spring
│ │ └── beans.xml
│ └── config
│ └── .gitkeep
├── fuse70
├── README.md
├── app-war
│ ├── README.md
│ ├── config
│ │ ├── client-import.json
│ │ └── keycloak-example.json
│ ├── pom.xml
│ └── src
│ │ └── main
│ │ ├── java
│ │ └── org
│ │ │ └── keycloak
│ │ │ └── quickstart
│ │ │ └── fuse
│ │ │ └── appjee
│ │ │ ├── Controller.java
│ │ │ ├── ProtectedServlet.java
│ │ │ ├── ServiceClient.java
│ │ │ └── ServiceLocator.java
│ │ └── webapp
│ │ ├── WEB-INF
│ │ └── web.xml
│ │ ├── index.jsp
│ │ └── styles.css
├── features
│ ├── README.md
│ ├── pom.xml
│ └── src
│ │ └── main
│ │ └── resources
│ │ └── features.xml
├── pom.xml
├── server
│ ├── pom.xml
│ └── src
│ │ └── main
│ │ └── resources
│ │ ├── install-features.cli
│ │ ├── install-features.sh
│ │ ├── update-config.cli
│ │ └── users.properties
├── service-camel
│ ├── README.md
│ ├── config
│ │ ├── client-import.json
│ │ └── keycloak-example.json
│ ├── pom.xml
│ └── src
│ │ └── main
│ │ ├── java
│ │ └── org
│ │ │ └── keycloak
│ │ │ └── quickstart
│ │ │ └── fuse
│ │ │ └── camel
│ │ │ ├── CamelHelloProcessor.java
│ │ │ └── Message.java
│ │ └── resources
│ │ ├── OSGI-INF
│ │ └── blueprint
│ │ │ └── blueprint.xml
│ │ └── config
│ │ └── .gitkeep
└── service-cxf-jaxrs
│ ├── README.md
│ ├── config
│ ├── client-import.json
│ └── keycloak-example.json
│ ├── pom.xml
│ └── src
│ └── main
│ ├── java
│ └── org
│ │ └── keycloak
│ │ └── quickstart
│ │ └── fuse
│ │ └── cxf
│ │ └── rs
│ │ ├── Message.java
│ │ └── Resource.java
│ └── resources
│ ├── OSGI-INF
│ └── blueprint
│ │ └── blueprint.xml
│ └── config
│ └── .gitkeep
├── maven-settings.xml
├── pom.xml
├── productize.sh
├── quickstart-realm.json
├── scripts
├── generate_keycloak_json.sh
├── ssorepo.txt
├── start-server.sh
├── stop-server.sh
└── version.sh
├── service-jee-jaxrs
├── README.md
├── config
│ ├── client-import.json
│ └── keycloak-example.json
├── pom.xml
└── src
│ ├── main
│ ├── java
│ │ └── org
│ │ │ └── keycloak
│ │ │ └── quickstart
│ │ │ └── jaxrs
│ │ │ ├── Application.java
│ │ │ ├── Message.java
│ │ │ └── Resource.java
│ └── webapp
│ │ └── WEB-INF
│ │ └── web.xml
│ └── test
│ ├── java
│ └── org
│ │ └── keycloak
│ │ └── quickstart
│ │ └── jaxrs
│ │ └── ArquillianServiceJeeJaxrsTest.java
│ └── resources
│ ├── arquillian.xml
│ └── quickstart-realm.json
├── service-nodejs
├── README.md
├── app.js
├── client-import.json
├── keycloak.json
├── package-lock.json
├── package.json
└── test
│ ├── app-test.js
│ └── config.js
├── service-springboot-rest
├── README.md
├── config
│ └── client-import.json
├── pom.xml
└── src
│ ├── main
│ ├── java
│ │ └── org
│ │ │ └── keycloak
│ │ │ └── quickstart
│ │ │ └── springboot
│ │ │ ├── ProductServiceApplication.java
│ │ │ ├── service
│ │ │ └── ProductService.java
│ │ │ └── web
│ │ │ └── ProductServiceController.java
│ └── resources
│ │ └── application.properties
│ └── test
│ ├── java
│ └── org
│ │ └── keycloak
│ │ └── quickstart
│ │ └── springboot
│ │ └── ProductServiceTest.java
│ └── resources
│ ├── application.properties
│ └── quickstart-realm.json
├── set-version.sh
├── travis-run-tests.sh
├── travis-server.sh
├── user-storage-jpa
├── README.md
├── pom.xml
└── src
│ ├── main
│ ├── java
│ │ └── org
│ │ │ └── keycloak
│ │ │ └── quickstart
│ │ │ └── storage
│ │ │ └── user
│ │ │ ├── EjbExampleUserStorageProvider.java
│ │ │ ├── EjbExampleUserStorageProviderFactory.java
│ │ │ ├── UserAdapter.java
│ │ │ └── UserEntity.java
│ └── resources
│ │ └── META-INF
│ │ ├── persistence.xml
│ │ └── services
│ │ └── org.keycloak.storage.UserStorageProviderFactory
│ └── test
│ ├── java
│ └── org
│ │ └── keycloak
│ │ └── quickstart
│ │ ├── ArquillianJpaStorageTest.java
│ │ └── page
│ │ └── ConsolePage.java
│ └── resources
│ ├── arquillian.xml
│ └── quickstart-realm.json
└── user-storage-simple
├── README.md
├── pom.xml
└── src
├── main
├── java
│ └── org
│ │ └── keycloak
│ │ └── quickstart
│ │ ├── readonly
│ │ ├── PropertyFileUserStorageProvider.java
│ │ └── PropertyFileUserStorageProviderFactory.java
│ │ └── writeable
│ │ ├── PropertyFileUserStorageProvider.java
│ │ └── PropertyFileUserStorageProviderFactory.java
└── resources
│ ├── META-INF
│ └── services
│ │ └── org.keycloak.storage.UserStorageProviderFactory
│ └── users.properties
└── test
├── java
└── org
│ └── keycloak
│ └── quickstart
│ ├── ArquillianSimpleStorageTest.java
│ ├── page
│ └── ConsolePage.java
│ └── util
│ └── StorageManager.java
└── resources
├── arquillian.xml
└── quickstart-realm.json
/.gitignore:
--------------------------------------------------------------------------------
1 | **/config/keycloak.json
2 | **/config/keycloak-saml.xml
3 | **/WEB-INF/keycloak.json
4 | *.orig
5 |
6 | # Intellij
7 | ###################
8 | .idea
9 | *.iml
10 |
11 | # Eclipse #
12 | ###########
13 | .project
14 | .settings
15 | .classpath
16 |
17 | # NetBeans #
18 | ############
19 | nbactions.xml
20 | nb-configuration.xml
21 | catalog.xml
22 | nbproject
23 |
24 | # Compiled source #
25 | ###################
26 | *.com
27 | *.class
28 | *.dll
29 | *.exe
30 | *.o
31 | *.so
32 |
33 | # Packages #
34 | ############
35 | # it's better to unpack these files and commit the raw source
36 | # git has its own built in compression methods
37 | *.7z
38 | *.dmg
39 | *.gz
40 | *.iso
41 | *.jar
42 | *.rar
43 | *.tar
44 | *.zip
45 |
46 | # Logs and databases #
47 | ######################
48 | *.log
49 |
50 | # Maven #
51 | #########
52 | target
53 |
54 |
55 | # Node.js #
56 | ###########
57 | node_modules
58 | /app-angular2/src/main/webapp/node
--------------------------------------------------------------------------------
/.travis.yml:
--------------------------------------------------------------------------------
1 | language: java
2 | dist: trusty
3 | addons:
4 | apt:
5 | packages:
6 | - lynx
7 |
8 | jdk:
9 | - oraclejdk8
10 |
11 | env:
12 | global:
13 | - MAVEN_SKIP_RC=true
14 | - MAVEN_OPTS="-Xms512m -Xmx2048m"
15 | matrix:
16 | - TESTS=group1
17 | - TESTS=group2
18 | - TESTS=group3
19 | - TESTS=group4
20 | - TESTS=group5
21 | - TESTS=group6
22 | - TESTS=group7
23 |
24 | before_install:
25 | - ./travis-server.sh
26 | - ./scripts/generate_keycloak_json.sh
27 |
28 | install:
29 | - travis_wait 20 mvn -s maven-settings.xml clean install --no-snapshot-updates -B -V -q
30 | - mvn -s maven-settings.xml -Padd-datasource install -Djboss.server.port=10090 -f user-storage-jpa -q
31 |
32 | before_script:
33 | - export MAVEN_SKIP_RC=true
34 |
35 | script:
36 | - ./travis-run-tests.sh $TESTS
37 |
38 | after_install:
39 | - ./scripts/stop-server.sh
40 | - kill -9 `cat pid.txt`
41 |
42 | after_failure:
43 | - if [ -f ${HOME}/keycloak.log ]; then lynx -dump ${HOME}/keycloak.log; fi
44 |
45 | sudo: false
46 |
--------------------------------------------------------------------------------
/app-angular2/config/client-import.json:
--------------------------------------------------------------------------------
1 | {
2 | "clientId": "app-angular2",
3 | "rootUrl": "http://localhost:8080/app-angular2",
4 | "enabled": true,
5 | "redirectUris": [
6 | "http://localhost:8080/app-angular2/*"
7 | ],
8 | "webOrigins": [
9 | "http://localhost:8080"
10 | ],
11 | "publicClient": true
12 | }
13 |
--------------------------------------------------------------------------------
/app-angular2/config/keycloak-example.json:
--------------------------------------------------------------------------------
1 | {
2 | "realm": "quickstart",
3 | "auth-server-url": "http://localhost:8180/auth",
4 | "ssl-required": "external",
5 | "resource": "app-angular2",
6 | "public-client": true
7 | }
--------------------------------------------------------------------------------
/app-angular2/src/main/webapp/app/app.component.css:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/redhat-developer/redhat-sso-quickstarts/e4069f5f54b730f9833533dd5459b3d4d5eacdfe/app-angular2/src/main/webapp/app/app.component.css
--------------------------------------------------------------------------------
/app-angular2/src/main/webapp/app/app.component.html:
--------------------------------------------------------------------------------
1 |
17 |
18 |
23 |
24 |
25 |
Invoke Public
26 |
Invoke Secured
27 |
Invoke Admin
28 |
29 |
{{message}}
30 |
31 |
--------------------------------------------------------------------------------
/app-angular2/src/main/webapp/app/app.component.js.map:
--------------------------------------------------------------------------------
1 | {"version":3,"file":"app.component.js","sourceRoot":"","sources":["app.component.ts"],"names":[],"mappings":";;;;;;;;;;AAAA;;;;;;;;;;;;;;;GAeG;AACH,sCAA0C;AAC1C,sCAAsE;AAEtE,wEAAoE;AAEpE,mCAAiC;AACjC,iCAA+B;AAO/B,IAAa,YAAY;IAOvB,sBAAoB,IAAU,EAAU,EAAmB;QAAvC,SAAI,GAAJ,IAAI,CAAM;QAAU,OAAE,GAAF,EAAE,CAAiB;QALnD,eAAU,GAAW,gCAAgC,CAAC;QAGvD,eAAU,GAAW,EAAE,CAAC;IAG/B,CAAC;IAED,oCAAa,GAAb;QACE,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,aAAa,EAAE,CAAC;IACjC,CAAC;IAED,4BAAK,GAAL;QACE,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;IAClB,CAAC;IAED,6BAAM,GAAN;QACE,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC;IACnB,CAAC;IAED,8BAAO,GAAP;QACE,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC;IACpB,CAAC;IAED,8BAAO,GAAP,UAAQ,QAAgB;QAAxB,iBAIC;QAHC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,GAAG,QAAQ,CAAC;aACpC,SAAS,CAAC,UAAC,GAAa,IAAK,OAAA,KAAI,CAAC,cAAc,CAAC,GAAG,EAAE,KAAI,CAAC,EAA9B,CAA8B,EACjD,UAAC,KAAe,IAAK,OAAA,KAAI,CAAC,kBAAkB,CAAC,KAAK,EAAE,KAAI,CAAC,EAApC,CAAoC,CAAC,CAAC;IAC5E,CAAC;IAEO,qCAAc,GAAtB,UAAuB,GAAa,EAAE,IAAkB;QACtD,IAAI,CAAC,UAAU,GAAG,EAAE,CAAC;QACrB,IAAI,CAAC,OAAO,GAAG,WAAW,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC;IAClD,CAAC;IAEO,yCAAkB,GAA1B,UAA2B,KAAe,EAAE,IAAkB;QAC5D,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC;QAC1B,EAAE,CAAC,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC;YACvB,IAAI,CAAC,OAAO,GAAG,gBAAgB,CAAC;QAClC,CAAC;QAAC,IAAI,CAAC,CAAC;YACN,IAAI,CAAC,OAAO,GAAG,KAAK,CAAC,MAAM,GAAG,GAAG,GAAG,KAAK,CAAC,UAAU,CAAC;QACvD,CAAC;IACH,CAAC;IACH,mBAAC;AAAD,CAAC,AA7CD,IA6CC;AA7CY,YAAY;IALxB,gBAAS,CAAC;QACT,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,sBAAsB;QACnC,SAAS,EAAE,CAAC,qBAAqB,CAAC;KACnC,CAAC;qCAQ0B,WAAI,EAAc,kCAAe;GAPhD,YAAY,CA6CxB;AA7CY,oCAAY"}
--------------------------------------------------------------------------------
/app-angular2/src/main/webapp/app/app.module.js.map:
--------------------------------------------------------------------------------
1 | {"version":3,"file":"app.module.js","sourceRoot":"","sources":["app.module.ts"],"names":[],"mappings":";;;;;;;AAAA;;;;;;;;;;;;;;;GAeG;AACH,8DAA0D;AAC1D,sCAAyC;AACzC,sCAA2C;AAE3C,wEAAsE;AACtE,kEAAuF;AAEvF,iDAA+C;AAe/C,IAAa,SAAS;IAAtB;IAAyB,CAAC;IAAD,gBAAC;AAAD,CAAC,AAA1B,IAA0B;AAAb,SAAS;IAZrB,eAAQ,CAAC;QACR,YAAY,EAAE,CAAE,4BAAY,CAAE;QAC9B,OAAO,EAAE;YACP,gCAAa;YACb,iBAAU;SACX;QACD,SAAS,EAAE;YACT,kCAAe;YACf,sCAAsB;SACvB;QACD,SAAS,EAAE,CAAC,4BAAY,CAAC;KAC1B,CAAC;GACW,SAAS,CAAI;AAAb,8BAAS"}
--------------------------------------------------------------------------------
/app-angular2/src/main/webapp/app/app.module.ts:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2017 Red Hat, Inc. and/or its affiliates
3 | * and other contributors as indicated by the @author tags.
4 | *
5 | * Licensed under the Apache License, Version 2.0 (the "License");
6 | * you may not use this file except in compliance with the License.
7 | * You may obtain a copy of the License at
8 | *
9 | * http://www.apache.org/licenses/LICENSE-2.0
10 | *
11 | * Unless required by applicable law or agreed to in writing, software
12 | * distributed under the License is distributed on an "AS IS" BASIS,
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | * See the License for the specific language governing permissions and
15 | * limitations under the License.
16 | */
17 | import { BrowserModule } from '@angular/platform-browser';
18 | import { NgModule } from '@angular/core';
19 | import { HttpModule } from '@angular/http';
20 |
21 | import { KeycloakService } from './keycloak-service/keycloak.service';
22 | import { KeycloakHttp,KEYCLOAK_HTTP_PROVIDER } from './keycloak-service/keycloak.http';
23 |
24 | import { AppComponent } from './app.component';
25 |
26 |
27 | @NgModule({
28 | declarations: [ AppComponent ],
29 | imports: [
30 | BrowserModule,
31 | HttpModule
32 | ],
33 | providers: [
34 | KeycloakService,
35 | KEYCLOAK_HTTP_PROVIDER
36 | ],
37 | bootstrap: [AppComponent]
38 | })
39 | export class AppModule { }
40 |
--------------------------------------------------------------------------------
/app-angular2/src/main/webapp/app/keycloak-service/keycloak.http.js.map:
--------------------------------------------------------------------------------
1 | {"version":3,"file":"keycloak.http.js","sourceRoot":"","sources":["keycloak.http.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;;;;;;;;;;;;;;;;AAEH,sCAAyC;AACzC,sCAAkI;AAElI,uDAAmD;AACnD,8BAAmC;AAEnC;;GAEG;AAEH,IAAa,YAAY;IAAS,gCAAI;IACpC,sBAAY,QAA2B,EAAE,eAA+B,EAAU,gBAAiC;QAAnH,YACE,kBAAM,QAAQ,EAAE,eAAe,CAAC,SACjC;QAFiF,sBAAgB,GAAhB,gBAAgB,CAAiB;;IAEnH,CAAC;IAED,8BAAO,GAAP,UAAQ,GAAqB,EAAE,OAA4B;QAA3D,iBAiBC;QAhBC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,aAAa,EAAE,CAAC;YAAC,MAAM,CAAC,iBAAM,OAAO,YAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAE/E,IAAM,YAAY,GAAoB,IAAI,CAAC,gBAAgB,CAAC,QAAQ,EAAE,CAAC;QACvE,IAAM,eAAe,GAAuB,eAAU,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;QAEjF,EAAE,CAAC,CAAC,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC;YAC5B,MAAM,CAAC,eAAe,CAAC,GAAG,CAAC,UAAA,KAAK;gBAC9B,IAAM,WAAW,GAAG,IAAI,qBAAc,CAAC,EAAC,OAAO,EAAE,IAAI,cAAO,CAAC,EAAC,eAAe,EAAE,SAAS,GAAG,KAAK,EAAC,CAAC,EAAC,CAAC,CAAC;gBACrG,MAAM,CAAC,IAAI,qBAAc,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;YAChE,CAAC,CAAC,CAAC,SAAS,CAAC,UAAA,IAAI,IAAI,OAAA,iBAAM,OAAO,aAAC,GAAG,EAAE,IAAI,CAAC,EAAxB,CAAwB,CAAC,CAAC;QACjD,CAAC;QAAC,IAAI,CAAC,EAAE,CAAC,CAAC,GAAG,YAAY,cAAO,CAAC,CAAC,CAAC;YAClC,MAAM,CAAC,eAAe,CAAC,GAAG,CAAC,UAAA,KAAK;gBAC9B,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,SAAS,GAAG,KAAK,CAAC,CAAC;gBACpD,MAAM,CAAC,GAAG,CAAC;YACb,CAAC,CAAC,CAAC,SAAS,CAAC,UAAA,OAAO,IAAI,OAAA,iBAAM,OAAO,aAAC,OAAO,CAAC,EAAtB,CAAsB,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IACH,mBAAC;AAAD,CAAC,AAvBD,CAAkC,WAAI,GAuBrC;AAvBY,YAAY;IADxB,iBAAU,EAAE;qCAEW,wBAAiB,EAAmB,qBAAc,EAA4B,kCAAe;GADxG,YAAY,CAuBxB;AAvBY,oCAAY;AAyBzB,6BAAoC,OAAmB,EAAE,cAA8B,EAAE,eAAgC;IACvH,MAAM,CAAC,IAAI,YAAY,CAAC,OAAO,EAAE,cAAc,EAAE,eAAe,CAAC,CAAC;AACpE,CAAC;AAFD,kDAEC;AAEY,QAAA,sBAAsB,GAAG;IACpC,OAAO,EAAE,WAAI;IACb,UAAU,EAAE,mBAAmB;IAC/B,IAAI,EAAE,CAAC,iBAAU,EAAE,qBAAc,EAAE,kCAAe,CAAC;CACpD,CAAC"}
--------------------------------------------------------------------------------
/app-angular2/src/main/webapp/app/keycloak-service/keycloak.service.js.map:
--------------------------------------------------------------------------------
1 | {"version":3,"file":"keycloak.service.js","sourceRoot":"","sources":["keycloak.service.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;;;;;;;;AAEH,qCAAqC;AAErC,sCAAyC;AAEzC,IAAI,QAAQ,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,2BAA2B;AAIjE,IAAa,eAAe;IAA5B;IA+CA,CAAC;IA5CU,oBAAI,GAAX,UAAY,OAAa;QACrB,MAAM,CAAC,IAAI,OAAO,CAAC,UAAC,OAAO,EAAE,MAAM;YAC/B,iBAAe,CAAC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC;iBACrC,OAAO,CAAC;gBACL,OAAO,EAAE,CAAC;YACd,CAAC,CAAC;iBACD,KAAK,CAAC,UAAC,SAAc;gBAClB,MAAM,CAAC,SAAS,CAAC,CAAC;YACtB,CAAC,CAAC,CAAC;QACX,CAAC,CAAC,CAAC;IACP,CAAC;IAED,uCAAa,GAAb;QACI,MAAM,CAAC,iBAAe,CAAC,YAAY,CAAC,aAAa,CAAC;IACtD,CAAC;IAED,+BAAK,GAAL;QACI,iBAAe,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC;IACzC,CAAC;IAED,gCAAM,GAAN;QACI,iBAAe,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC;IAC1C,CAAC;IAED,iCAAO,GAAP;QACI,iBAAe,CAAC,YAAY,CAAC,iBAAiB,EAAE,CAAC;IACrD,CAAC;IAED,kCAAQ,GAAR;QACI,MAAM,CAAC,IAAI,OAAO,CAAS,UAAC,OAAO,EAAE,MAAM;YACvC,EAAE,CAAC,CAAC,iBAAe,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC;gBACrC,iBAAe,CAAC,YAAY;qBACvB,WAAW,CAAC,CAAC,CAAC;qBACd,OAAO,CAAC;oBACL,OAAO,CAAS,iBAAe,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;gBACxD,CAAC,CAAC;qBACD,KAAK,CAAC;oBACH,MAAM,CAAC,yBAAyB,CAAC,CAAC;gBACtC,CAAC,CAAC,CAAC;YACX,CAAC;YAAC,IAAI,CAAC,CAAC;gBACJ,MAAM,CAAC,eAAe,CAAC,CAAC;YAC5B,CAAC;QACL,CAAC,CAAC,CAAC;IACP,CAAC;IACL,sBAAC;AAAD,CAAC,AA/CD,IA+CC;AA9CU,4BAAY,GAAmB,QAAQ,EAAE,CAAC;AADxC,eAAe;IAD3B,iBAAU,EAAE;GACA,eAAe,CA+C3B;AA/CY,0CAAe"}
--------------------------------------------------------------------------------
/app-angular2/src/main/webapp/index.html:
--------------------------------------------------------------------------------
1 |
17 |
18 |
19 |
20 | Keycloak Example App
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
39 |
40 |
41 |
42 |
43 | Loading app...
44 |
45 |
46 |
47 |
--------------------------------------------------------------------------------
/app-angular2/src/main/webapp/main.js:
--------------------------------------------------------------------------------
1 | "use strict";
2 | /*
3 | * JBoss, Home of Professional Open Source
4 | * Copyright 2016, Red Hat, Inc. and/or its affiliates, and individual
5 | * contributors by the @authors tag. See the copyright.txt in the
6 | * distribution for a full listing of individual contributors.
7 | *
8 | * Licensed under the Apache License, Version 2.0 (the "License");
9 | * you may not use this file except in compliance with the License.
10 | * You may obtain a copy of the License at
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | * Unless required by applicable law or agreed to in writing, software
13 | * distributed under the License is distributed on an "AS IS" BASIS,
14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 | * See the License for the specific language governing permissions and
16 | * limitations under the License.
17 | */
18 | var core_1 = require("@angular/core");
19 | var platform_browser_dynamic_1 = require("@angular/platform-browser-dynamic");
20 | var app_module_1 = require("./app/app.module");
21 | var keycloak_service_1 = require("./app/keycloak-service/keycloak.service");
22 | core_1.enableProdMode();
23 | keycloak_service_1.KeycloakService.init({ onLoad: 'check-sso', checkLoginIframeInterval: 1 })
24 | .then(function () {
25 | platform_browser_dynamic_1.platformBrowserDynamic().bootstrapModule(app_module_1.AppModule);
26 | })
27 | .catch(function (e) {
28 | console.log('Error in ng2 bootstrap: ' + e);
29 | });
30 | //# sourceMappingURL=main.js.map
--------------------------------------------------------------------------------
/app-angular2/src/main/webapp/main.js.map:
--------------------------------------------------------------------------------
1 | {"version":3,"file":"main.js","sourceRoot":"","sources":["main.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;GAeG;AACH,sCAA+C;AAC/C,8EAA2E;AAG3E,+CAA6C;AAE7C,4EAA0E;AAE1E,qBAAc,EAAE,CAAC;AAEjB,kCAAe,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,WAAW,EAAE,wBAAwB,EAAE,CAAC,EAAE,CAAC;KACrE,IAAI,CAAC;IACF,iDAAsB,EAAE,CAAC,eAAe,CAAC,sBAAS,CAAC,CAAC;AACxD,CAAC,CAAC;KACD,KAAK,CAAC,UAAC,CAAS;IACb,OAAO,CAAC,GAAG,CAAC,0BAA0B,GAAG,CAAC,CAAC,CAAC;AAChD,CAAC,CAAC,CAAC"}
--------------------------------------------------------------------------------
/app-angular2/src/main/webapp/main.ts:
--------------------------------------------------------------------------------
1 | /*
2 | * JBoss, Home of Professional Open Source
3 | * Copyright 2016, Red Hat, Inc. and/or its affiliates, and individual
4 | * contributors by the @authors tag. See the copyright.txt in the
5 | * distribution for a full listing of individual contributors.
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | * http://www.apache.org/licenses/LICENSE-2.0
11 | * Unless required by applicable law or agreed to in writing, software
12 | * distributed under the License is distributed on an "AS IS" BASIS,
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | * See the License for the specific language governing permissions and
15 | * limitations under the License.
16 | */
17 | import { enableProdMode } from '@angular/core';
18 | import { platformBrowserDynamic } from '@angular/platform-browser-dynamic';
19 | import { platformBrowser } from '@angular/platform-browser';
20 |
21 | import { AppModule } from './app/app.module';
22 |
23 | import { KeycloakService } from './app/keycloak-service/keycloak.service';
24 |
25 | enableProdMode();
26 |
27 | KeycloakService.init({ onLoad: 'check-sso', checkLoginIframeInterval: 1 })
28 | .then(() => {
29 | platformBrowserDynamic().bootstrapModule(AppModule);
30 | })
31 | .catch((e: string) => {
32 | console.log('Error in ng2 bootstrap: ' + e);
33 | });
34 |
35 |
--------------------------------------------------------------------------------
/app-angular2/src/main/webapp/package.json:
--------------------------------------------------------------------------------
1 | {
2 | "name": "app-angular2",
3 | "version": "1.0.0",
4 | "description": "Keycloak Quickstart written in Angular 2",
5 | "scripts": {
6 | "build": "tsc -p ./",
7 | "build:watch": "tsc -p ./ -w"
8 | },
9 | "keywords": [],
10 | "author": "Stan Silvert",
11 | "license": "Apache 2.0",
12 | "dependencies": {
13 | "@angular/common": "~4.0.0",
14 | "@angular/compiler": "~4.0.0",
15 | "@angular/core": "~4.0.0",
16 | "@angular/forms": "~4.0.0",
17 | "@angular/http": "~4.0.0",
18 | "@angular/platform-browser": "~4.0.0",
19 | "@angular/platform-browser-dynamic": "~4.0.0",
20 | "@angular/router": "~4.0.0",
21 | "angular-in-memory-web-api": "~0.3.0",
22 | "core-js": "^2.4.1",
23 | "rxjs": "5.0.1",
24 | "systemjs": "0.19.40",
25 | "zone.js": "^0.8.4"
26 | },
27 | "devDependencies": {
28 | "concurrently": "^3.2.0",
29 | "typescript": "~2.1.0",
30 | "canonical-path": "0.0.2",
31 | "lodash": "^4.16.4",
32 | "rimraf": "^2.5.4",
33 | "@types/node": "^6.0.46"
34 | },
35 | "repository": {
36 | "type": "git",
37 | "url" : "git://github.com/keycloak/keycloak-quickstarts.git"
38 | }
39 | }
40 |
--------------------------------------------------------------------------------
/app-angular2/src/main/webapp/systemjs-angular-loader.js:
--------------------------------------------------------------------------------
1 | var templateUrlRegex = /templateUrl\s*:(\s*['"`](.*?)['"`]\s*)/gm;
2 | var stylesRegex = /styleUrls *:(\s*\[[^\]]*?\])/g;
3 | var stringRegex = /(['`"])((?:[^\\]\\\1|.)*?)\1/g;
4 |
5 | module.exports.translate = function(load){
6 | var url = document.createElement('a');
7 | url.href = load.address;
8 |
9 | var basePathParts = url.pathname.split('/');
10 |
11 | basePathParts.pop();
12 | var basePath = basePathParts.join('/');
13 |
14 | var baseHref = document.createElement('a');
15 | baseHref.href = this.baseURL;
16 | baseHref = baseHref.pathname;
17 |
18 | basePath = basePath.replace(baseHref, '');
19 |
20 | load.source = load.source
21 | .replace(templateUrlRegex, function(match, quote, url){
22 | var resolvedUrl = url;
23 |
24 | if (url.startsWith('.')) {
25 | resolvedUrl = basePath + url.substr(1);
26 | }
27 |
28 | return 'templateUrl: "' + resolvedUrl + '"';
29 | })
30 | .replace(stylesRegex, function(match, relativeUrls) {
31 | var urls = [];
32 |
33 | while ((match = stringRegex.exec(relativeUrls)) !== null) {
34 | if (match[2].startsWith('.')) {
35 | urls.push('"' + basePath + match[2].substr(1) + '"');
36 | } else {
37 | urls.push('"' + match[2] + '"');
38 | }
39 | }
40 |
41 | return "styleUrls: [" + urls.join(', ') + "]";
42 | });
43 |
44 | return load;
45 | };
46 |
--------------------------------------------------------------------------------
/app-angular2/src/main/webapp/systemjs.config.extras.js:
--------------------------------------------------------------------------------
1 | /**
2 | * Add barrels and stuff
3 | * Adjust as necessary for your application needs.
4 | */
5 | // (function (global) {
6 | // System.config({
7 | // packages: {
8 | // // add packages here
9 | // }
10 | // });
11 | // })(this);
12 |
--------------------------------------------------------------------------------
/app-angular2/src/main/webapp/systemjs.config.js:
--------------------------------------------------------------------------------
1 | /**
2 | * System configuration for Angular samples
3 | * Adjust as necessary for your application needs.
4 | */
5 | (function (global) {
6 | System.config({
7 | paths: {
8 | // paths serve as alias
9 | 'npm:': 'node_modules/'
10 | },
11 | // map tells the System loader where to look for things
12 | map: {
13 | // our app is within the app folder
14 | 'app': 'app',
15 |
16 | // angular bundles
17 | '@angular/core': 'npm:@angular/core/bundles/core.umd.js',
18 | '@angular/common': 'npm:@angular/common/bundles/common.umd.js',
19 | '@angular/compiler': 'npm:@angular/compiler/bundles/compiler.umd.js',
20 | '@angular/platform-browser': 'npm:@angular/platform-browser/bundles/platform-browser.umd.js',
21 | '@angular/platform-browser-dynamic': 'npm:@angular/platform-browser-dynamic/bundles/platform-browser-dynamic.umd.js',
22 | '@angular/http': 'npm:@angular/http/bundles/http.umd.js',
23 | '@angular/router': 'npm:@angular/router/bundles/router.umd.js',
24 | '@angular/forms': 'npm:@angular/forms/bundles/forms.umd.js',
25 |
26 | // other libraries
27 | 'rxjs': 'npm:rxjs',
28 | 'angular-in-memory-web-api': 'npm:angular-in-memory-web-api/bundles/in-memory-web-api.umd.js'
29 | },
30 | // packages tells the System loader how to load when no filename and/or no extension
31 | packages: {
32 | app: {
33 | defaultExtension: 'js',
34 | meta: {
35 | './*.js': {
36 | loader: 'systemjs-angular-loader.js'
37 | }
38 | }
39 | },
40 | rxjs: {
41 | defaultExtension: 'js'
42 | }
43 | }
44 | });
45 | })(this);
46 |
--------------------------------------------------------------------------------
/app-angular2/src/main/webapp/tsconfig.json:
--------------------------------------------------------------------------------
1 | {
2 | "compilerOptions": {
3 | "target": "es5",
4 | "module": "commonjs",
5 | "moduleResolution": "node",
6 | "sourceMap": true,
7 | "emitDecoratorMetadata": true,
8 | "experimentalDecorators": true,
9 | "lib": [ "es2015", "dom" ],
10 | "noImplicitAny": true,
11 | "suppressImplicitAnyIndexErrors": true
12 | }
13 | }
14 |
--------------------------------------------------------------------------------
/app-authz-jee-servlet/config/keycloak-example.json:
--------------------------------------------------------------------------------
1 | {
2 | "realm": "quickstart",
3 | "auth-server-url": "http://localhost:8180/auth",
4 | "ssl-required": "external",
5 | "resource": "authz-servlet",
6 | "credentials": {
7 | "secret": "secret"
8 | },
9 | "policy-enforcer": {
10 | "path-cache": {
11 | "lifespan": 0,
12 | "max-entries": 0
13 | },
14 | "on-deny-redirect-to" : "/authz-servlet/accessDenied.jsp"
15 | }
16 | }
--------------------------------------------------------------------------------
/app-authz-jee-servlet/src/main/webapp/META-INF/jboss-deployment-structure.xml:
--------------------------------------------------------------------------------
1 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
--------------------------------------------------------------------------------
/app-authz-jee-servlet/src/main/webapp/WEB-INF/web.xml:
--------------------------------------------------------------------------------
1 |
2 |
6 |
7 | authz-servlet
8 |
9 |
10 |
11 | All Resources
12 | /*
13 |
14 |
15 | user
16 | admin
17 | user_premium
18 |
19 |
20 |
21 |
22 | KEYCLOAK
23 | quickstart-authz-servlet
24 |
25 |
26 |
27 | admin
28 |
29 |
30 |
31 | user
32 |
33 |
34 |
35 | user_premium
36 |
37 |
38 |
39 | 403
40 | /accessDenied.jsp
41 |
42 |
43 |
--------------------------------------------------------------------------------
/app-authz-jee-servlet/src/main/webapp/accessDenied.jsp:
--------------------------------------------------------------------------------
1 | <%@page contentType="text/html" pageEncoding="ISO-8859-1"%>
2 |
3 |
4 |
5 | You can not access this resource.
6 | <%@include file="include-logout.jsp"%>
7 |
8 |
--------------------------------------------------------------------------------
/app-authz-jee-servlet/src/main/webapp/include-logout.jsp:
--------------------------------------------------------------------------------
1 |
2 | <% controller.handleLogout(request, response); %>
3 |
4 |
5 |
6 |
9 |
--------------------------------------------------------------------------------
/app-authz-jee-servlet/src/main/webapp/index.jsp:
--------------------------------------------------------------------------------
1 | <%@ page import="org.keycloak.AuthorizationContext" %>
2 | <%@ page import="org.keycloak.KeycloakSecurityContext" %>
3 | <%@ page import="org.keycloak.representations.idm.authorization.Permission" %>
4 |
5 | <%
6 | KeycloakSecurityContext keycloakSecurityContext = (KeycloakSecurityContext) request.getAttribute(KeycloakSecurityContext.class.getName());
7 | AuthorizationContext authzContext = keycloakSecurityContext.getAuthorizationContext();
8 | %>
9 |
10 | <%@page contentType="text/html" pageEncoding="ISO-8859-1"%>
11 |
12 |
13 |
14 | <%@include file="include-logout.jsp"%>
15 | This is a public resource. Try to access one of these protected resources:
16 |
17 | Dynamic Menu
18 | User Premium
19 | Administration
20 |
21 | Your permissions are:
22 |
23 |
24 | <%
25 | for (Permission permission : authzContext.getPermissions()) {
26 | %>
27 |
28 | Resource: <%= permission.getResourceName() %>
29 | ID: <%= permission.getResourceId() %>
30 | Scopes: <%= permission.getScopes() %>
31 |
32 | <%
33 | }
34 | %>
35 |
36 |
37 |
38 |
--------------------------------------------------------------------------------
/app-authz-jee-servlet/src/main/webapp/protected/admin/onlyAdmin.jsp:
--------------------------------------------------------------------------------
1 | <%@page contentType="text/html" pageEncoding="ISO-8859-1"%>
2 |
3 |
4 |
5 | Only Administrators can access this page.
6 | <%@include file="../../include-logout.jsp"%>
7 |
8 |
--------------------------------------------------------------------------------
/app-authz-jee-servlet/src/main/webapp/protected/dynamicMenu.jsp:
--------------------------------------------------------------------------------
1 | <%@page import="org.keycloak.AuthorizationContext" %>
2 | <%@ page import="org.keycloak.KeycloakSecurityContext" %>
3 |
4 | <%
5 | KeycloakSecurityContext keycloakSecurityContext = (KeycloakSecurityContext) request.getAttribute(KeycloakSecurityContext.class.getName());
6 | AuthorizationContext authzContext = keycloakSecurityContext.getAuthorizationContext();
7 | %>
8 |
9 | <%@page contentType="text/html" pageEncoding="ISO-8859-1"%>
10 |
11 |
12 |
13 | Any authenticated user can access this page.
14 | <%@include file="../include-logout.jsp"%>
15 |
16 | Here is a dynamic menu built from the permissions returned by the server:
17 |
18 |
19 | <%
20 | if (authzContext.hasResourcePermission("Protected Resource")) {
21 | %>
22 |
23 | Do user thing
24 |
25 | <%
26 | }
27 | %>
28 |
29 | <%
30 | if (authzContext.hasResourcePermission("Premium Resource")) {
31 | %>
32 |
33 | Do user premium thing
34 |
35 | <%
36 | }
37 | %>
38 |
39 | <%
40 | if (authzContext.hasPermission("Admin Resource", "urn:servlet-authz:protected:admin:access")) {
41 | %>
42 |
43 | Do administration thing
44 |
45 | <%
46 | }
47 | %>
48 |
49 |
50 |
--------------------------------------------------------------------------------
/app-authz-jee-servlet/src/main/webapp/protected/premium/onlyPremium.jsp:
--------------------------------------------------------------------------------
1 | <%@page contentType="text/html" pageEncoding="ISO-8859-1"%>
2 |
3 |
4 |
5 | Only for premium users.
6 | <%@include file="../../include-logout.jsp"%>
7 |
8 |
--------------------------------------------------------------------------------
/app-authz-jee-servlet/src/test/java/org/keycloak/quickstart/page/AuthzPage.java:
--------------------------------------------------------------------------------
1 | package org.keycloak.quickstart.page;
2 |
3 | import org.openqa.selenium.WebElement;
4 | import org.openqa.selenium.support.FindBy;
5 |
6 | /**
7 | * @author Bruno Oliveira
8 | */
9 | public class AuthzPage {
10 |
11 | @FindBy(name = "logoutBtn")
12 | private WebElement logoutButton;
13 |
14 | @FindBy(linkText = "Administration")
15 | private WebElement adminLink;
16 |
17 | @FindBy(linkText = "User Premium")
18 | private WebElement premiumLink;
19 |
20 | @FindBy(linkText = "Dynamic Menu")
21 | private WebElement dynamicMenuLink;
22 |
23 | @FindBy(tagName = "h2")
24 | private WebElement message;
25 |
26 | public void clickAdminLink() {
27 | adminLink.click();
28 | }
29 |
30 | public void clickPremiumLink() {
31 | premiumLink.click();
32 | }
33 |
34 | public void clickDynamicMenuLink() {
35 | dynamicMenuLink.click();
36 | }
37 |
38 | public void clickLogout() {
39 | logoutButton.click();
40 | }
41 |
42 | public String getMessage() {
43 | return message.getText();
44 | }
45 | }
46 |
--------------------------------------------------------------------------------
/app-authz-jee-servlet/src/test/resources/arquillian.xml:
--------------------------------------------------------------------------------
1 |
2 |
12 |
16 |
17 |
18 |
20 |
21 |
22 |
23 |
24 |
26 |
27 | 127.0.0.1
28 | 9990
29 | ${basedir}/target/wildfly-${version.wildfly}
30 |
31 |
32 |
33 |
34 | phantomjs
35 |
36 |
37 |
--------------------------------------------------------------------------------
/app-authz-jee-servlet/src/test/resources/keycloak.json:
--------------------------------------------------------------------------------
1 | {
2 | "realm": "quickstart-authz-servlet",
3 | "auth-server-url": "http://localhost:8180/auth",
4 | "ssl-required": "external",
5 | "resource": "authz-servlet",
6 | "credentials": {
7 | "secret": "secret"
8 | },
9 | "policy-enforcer": {
10 | "on-deny-redirect-to" : "/authz-servlet/accessDenied.jsp"
11 | }
12 | }
--------------------------------------------------------------------------------
/app-authz-jee-vanilla/config/client-import.json:
--------------------------------------------------------------------------------
1 | {
2 | "clientId": "app-authz-vanilla",
3 | "rootUrl": "http://localhost:8080/app-authz-vanilla",
4 | "enabled": true,
5 | "redirectUris": [
6 | "http://localhost:8080/app-authz-vanilla/*"
7 | ],
8 | "webOrigins": [
9 | "http://localhost:8080"
10 | ],
11 | "publicClient": false,
12 | "secret": "secret",
13 | "serviceAccountsEnabled": true,
14 | "authorizationServicesEnabled": true
15 | }
16 |
--------------------------------------------------------------------------------
/app-authz-jee-vanilla/config/keycloak-example.json:
--------------------------------------------------------------------------------
1 | {
2 | "realm": "quickstart",
3 | "auth-server-url": "http://localhost:8180/auth",
4 | "ssl-required": "external",
5 | "resource": "app-authz-vanilla",
6 | "credentials": {
7 | "secret": "secret"
8 | },
9 | "confidential-port": 0,
10 | "policy-enforcer": {
11 | "on-deny-redirect-to" : "/app-authz-vanilla/error.jsp"
12 | }
13 | }
--------------------------------------------------------------------------------
/app-authz-jee-vanilla/src/main/webapp/META-INF/jboss-deployment-structure.xml:
--------------------------------------------------------------------------------
1 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
--------------------------------------------------------------------------------
/app-authz-jee-vanilla/src/main/webapp/WEB-INF/web.xml:
--------------------------------------------------------------------------------
1 |
2 |
19 |
20 |
24 |
25 | app-authz-vanilla
26 |
27 |
28 |
29 | All Resources
30 | /*
31 |
32 |
33 | *
34 |
35 |
36 |
37 |
38 | KEYCLOAK
39 | quickstart-authz-vanilla
40 |
41 |
42 |
43 | *
44 |
45 |
46 |
--------------------------------------------------------------------------------
/app-authz-jee-vanilla/src/main/webapp/error.jsp:
--------------------------------------------------------------------------------
1 | <%--
2 | ~ Copyright 2016 Red Hat, Inc. and/or its affiliates
3 | ~ and other contributors as indicated by the @author tags.
4 | ~
5 | ~ Licensed under the Apache License, Version 2.0 (the "License");
6 | ~ you may not use this file except in compliance with the License.
7 | ~ You may obtain a copy of the License at
8 | ~
9 | ~ http://www.apache.org/licenses/LICENSE-2.0
10 | ~
11 | ~ Unless required by applicable law or agreed to in writing, software
12 | ~ distributed under the License is distributed on an "AS IS" BASIS,
13 | ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | ~ See the License for the specific language governing permissions and
15 | ~ limitations under the License.
16 | ~
17 | --%>
18 |
19 | <%@ page import="org.keycloak.common.util.KeycloakUriBuilder" %>
20 | <%@ page import="org.keycloak.constants.ServiceUrlConstants" %>
21 |
22 |
23 |
24 | <%@include file="include-logout.jsp" %>
25 | Access Denied !
26 |
27 |
28 |
29 |
--------------------------------------------------------------------------------
/app-authz-jee-vanilla/src/main/webapp/include-logout.jsp:
--------------------------------------------------------------------------------
1 |
2 | <% controller.handleLogout(request, response); %>
3 |
4 |
5 |
6 |
9 |
--------------------------------------------------------------------------------
/app-authz-jee-vanilla/src/main/webapp/index.jsp:
--------------------------------------------------------------------------------
1 | <%--
2 | ~ Copyright 2016 Red Hat, Inc. and/or its affiliates
3 | ~ and other contributors as indicated by the @author tags.
4 | ~
5 | ~ Licensed under the Apache License, Version 2.0 (the "License");
6 | ~ you may not use this file except in compliance with the License.
7 | ~ You may obtain a copy of the License at
8 | ~
9 | ~ http://www.apache.org/licenses/LICENSE-2.0
10 | ~
11 | ~ Unless required by applicable law or agreed to in writing, software
12 | ~ distributed under the License is distributed on an "AS IS" BASIS,
13 | ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | ~ See the License for the specific language governing permissions and
15 | ~ limitations under the License.
16 | ~
17 | --%>
18 | <%@page import="org.keycloak.AuthorizationContext" %>
19 | <%@ page import="org.keycloak.KeycloakSecurityContext" %>
20 | <%@ page import="org.keycloak.common.util.KeycloakUriBuilder" %>
21 | <%@ page import="org.keycloak.constants.ServiceUrlConstants" %>
22 | <%@ page import="org.keycloak.representations.idm.authorization.Permission" %>
23 |
24 | <%
25 | KeycloakSecurityContext keycloakSecurityContext = (KeycloakSecurityContext) request.getAttribute(KeycloakSecurityContext.class.getName());
26 | AuthorizationContext authzContext = keycloakSecurityContext.getAuthorizationContext();
27 | %>
28 |
29 |
30 | Welcome!
31 | <%@include file="include-logout.jsp"%>
32 | Your permissions are:
33 |
34 |
46 |
47 |
--------------------------------------------------------------------------------
/app-authz-jee-vanilla/src/test/java/org/keycloak/quickstart/page/AuthzPage.java:
--------------------------------------------------------------------------------
1 | package org.keycloak.quickstart.page;
2 |
3 | import org.openqa.selenium.WebElement;
4 | import org.openqa.selenium.support.FindBy;
5 |
6 | /**
7 | * @author Bruno Oliveira
8 | */
9 | public class AuthzPage {
10 |
11 | @FindBy(name = "logoutBtn")
12 | private WebElement logoutButton;
13 |
14 | @FindBy(tagName = "h3")
15 | private WebElement message;
16 |
17 | public void clickLogout() {
18 | logoutButton.click();
19 | }
20 |
21 | public String getMessage() {
22 | return message.getText();
23 | }
24 | }
--------------------------------------------------------------------------------
/app-authz-jee-vanilla/src/test/resources/arquillian.xml:
--------------------------------------------------------------------------------
1 |
2 |
12 |
16 |
17 |
18 |
20 |
21 |
22 |
23 |
24 |
26 |
27 | 127.0.0.1
28 | 9990
29 | ${basedir}/target/wildfly-${version.wildfly}
30 |
31 |
32 |
33 |
34 | phantomjs
35 |
36 |
37 |
--------------------------------------------------------------------------------
/app-authz-jee-vanilla/src/test/resources/keycloak.json:
--------------------------------------------------------------------------------
1 | {
2 | "realm": "quickstart-authz-vanilla",
3 | "auth-server-url": "http://127.0.0.1:8180/auth",
4 | "ssl-required": "external",
5 | "resource": "app-authz-vanilla",
6 | "credentials": {
7 | "secret": "secret"
8 | },
9 | "policy-enforcer": {
10 | "on-deny-redirect-to" : "/authz-vanilla/error.jsp"
11 | }
12 | }
--------------------------------------------------------------------------------
/app-authz-photoz/photoz-html5-client/src/main/webapp/WEB-INF/web.xml:
--------------------------------------------------------------------------------
1 |
2 |
6 |
7 | photoz-html5-client
8 |
9 |
10 |
--------------------------------------------------------------------------------
/app-authz-photoz/photoz-html5-client/src/main/webapp/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 | Photoz HTML5 Client
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 | Show Access Token | My Account | Sign Out
23 |
24 |
27 |
28 |
29 |
30 |
31 |
32 |
--------------------------------------------------------------------------------
/app-authz-photoz/photoz-html5-client/src/main/webapp/keycloak.json:
--------------------------------------------------------------------------------
1 | {
2 | "realm": "photoz",
3 | "auth-server-url" : "http://localhost:8180/auth",
4 | "ssl-required" : "external",
5 | "resource" : "photoz-html5-client",
6 | "public-client" : true
7 | }
--------------------------------------------------------------------------------
/app-authz-photoz/photoz-html5-client/src/main/webapp/lib/jwt-decode.min.js:
--------------------------------------------------------------------------------
1 | !function a(b,c,d){function e(g,h){if(!c[g]){if(!b[g]){var i="function"==typeof require&&require;if(!h&&i)return i(g,!0);if(f)return f(g,!0);throw new Error("Cannot find module '"+g+"'")}var j=c[g]={exports:{}};b[g][0].call(j.exports,function(a){var c=b[g][1][a];return e(c?c:a)},j,j.exports,a,b,c,d)}return c[g].exports}for(var f="function"==typeof require&&require,g=0;g>8-f%1*8)){if(e=a.charCodeAt(f+=.75),e>255)throw d;c=c<<8|e}return h}),a.atob||(a.atob=function(a){if(a=a.replace(/=+$/,""),a.length%4==1)throw d;for(var c,e,f=0,g=0,h="";e=a.charAt(g++);~e&&(c=f%4?64*c+e:e,f++%4)?h+=String.fromCharCode(255&c>>(-2*f&6)):0)e=b.indexOf(e);return h})}()},{}],5:[function(a){var b="undefined"!=typeof self?self:"undefined"!=typeof window?window:{},c=a("./lib/index");"function"==typeof b.window.define&&b.window.define.amd?b.window.define("jwt_decode",function(){return c}):b.window&&(b.window.jwt_decode=c)},{"./lib/index":2}]},{},[5]);
--------------------------------------------------------------------------------
/app-authz-photoz/photoz-html5-client/src/main/webapp/partials/admin/albums.html:
--------------------------------------------------------------------------------
1 | All Albums
2 |
3 |
4 |
5 | {{key}}
6 |
7 |
8 |
9 |
10 |
11 |
16 |
17 |
18 |
19 |
20 |
21 | Back to main page
22 |
--------------------------------------------------------------------------------
/app-authz-photoz/photoz-html5-client/src/main/webapp/partials/album/create.html:
--------------------------------------------------------------------------------
1 | Create an Album
2 |
3 |
8 |
--------------------------------------------------------------------------------
/app-authz-photoz/photoz-html5-client/src/main/webapp/partials/album/detail.html:
--------------------------------------------------------------------------------
1 | {{album.name}}
2 |
3 |
4 |
--------------------------------------------------------------------------------
/app-authz-photoz/photoz-html5-client/src/main/webapp/partials/home.html:
--------------------------------------------------------------------------------
1 | Welcome To Photoz, {{Identity.claims.name}}
2 |
3 |
4 |
5 |
6 |
Create Album |
My Profile
7 |
8 |
Your Albums
9 |
You don't have any albums, yet.
10 |
15 |
Shared With Me
16 |
You don't have any shares, yet.
17 |
22 |
--------------------------------------------------------------------------------
/app-authz-photoz/photoz-html5-client/src/main/webapp/partials/profile.html:
--------------------------------------------------------------------------------
1 | My Profile
2 |
3 |
7 |
8 | Back to main page
9 |
10 |
--------------------------------------------------------------------------------
/app-authz-photoz/photoz-js-policies/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
18 |
20 | 4.0.0
21 |
22 | org.keycloak.quickstarts
23 | app-authz-photoz-parent
24 | 7.4.0.GA
25 | ../pom.xml
26 |
27 |
28 | photoz-js-policies
29 | jar
30 | Red Hat SSO Quickstarts: Photoz JS Policies
31 | JS Policies
32 |
33 |
34 | ${project.artifactId}
35 |
36 |
37 | src/main/resources
38 | true
39 |
40 |
41 |
42 |
43 |
--------------------------------------------------------------------------------
/app-authz-photoz/photoz-js-policies/src/main/resources/META-INF/keycloak-scripts.json:
--------------------------------------------------------------------------------
1 | {
2 | "policies": [
3 | {
4 | "name": "Only From @keycloak.org or Admin",
5 | "fileName": "only-keycloak-domain-or-admin.js",
6 | "description": "Defines that only users from @keycloak.org or Admins can do something"
7 | },
8 | {
9 | "name": "Only Owner Policy",
10 | "fileName": "only-owner.js",
11 | "description": "Defines that only the resource owner is allowed to do something"
12 | },
13 | {
14 | "name": "Only From a Specific Client Address",
15 | "fileName": "only-from-specific-client-address.js",
16 | "description": "Defines that only clients from a specific address can do something"
17 | }
18 | ]
19 | }
--------------------------------------------------------------------------------
/app-authz-photoz/photoz-js-policies/src/main/resources/only-from-specific-client-address.js:
--------------------------------------------------------------------------------
1 | var contextAttributes = $evaluation.getContext().getAttributes();
2 |
3 | if (contextAttributes.containsValue('kc.client.network.ip_address', '127.0.0.1')) {
4 | $evaluation.grant();
5 | }
--------------------------------------------------------------------------------
/app-authz-photoz/photoz-js-policies/src/main/resources/only-keycloak-domain-or-admin.js:
--------------------------------------------------------------------------------
1 | var context = $evaluation.getContext();
2 | var identity = context.getIdentity();
3 | var attributes = identity.getAttributes();
4 | var email = attributes.getValue('email').asString(0);
5 |
6 | if (identity.hasRealmRole('admin') || email.endsWith('@keycloak.org')) {
7 | $evaluation.grant();
8 | }
--------------------------------------------------------------------------------
/app-authz-photoz/photoz-js-policies/src/main/resources/only-owner.js:
--------------------------------------------------------------------------------
1 | var context = $evaluation.context;
2 | var identity = context.identity;
3 | var permission = $evaluation.permission;
4 | var resource = permission.resource;
5 |
6 | if (resource.owner == identity.id) {
7 | $evaluation.grant();
8 | }
--------------------------------------------------------------------------------
/app-authz-photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/ErrorResponse.java:
--------------------------------------------------------------------------------
1 | package org.keycloak.example.photoz;
2 |
3 | import javax.ws.rs.WebApplicationException;
4 | import javax.ws.rs.core.Response;
5 | import java.util.HashMap;
6 | import java.util.Map;
7 |
8 | /**
9 | * @author Pedro Igor
10 | */
11 | public class ErrorResponse extends WebApplicationException {
12 |
13 | private final Response.Status status;
14 |
15 | public ErrorResponse(String message) {
16 | this(message, Response.Status.INTERNAL_SERVER_ERROR);
17 | }
18 |
19 | public ErrorResponse(String message, Response.Status status) {
20 | super(message, status);
21 | this.status = status;
22 | }
23 |
24 | @Override
25 | public Response getResponse() {
26 | Map errorResponse = new HashMap();
27 |
28 | errorResponse.put("message", getMessage());
29 |
30 | return Response.status(status).entity(errorResponse).build();
31 | }
32 | }
33 |
--------------------------------------------------------------------------------
/app-authz-photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/PhotozApplication.java:
--------------------------------------------------------------------------------
1 | package org.keycloak.example.photoz;
2 |
3 | import javax.ws.rs.ApplicationPath;
4 | import javax.ws.rs.core.Application;
5 |
6 | /**
7 | * Basic auth app.
8 | */
9 | @ApplicationPath("/")
10 | public class PhotozApplication extends Application {
11 |
12 | }
13 |
--------------------------------------------------------------------------------
/app-authz-photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/album/SharedAlbum.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2017 Red Hat, Inc. and/or its affiliates
3 | * and other contributors as indicated by the @author tags.
4 | *
5 | * Licensed under the Apache License, Version 2.0 (the "License");
6 | * you may not use this file except in compliance with the License.
7 | * You may obtain a copy of the License at
8 | *
9 | * http://www.apache.org/licenses/LICENSE-2.0
10 | *
11 | * Unless required by applicable law or agreed to in writing, software
12 | * distributed under the License is distributed on an "AS IS" BASIS,
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | * See the License for the specific language governing permissions and
15 | * limitations under the License.
16 | */
17 | package org.keycloak.example.photoz.album;
18 |
19 | import java.util.ArrayList;
20 | import java.util.List;
21 |
22 | import org.keycloak.example.photoz.entity.Album;
23 |
24 | public class SharedAlbum {
25 |
26 | private Album album;
27 | private List scopes;
28 |
29 | public SharedAlbum(Album album) {
30 | this.album = album;
31 | }
32 |
33 | public Album getAlbum() {
34 | return album;
35 | }
36 |
37 | public List getScopes() {
38 | return scopes;
39 | }
40 |
41 | public void addScope(String scope) {
42 | if (scopes == null) {
43 | scopes = new ArrayList();
44 | }
45 | scopes.add(scope);
46 | }
47 | }
48 |
--------------------------------------------------------------------------------
/app-authz-photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/util/Resources.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2016 Red Hat, Inc. and/or its affiliates
3 | * and other contributors as indicated by the @author tags.
4 | *
5 | * Licensed under the Apache License, Version 2.0 (the "License");
6 | * you may not use this file except in compliance with the License.
7 | * You may obtain a copy of the License at
8 | *
9 | * http://www.apache.org/licenses/LICENSE-2.0
10 | *
11 | * Unless required by applicable law or agreed to in writing, software
12 | * distributed under the License is distributed on an "AS IS" BASIS,
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | * See the License for the specific language governing permissions and
15 | * limitations under the License.
16 | */
17 | package org.keycloak.example.photoz.util;
18 |
19 | import javax.annotation.PostConstruct;
20 | import javax.annotation.PreDestroy;
21 | import javax.enterprise.context.ApplicationScoped;
22 | import javax.enterprise.context.RequestScoped;
23 | import javax.enterprise.inject.Produces;
24 | import javax.persistence.EntityManager;
25 | import javax.persistence.EntityManagerFactory;
26 | import javax.persistence.Persistence;
27 |
28 | /**
29 | * @author Pedro Igor
30 | */
31 | @ApplicationScoped
32 | public class Resources {
33 |
34 | private EntityManagerFactory entityManagerFactory;
35 |
36 | @PostConstruct
37 | public void init() {
38 | entityManagerFactory = Persistence.createEntityManagerFactory("primary");
39 | }
40 |
41 | @PreDestroy
42 | public void dispose() {
43 | entityManagerFactory.close();
44 | }
45 |
46 | @RequestScoped
47 | @Produces
48 | public EntityManager createEntityManager() {
49 | return entityManagerFactory.createEntityManager();
50 | }
51 | }
52 |
--------------------------------------------------------------------------------
/app-authz-photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/util/Transaction.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2016 Red Hat, Inc. and/or its affiliates
3 | * and other contributors as indicated by the @author tags.
4 | *
5 | * Licensed under the Apache License, Version 2.0 (the "License");
6 | * you may not use this file except in compliance with the License.
7 | * You may obtain a copy of the License at
8 | *
9 | * http://www.apache.org/licenses/LICENSE-2.0
10 | *
11 | * Unless required by applicable law or agreed to in writing, software
12 | * distributed under the License is distributed on an "AS IS" BASIS,
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | * See the License for the specific language governing permissions and
15 | * limitations under the License.
16 | */
17 | package org.keycloak.example.photoz.util;
18 |
19 | import javax.interceptor.InterceptorBinding;
20 | import java.lang.annotation.Retention;
21 | import java.lang.annotation.Target;
22 |
23 | import static java.lang.annotation.ElementType.TYPE;
24 | import static java.lang.annotation.RetentionPolicy.RUNTIME;
25 |
26 | /**
27 | * @author Pedro Igor
28 | */
29 | @InterceptorBinding
30 | @Target({ TYPE })
31 | @Retention(RUNTIME)
32 | public @interface Transaction {
33 | }
34 |
--------------------------------------------------------------------------------
/app-authz-photoz/photoz-restful-api/src/main/resources/META-INF/beans.xml:
--------------------------------------------------------------------------------
1 |
2 |
6 |
7 | org.keycloak.example.photoz.util.TransactionInterceptor
8 |
9 |
10 |
--------------------------------------------------------------------------------
/app-authz-photoz/photoz-restful-api/src/main/resources/META-INF/persistence.xml:
--------------------------------------------------------------------------------
1 |
2 |
7 |
8 |
9 | org.keycloak.example.photoz.entity.Album
10 | org.keycloak.example.photoz.entity.Photo
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
--------------------------------------------------------------------------------
/app-authz-photoz/photoz-restful-api/src/main/webapp/META-INF/jboss-deployment-structure.xml:
--------------------------------------------------------------------------------
1 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
--------------------------------------------------------------------------------
/app-authz-photoz/photoz-restful-api/src/main/webapp/WEB-INF/web.xml:
--------------------------------------------------------------------------------
1 |
2 |
6 |
7 | photoz-restful-api
8 |
9 |
10 |
11 | All Resources
12 | /*
13 |
14 |
15 | user
16 |
17 |
18 |
19 |
20 |
21 | All Resources
22 | /*
23 |
24 |
25 | admin
26 |
27 |
28 |
29 |
30 | KEYCLOAK
31 | photoz
32 |
33 |
34 |
35 | admin
36 |
37 |
38 |
39 | user
40 |
41 |
42 |
--------------------------------------------------------------------------------
/app-authz-photoz/photoz-testsuite/src/test/java/org/keycloak/quickstart/uma/page/ConsentPage.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2018 Red Hat, Inc. and/or its affiliates
3 | * and other contributors as indicated by the @author tags.
4 | *
5 | * Licensed under the Apache License, Version 2.0 (the "License");
6 | * you may not use this file except in compliance with the License.
7 | * You may obtain a copy of the License at
8 | *
9 | * http://www.apache.org/licenses/LICENSE-2.0
10 | *
11 | * Unless required by applicable law or agreed to in writing, software
12 | * distributed under the License is distributed on an "AS IS" BASIS,
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | * See the License for the specific language governing permissions and
15 | * limitations under the License.
16 | */
17 |
18 | package org.keycloak.quickstart.uma.page;
19 |
20 | import org.jboss.arquillian.test.api.ArquillianResource;
21 | import org.openqa.selenium.WebDriver;
22 | import org.openqa.selenium.WebElement;
23 | import org.openqa.selenium.support.FindBy;
24 |
25 | /**
26 | * A {@code {@link org.jboss.arquillian.graphene.page.Page}} representing the consent page.
27 | *
28 | * @author Stefan Guilhen
29 | */
30 | public class ConsentPage {
31 |
32 | @ArquillianResource
33 | protected WebDriver driver;
34 |
35 | @FindBy(id = "kc-login")
36 | private WebElement submitButton;
37 |
38 | @FindBy(id = "kc-cancel")
39 | private WebElement cancelButton;
40 |
41 | public void confirm() {
42 | submitButton.click();
43 | }
44 |
45 | public void cancel() {
46 | cancelButton.click();
47 | }
48 |
49 | public boolean isCurrent() {
50 | return driver.getTitle().equalsIgnoreCase("Log in to photoz");
51 | }
52 | }
53 |
--------------------------------------------------------------------------------
/app-authz-rest-employee/src/main/java/org/keycloak/quickstart/springboot/MyApplication.java:
--------------------------------------------------------------------------------
1 | /*
2 | * JBoss, Home of Professional Open Source
3 | *
4 | * Copyright 2017 Red Hat, Inc. and/or its affiliates.
5 | *
6 | * Licensed under the Apache License, Version 2.0 (the "License");
7 | * you may not use this file except in compliance with the License.
8 | * You may obtain a copy of the License at
9 | *
10 | * http://www.apache.org/licenses/LICENSE-2.0
11 | *
12 | * Unless required by applicable law or agreed to in writing, software
13 | * distributed under the License is distributed on an "AS IS" BASIS,
14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 | * See the License for the specific language governing permissions and
16 | * limitations under the License.
17 | *
18 | */
19 | package org.keycloak.quickstart.springboot;
20 |
21 | import org.springframework.boot.SpringApplication;
22 | import org.springframework.boot.autoconfigure.SpringBootApplication;
23 |
24 | /**
25 | * @author Pedro Igor
26 | */
27 | @SpringBootApplication
28 | public class MyApplication {
29 |
30 | public static void main(String[] args) throws Exception {
31 | SpringApplication.run(MyApplication.class, args);
32 | }
33 | }
34 |
--------------------------------------------------------------------------------
/app-authz-rest-employee/src/main/java/org/keycloak/quickstart/springboot/web/ApplicationController.java:
--------------------------------------------------------------------------------
1 | /*
2 | * JBoss, Home of Professional Open Source
3 | *
4 | * Copyright 2017 Red Hat, Inc. and/or its affiliates.
5 | *
6 | * Licensed under the Apache License, Version 2.0 (the "License");
7 | * you may not use this file except in compliance with the License.
8 | * You may obtain a copy of the License at
9 | *
10 | * http://www.apache.org/licenses/LICENSE-2.0
11 | *
12 | * Unless required by applicable law or agreed to in writing, software
13 | * distributed under the License is distributed on an "AS IS" BASIS,
14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 | * See the License for the specific language governing permissions and
16 | * limitations under the License.
17 | *
18 | */
19 | package org.keycloak.quickstart.springboot.web;
20 |
21 | import org.springframework.web.bind.annotation.PathVariable;
22 | import org.springframework.web.bind.annotation.RequestMapping;
23 | import org.springframework.web.bind.annotation.RequestMethod;
24 | import org.springframework.web.bind.annotation.RestController;
25 |
26 | /**
27 | * @author Pedro Igor
28 | */
29 | @RestController
30 | public class ApplicationController {
31 |
32 | @RequestMapping(value = "/api/{employee}", method = RequestMethod.GET)
33 | public Employee salary(@PathVariable String employee) {
34 | return new Employee(employee);
35 | }
36 |
37 | public static class Employee {
38 |
39 | private final String name;
40 |
41 | public Employee(String name) {
42 | this.name = name;
43 | }
44 |
45 | public String getName() {
46 | return name;
47 | }
48 | }
49 | }
50 |
--------------------------------------------------------------------------------
/app-authz-rest-employee/src/main/resources/application.properties:
--------------------------------------------------------------------------------
1 | server.connection-timeout=5000
2 | server.port = 8080
3 | keycloak.realm=spring-boot-quickstart
4 | keycloak.auth-server-url=http://localhost:8180/auth
5 | keycloak.ssl-required=external
6 | keycloak.resource=app-authz-rest-employee
7 | keycloak.bearer-only=true
8 | keycloak.credentials.secret=secret
9 | keycloak.securityConstraints[0].authRoles[0]=user
10 | keycloak.securityConstraints[0].securityCollections[0].name=protected
11 | keycloak.securityConstraints[0].securityCollections[0].patterns[0]=/*
12 | keycloak.policy-enforcer-config.enforcement-mode=ENFORCING
13 | keycloak.policy-enforcer-config.claimInformationPointConfig.claims[http.uri]={request.relativePath}
14 |
15 | # Turn off the logs
16 | logging.level.root=OFF
17 | logging.level.org.springframework.boot=OFF
18 | spring.main.banner-mode=OFF
--------------------------------------------------------------------------------
/app-authz-rest-employee/src/test/resources/application.properties:
--------------------------------------------------------------------------------
1 | server.connection-timeout=5000
2 | server.port = 8080
3 | keycloak.realm=spring-boot-quickstart
4 | keycloak.auth-server-url=http://localhost:8180/auth
5 | keycloak.ssl-required=external
6 | keycloak.resource=app-authz-rest-employee
7 | keycloak.bearer-only=true
8 | keycloak.credentials.secret=secret
9 | keycloak.securityConstraints[0].authRoles[0]=user
10 | keycloak.securityConstraints[0].securityCollections[0].name=protected
11 | keycloak.securityConstraints[0].securityCollections[0].patterns[0]=/*
12 | keycloak.policy-enforcer-config.enforcement-mode=ENFORCING
13 | keycloak.policy-enforcer-config.claimInformationPointConfig.claims[http.uri]={request.relativePath}
14 |
15 | # Turn off the logs
16 | logging.level.root=OFF
17 | logging.level.org.springframework.boot=OFF
18 | spring.main.banner-mode=OFF
--------------------------------------------------------------------------------
/app-authz-rest-springboot/src/main/java/org/keycloak/quickstart/springboot/MyApplication.java:
--------------------------------------------------------------------------------
1 | /*
2 | * JBoss, Home of Professional Open Source
3 | *
4 | * Copyright 2017 Red Hat, Inc. and/or its affiliates.
5 | *
6 | * Licensed under the Apache License, Version 2.0 (the "License");
7 | * you may not use this file except in compliance with the License.
8 | * You may obtain a copy of the License at
9 | *
10 | * http://www.apache.org/licenses/LICENSE-2.0
11 | *
12 | * Unless required by applicable law or agreed to in writing, software
13 | * distributed under the License is distributed on an "AS IS" BASIS,
14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 | * See the License for the specific language governing permissions and
16 | * limitations under the License.
17 | *
18 | */
19 | package org.keycloak.quickstart.springboot;
20 |
21 | import org.springframework.boot.SpringApplication;
22 | import org.springframework.boot.autoconfigure.SpringBootApplication;
23 |
24 | /**
25 | * @author Pedro Igor
26 | */
27 | @SpringBootApplication
28 | public class MyApplication {
29 |
30 | public static void main(String[] args) throws Exception {
31 | SpringApplication.run(MyApplication.class, args);
32 | }
33 | }
34 |
--------------------------------------------------------------------------------
/app-authz-rest-springboot/src/main/java/org/keycloak/quickstart/springboot/web/ApplicationController.java:
--------------------------------------------------------------------------------
1 | /*
2 | * JBoss, Home of Professional Open Source
3 | *
4 | * Copyright 2017 Red Hat, Inc. and/or its affiliates.
5 | *
6 | * Licensed under the Apache License, Version 2.0 (the "License");
7 | * you may not use this file except in compliance with the License.
8 | * You may obtain a copy of the License at
9 | *
10 | * http://www.apache.org/licenses/LICENSE-2.0
11 | *
12 | * Unless required by applicable law or agreed to in writing, software
13 | * distributed under the License is distributed on an "AS IS" BASIS,
14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 | * See the License for the specific language governing permissions and
16 | * limitations under the License.
17 | *
18 | */
19 | package org.keycloak.quickstart.springboot.web;
20 |
21 | import org.springframework.web.bind.annotation.RequestMapping;
22 | import org.springframework.web.bind.annotation.RequestMethod;
23 | import org.springframework.web.bind.annotation.RestController;
24 |
25 | /**
26 | * @author Pedro Igor
27 | */
28 | @RestController
29 | public class ApplicationController {
30 |
31 | @RequestMapping(value = "/api/resourcea", method = RequestMethod.GET)
32 | public String handleResourceA() {
33 | return createResponse();
34 | }
35 |
36 | @RequestMapping(value = "/api/resourceb", method = RequestMethod.GET)
37 | public String handleResourceB() {
38 | return createResponse();
39 | }
40 |
41 | @RequestMapping(value = "/api/premium", method = RequestMethod.GET)
42 | public String handlePremiumResource() {
43 | return createResponse();
44 | }
45 |
46 | @RequestMapping(value = "/api/admin", method = RequestMethod.GET)
47 | public String handleAdminResource() {
48 | return createResponse();
49 | }
50 |
51 | private String createResponse() {
52 | return "Access Granted";
53 | }
54 | }
55 |
--------------------------------------------------------------------------------
/app-authz-rest-springboot/src/main/resources/application.properties:
--------------------------------------------------------------------------------
1 | server.connection-timeout=5000
2 | server.port = 8080
3 | keycloak.realm=spring-boot-quickstart
4 | keycloak.auth-server-url=http://localhost:8180/auth
5 | keycloak.ssl-required=external
6 | keycloak.resource=app-authz-rest-springboot
7 | keycloak.bearer-only=true
8 | keycloak.credentials.secret=secret
9 | keycloak.securityConstraints[0].authRoles[0]=user
10 | keycloak.securityConstraints[0].securityCollections[0].name=protected
11 | keycloak.securityConstraints[0].securityCollections[0].patterns[0]=/*
12 | keycloak.policy-enforcer-config.lazy-load-paths=true
13 | keycloak.policy-enforcer-config.paths[0].path=/api/admin
14 | keycloak.policy-enforcer-config.paths[0].claimInformationPointConfig.claims[some-claim]={request.parameter['parameter-a']}
15 |
16 | # Turn off the logs
17 | logging.level.root=OFF
18 | logging.level.org.springframework.boot=OFF
19 | spring.main.banner-mode=OFF
--------------------------------------------------------------------------------
/app-authz-rest-springboot/src/test/resources/application.properties:
--------------------------------------------------------------------------------
1 | server.connection-timeout=5000
2 | server.port = 8080
3 | keycloak.realm=spring-boot-quickstart
4 | keycloak.auth-server-url=http://localhost:8180/auth
5 | keycloak.ssl-required=external
6 | keycloak.resource=app-authz-rest-springboot
7 | keycloak.bearer-only=true
8 | keycloak.credentials.secret=secret
9 | keycloak.securityConstraints[0].authRoles[0]=user
10 | keycloak.securityConstraints[0].securityCollections[0].name=protected
11 | keycloak.securityConstraints[0].securityCollections[0].patterns[0]=/*
12 | keycloak.policy-enforcer-config.lazy-load-paths=true
13 | keycloak.policy-enforcer-config.paths[0].path=/api/admin
14 | keycloak.policy-enforcer-config.paths[0].claimInformationPointConfig.claims[some-claim]={request.parameter['parameter-a']}
15 |
16 | # Turn off the logs
17 | logging.level.root=OFF
18 | logging.level.org.springframework.boot=OFF
19 | spring.main.banner-mode=OFF
--------------------------------------------------------------------------------
/app-authz-spring-security/src/main/java/org/keycloak/quickstart/springsecurity/web/MyApplication.java:
--------------------------------------------------------------------------------
1 | package org.keycloak.quickstart.springsecurity.web;
2 |
3 | import org.springframework.boot.SpringApplication;
4 | import org.springframework.boot.autoconfigure.SpringBootApplication;
5 |
6 | @SpringBootApplication
7 | public class MyApplication {
8 |
9 | public static void main(String[] args) throws Throwable {
10 | SpringApplication.run(MyApplication.class, args);
11 | }
12 |
13 | }
14 |
--------------------------------------------------------------------------------
/app-authz-spring-security/src/main/resources/application.properties:
--------------------------------------------------------------------------------
1 | # Turn off the logs
2 | logging.level.root=OFF
3 | logging.level.org.springframework.boot=OFF
4 | spring.main.banner-mode=OFF
--------------------------------------------------------------------------------
/app-authz-spring-security/src/main/resources/keycloak.json:
--------------------------------------------------------------------------------
1 | {
2 | "realm": "spring-security-quickstart",
3 | "auth-server-url": "http://localhost:8180/auth",
4 | "ssl-required": "external",
5 | "resource": "app-authz-spring-security",
6 | "credentials": {
7 | "secret": "secret"
8 | },
9 | "policy-enforcer": {
10 | "on-deny-redirect-to": "/accessDenied"
11 | }
12 | }
--------------------------------------------------------------------------------
/app-authz-spring-security/src/main/resources/templates/access-denied.ftl:
--------------------------------------------------------------------------------
1 | <#import "/spring.ftl" as spring />
2 | <#assign xhtmlCompliant = true in spring>
3 |
4 |
5 |
6 | Access Denied
7 |
8 |
9 |
10 |
13 |
14 | Users are redirect to this page when they lack permissions to access a resource
15 |
16 |
17 |
18 |
--------------------------------------------------------------------------------
/app-authz-spring-security/src/main/resources/templates/alice.ftl:
--------------------------------------------------------------------------------
1 | <#import "/spring.ftl" as spring />
2 | <#assign xhtmlCompliant = true in spring>
3 |
4 |
5 |
6 | Alice Page
7 |
8 |
9 |
10 |
13 |
14 | Only Alice is allowed to access this resource
15 |
16 |
17 |
18 |
--------------------------------------------------------------------------------
/app-authz-spring-security/src/main/resources/templates/home.ftl:
--------------------------------------------------------------------------------
1 | <#import "/spring.ftl" as spring />
2 | <#assign xhtmlCompliant = true in spring>
3 |
4 |
5 |
6 | Home Page
7 |
8 |
9 |
10 |
33 |
34 |
35 |
36 |
--------------------------------------------------------------------------------
/app-authz-spring-security/src/main/resources/templates/premium.ftl:
--------------------------------------------------------------------------------
1 | <#import "/spring.ftl" as spring />
2 | <#assign xhtmlCompliant = true in spring>
3 |
4 |
5 |
6 | Premium Page
7 |
8 |
9 |
10 |
13 |
14 | Access to this page is enforced by permissions associated with resource "Premium Resource"
15 |
16 |
17 |
18 |
--------------------------------------------------------------------------------
/app-authz-spring-security/src/main/resources/templates/protected.ftl:
--------------------------------------------------------------------------------
1 | <#import "/spring.ftl" as spring />
2 | <#assign xhtmlCompliant = true in spring>
3 |
4 |
5 |
6 | Protected Page
7 |
8 |
9 |
10 |
13 |
14 | Access to this page is enforced by permissions associated with resource "Protected Resource"
15 |
16 |
17 |
18 |
--------------------------------------------------------------------------------
/app-authz-spring-security/src/test/resources/application.properties:
--------------------------------------------------------------------------------
1 | # Turn off the logs
2 | logging.level.root=OFF
3 | logging.level.org.springframework.boot=OFF
4 | spring.main.banner-mode=OFF
--------------------------------------------------------------------------------
/app-authz-springboot/src/main/java/org/keycloak/quickstart/springboot/MyApplication.java:
--------------------------------------------------------------------------------
1 | /*
2 | * JBoss, Home of Professional Open Source
3 | *
4 | * Copyright 2017 Red Hat, Inc. and/or its affiliates.
5 | *
6 | * Licensed under the Apache License, Version 2.0 (the "License");
7 | * you may not use this file except in compliance with the License.
8 | * You may obtain a copy of the License at
9 | *
10 | * http://www.apache.org/licenses/LICENSE-2.0
11 | *
12 | * Unless required by applicable law or agreed to in writing, software
13 | * distributed under the License is distributed on an "AS IS" BASIS,
14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 | * See the License for the specific language governing permissions and
16 | * limitations under the License.
17 | *
18 | */
19 | package org.keycloak.quickstart.springboot;
20 |
21 | import org.springframework.boot.SpringApplication;
22 | import org.springframework.boot.autoconfigure.SpringBootApplication;
23 |
24 | /**
25 | * @author Pedro Igor
26 | */
27 | @SpringBootApplication
28 | public class MyApplication {
29 |
30 | public static void main(String[] args) throws Exception {
31 | SpringApplication.run(MyApplication.class, args);
32 | }
33 | }
34 |
--------------------------------------------------------------------------------
/app-authz-springboot/src/main/resources/application.properties:
--------------------------------------------------------------------------------
1 | server.connection-timeout=5000
2 | spring.freemarker.cache=false
3 | server.port = 8080
4 | keycloak.realm=spring-boot-quickstart
5 | keycloak.auth-server-url=http://localhost:8180/auth
6 | keycloak.ssl-required=external
7 | keycloak.resource=app-authz-springboot
8 | keycloak.public-client=false
9 | keycloak.credentials.secret=secret
10 | keycloak.securityConstraints[0].authRoles[0] = user
11 | keycloak.securityConstraints[0].securityCollections[0].name = protected
12 | keycloak.securityConstraints[0].securityCollections[0].patterns[0] = /*
13 |
14 | # This configuration enables the policy enforcer in order to protect resources served by this application.
15 | # During the boot, the policy enforcer is going to fetch all protected resources in Keycloak and automatically configure your application.
16 | # Note that protected resources in Keycloak are defined with a URI which maps to a set of resources in this application.
17 | keycloak.policy-enforcer-config.on-deny-redirect-to=/accessDenied
18 |
19 | # Turn off the logs
20 | logging.level.root=OFF
21 | logging.level.org.springframework.boot=OFF
22 | spring.main.banner-mode=OFF
--------------------------------------------------------------------------------
/app-authz-springboot/src/main/resources/application.properties.path.entitlements:
--------------------------------------------------------------------------------
1 | server.connection-timeout=5000
2 | spring.freemarker.cache=false
3 | server.port = 8080
4 | keycloak.realm=spring-boot-quickstart
5 | keycloak.auth-server-url=http://localhost:8180/auth
6 | keycloak.ssl-required=external
7 | keycloak.resource=app-authz-springboot
8 | keycloak.public-client=false
9 | keycloak.credentials.secret=secret
10 | keycloak.securityConstraints[0].authRoles[0]=user
11 | keycloak.securityConstraints[0].securityCollections[0].name=protected
12 | keycloak.securityConstraints[0].securityCollections[0].patterns[0]=/*
13 |
14 | # This configuration enables the policy enforcer in order to protect resources served by this application.
15 | # During the boot, the policy enforcer is going to fetch only the paths defined below and associate these paths with specific
16 | resources defined in Keycloak.
17 | # When defining paths in the configuration, you are not really required to specify a URI for protected resources in Keycloak.
18 | keycloak.policy-enforcer-config.on-deny-redirect-to=/accessDenied
19 | keycloak.policy-enforcer-config.paths[0].name=Default Resource
20 | keycloak.policy-enforcer-config.paths[0].path=/*
21 | keycloak.policy-enforcer-config.paths[1].name=Protected Resource
22 | keycloak.policy-enforcer-config.paths[1].path=/protected/*
23 |
24 | # This is a special path definition where a pattern is used to map different resources in Keycloak.
25 | # With this configuration is possible to enforce access for resources based on a type.
26 | keycloak.policy-enforcer-config.paths[2].name=User Resource
27 | keycloak.policy-enforcer-config.paths[2].path=/protected/{user_name}
28 |
29 |
30 | keycloak.policy-enforcer-config.paths[3].name=Premium Resource
31 | keycloak.policy-enforcer-config.paths[3].path=/protected/premium
--------------------------------------------------------------------------------
/app-authz-springboot/src/main/resources/templates/access-denied.ftl:
--------------------------------------------------------------------------------
1 | <#import "/spring.ftl" as spring />
2 | <#assign xhtmlCompliant = true in spring>
3 |
4 |
5 |
6 | Access Denied
7 |
8 |
9 |
10 |
13 |
14 | Users are redirect to this page when they lack permissions to access a resource
15 |
16 |
17 |
18 |
--------------------------------------------------------------------------------
/app-authz-springboot/src/main/resources/templates/home.ftl:
--------------------------------------------------------------------------------
1 | <#import "/spring.ftl" as spring />
2 | <#assign xhtmlCompliant = true in spring>
3 |
4 |
5 |
6 | Home Page
7 |
8 |
9 |
10 |
29 |
30 |
31 |
32 |
--------------------------------------------------------------------------------
/app-authz-springboot/src/main/resources/templates/premium.ftl:
--------------------------------------------------------------------------------
1 | <#import "/spring.ftl" as spring />
2 | <#assign xhtmlCompliant = true in spring>
3 |
4 |
5 |
6 | Premium Page
7 |
8 |
9 |
10 |
13 |
14 | Access to this page is enforced by permissions associated with resource "Premium Resource"
15 |
16 |
17 |
18 |
--------------------------------------------------------------------------------
/app-authz-springboot/src/main/resources/templates/protected.ftl:
--------------------------------------------------------------------------------
1 | <#import "/spring.ftl" as spring />
2 | <#assign xhtmlCompliant = true in spring>
3 |
4 |
5 |
6 | Protected Page
7 |
8 |
9 |
10 |
13 |
14 | Access to this page is enforced by permissions associated with resource "Protected Resource"
15 |
16 |
17 |
18 |
--------------------------------------------------------------------------------
/app-authz-springboot/src/test/resources/application.properties:
--------------------------------------------------------------------------------
1 | server.connection-timeout=5000
2 | spring.freemarker.cache=false
3 | server.port = 8080
4 | keycloak.realm=spring-boot-quickstart
5 | keycloak.auth-server-url=http://localhost:8180/auth
6 | keycloak.ssl-required=external
7 | keycloak.resource=app-authz-springboot
8 | keycloak.public-client=false
9 | keycloak.credentials.secret=secret
10 | keycloak.securityConstraints[0].authRoles[0]=user
11 | keycloak.securityConstraints[0].securityCollections[0].name=protected
12 | keycloak.securityConstraints[0].securityCollections[0].patterns[0]=/*
13 |
14 | # This configuration enables the policy enforcer in order to protect resources served by this application.
15 | # During the boot, the policy enforcer is going to fetch only the paths defined below and associate these paths with specific
16 | resources defined in Keycloak.
17 | # When defining paths in the configuration, you are not really required to specify a URI for protected resources in Keycloak.
18 | keycloak.policy-enforcer-config.on-deny-redirect-to=/accessDenied
19 | keycloak.policy-enforcer-config.paths[0].name=Default Resource
20 | keycloak.policy-enforcer-config.paths[0].path=/*
21 | keycloak.policy-enforcer-config.paths[1].name=Protected Resource
22 | keycloak.policy-enforcer-config.paths[1].path=/protected/*
23 |
24 | # This is a special path definition where a pattern is used to map different resources in Keycloak.
25 | # With this configuration is possible to enforce access for resources based on a type.
26 | keycloak.policy-enforcer-config.paths[2].name=User Resource
27 | keycloak.policy-enforcer-config.paths[2].path=/protected/{user_name}
28 |
29 |
30 | keycloak.policy-enforcer-config.paths[3].name=Premium Resource
31 | keycloak.policy-enforcer-config.paths[3].path=/protected/premium
32 |
33 | # Turn off the logs
34 | logging.level.root=OFF
35 | logging.level.org.springframework.boot=OFF
36 | spring.main.banner-mode=OFF
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-html5-client/src/main/webapp/WEB-INF/web.xml:
--------------------------------------------------------------------------------
1 |
2 |
6 |
7 | photoz-html5-client
8 |
9 |
10 |
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-html5-client/src/main/webapp/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 | Photoz HTML5 Client
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 | Show Requesting Party Token | Show Access Token | Request Entitlements | My Account | Sign Out
23 |
24 |
27 |
28 |
29 |
30 |
31 |
32 |
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-html5-client/src/main/webapp/keycloak.json:
--------------------------------------------------------------------------------
1 | {
2 | "realm": "photoz",
3 | "auth-server-url" : "http://localhost:8180/auth",
4 | "ssl-required" : "external",
5 | "resource" : "photoz-html5-client",
6 | "public-client" : true
7 | }
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-html5-client/src/main/webapp/lib/jwt-decode.min.js:
--------------------------------------------------------------------------------
1 | !function a(b,c,d){function e(g,h){if(!c[g]){if(!b[g]){var i="function"==typeof require&&require;if(!h&&i)return i(g,!0);if(f)return f(g,!0);throw new Error("Cannot find module '"+g+"'")}var j=c[g]={exports:{}};b[g][0].call(j.exports,function(a){var c=b[g][1][a];return e(c?c:a)},j,j.exports,a,b,c,d)}return c[g].exports}for(var f="function"==typeof require&&require,g=0;g>8-f%1*8)){if(e=a.charCodeAt(f+=.75),e>255)throw d;c=c<<8|e}return h}),a.atob||(a.atob=function(a){if(a=a.replace(/=+$/,""),a.length%4==1)throw d;for(var c,e,f=0,g=0,h="";e=a.charAt(g++);~e&&(c=f%4?64*c+e:e,f++%4)?h+=String.fromCharCode(255&c>>(-2*f&6)):0)e=b.indexOf(e);return h})}()},{}],5:[function(a){var b="undefined"!=typeof self?self:"undefined"!=typeof window?window:{},c=a("./lib/index");"function"==typeof b.window.define&&b.window.define.amd?b.window.define("jwt_decode",function(){return c}):b.window&&(b.window.jwt_decode=c)},{"./lib/index":2}]},{},[5]);
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-html5-client/src/main/webapp/partials/admin/albums.html:
--------------------------------------------------------------------------------
1 | All Albums
2 |
3 |
4 |
5 | {{key}}
6 |
7 |
8 |
9 |
10 |
11 |
16 |
17 |
18 |
19 |
20 |
21 | Back to main page
22 |
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-html5-client/src/main/webapp/partials/album/create.html:
--------------------------------------------------------------------------------
1 | Create an Album
2 |
3 |
8 |
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-html5-client/src/main/webapp/partials/album/detail.html:
--------------------------------------------------------------------------------
1 | {{album.name}}
2 |
3 |
4 |
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-html5-client/src/main/webapp/partials/home.html:
--------------------------------------------------------------------------------
1 | Welcome To Photoz, {{Identity.claims.name}}
2 |
3 |
4 |
5 |
6 |
Create Album |
My Profile
7 |
8 |
Your Albums
9 |
You don't have any albums, yet.
10 |
15 |
Shared With Me
16 |
You don't have any shares, yet.
17 |
22 |
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-html5-client/src/main/webapp/partials/profile.html:
--------------------------------------------------------------------------------
1 | My Profile
2 |
3 |
7 |
8 | Back to main page
9 |
10 |
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-js-policies/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
18 |
20 | 4.0.0
21 |
22 | org.keycloak.quickstarts
23 | app-authz-uma-photoz-parent
24 | 7.4.0.GA
25 | ../pom.xml
26 |
27 |
28 | photoz-uma-js-policies
29 | jar
30 | Red Hat SSO Quickstarts: Photoz JS Policies
31 | JS Policies
32 |
33 |
34 | ${project.artifactId}
35 |
36 |
37 | src/main/resources
38 | true
39 |
40 |
41 |
42 |
43 |
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-js-policies/src/main/resources/META-INF/keycloak-scripts.json:
--------------------------------------------------------------------------------
1 | {
2 | "policies": [
3 | {
4 | "name": "Only From @keycloak.org or Admin",
5 | "fileName": "only-keycloak-domain-or-admin.js",
6 | "description": "Defines that only users from @keycloak.org or Admins can do something"
7 | },
8 | {
9 | "name": "Only Owner Policy",
10 | "fileName": "only-owner.js",
11 | "description": "Defines that only the resource owner is allowed to do something"
12 | },
13 | {
14 | "name": "Only From a Specific Client Address",
15 | "fileName": "only-from-specific-client-address.js",
16 | "description": "Defines that only clients from a specific address can do something"
17 | }
18 | ]
19 | }
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-js-policies/src/main/resources/only-from-specific-client-address.js:
--------------------------------------------------------------------------------
1 | var contextAttributes = $evaluation.getContext().getAttributes();
2 |
3 | if (contextAttributes.containsValue('kc.client.network.ip_address', '127.0.0.1')) {
4 | $evaluation.grant();
5 | }
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-js-policies/src/main/resources/only-keycloak-domain-or-admin.js:
--------------------------------------------------------------------------------
1 | var context = $evaluation.getContext();
2 | var identity = context.getIdentity();
3 | var attributes = identity.getAttributes();
4 | var email = attributes.getValue('email').asString(0);
5 |
6 | if (identity.hasRealmRole('admin') || email.endsWith('@keycloak.org')) {
7 | $evaluation.grant();
8 | }
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-js-policies/src/main/resources/only-owner.js:
--------------------------------------------------------------------------------
1 | var context = $evaluation.context;
2 | var identity = context.identity;
3 | var permission = $evaluation.permission;
4 | var resource = permission.resource;
5 |
6 | if (resource.owner == identity.id) {
7 | $evaluation.grant();
8 | }
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/ErrorResponse.java:
--------------------------------------------------------------------------------
1 | package org.keycloak.example.photoz;
2 |
3 | import javax.ws.rs.WebApplicationException;
4 | import javax.ws.rs.core.Response;
5 | import java.util.HashMap;
6 | import java.util.Map;
7 |
8 | /**
9 | * @author Pedro Igor
10 | */
11 | public class ErrorResponse extends WebApplicationException {
12 |
13 | private final Response.Status status;
14 |
15 | public ErrorResponse(String message) {
16 | this(message, Response.Status.INTERNAL_SERVER_ERROR);
17 | }
18 |
19 | public ErrorResponse(String message, Response.Status status) {
20 | super(message, status);
21 | this.status = status;
22 | }
23 |
24 | @Override
25 | public Response getResponse() {
26 | Map errorResponse = new HashMap();
27 |
28 | errorResponse.put("message", getMessage());
29 |
30 | return Response.status(status).entity(errorResponse).build();
31 | }
32 | }
33 |
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/PhotozApplication.java:
--------------------------------------------------------------------------------
1 | package org.keycloak.example.photoz;
2 |
3 | import javax.ws.rs.ApplicationPath;
4 | import javax.ws.rs.core.Application;
5 |
6 | /**
7 | * Basic auth app.
8 | */
9 | @ApplicationPath("/")
10 | public class PhotozApplication extends Application {
11 |
12 | }
13 |
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/album/SharedAlbum.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2017 Red Hat, Inc. and/or its affiliates
3 | * and other contributors as indicated by the @author tags.
4 | *
5 | * Licensed under the Apache License, Version 2.0 (the "License");
6 | * you may not use this file except in compliance with the License.
7 | * You may obtain a copy of the License at
8 | *
9 | * http://www.apache.org/licenses/LICENSE-2.0
10 | *
11 | * Unless required by applicable law or agreed to in writing, software
12 | * distributed under the License is distributed on an "AS IS" BASIS,
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | * See the License for the specific language governing permissions and
15 | * limitations under the License.
16 | */
17 | package org.keycloak.example.photoz.album;
18 |
19 | import java.util.ArrayList;
20 | import java.util.List;
21 |
22 | import org.keycloak.example.photoz.entity.Album;
23 |
24 | public class SharedAlbum {
25 |
26 | private Album album;
27 | private List scopes;
28 |
29 | public SharedAlbum(Album album) {
30 | this.album = album;
31 | }
32 |
33 | public Album getAlbum() {
34 | return album;
35 | }
36 |
37 | public List getScopes() {
38 | return scopes;
39 | }
40 |
41 | public void addScope(String scope) {
42 | if (scopes == null) {
43 | scopes = new ArrayList();
44 | }
45 | scopes.add(scope);
46 | }
47 | }
48 |
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/util/Resources.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2016 Red Hat, Inc. and/or its affiliates
3 | * and other contributors as indicated by the @author tags.
4 | *
5 | * Licensed under the Apache License, Version 2.0 (the "License");
6 | * you may not use this file except in compliance with the License.
7 | * You may obtain a copy of the License at
8 | *
9 | * http://www.apache.org/licenses/LICENSE-2.0
10 | *
11 | * Unless required by applicable law or agreed to in writing, software
12 | * distributed under the License is distributed on an "AS IS" BASIS,
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | * See the License for the specific language governing permissions and
15 | * limitations under the License.
16 | */
17 | package org.keycloak.example.photoz.util;
18 |
19 | import javax.annotation.PostConstruct;
20 | import javax.annotation.PreDestroy;
21 | import javax.enterprise.context.ApplicationScoped;
22 | import javax.enterprise.context.RequestScoped;
23 | import javax.enterprise.inject.Produces;
24 | import javax.persistence.EntityManager;
25 | import javax.persistence.EntityManagerFactory;
26 | import javax.persistence.Persistence;
27 |
28 | /**
29 | * @author Pedro Igor
30 | */
31 | @ApplicationScoped
32 | public class Resources {
33 |
34 | private EntityManagerFactory entityManagerFactory;
35 |
36 | @PostConstruct
37 | public void init() {
38 | entityManagerFactory = Persistence.createEntityManagerFactory("primary");
39 | }
40 |
41 | @PreDestroy
42 | public void dispose() {
43 | entityManagerFactory.close();
44 | }
45 |
46 | @RequestScoped
47 | @Produces
48 | public EntityManager createEntityManager() {
49 | return entityManagerFactory.createEntityManager();
50 | }
51 | }
52 |
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/util/Transaction.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2016 Red Hat, Inc. and/or its affiliates
3 | * and other contributors as indicated by the @author tags.
4 | *
5 | * Licensed under the Apache License, Version 2.0 (the "License");
6 | * you may not use this file except in compliance with the License.
7 | * You may obtain a copy of the License at
8 | *
9 | * http://www.apache.org/licenses/LICENSE-2.0
10 | *
11 | * Unless required by applicable law or agreed to in writing, software
12 | * distributed under the License is distributed on an "AS IS" BASIS,
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | * See the License for the specific language governing permissions and
15 | * limitations under the License.
16 | */
17 | package org.keycloak.example.photoz.util;
18 |
19 | import javax.interceptor.InterceptorBinding;
20 | import java.lang.annotation.Retention;
21 | import java.lang.annotation.Target;
22 |
23 | import static java.lang.annotation.ElementType.TYPE;
24 | import static java.lang.annotation.RetentionPolicy.RUNTIME;
25 |
26 | /**
27 | * @author Pedro Igor
28 | */
29 | @InterceptorBinding
30 | @Target({ TYPE })
31 | @Retention(RUNTIME)
32 | public @interface Transaction {
33 | }
34 |
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-restful-api/src/main/resources/META-INF/beans.xml:
--------------------------------------------------------------------------------
1 |
2 |
6 |
7 | org.keycloak.example.photoz.util.TransactionInterceptor
8 |
9 |
10 |
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-restful-api/src/main/resources/META-INF/persistence.xml:
--------------------------------------------------------------------------------
1 |
2 |
7 |
8 |
9 | org.keycloak.example.photoz.entity.Album
10 | org.keycloak.example.photoz.entity.Photo
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-restful-api/src/main/webapp/META-INF/jboss-deployment-structure.xml:
--------------------------------------------------------------------------------
1 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-restful-api/src/main/webapp/WEB-INF/keycloak.json:
--------------------------------------------------------------------------------
1 | {
2 | "realm": "photoz",
3 | "auth-server-url": "http://localhost:8180/auth",
4 | "ssl-required": "external",
5 | "resource": "photoz-restful-api",
6 | "bearer-only" : true,
7 | "credentials": {
8 | "secret": "secret"
9 | },
10 | "policy-enforcer": {
11 | "enforcement-mode": "PERMISSIVE",
12 | "user-managed-access": {},
13 | "paths": [
14 | {
15 | "name" : "Album Resource",
16 | "path" : "/album/{id}",
17 | "methods" : [
18 | {
19 | "method": "DELETE",
20 | "scopes" : ["album:delete"]
21 | },
22 | {
23 | "method": "GET",
24 | "scopes" : ["album:view"]
25 | }
26 | ]
27 | },
28 | {
29 | "name" : "Album Resource",
30 | "path" : "/album/shares",
31 | "enforcement-mode": "DISABLED"
32 | },
33 | {
34 | "path" : "/profile"
35 | },
36 | {
37 | "name" : "Admin Resources",
38 | "path" : "/admin/*"
39 | }
40 | ]
41 | }
42 | }
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-restful-api/src/main/webapp/WEB-INF/web.xml:
--------------------------------------------------------------------------------
1 |
2 |
6 |
7 | photoz-restful-api
8 |
9 |
10 |
11 | All Resources
12 | /*
13 |
14 |
15 | user
16 |
17 |
18 |
19 |
20 |
21 | All Resources
22 | /*
23 |
24 |
25 | admin
26 |
27 |
28 |
29 |
30 | KEYCLOAK
31 | photoz
32 |
33 |
34 |
35 | admin
36 |
37 |
38 |
39 | user
40 |
41 |
42 |
--------------------------------------------------------------------------------
/app-authz-uma-photoz/photoz-testsuite/src/test/java/org/keycloak/quickstart/uma/page/ConsentPage.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2018 Red Hat, Inc. and/or its affiliates
3 | * and other contributors as indicated by the @author tags.
4 | *
5 | * Licensed under the Apache License, Version 2.0 (the "License");
6 | * you may not use this file except in compliance with the License.
7 | * You may obtain a copy of the License at
8 | *
9 | * http://www.apache.org/licenses/LICENSE-2.0
10 | *
11 | * Unless required by applicable law or agreed to in writing, software
12 | * distributed under the License is distributed on an "AS IS" BASIS,
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | * See the License for the specific language governing permissions and
15 | * limitations under the License.
16 | */
17 |
18 | package org.keycloak.quickstart.uma.page;
19 |
20 | import org.jboss.arquillian.test.api.ArquillianResource;
21 | import org.openqa.selenium.WebDriver;
22 | import org.openqa.selenium.WebElement;
23 | import org.openqa.selenium.support.FindBy;
24 |
25 | /**
26 | * A {@code {@link org.jboss.arquillian.graphene.page.Page}} representing the consent page.
27 | *
28 | * @author Stefan Guilhen
29 | */
30 | public class ConsentPage {
31 |
32 | @ArquillianResource
33 | protected WebDriver driver;
34 |
35 | @FindBy(id = "kc-login")
36 | private WebElement submitButton;
37 |
38 | @FindBy(id = "kc-cancel")
39 | private WebElement cancelButton;
40 |
41 | public void confirm() {
42 | submitButton.click();
43 | }
44 |
45 | public void cancel() {
46 | cancelButton.click();
47 | }
48 |
49 | public boolean isCurrent() {
50 | return driver.getTitle().equalsIgnoreCase("Log in to photoz");
51 | }
52 | }
53 |
--------------------------------------------------------------------------------
/app-jee-html5/config/client-import.json:
--------------------------------------------------------------------------------
1 | {
2 | "clientId": "app-html5",
3 | "rootUrl": "http://localhost:8080/app-html5",
4 | "enabled": true,
5 | "redirectUris": [
6 | "http://localhost:8080/app-html5/*"
7 | ],
8 | "webOrigins": [
9 | "http://localhost:8080"
10 | ],
11 | "publicClient": true
12 | }
13 |
--------------------------------------------------------------------------------
/app-jee-html5/config/keycloak-example.json:
--------------------------------------------------------------------------------
1 | {
2 | "realm": "quickstart",
3 | "auth-server-url": "http://localhost:8180/auth",
4 | "ssl-required": "external",
5 | "resource": "app-html5",
6 | "public-client": true
7 | }
--------------------------------------------------------------------------------
/app-jee-html5/src/main/webapp/index.html:
--------------------------------------------------------------------------------
1 |
17 |
18 |
19 |
20 |
21 | Keycloak Example App
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
34 |
35 |
39 |
40 |
41 |
Invoke Public
42 |
Invoke Secured
43 |
Invoke Admin
44 |
45 |
46 |
47 |
48 |
49 |
50 |
51 |
--------------------------------------------------------------------------------
/app-jee-html5/src/test/resources/arquillian.xml:
--------------------------------------------------------------------------------
1 |
2 |
12 |
16 |
17 |
18 |
20 |
21 |
22 |
23 |
24 |
26 |
27 | 127.0.0.1
28 | 9990
29 | ${basedir}/target/wildfly-${version.wildfly}
30 |
31 |
32 |
33 |
34 | phantomjs
35 |
36 |
37 |
--------------------------------------------------------------------------------
/app-jee-jsp/config/client-import.json:
--------------------------------------------------------------------------------
1 | {
2 | "clientId": "app-jsp",
3 | "rootUrl": "http://localhost:8080/app-jsp",
4 | "enabled": true,
5 | "redirectUris": [
6 | "http://localhost:8080/app-jsp/*"
7 | ],
8 | "webOrigins": [
9 | "http://localhost:8080"
10 | ],
11 | "publicClient": false,
12 | "secret": "578262e1-9181-4721-baec-7cc913331c1f"
13 | }
14 |
--------------------------------------------------------------------------------
/app-jee-jsp/config/keycloak-example.json:
--------------------------------------------------------------------------------
1 | {
2 | "realm": "quickstart",
3 | "auth-server-url": "http://localhost:8180/auth",
4 | "ssl-required": "external",
5 | "resource": "app-jsp",
6 | "credentials": {
7 | "secret": "5bad43ac-0dac-4272-a723-ab7a3cef49b9"
8 | }
9 | }
--------------------------------------------------------------------------------
/app-jee-jsp/src/main/webapp/WEB-INF/web.xml:
--------------------------------------------------------------------------------
1 |
2 |
18 |
22 |
23 |
24 | app
25 | /protected.jsp
26 |
27 |
28 | *
29 |
30 |
31 |
32 |
33 | KEYCLOAK
34 |
35 |
36 |
37 | *
38 |
39 |
40 |
--------------------------------------------------------------------------------
/app-jee-jsp/src/main/webapp/protected.jsp:
--------------------------------------------------------------------------------
1 |
17 |
18 | <%@page contentType="text/html" pageEncoding="ISO-8859-1"%>
19 | <%@ taglib prefix="c"
20 | uri="http://java.sun.com/jsp/jstl/core" %>
21 |
22 |
23 |
24 |
25 | Keycloak Example App
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
--------------------------------------------------------------------------------
/app-jee-jsp/src/test/resources/arquillian.xml:
--------------------------------------------------------------------------------
1 |
2 |
12 |
16 |
17 |
18 |
20 |
21 |
22 |
23 |
24 |
26 |
27 | 127.0.0.1
28 | 9990
29 | ${basedir}/target/wildfly-${version.wildfly}
30 |
31 |
32 |
33 |
34 | phantomjs
35 |
36 |
37 |
--------------------------------------------------------------------------------
/app-profile-jee-html5/config/client-import.json:
--------------------------------------------------------------------------------
1 | {
2 | "clientId": "app-profile-html5",
3 | "rootUrl": "http://localhost:8080/app-profile-html5",
4 | "enabled": true,
5 | "redirectUris": [
6 | "http://localhost:8080/app-profile-html5/*"
7 | ],
8 | "webOrigins": [
9 | "http://localhost:8080"
10 | ],
11 | "publicClient": true
12 | }
13 |
--------------------------------------------------------------------------------
/app-profile-jee-html5/config/keycloak-example.json:
--------------------------------------------------------------------------------
1 | {
2 | "realm": "quickstart",
3 | "auth-server-url": "http://localhost:8180/auth",
4 | "resource": "app-profile-html5",
5 | "public-client": true
6 | }
7 |
--------------------------------------------------------------------------------
/app-profile-jee-html5/src/test/resources/arquillian.xml:
--------------------------------------------------------------------------------
1 |
2 |
12 |
16 |
17 |
18 |
20 |
21 |
22 |
23 |
24 |
26 |
27 | 127.0.0.1
28 | 9990
29 | ${basedir}/target/wildfly-${version.wildfly}
30 |
31 |
32 |
33 |
34 | phantomjs
35 |
36 |
37 |
--------------------------------------------------------------------------------
/app-profile-jee-jsp/config/client-import.json:
--------------------------------------------------------------------------------
1 | {
2 | "clientId": "app-profile-jsp",
3 | "rootUrl": "http://localhost:8080/app-profile-jsp",
4 | "enabled": true,
5 | "redirectUris": [
6 | "http://localhost:8080/app-profile-jsp/*"
7 | ],
8 | "webOrigins": [
9 | "http://localhost:8080"
10 | ],
11 | "publicClient": false,
12 | "secret": "578262e1-9181-4721-baec-7cc913331c1f"
13 | }
14 |
--------------------------------------------------------------------------------
/app-profile-jee-jsp/config/keycloak-example.json:
--------------------------------------------------------------------------------
1 | {
2 | "realm": "quickstart",
3 | "auth-server-url": "http://localhost:8180/auth",
4 | "ssl-required": "external",
5 | "resource": "app-profile-jsp",
6 | "credentials": {
7 | "secret": "578262e1-9181-4721-baec-7cc913331c1f"
8 | }
9 | }
10 |
--------------------------------------------------------------------------------
/app-profile-jee-jsp/src/main/webapp/WEB-INF/jboss-deployment-structure.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
--------------------------------------------------------------------------------
/app-profile-jee-jsp/src/main/webapp/WEB-INF/web.xml:
--------------------------------------------------------------------------------
1 |
2 |
18 |
22 |
23 |
24 | app
25 | /profile.jsp
26 |
27 |
28 | *
29 |
30 |
31 |
32 |
33 | KEYCLOAK
34 |
35 |
36 |
37 | *
38 |
39 |
40 |
--------------------------------------------------------------------------------
/app-profile-jee-jsp/src/main/webapp/index.jsp:
--------------------------------------------------------------------------------
1 |
17 |
18 | <%@page contentType="text/html" pageEncoding="ISO-8859-1" %>
19 | <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
20 |
21 |
22 |
23 |
24 | Keycloak Example App
25 |
26 |
27 |
28 |
29 |
30 | <% controller.handleLogout(request); %>
31 |
32 |
33 |
34 |
35 |
36 |
37 |
46 |
47 |
48 |
--------------------------------------------------------------------------------
/app-profile-jee-jsp/src/test/resources/arquillian.xml:
--------------------------------------------------------------------------------
1 |
2 |
12 |
16 |
17 |
18 |
20 |
21 |
22 |
23 |
24 |
26 |
27 | 127.0.0.1
28 | 9990
29 | ${basedir}/target/wildfly-${version.wildfly}
30 |
31 |
32 |
33 |
34 | phantomjs
35 |
36 |
37 |
--------------------------------------------------------------------------------
/app-profile-jee-vanilla/config/client-import.json:
--------------------------------------------------------------------------------
1 | {
2 | "clientId": "app-profile-vanilla",
3 | "rootUrl": "http://localhost:8080/vanilla",
4 | "enabled": true,
5 | "redirectUris": [
6 | "http://localhost:8080/vanilla/*"
7 | ],
8 | "webOrigins": [
9 | "http://localhost:8080"
10 | ],
11 | "publicClient": false,
12 | "secret": "578262e1-9181-4721-baec-7cc913331c1f"
13 | }
14 |
--------------------------------------------------------------------------------
/app-profile-jee-vanilla/src/main/java/org/keycloak/quickstart/profilejee/Controller.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2016 Red Hat, Inc. and/or its affiliates
3 | * and other contributors as indicated by the @author tags.
4 | *
5 | * Licensed under the Apache License, Version 2.0 (the "License");
6 | * you may not use this file except in compliance with the License.
7 | * You may obtain a copy of the License at
8 | *
9 | * http://www.apache.org/licenses/LICENSE-2.0
10 | *
11 | * Unless required by applicable law or agreed to in writing, software
12 | * distributed under the License is distributed on an "AS IS" BASIS,
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | * See the License for the specific language governing permissions and
15 | * limitations under the License.
16 | */
17 | package org.keycloak.quickstart.profilejee;
18 |
19 | import javax.servlet.ServletException;
20 | import javax.servlet.http.HttpServletRequest;
21 |
22 | /**
23 | * Controller simplifies access to the server environment from the JSP.
24 | *
25 | * @author Stan Silvert ssilvert@redhat.com (C) 2015 Red Hat Inc.
26 | */
27 | public class Controller {
28 |
29 | public void handleLogout(HttpServletRequest req) throws ServletException {
30 | if (req.getParameter("logout") != null) {
31 | req.logout();
32 | }
33 | }
34 |
35 | public boolean isLoggedIn(HttpServletRequest req) {
36 | return req.getUserPrincipal() != null;
37 | }
38 |
39 | }
40 |
--------------------------------------------------------------------------------
/app-profile-jee-vanilla/src/main/webapp/WEB-INF/web.xml:
--------------------------------------------------------------------------------
1 |
2 |
18 |
22 |
23 | vanilla
24 |
25 |
26 |
27 | app-profile-jee
28 | /profile.jsp
29 |
30 |
31 | *
32 |
33 |
34 |
35 |
36 | BASIC
37 |
38 |
39 |
40 | *
41 |
42 |
43 |
44 |
45 |
--------------------------------------------------------------------------------
/app-profile-jee-vanilla/src/main/webapp/index.jsp:
--------------------------------------------------------------------------------
1 |
17 |
18 | <%@page contentType="text/html" pageEncoding="ISO-8859-1"%>
19 | <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
20 |
21 |
22 |
23 |
24 | Keycloak Example App
25 |
26 |
27 |
28 |
29 |
30 | <% controller.handleLogout(request); %>
31 |
32 |
33 |
34 |
35 |
36 |
37 |
46 |
47 |
48 |
--------------------------------------------------------------------------------
/app-profile-saml-jee-jsp/src/main/webapp/WEB-INF/web.xml:
--------------------------------------------------------------------------------
1 |
2 |
18 |
22 |
23 |
24 | app
25 | /profile.jsp
26 |
27 |
28 | user
29 |
30 |
31 |
32 |
33 | KEYCLOAK-SAML
34 |
35 |
36 |
37 | user
38 |
39 |
40 |
--------------------------------------------------------------------------------
/app-profile-saml-jee-jsp/src/main/webapp/index.jsp:
--------------------------------------------------------------------------------
1 |
17 |
18 | <%@page contentType="text/html" pageEncoding="ISO-8859-1"%>
19 | <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
20 |
21 |
22 |
23 |
24 | Keycloak Example App
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
45 |
46 |
47 |
--------------------------------------------------------------------------------
/app-profile-saml-jee-jsp/src/test/resources/arquillian.xml:
--------------------------------------------------------------------------------
1 |
2 |
18 |
22 |
23 |
24 |
26 |
27 |
28 |
29 |
30 |
32 |
33 | 127.0.0.1
34 | 9990
35 | ${basedir}/target/wildfly-${version.wildfly}
36 | ../../../test-classes/standalone-test.xml
37 |
38 |
39 |
40 |
41 | phantomjs
42 |
43 |
44 |
--------------------------------------------------------------------------------
/authz-js-policies/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
18 |
20 | 4.0.0
21 |
22 | org.keycloak.quickstarts
23 | keycloak-quickstart-parent
24 | 7.4.0.GA
25 | ../pom.xml
26 |
27 |
28 | authz-js-policies
29 | jar
30 | Red Hat SSO Quickstarts: JS Policies
31 | JS Policies used by Authorization Services Quickstarts
32 |
33 |
34 | ${project.artifactId}
35 |
36 |
37 | src/main/resources
38 | true
39 |
40 |
41 |
42 |
43 |
--------------------------------------------------------------------------------
/authz-js-policies/src/main/resources/META-INF/keycloak-scripts.json:
--------------------------------------------------------------------------------
1 | {
2 | "policies": [
3 | {
4 | "name": "Match User From Requested Uri",
5 | "fileName": "match-user-from-uri.js",
6 | "description": "A policy that extracts the username from a request URI and check if it matches the current identity"
7 | },
8 | {
9 | "name": "Claim-Based",
10 | "fileName": "pushed-claim-from-request.js",
11 | "description": "A policy that makes decision based on the value of a context attribute"
12 | },
13 | {
14 | "name": "Always Grant",
15 | "fileName": "always-grant.js",
16 | "description": "A policy that always grants access"
17 | },
18 | {
19 | "name": "Only Owner",
20 | "fileName": "only-owner.js",
21 | "description": "A policy that always grants access to resource owners"
22 | }
23 | ]
24 | }
--------------------------------------------------------------------------------
/authz-js-policies/src/main/resources/always-grant.js:
--------------------------------------------------------------------------------
1 | // by default, grants any permission associated with this policy
2 | $evaluation.grant();
--------------------------------------------------------------------------------
/authz-js-policies/src/main/resources/match-user-from-uri.js:
--------------------------------------------------------------------------------
1 | var context = $evaluation.getContext();
2 | var attributes = context.getAttributes();
3 | var httpUri = attributes.getValue('http.uri');
4 |
5 | if (httpUri) {
6 | var uriParts = httpUri.asString(0).split('/');
7 | var identity = context.getIdentity();
8 | var username = identity.getAttributes().getValue('preferred_username').asString(0);
9 |
10 | if (uriParts[2] == username) {
11 | $evaluation.grant();
12 | }
13 | }
--------------------------------------------------------------------------------
/authz-js-policies/src/main/resources/only-owner.js:
--------------------------------------------------------------------------------
1 | var context = $evaluation.context;
2 | var identity = context.identity;
3 | var permission = $evaluation.permission;
4 | var resource = permission.resource;
5 |
6 | if (resource.owner == identity.id) {
7 | $evaluation.grant();
8 | }
--------------------------------------------------------------------------------
/authz-js-policies/src/main/resources/pushed-claim-from-request.js:
--------------------------------------------------------------------------------
1 | var context = $evaluation.context;
2 |
3 | var attributes = context.attributes;
4 |
5 | if (attributes.containsValue('some-claim', 'claim-value')) {
6 | $evaluation.grant();
7 | }
--------------------------------------------------------------------------------
/config/partial-import.json:
--------------------------------------------------------------------------------
1 | {
2 | "roles": {
3 | "realm" : [{
4 | "name": "user"
5 | }]
6 | },
7 |
8 | "users": [{
9 | "username" : "user",
10 | "enabled": true,
11 | "credentials" : [{
12 | "type" : "password",
13 | "value" : "password"
14 | }],
15 | "realmRoles": ["user"],
16 | "clientRoles": {
17 | "account": ["view-profile", "manage-account"]
18 | }
19 | }]
20 | }
21 |
--------------------------------------------------------------------------------
/docs/pull_request_template.md:
--------------------------------------------------------------------------------
1 |
4 |
--------------------------------------------------------------------------------
/docs/test-development.md:
--------------------------------------------------------------------------------
1 | # Writing tests
2 |
3 | We focus primarily on integration/functional level tests. Unit tests are avoided and only recommended for isolated
4 | classes such as small utils. We do not use any mocking frameworks and we will not accept any contributions that adds a
5 | mocking framework.
6 |
7 | When writing tests please follow the same approach as we have taken in the other tests. There are many ways to
8 | test software and we have chosen ours, so please appreciate that.
9 |
10 | The main tests are provided in `src/test/java` for each Quickstart folder. Most of the integration tests are there.
11 |
12 | Any test inside the quickstarts should be reasonable and straightforward to understand. But feedback for improvements are always welcome.
13 |
14 | When developing your test depending on the feature or enhancement you are testing you may find it best to add to an
15 | existing test, or to write a test from scratch. For the latter, we recommend finding another test that is close to what
16 | you need and use that as a basis.
17 |
18 |
19 | # Running integration tests
20 |
21 | By default, the integration tests for each quickstart, expect this initial admin user to have `admin` as username and `admin` as password. This is configurable in each `ArquillianTest` class.
22 |
23 | ```
24 | static {
25 | try {
26 | importTestRealm("admin", "admin", "/quickstart-realm.json");
27 | } catch (IOException e) {
28 | e.printStackTrace();
29 | }
30 | }
31 | ```
32 |
33 | If you don't have access to admin's credentials, please import the `quickstart-realm.json` from `src/test/resources`.
34 |
35 | To run integration tests for JBoss EAP managed quickstarts use the following command:
36 | ```
37 | mvn clean install -Pwildfly-managed -Denforcer.skip=true
38 | ```
39 |
40 | If you want to run the tests for a quickstart that doesn't need JBoss EAP, you have to use appropriate profile. See a particular quickstart's README for more details.
41 |
--------------------------------------------------------------------------------
/fuse63/app-war/config/client-import.json:
--------------------------------------------------------------------------------
1 | {
2 | "clientId": "fuse-app-jsp",
3 | "adminUrl": "http://localhost:8181/app-war-jsp",
4 | "enabled": true,
5 | "redirectUris": [
6 | "http://localhost:8181/app-war-jsp/*"
7 | ],
8 | "webOrigins": [
9 | "http://localhost:8181"
10 | ],
11 | "publicClient": false,
12 | "secret": "bce5816d-98c4-404f-a18d-bcc5cb005c79"
13 | }
14 |
--------------------------------------------------------------------------------
/fuse63/app-war/config/keycloak-example.json:
--------------------------------------------------------------------------------
1 | {
2 | "realm": "master",
3 | "auth-server-url": "http://localhost:8180/auth",
4 | "ssl-required": "external",
5 | "resource": "fuse-app-jsp",
6 | "credentials": {
7 | "secret": "bce5816d-98c4-404f-a18d-bcc5cb005c79"
8 | }
9 | }
--------------------------------------------------------------------------------
/fuse63/app-war/src/main/java/org/keycloak/quickstart/fuse/appjee/ProtectedServlet.java:
--------------------------------------------------------------------------------
1 | package org.keycloak.quickstart.fuse.appjee;
2 |
3 | import java.io.IOException;
4 |
5 | import javax.servlet.ServletException;
6 | import javax.servlet.http.HttpServlet;
7 | import javax.servlet.http.HttpServletRequest;
8 | import javax.servlet.http.HttpServletResponse;
9 |
10 | /**
11 | * @author Marek Posolda
12 | */
13 | public class ProtectedServlet extends HttpServlet {
14 |
15 | @Override
16 | protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
17 | req.getRequestDispatcher("index.jsp").forward(req, resp);
18 | }
19 | }
20 |
--------------------------------------------------------------------------------
/fuse63/app-war/src/main/java/org/keycloak/quickstart/fuse/appjee/ServiceLocator.java:
--------------------------------------------------------------------------------
1 | package org.keycloak.quickstart.fuse.appjee;
2 |
3 | import java.net.MalformedURLException;
4 | import java.net.URL;
5 | import java.util.logging.Logger;
6 |
7 | import javax.servlet.http.HttpServletRequest;
8 |
9 | /**
10 | * @author Marko Strukelj
11 | */
12 | public class ServiceLocator {
13 |
14 | private static final Logger log = Logger.getLogger(ServiceLocator.class.getName());
15 |
16 | public static URL getServiceUrl(HttpServletRequest req) {
17 |
18 | String uri = null;
19 | try {
20 | uri = System.getProperty("service.url");
21 | if (uri != null) {
22 | return new URL(uri);
23 | }
24 |
25 | uri = System.getenv("SERVICE_URL");
26 | if (uri != null) {
27 | return new URL(uri);
28 | }
29 |
30 | URL requestUrl = new URL(req.getRequestURL().toString());
31 |
32 | String host = requestUrl.getHost();
33 | String schema = requestUrl.getProtocol();
34 | String port = requestUrl.getPort() != -1 ? (":" + requestUrl.getPort()) : "";
35 |
36 | uri = schema + "://" + host + port + "/service";
37 | return new URL(uri);
38 |
39 | } catch (MalformedURLException e) {
40 | throw new RuntimeException("Malformed url: " + uri);
41 | } finally {
42 | log.info("Service url: " + uri);
43 | }
44 | }
45 | }
46 |
--------------------------------------------------------------------------------
/fuse63/app-war/src/main/webapp/WEB-INF/jetty-web.xml:
--------------------------------------------------------------------------------
1 |
2 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
--------------------------------------------------------------------------------
/fuse63/features/README.md:
--------------------------------------------------------------------------------
1 | JBoss Fuse Features
2 | ===================
3 | This module contains the Karaf feature `keycloak-fuse63-quickstarts`, which is used by `server` module to install all the other Keycloak Fuse Quickstart applications into the JBoss Fuse server.
4 |
--------------------------------------------------------------------------------
/fuse63/features/src/main/resources/features.xml:
--------------------------------------------------------------------------------
1 |
2 |
18 |
19 |
20 |
21 |
22 | The Keycloak Fuse example
23 | war
24 | camel
25 | camel-jetty
26 | cxf
27 | keycloak
28 | keycloak-jetty9-adapter
29 | mvn:org.keycloak.quickstarts/keycloak-fuse63-app-war-jsp/${project.version}/war
30 | mvn:org.keycloak.quickstarts/keycloak-fuse63-service-camel/${project.version}
31 | mvn:org.keycloak.quickstarts/keycloak-fuse63-service-cxf-jaxrs/${project.version}
32 |
33 |
34 |
--------------------------------------------------------------------------------
/fuse63/server/src/main/resources/install-features.cli:
--------------------------------------------------------------------------------
1 | features:addurl mvn:org.keycloak/keycloak-osgi-features/${version.keycloak}/xml/features
2 | features:addurl mvn:org.keycloak.quickstarts/keycloak-fuse63-features/${project.version}/xml/features
3 | features:install keycloak-fuse63-quickstarts
4 |
--------------------------------------------------------------------------------
/fuse63/server/src/main/resources/install-features.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | echo "JAVA_HOME=$JAVA_HOME"
3 |
4 | ./start
5 |
6 | echo "Karaf container starting"
7 | sleep 5
8 |
9 | TIMEOUT=5
10 | DELAY=1
11 | T=0
12 |
13 | RESULT=0
14 |
15 | until [ $T -gt $TIMEOUT ]
16 | do
17 | if ./client info; then
18 | echo "Server is reachable."
19 |
20 |
21 | echo "Updating Config"
22 | ./client -f update-config.cli
23 | if [ $? -ne 0 ]; then
24 | echo "Call update-config.cli failed!";
25 | RESULT=1;
26 | else
27 | ./client config:list | grep org.ops4j.pax.url.mvn.
28 | fi
29 |
30 | echo "Installing features."
31 | ./client -f install-features.cli
32 | if [ $? -ne 0 ]; then
33 | echo "Call install-features.cli failed!";
34 | RESULT=1;
35 | fi
36 | exit $RESULT
37 | else
38 | echo "Server is not reachable. Waiting."
39 | sleep $DELAY
40 | let T=$T+$DELAY
41 | fi
42 | done
43 |
--------------------------------------------------------------------------------
/fuse63/server/src/main/resources/update-config.cli:
--------------------------------------------------------------------------------
1 | config:edit org.ops4j.pax.url.mvn
2 | config:propset org.ops4j.pax.url.mvn.localRepository ${user.home}/.m2/repository
3 | config:update
4 |
5 | features:refreshurl
6 |
7 | dev:system-property service.url ${service.url}
8 |
--------------------------------------------------------------------------------
/fuse63/server/src/main/resources/users.properties:
--------------------------------------------------------------------------------
1 | karaf = karaf,_g_:admingroup
2 | _g_\:admingroup = group,admin,manager,viewer,webconsole
3 |
--------------------------------------------------------------------------------
/fuse63/service-camel/config/client-import.json:
--------------------------------------------------------------------------------
1 | {
2 | "clientId": "fuse-service-camel",
3 | "enabled": true,
4 | "bearerOnly": true,
5 | "adminUrl": "http://localhost:8383/service"
6 | }
7 |
--------------------------------------------------------------------------------
/fuse63/service-camel/config/keycloak-example.json:
--------------------------------------------------------------------------------
1 | {
2 | "realm": "master",
3 | "bearer-only": true,
4 | "auth-server-url": "http://localhost:8180/auth",
5 | "ssl-required": "external",
6 | "resource": "fuse-service-camel"
7 | }
--------------------------------------------------------------------------------
/fuse63/service-camel/src/main/java/org/keycloak/quickstart/fuse/camel/CamelHelloProcessor.java:
--------------------------------------------------------------------------------
1 | /*
2 | * JBoss, Home of Professional Open Source
3 | * Copyright 2016, Red Hat, Inc. and/or its affiliates, and individual
4 | * contributors by the @authors tag. See the copyright.txt in the
5 | * distribution for a full listing of individual contributors.
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | * http://www.apache.org/licenses/LICENSE-2.0
11 | * Unless required by applicable law or agreed to in writing, software
12 | * distributed under the License is distributed on an "AS IS" BASIS,
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | * See the License for the specific language governing permissions and
15 | * limitations under the License.
16 | */
17 | package org.keycloak.quickstart.fuse.camel;
18 |
19 | import javax.servlet.http.HttpServletRequest;
20 |
21 | import org.apache.camel.Exchange;
22 | import org.apache.camel.Processor;
23 | import org.keycloak.KeycloakPrincipal;
24 | import org.keycloak.util.JsonSerialization;
25 |
26 | /**
27 | * @author Marek Posolda
28 | */
29 | public class CamelHelloProcessor implements Processor {
30 |
31 | @Override
32 | public void process(Exchange exchange) throws Exception {
33 | HttpServletRequest req = exchange.getIn().getBody(HttpServletRequest.class);
34 |
35 | // KeycloakPrincipal encapsulates informations like token etc
36 | KeycloakPrincipal keycloakPrincipal = (KeycloakPrincipal) req.getUserPrincipal();
37 |
38 | String suffix = (String) exchange.getIn().getHeader("id");
39 |
40 | exchange.getOut().setHeader(Exchange.CONTENT_TYPE, "application/json");
41 | Message message = new Message("camel - " + suffix);
42 | String jsonResponse = JsonSerialization.writeValueAsString(message);
43 | exchange.getOut().setBody(jsonResponse);
44 | }
45 | }
46 |
--------------------------------------------------------------------------------
/fuse63/service-camel/src/main/java/org/keycloak/quickstart/fuse/camel/Message.java:
--------------------------------------------------------------------------------
1 | /*
2 | * JBoss, Home of Professional Open Source
3 | * Copyright 2016, Red Hat, Inc. and/or its affiliates, and individual
4 | * contributors by the @authors tag. See the copyright.txt in the
5 | * distribution for a full listing of individual contributors.
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | * http://www.apache.org/licenses/LICENSE-2.0
11 | * Unless required by applicable law or agreed to in writing, software
12 | * distributed under the License is distributed on an "AS IS" BASIS,
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | * See the License for the specific language governing permissions and
15 | * limitations under the License.
16 | */
17 | package org.keycloak.quickstart.fuse.camel;
18 |
19 |
20 | public class Message {
21 |
22 | private String message;
23 |
24 | public Message(String message) {
25 | this.message = message;
26 | }
27 |
28 | public String getMessage() {
29 | return message;
30 | }
31 |
32 | public void setMessage(String message) {
33 | this.message = message;
34 | }
35 |
36 | }
37 |
--------------------------------------------------------------------------------
/fuse63/service-camel/src/main/resources/config/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/redhat-developer/redhat-sso-quickstarts/e4069f5f54b730f9833533dd5459b3d4d5eacdfe/fuse63/service-camel/src/main/resources/config/.gitkeep
--------------------------------------------------------------------------------
/fuse63/service-cxf-jaxrs/config/client-import.json:
--------------------------------------------------------------------------------
1 | {
2 | "clientId": "fuse-service-cxf",
3 | "enabled": true,
4 | "bearerOnly": true
5 | }
6 |
--------------------------------------------------------------------------------
/fuse63/service-cxf-jaxrs/config/keycloak-example.json:
--------------------------------------------------------------------------------
1 | {
2 | "realm": "master",
3 | "bearer-only": true,
4 | "auth-server-url": "http://localhost:8180/auth",
5 | "ssl-required": "external",
6 | "resource": "fuse-service-cxf"
7 | }
--------------------------------------------------------------------------------
/fuse63/service-cxf-jaxrs/src/main/java/org/keycloak/quickstart/fuse/cxf/rs/Message.java:
--------------------------------------------------------------------------------
1 | /*
2 | * JBoss, Home of Professional Open Source
3 | * Copyright 2016, Red Hat, Inc. and/or its affiliates, and individual
4 | * contributors by the @authors tag. See the copyright.txt in the
5 | * distribution for a full listing of individual contributors.
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | * http://www.apache.org/licenses/LICENSE-2.0
11 | * Unless required by applicable law or agreed to in writing, software
12 | * distributed under the License is distributed on an "AS IS" BASIS,
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | * See the License for the specific language governing permissions and
15 | * limitations under the License.
16 | */
17 | package org.keycloak.quickstart.fuse.cxf.rs;
18 |
19 | public class Message {
20 |
21 | private String message;
22 |
23 | public Message(String message) {
24 | this.message = message;
25 | }
26 |
27 | public String getMessage() {
28 | return message;
29 | }
30 |
31 | public void setMessage(String message) {
32 | this.message = message;
33 | }
34 |
35 | }
36 |
--------------------------------------------------------------------------------
/fuse63/service-cxf-jaxrs/src/main/java/org/keycloak/quickstart/fuse/cxf/rs/Resource.java:
--------------------------------------------------------------------------------
1 | /*
2 | * JBoss, Home of Professional Open Source
3 | * Copyright 2016, Red Hat, Inc. and/or its affiliates, and individual
4 | * contributors by the @authors tag. See the copyright.txt in the
5 | * distribution for a full listing of individual contributors.
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | * http://www.apache.org/licenses/LICENSE-2.0
11 | * Unless required by applicable law or agreed to in writing, software
12 | * distributed under the License is distributed on an "AS IS" BASIS,
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | * See the License for the specific language governing permissions and
15 | * limitations under the License.
16 | */
17 | package org.keycloak.quickstart.fuse.cxf.rs;
18 |
19 | import javax.servlet.http.HttpServletResponse;
20 | import javax.ws.rs.GET;
21 | import javax.ws.rs.Path;
22 | import javax.ws.rs.Produces;
23 | import javax.ws.rs.core.Context;
24 | import javax.ws.rs.core.HttpHeaders;
25 | import javax.ws.rs.core.MediaType;
26 |
27 | @Path("/")
28 | public class Resource {
29 |
30 | @GET
31 | @Produces(MediaType.APPLICATION_JSON)
32 | @Path("public")
33 | public Message getPublic(@Context HttpHeaders header, @Context HttpServletResponse response){
34 | response.setHeader("Access-Control-Allow-Origin", "*");
35 | return new Message("cxf - public");
36 | }
37 |
38 | @GET
39 | @Produces(MediaType.APPLICATION_JSON)
40 | @Path("secured")
41 | public Message getSecured() {
42 | return new Message("cxf - secured");
43 | }
44 |
45 | @GET
46 | @Produces(MediaType.APPLICATION_JSON)
47 | @Path("admin")
48 | public Message getAdmin() {
49 | return new Message("cxf - admin");
50 | }
51 |
52 | }
53 |
--------------------------------------------------------------------------------
/fuse63/service-cxf-jaxrs/src/main/resources/config/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/redhat-developer/redhat-sso-quickstarts/e4069f5f54b730f9833533dd5459b3d4d5eacdfe/fuse63/service-cxf-jaxrs/src/main/resources/config/.gitkeep
--------------------------------------------------------------------------------
/fuse70/app-war/config/client-import.json:
--------------------------------------------------------------------------------
1 | {
2 | "clientId": "fuse-app-jsp",
3 | "adminUrl": "http://localhost:8181/app-war-jsp",
4 | "enabled": true,
5 | "redirectUris": [
6 | "http://localhost:8181/app-war-jsp/*"
7 | ],
8 | "webOrigins": [
9 | "http://localhost:8181"
10 | ],
11 | "publicClient": false,
12 | "secret": "bce5816d-98c4-404f-a18d-bcc5cb005c79"
13 | }
14 |
--------------------------------------------------------------------------------
/fuse70/app-war/config/keycloak-example.json:
--------------------------------------------------------------------------------
1 | {
2 | "realm": "master",
3 | "auth-server-url": "http://localhost:8180/auth",
4 | "ssl-required": "external",
5 | "resource": "fuse-app-jsp",
6 | "credentials": {
7 | "secret": "bce5816d-98c4-404f-a18d-bcc5cb005c79"
8 | }
9 | }
--------------------------------------------------------------------------------
/fuse70/app-war/src/main/java/org/keycloak/quickstart/fuse/appjee/ProtectedServlet.java:
--------------------------------------------------------------------------------
1 | package org.keycloak.quickstart.fuse.appjee;
2 |
3 | import java.io.IOException;
4 |
5 | import javax.servlet.ServletException;
6 | import javax.servlet.http.HttpServlet;
7 | import javax.servlet.http.HttpServletRequest;
8 | import javax.servlet.http.HttpServletResponse;
9 |
10 | /**
11 | * @author Marek Posolda
12 | */
13 | public class ProtectedServlet extends HttpServlet {
14 |
15 | @Override
16 | protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
17 | req.getRequestDispatcher("index.jsp").forward(req, resp);
18 | }
19 | }
20 |
--------------------------------------------------------------------------------
/fuse70/app-war/src/main/java/org/keycloak/quickstart/fuse/appjee/ServiceLocator.java:
--------------------------------------------------------------------------------
1 | package org.keycloak.quickstart.fuse.appjee;
2 |
3 | import java.net.MalformedURLException;
4 | import java.net.URL;
5 | import java.util.logging.Logger;
6 |
7 | import javax.servlet.http.HttpServletRequest;
8 |
9 | /**
10 | * @author Marko Strukelj
11 | */
12 | public class ServiceLocator {
13 |
14 | private static final Logger log = Logger.getLogger(ServiceLocator.class.getName());
15 |
16 | public static URL getServiceUrl(HttpServletRequest req) {
17 |
18 | String uri = null;
19 | try {
20 | uri = System.getProperty("service.url");
21 | if (uri != null) {
22 | return new URL(uri);
23 | }
24 |
25 | uri = System.getenv("SERVICE_URL");
26 | if (uri != null) {
27 | return new URL(uri);
28 | }
29 |
30 | URL requestUrl = new URL(req.getRequestURL().toString());
31 |
32 | String host = requestUrl.getHost();
33 | String schema = requestUrl.getProtocol();
34 | String port = requestUrl.getPort() != -1 ? (":" + requestUrl.getPort()) : "";
35 |
36 | uri = schema + "://" + host + port + "/service";
37 | return new URL(uri);
38 |
39 | } catch (MalformedURLException e) {
40 | throw new RuntimeException("Malformed url: " + uri);
41 | } finally {
42 | log.info("Service url: " + uri);
43 | }
44 | }
45 | }
46 |
--------------------------------------------------------------------------------
/fuse70/features/README.md:
--------------------------------------------------------------------------------
1 | JBoss Fuse Features
2 | ===================
3 | This module contains the Karaf feature `keycloak-fuse70-quickstarts`, which is used by `server` module to install all the other Keycloak Fuse Quickstart applications into the JBoss Fuse server.
4 |
--------------------------------------------------------------------------------
/fuse70/features/src/main/resources/features.xml:
--------------------------------------------------------------------------------
1 |
2 |
18 |
19 |
20 |
21 |
22 | The Keycloak Fuse 7.0 example
23 | war
24 | camel
25 | cxf
26 | keycloak-pax-http-undertow
27 | mvn:org.keycloak.quickstarts/keycloak-fuse70-app-war-jsp/${project.version}/war
28 | mvn:org.keycloak.quickstarts/keycloak-fuse70-service-camel/${project.version}
29 | mvn:org.keycloak.quickstarts/keycloak-fuse70-service-cxf-jaxrs/${project.version}
30 |
31 |
32 |
--------------------------------------------------------------------------------
/fuse70/server/src/main/resources/install-features.cli:
--------------------------------------------------------------------------------
1 | features:addurl mvn:org.keycloak/keycloak-osgi-features/${version.keycloak}/xml/features
2 | features:addurl mvn:org.keycloak.quickstarts/keycloak-fuse70-features/${project.version}/xml/features
3 | features:install keycloak-fuse70-quickstarts
4 |
--------------------------------------------------------------------------------
/fuse70/server/src/main/resources/install-features.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | echo "JAVA_HOME=$JAVA_HOME"
3 |
4 | ./start
5 |
6 | echo "Karaf container starting"
7 | sleep 5
8 |
9 | TIMEOUT=5
10 | DELAY=1
11 | T=0
12 |
13 | RESULT=0
14 |
15 | until [ $T -gt $TIMEOUT ]
16 | do
17 | if ./client info; then
18 | echo "Server is reachable."
19 |
20 |
21 | echo "Updating Config"
22 | ./client -f update-config.cli
23 | if [ $? -ne 0 ]; then
24 | echo "Call update-config.cli failed!";
25 | RESULT=1;
26 | else
27 | ./client config:list | grep org.ops4j.pax.url.mvn.
28 | fi
29 |
30 | echo "Installing features."
31 | ./client -f install-features.cli
32 | if [ $? -ne 0 ]; then
33 | echo "Call install-features.cli failed!";
34 | RESULT=1;
35 | fi
36 | exit $RESULT
37 | else
38 | echo "Server is not reachable. Waiting."
39 | sleep $DELAY
40 | let T=$T+$DELAY
41 | fi
42 | done
43 |
--------------------------------------------------------------------------------
/fuse70/server/src/main/resources/update-config.cli:
--------------------------------------------------------------------------------
1 | config:edit org.ops4j.pax.url.mvn
2 | config:propset org.ops4j.pax.url.mvn.localRepository ${user.home}/.m2/repository
3 | config:update
4 |
5 | features:refreshurl
6 |
7 | dev:system-property service.url ${service.url}
8 |
--------------------------------------------------------------------------------
/fuse70/server/src/main/resources/users.properties:
--------------------------------------------------------------------------------
1 | karaf = karaf,_g_:admingroup
2 | _g_\:admingroup = group,admin,manager,viewer,webconsole,ssh
3 |
--------------------------------------------------------------------------------
/fuse70/service-camel/config/client-import.json:
--------------------------------------------------------------------------------
1 | {
2 | "clientId": "fuse-service-camel",
3 | "enabled": true,
4 | "bearerOnly": true,
5 | "adminUrl": "http://localhost:8383/service"
6 | }
7 |
--------------------------------------------------------------------------------
/fuse70/service-camel/config/keycloak-example.json:
--------------------------------------------------------------------------------
1 | {
2 | "realm": "master",
3 | "bearer-only": true,
4 | "auth-server-url": "http://localhost:8180/auth",
5 | "ssl-required": "external",
6 | "resource": "fuse-service-camel"
7 | }
--------------------------------------------------------------------------------
/fuse70/service-camel/src/main/java/org/keycloak/quickstart/fuse/camel/Message.java:
--------------------------------------------------------------------------------
1 | /*
2 | * JBoss, Home of Professional Open Source
3 | * Copyright 2016, Red Hat, Inc. and/or its affiliates, and individual
4 | * contributors by the @authors tag. See the copyright.txt in the
5 | * distribution for a full listing of individual contributors.
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | * http://www.apache.org/licenses/LICENSE-2.0
11 | * Unless required by applicable law or agreed to in writing, software
12 | * distributed under the License is distributed on an "AS IS" BASIS,
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | * See the License for the specific language governing permissions and
15 | * limitations under the License.
16 | */
17 | package org.keycloak.quickstart.fuse.camel;
18 |
19 |
20 | public class Message {
21 |
22 | private String message;
23 |
24 | public Message(String message) {
25 | this.message = message;
26 | }
27 |
28 | public String getMessage() {
29 | return message;
30 | }
31 |
32 | public void setMessage(String message) {
33 | this.message = message;
34 | }
35 |
36 | }
37 |
--------------------------------------------------------------------------------
/fuse70/service-camel/src/main/resources/config/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/redhat-developer/redhat-sso-quickstarts/e4069f5f54b730f9833533dd5459b3d4d5eacdfe/fuse70/service-camel/src/main/resources/config/.gitkeep
--------------------------------------------------------------------------------
/fuse70/service-cxf-jaxrs/config/client-import.json:
--------------------------------------------------------------------------------
1 | {
2 | "clientId": "fuse-service-cxf",
3 | "enabled": true,
4 | "bearerOnly": true
5 | }
6 |
--------------------------------------------------------------------------------
/fuse70/service-cxf-jaxrs/config/keycloak-example.json:
--------------------------------------------------------------------------------
1 | {
2 | "realm": "master",
3 | "bearer-only": true,
4 | "auth-server-url": "http://localhost:8180/auth",
5 | "ssl-required": "external",
6 | "resource": "fuse-service-cxf"
7 | }
--------------------------------------------------------------------------------
/fuse70/service-cxf-jaxrs/src/main/java/org/keycloak/quickstart/fuse/cxf/rs/Message.java:
--------------------------------------------------------------------------------
1 | /*
2 | * JBoss, Home of Professional Open Source
3 | * Copyright 2016, Red Hat, Inc. and/or its affiliates, and individual
4 | * contributors by the @authors tag. See the copyright.txt in the
5 | * distribution for a full listing of individual contributors.
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | * http://www.apache.org/licenses/LICENSE-2.0
11 | * Unless required by applicable law or agreed to in writing, software
12 | * distributed under the License is distributed on an "AS IS" BASIS,
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | * See the License for the specific language governing permissions and
15 | * limitations under the License.
16 | */
17 | package org.keycloak.quickstart.fuse.cxf.rs;
18 |
19 | public class Message {
20 |
21 | private String message;
22 |
23 | public Message(String message) {
24 | this.message = message;
25 | }
26 |
27 | public String getMessage() {
28 | return message;
29 | }
30 |
31 | public void setMessage(String message) {
32 | this.message = message;
33 | }
34 |
35 | }
36 |
--------------------------------------------------------------------------------
/fuse70/service-cxf-jaxrs/src/main/resources/config/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/redhat-developer/redhat-sso-quickstarts/e4069f5f54b730f9833533dd5459b3d4d5eacdfe/fuse70/service-cxf-jaxrs/src/main/resources/config/.gitkeep
--------------------------------------------------------------------------------
/maven-settings.xml:
--------------------------------------------------------------------------------
1 |
5 |
6 |
7 | org.jenkins-ci.tools
8 |
9 |
10 |
11 |
12 | jboss-public-repository
13 |
14 |
15 | jboss-public-repository-group
16 | JBoss Public Maven Repository Group
17 | http://repository.jboss.org/nexus/content/groups/public/
18 | default
19 |
20 | true
21 | never
22 |
23 |
24 | true
25 | never
26 |
27 |
28 |
29 |
30 |
31 | jboss-public-repository-group
32 | JBoss Public Maven Repository Group
33 | http://repository.jboss.org/nexus/content/groups/public/
34 | default
35 |
36 | true
37 | never
38 |
39 |
40 | true
41 | never
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 | jboss-public-repository
50 |
51 |
52 |
53 |
--------------------------------------------------------------------------------
/scripts/generate_keycloak_json.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash -x
2 |
3 | ## This is a helper script for generating "keycloak.json" files from "keycloak-example.json".
4 | ## Use this to test your changes against the Enforcer Plugin.
5 |
6 | for f in $(find . -type f -name 'keycloak-example.json'); do
7 | cp "$f" "${f%-example.json}.json"
8 | done
9 |
10 | for f in $(find . -type f -name 'keycloak-saml-example.xml'); do
11 | cp "$f" "${f%-example.xml}.xml"
12 | done
13 |
--------------------------------------------------------------------------------
/scripts/ssorepo.txt:
--------------------------------------------------------------------------------
1 |
2 |
3 | jboss-enterprise-maven-repository
4 | https://maven.repository.redhat.com/ga/
5 |
6 | true
7 |
8 |
9 | false
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/scripts/start-server.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | . scripts/version.sh
4 |
5 | set -v
6 |
7 | function waitForServer {
8 | # Give the server some time to start up. Look for a well-known
9 | # bit of text in the log file. Try at most 50 times before giving up.
10 | C=50
11 | while [ $C -gt 0 ]
12 | do
13 | grep "Keycloak ${VERSION} (WildFly Core .*) started" keycloak.log
14 | if [ $? -eq 0 ]; then
15 | echo "Server started."
16 | C=0
17 | else
18 | echo -n "."
19 | C=$(( $C - 1 ))
20 | fi
21 | sleep 1
22 | done
23 | }
24 |
25 | ARCHIVE="${KEYCLOAK}.tar.gz"
26 | DIST="keycloak-server-dist"
27 | URL="https://repo1.maven.org/maven2/org/keycloak/$DIST/${VERSION}/$DIST-${VERSION}.tar.gz"
28 | # Download keycloak server if we don't already have it
29 | if [[ $TRAVIS_BRANCH = "latest" ]];
30 | then
31 | curl -o $ARCHIVE $URL
32 | tar xzf $ARCHIVE
33 | rm -f $ARCHIVE
34 | else
35 | KEYCLOAK="keycloak-server"
36 | fi
37 |
38 | cp authz-js-policies/target/authz-js-policies.jar $KEYCLOAK/standalone/deployments
39 | $KEYCLOAK/bin/add-user-keycloak.sh -u admin -p admin
40 | # Start the server
41 | $KEYCLOAK/bin/standalone.sh -Djava.net.preferIPv4Stack=true \
42 | -Djboss.socket.binding.port-offset=100 > keycloak.log 2>&1 &
43 |
44 | waitForServer
45 |
--------------------------------------------------------------------------------
/scripts/stop-server.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | . scripts/version.sh
4 |
5 | ${KEYCLOAK}/bin/jboss-cli.sh --connect controller=127.0.0.1:10090 command=:shutdown
6 |
--------------------------------------------------------------------------------
/scripts/version.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | export VERSION=`curl -s https://repo1.maven.org/maven2/org/keycloak/keycloak-server-dist/ | sed -e 's/<[^>]*>//g' | grep -i final | cut -d '/' -f1 | tail -n1`
4 | export KEYCLOAK="keycloak-${VERSION}"
5 |
--------------------------------------------------------------------------------
/service-jee-jaxrs/config/client-import.json:
--------------------------------------------------------------------------------
1 | {
2 | "clientId": "service-jaxrs",
3 | "enabled": true,
4 | "bearerOnly": true
5 | }
6 |
--------------------------------------------------------------------------------
/service-jee-jaxrs/config/keycloak-example.json:
--------------------------------------------------------------------------------
1 | {
2 | "realm": "quickstart",
3 | "bearer-only": true,
4 | "auth-server-url": "http://localhost:8180/auth",
5 | "ssl-required": "external",
6 | "resource": "service-jaxrs"
7 | }
--------------------------------------------------------------------------------
/service-jee-jaxrs/src/main/java/org/keycloak/quickstart/jaxrs/Application.java:
--------------------------------------------------------------------------------
1 | /*
2 | * JBoss, Home of Professional Open Source
3 | * Copyright 2016, Red Hat, Inc. and/or its affiliates, and individual
4 | * contributors by the @authors tag. See the copyright.txt in the
5 | * distribution for a full listing of individual contributors.
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | * http://www.apache.org/licenses/LICENSE-2.0
11 | * Unless required by applicable law or agreed to in writing, software
12 | * distributed under the License is distributed on an "AS IS" BASIS,
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | * See the License for the specific language governing permissions and
15 | * limitations under the License.
16 | */
17 | package org.keycloak.quickstart.jaxrs;
18 |
19 | import javax.ws.rs.ApplicationPath;
20 |
21 | @ApplicationPath("/")
22 | public class Application extends javax.ws.rs.core.Application {
23 | }
24 |
--------------------------------------------------------------------------------
/service-jee-jaxrs/src/main/java/org/keycloak/quickstart/jaxrs/Message.java:
--------------------------------------------------------------------------------
1 | /*
2 | * JBoss, Home of Professional Open Source
3 | * Copyright 2016, Red Hat, Inc. and/or its affiliates, and individual
4 | * contributors by the @authors tag. See the copyright.txt in the
5 | * distribution for a full listing of individual contributors.
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | * http://www.apache.org/licenses/LICENSE-2.0
11 | * Unless required by applicable law or agreed to in writing, software
12 | * distributed under the License is distributed on an "AS IS" BASIS,
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | * See the License for the specific language governing permissions and
15 | * limitations under the License.
16 | */
17 | package org.keycloak.quickstart.jaxrs;
18 |
19 | public class Message {
20 |
21 | private String message;
22 |
23 | public Message(String message) {
24 | this.message = message;
25 | }
26 |
27 | public String getMessage() {
28 | return message;
29 | }
30 |
31 | public void setMessage(String message) {
32 | this.message = message;
33 | }
34 |
35 | }
36 |
--------------------------------------------------------------------------------
/service-jee-jaxrs/src/main/java/org/keycloak/quickstart/jaxrs/Resource.java:
--------------------------------------------------------------------------------
1 | /*
2 | * JBoss, Home of Professional Open Source
3 | * Copyright 2016, Red Hat, Inc. and/or its affiliates, and individual
4 | * contributors by the @authors tag. See the copyright.txt in the
5 | * distribution for a full listing of individual contributors.
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | * http://www.apache.org/licenses/LICENSE-2.0
11 | * Unless required by applicable law or agreed to in writing, software
12 | * distributed under the License is distributed on an "AS IS" BASIS,
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | * See the License for the specific language governing permissions and
15 | * limitations under the License.
16 | */
17 | package org.keycloak.quickstart.jaxrs;
18 |
19 | import javax.servlet.http.HttpServletResponse;
20 | import javax.ws.rs.GET;
21 | import javax.ws.rs.Path;
22 | import javax.ws.rs.Produces;
23 | import javax.ws.rs.core.Context;
24 | import javax.ws.rs.core.HttpHeaders;
25 | import javax.ws.rs.core.MediaType;
26 |
27 | @Path("/")
28 | public class Resource {
29 |
30 | @GET
31 | @Produces(MediaType.APPLICATION_JSON)
32 | @Path("public")
33 | public Message getPublic(@Context HttpHeaders header, @Context HttpServletResponse response){
34 | response.setHeader("Access-Control-Allow-Origin", "*");
35 | return new Message("public");
36 | }
37 |
38 | @GET
39 | @Produces(MediaType.APPLICATION_JSON)
40 | @Path("secured")
41 | public Message getSecured() {
42 | return new Message("secured");
43 | }
44 |
45 | @GET
46 | @Produces(MediaType.APPLICATION_JSON)
47 | @Path("admin")
48 | public Message getAdmin() {
49 | return new Message("admin");
50 | }
51 |
52 | }
53 |
--------------------------------------------------------------------------------
/service-jee-jaxrs/src/test/resources/arquillian.xml:
--------------------------------------------------------------------------------
1 |
2 |
12 |
16 |
17 |
18 |
20 |
21 |
22 |
23 |
24 |
26 |
27 | always
28 | 127.0.0.1
29 | 9990
30 | ${basedir}/target/wildfly-${version.wildfly}
31 |
32 |
33 |
34 |
35 |
--------------------------------------------------------------------------------
/service-nodejs/client-import.json:
--------------------------------------------------------------------------------
1 | {
2 | "clientId": "service-nodejs",
3 | "enabled": true,
4 | "bearerOnly": true
5 | }
6 |
--------------------------------------------------------------------------------
/service-nodejs/keycloak.json:
--------------------------------------------------------------------------------
1 | {
2 | "realm": "quickstart",
3 | "bearer-only": true,
4 | "auth-server-url": "http://localhost:8180/auth",
5 | "ssl-required": "external",
6 | "resource": "service-nodejs"
7 | }
--------------------------------------------------------------------------------
/service-nodejs/package.json:
--------------------------------------------------------------------------------
1 | {
2 | "name": "service-nodejs",
3 | "version": "0.0.1",
4 | "scripts": {
5 | "start": "node app.js",
6 | "test": "tape test/*.js"
7 | },
8 | "dependencies": {
9 | "keycloak-connect": "keycloak/keycloak-nodejs-connect",
10 | "body-parser": "^1.13.3",
11 | "express": "^4.13.3",
12 | "express-session": "^1.14.2",
13 | "cors": "^2.8.1"
14 | },
15 | "devDependencies": {
16 | "keycloak-request-token": "^0.1.0",
17 | "keycloak-client-registration": "^0.1.0",
18 | "eslint": "^3.3.1",
19 | "eslint-config-semistandard": "^7.0.0-beta.0",
20 | "eslint-config-standard": "^6.0.0",
21 | "eslint-plugin-promise": "^3.3.0",
22 | "eslint-plugin-react": "^6.1.2",
23 | "eslint-plugin-standard": "^2.0.0",
24 | "ink-docstrap": "^1.1.4",
25 | "jsdoc": "^3.4.0",
26 | "jshint": "^2.9.1",
27 | "tape": "^4.5.1",
28 | "roi": "^0.15.0"
29 | }
30 | }
31 |
--------------------------------------------------------------------------------
/service-nodejs/test/config.js:
--------------------------------------------------------------------------------
1 | var baseUrl = 'http://localhost:8180/auth';
2 |
3 | module.exports = {
4 | registration: {
5 | endpoint: baseUrl + '/realms/quickstart/clients-registrations',
6 | accessToken: ''
7 | },
8 | baseUrl: baseUrl,
9 | token: {
10 | username: 'alice',
11 | password: 'password',
12 | grant_type: 'password',
13 | client_id: 'test-cli',
14 | realmName: 'quickstart'
15 | },
16 | testClient: {
17 | clientId: 'test-cli',
18 | consentRequired: "false",
19 | publicClient: "true",
20 | standardFlowEnabled: "false",
21 | directAccessGrantsEnabled: "true",
22 | fullScopeAllowed: "true"
23 | }
24 | };
25 |
--------------------------------------------------------------------------------
/service-springboot-rest/config/client-import.json:
--------------------------------------------------------------------------------
1 | {
2 | "clientId": "service-springboot",
3 | "enabled": true,
4 | "bearerOnly": true
5 | }
6 |
--------------------------------------------------------------------------------
/service-springboot-rest/src/main/java/org/keycloak/quickstart/springboot/service/ProductService.java:
--------------------------------------------------------------------------------
1 | /*
2 | * JBoss, Home of Professional Open Source
3 | * Copyright 2016, Red Hat, Inc. and/or its affiliates, and individual
4 | * contributors by the @authors tag. See the copyright.txt in the
5 | * distribution for a full listing of individual contributors.
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | * http://www.apache.org/licenses/LICENSE-2.0
11 | * Unless required by applicable law or agreed to in writing, software
12 | * distributed under the License is distributed on an "AS IS" BASIS,
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | * See the License for the specific language governing permissions and
15 | * limitations under the License.
16 | */
17 | package org.keycloak.quickstart.springboot.service;
18 |
19 | import java.util.Arrays;
20 | import java.util.List;
21 | import org.springframework.stereotype.Component;
22 |
23 | @Component
24 | public class ProductService {
25 |
26 | public List getProducts() {
27 | return Arrays.asList(
28 | "alpha", "bravo", "charlie", "delta", "echo", "foxtrot");
29 | }
30 |
31 | public String getPublic() {
32 | return "public";
33 | }
34 |
35 | }
36 |
--------------------------------------------------------------------------------
/service-springboot-rest/src/main/resources/application.properties:
--------------------------------------------------------------------------------
1 | server.port = 8081
2 | keycloak.realm=quickstart
3 | keycloak.auth-server-url=http://localhost:8180/auth
4 | keycloak.ssl-required=external
5 | keycloak.resource=service-springboot
6 | keycloak.public-client=true
7 | keycloak.bearer-only=true
8 | keycloak.securityConstraints[0].securityCollections[0].name = protected resource
9 | keycloak.securityConstraints[0].authRoles[0] = user
10 | keycloak.securityConstraints[0].securityCollections[0].patterns[0] = /products
11 | keycloak.securityConstraints[0].securityCollections[0].patterns[1] = /products/
--------------------------------------------------------------------------------
/service-springboot-rest/src/test/resources/application.properties:
--------------------------------------------------------------------------------
1 | server.compression.enabled: true
2 | server.compression.min-response-size: 1
3 | server.connection-timeout=5000
4 | server.port = 8081
5 | keycloak.realm=quickstart
6 | keycloak.auth-server-url=http://localhost:8180/auth
7 | keycloak.ssl-required=external
8 | keycloak.resource=test-demo
9 | keycloak.public-client=true
10 | keycloak.bearer-only=true
11 | keycloak.securityConstraints[0].securityCollections[0].name = protected resource
12 | keycloak.securityConstraints[0].authRoles[0] = user
13 | keycloak.securityConstraints[0].securityCollections[0].patterns[0] = /products
14 |
15 | # Turn off the logs
16 | logging.level.root=OFF
17 | logging.level.org.springframework.boot=OFF
18 | spring.main.banner-mode=OFF
19 |
--------------------------------------------------------------------------------
/set-version.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash -e
2 |
3 | NEW_VERSION=$1
4 |
5 | LATEST_KEYCLOAK_VERSION=`curl -s "http://search.maven.org/solrsearch/select?q=g:org.keycloak%20AND%20a:keycloak-parent&rows=1&wt=json" | jq -r .response.docs[0].latestVersion`
6 |
7 | mvn versions:update-parent -Dversion.keycloak=$LATEST_KEYCLOAK_VERSION -DparentVersion=$NEW_VERSION -DgenerateBackupPoms=false -Pbump-version
8 | mvn versions:set -Dversion.keycloak=$LATEST_KEYCLOAK_VERSION -DnewVersion=$NEW_VERSION -DgenerateBackupPoms=false -DgroupId=org.keycloak* -DartifactId=* -Pbump-version
9 |
10 | sed -i "s|keycloak/keycloak:.*|keycloak/keycloak:$NEW_VERSION|" kubernetes-examples/keycloak.yaml
11 | sed -i "s|keycloak/keycloak:.*|keycloak/keycloak:$NEW_VERSION|" openshift-examples/keycloak.yaml
12 |
--------------------------------------------------------------------------------
/travis-run-tests.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash -e
2 |
3 | if [ $1 == "group1" ]; then
4 | for i in `mvn -q --also-make exec:exec -Dexec.executable="pwd" | awk -F '/' '{if (NR > 1) print $NF}'`;
5 | do
6 | # FIXME Workaround to skip Angular.js app on Travis CI while we figure out the best way to fix the issues with Selenium
7 | if [ "$i" = "app-angular2" -o "$i" = "app-authz-uma-photoz" -o "$i" = "app-authz-photoz" -o "$i" = "photoz-html5-client" -o "$i" = "photoz-js-policies" -o "$i" = "photoz-restful-api" -o "$i" = "photoz-testsuite" -o "$i" = "app-profile-jee-html5" ]; then
8 | continue
9 | fi
10 | mvn -B -s maven-settings.xml clean install -Pwildfly-managed -Denforcer.skip=true -f $i
11 | done
12 | fi
13 |
14 | if [ $1 == "group2" ]; then
15 | mvn -B -s maven-settings.xml test -Pwildfly-managed -f action-token-authenticator/pom.xml /dev/null&
28 | cd ../app-springboot
29 | mvn -B -s ../maven-settings.xml clean test -Pspring-boot
30 | fi
31 |
32 | if [ $1 == "group5" ]; then
33 | mvn -B -s maven-settings.xml test -Pkeycloak-remote -f user-storage-jpa
34 | mvn -B -s maven-settings.xml test -Pkeycloak-remote -f user-storage-simple
35 | fi
36 | if [ $1 == "group6" ] && [ $TRAVIS_PULL_REQUEST == "false" ]; then
37 | ./productize.sh
38 | exit 0
39 | fi
40 | if [ $1 == "group7" ]; then
41 | mvn -B -s maven-settings.xml test -Pkeycloak-remote -f event-listener-sysout
42 | mvn -B -s maven-settings.xml test -Pkeycloak-remote -f event-store-mem
43 | fi
44 |
--------------------------------------------------------------------------------
/travis-server.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash -e
2 |
3 | REPO="https://github.com/keycloak/keycloak.git"
4 |
5 | echo "Building $TRAVIS_BRANCH"
6 |
7 | if [[ $TRAVIS_BRANCH != "latest" ]]; then
8 | # Temporarily commented
9 | # git clone --depth 1 $REPO > /dev/null 2>&1 && cd keycloak
10 | # Clone Keycloak repo
11 | git clone $REPO > /dev/null 2>&1 && cd keycloak
12 |
13 | # The exact version of Keycloak based on Maven
14 | VERSION=`grep -A1 "keycloak-parent" pom.xml | grep ".* $" | awk -F'[><]' '{print $3}'`
15 |
16 | # Build the repository based on jboss-public-repository
17 | mvn -s ../maven-settings.xml clean install --no-snapshot-updates -Pdistribution -DskipTestsuite -DskipTests=true -B -V
18 |
19 | # Extract and start the Keycloak server distribution
20 | mkdir ../keycloak-server && tar xzf distribution/server-dist/target/keycloak-$VERSION.tar.gz -C ../keycloak-server --strip-components 1
21 | cd .. && ./scripts/start-server.sh
22 |
23 | else
24 | ./scripts/start-server.sh
25 | fi
26 |
--------------------------------------------------------------------------------
/user-storage-jpa/src/main/resources/META-INF/persistence.xml:
--------------------------------------------------------------------------------
1 |
2 |
7 |
8 | java:jboss/datasources/ExampleXADS
9 |
10 | org.keycloak.quickstart.storage.user.UserEntity
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
--------------------------------------------------------------------------------
/user-storage-jpa/src/main/resources/META-INF/services/org.keycloak.storage.UserStorageProviderFactory:
--------------------------------------------------------------------------------
1 | org.keycloak.quickstart.storage.user.EjbExampleUserStorageProviderFactory
--------------------------------------------------------------------------------
/user-storage-jpa/src/test/resources/arquillian.xml:
--------------------------------------------------------------------------------
1 |
2 |
12 |
16 |
17 |
18 |
19 |
20 | 127.0.0.1
21 | 10090
22 | admin
23 | admin
24 |
25 |
26 |
27 |
28 | phantomjs
29 |
30 |
31 |
--------------------------------------------------------------------------------
/user-storage-simple/src/main/resources/META-INF/services/org.keycloak.storage.UserStorageProviderFactory:
--------------------------------------------------------------------------------
1 | org.keycloak.quickstart.readonly.PropertyFileUserStorageProviderFactory
2 | org.keycloak.quickstart.writeable.PropertyFileUserStorageProviderFactory
--------------------------------------------------------------------------------
/user-storage-simple/src/main/resources/users.properties:
--------------------------------------------------------------------------------
1 | #
2 | # Copyright 2016 Red Hat, Inc. and/or its affiliates
3 | # and other contributors as indicated by the @author tags.
4 | #
5 | # Licensed under the Apache License, Version 2.0 (the "License");
6 | # you may not use this file except in compliance with the License.
7 | # You may obtain a copy of the License at
8 | #
9 | # http://www.apache.org/licenses/LICENSE-2.0
10 | #
11 | # Unless required by applicable law or agreed to in writing, software
12 | # distributed under the License is distributed on an "AS IS" BASIS,
13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | # See the License for the specific language governing permissions and
15 | # limitations under the License.
16 | #
17 |
18 | tbrady=superbowl
--------------------------------------------------------------------------------
/user-storage-simple/src/test/java/org/keycloak/quickstart/util/StorageManager.java:
--------------------------------------------------------------------------------
1 | package org.keycloak.quickstart.util;
2 |
3 | import java.io.FileWriter;
4 | import java.io.IOException;
5 | import java.nio.file.Files;
6 | import java.nio.file.Path;
7 | import java.util.Properties;
8 |
9 | /**
10 | * @author Bruno Oliveira
11 | */
12 | public class StorageManager {
13 |
14 | private static final String TMP_DIR_PREFIX = "user_storage_";
15 | private static final Properties props = new Properties();
16 | private static Path file;
17 |
18 | public static String getPropertyFile() {
19 | return file.toFile().getAbsoluteFile().toString();
20 | }
21 |
22 | public static void createStorage() {
23 | try {
24 | Path path = Files.createTempDirectory(TMP_DIR_PREFIX);
25 | file = path.resolve("example-users.properties");
26 | } catch (IOException e) {
27 | e.printStackTrace();
28 | }
29 | }
30 |
31 | public static void addUser(String user, String password) {
32 | try {
33 | props.setProperty(user, password);
34 | FileWriter writer = new FileWriter(file.toFile());
35 | props.store(writer, "Added user");
36 | writer.close();
37 | } catch (IOException e) {
38 | e.printStackTrace();
39 | }
40 | }
41 |
42 | public static void deleteStorage() {
43 | try {
44 | Files.delete(file);
45 | } catch (IOException e) {
46 | e.printStackTrace();
47 | }
48 | }
49 | }
50 |
--------------------------------------------------------------------------------
/user-storage-simple/src/test/resources/arquillian.xml:
--------------------------------------------------------------------------------
1 |
2 |
12 |
16 |
17 |
18 |
19 |
20 | 127.0.0.1
21 | 10090
22 | admin
23 | admin
24 |
25 |
26 |
27 |
28 | phantomjs
29 |
30 |
31 |
--------------------------------------------------------------------------------