diff --git a/.env b/.env index 0839976e7..087047da5 100644 --- a/.env +++ b/.env @@ -1,3 +1,3 @@ # Used in docker-compose # shellcheck disable=SC2034 -KEYCLOAK_VERSION=21.1.1 +KEYCLOAK_VERSION=22.0.0 diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index cc22a0fe4..c166f1c2b 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -31,6 +31,7 @@ jobs: - KEYCLOAK_VERSION: 19.0.3 - KEYCLOAK_VERSION: 20.0.5 - KEYCLOAK_VERSION: 21.1.1 + - KEYCLOAK_VERSION: 22.0.0 steps: - uses: actions/checkout@v3 with: diff --git a/CHANGELOG.md b/CHANGELOG.md index 04b01da08..237a063d2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,11 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), ## [Unreleased] - Refactored support for user profile updates +## [5.7.0] +- Added support for Keycloak 22 +- Update to Spring Boot 2.7.13 +- Adapt packages for Jakarta EE migration + ## [5.6.1] - 2023-03-05 ## [5.6.0] - 2023-03-05 diff --git a/Dockerfile b/Dockerfile index b8491f608..314460c07 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,7 @@ FROM ${BUILDER_IMAGE} AS BUILDER WORKDIR /app/ -ARG KEYCLOAK_VERSION=21.1.1 +ARG KEYCLOAK_VERSION=22.0.0 ARG MAVEN_CLI_OPTS="-ntp -B" COPY .mvn .mvn diff --git a/pom.xml b/pom.xml index a73f053f8..ab7b2d616 100644 --- a/pom.xml +++ b/pom.xml @@ -4,7 +4,7 @@ org.springframework.boot spring-boot-starter-parent - 2.7.12 + 2.7.13 @@ -59,7 +59,7 @@ UTF-8 UTF-8 - 21.1.1 + 22.0.0 3.2.0 10.0 @@ -84,7 +84,13 @@ 3.21.0 6.55.0 0.15 - 5.0.4.Final + 6.2.4.Final + 2.0 + 3.1.0 + 2.1.2 + 2.1.1 + 2.1.2 + 5.8.4 4.7.3.5 4.7.3 1.18.3 @@ -160,6 +166,12 @@ org.springframework.boot spring-boot-starter + + + jakarta.annotation + jakarta.annotation-api + + @@ -176,7 +188,7 @@ org.springframework.security spring-security-crypto - 5.8.3 + ${spring-security-crypto.version} @@ -193,7 +205,7 @@ org.yaml snakeyaml - 2.0 + ${snakeyaml.version} @@ -204,6 +216,53 @@ org.jboss.resteasy resteasy-jaxb-provider + + + jakarta.activation + jakarta.activation-api + + + jakarta.annotation + jakarta.annotation-api + + + jakarta.mail + jakarta.mail-api + + + jakarta.ws.rs + jakarta.ws.rs-api + + + + + + jakarta.ws.rs + jakarta.ws.rs-api + ${jakarta.ws.rs-api.version} + + + + jakarta.activation + jakarta.activation-api + ${jakarta.activation.version} + + + + jakarta.annotation + jakarta.annotation-api + ${jakarta.annotation.version} + + + + jakarta.mail + jakarta.mail-api + ${jakarta.mail.version} + + + jakarta.activation + jakarta.activation-api + diff --git a/src/main/java/de/adorsys/keycloak/config/provider/KeycloakProvider.java b/src/main/java/de/adorsys/keycloak/config/provider/KeycloakProvider.java index 13782648f..cad1ccea8 100644 --- a/src/main/java/de/adorsys/keycloak/config/provider/KeycloakProvider.java +++ b/src/main/java/de/adorsys/keycloak/config/provider/KeycloakProvider.java @@ -23,6 +23,10 @@ import de.adorsys.keycloak.config.exception.KeycloakProviderException; import de.adorsys.keycloak.config.properties.KeycloakConfigProperties; import de.adorsys.keycloak.config.util.ResteasyUtil; +import jakarta.ws.rs.WebApplicationException; +import jakarta.ws.rs.client.Entity; +import jakarta.ws.rs.core.Form; +import jakarta.ws.rs.core.Response; import net.jodah.failsafe.Failsafe; import net.jodah.failsafe.RetryPolicy; import org.jboss.resteasy.client.jaxrs.ResteasyClient; @@ -40,10 +44,6 @@ import java.net.URL; import java.text.MessageFormat; import java.time.Duration; -import javax.ws.rs.WebApplicationException; -import javax.ws.rs.client.Entity; -import javax.ws.rs.core.Form; -import javax.ws.rs.core.Response; /** * This class exists because we need to create a single keycloak instance or to close the keycloak before using a new one diff --git a/src/main/java/de/adorsys/keycloak/config/repository/AuthenticationFlowRepository.java b/src/main/java/de/adorsys/keycloak/config/repository/AuthenticationFlowRepository.java index 01eb48509..4205eba5a 100644 --- a/src/main/java/de/adorsys/keycloak/config/repository/AuthenticationFlowRepository.java +++ b/src/main/java/de/adorsys/keycloak/config/repository/AuthenticationFlowRepository.java @@ -23,6 +23,10 @@ import de.adorsys.keycloak.config.exception.ImportProcessingException; import de.adorsys.keycloak.config.exception.KeycloakRepositoryException; import de.adorsys.keycloak.config.util.ResponseUtil; +import jakarta.ws.rs.ClientErrorException; +import jakarta.ws.rs.NotFoundException; +import jakarta.ws.rs.WebApplicationException; +import jakarta.ws.rs.core.Response; import org.keycloak.admin.client.CreatedResponseUtil; import org.keycloak.admin.client.resource.AuthenticationManagementResource; import org.keycloak.admin.client.resource.RealmResource; @@ -38,10 +42,6 @@ import java.util.List; import java.util.Objects; import java.util.Optional; -import javax.ws.rs.ClientErrorException; -import javax.ws.rs.NotFoundException; -import javax.ws.rs.WebApplicationException; -import javax.ws.rs.core.Response; @Service public class AuthenticationFlowRepository { diff --git a/src/main/java/de/adorsys/keycloak/config/repository/ClientRepository.java b/src/main/java/de/adorsys/keycloak/config/repository/ClientRepository.java index 2116a393f..6e11feb67 100644 --- a/src/main/java/de/adorsys/keycloak/config/repository/ClientRepository.java +++ b/src/main/java/de/adorsys/keycloak/config/repository/ClientRepository.java @@ -23,6 +23,8 @@ import de.adorsys.keycloak.config.exception.ImportProcessingException; import de.adorsys.keycloak.config.exception.KeycloakRepositoryException; import de.adorsys.keycloak.config.util.ResponseUtil; +import jakarta.ws.rs.WebApplicationException; +import jakarta.ws.rs.core.Response; import org.keycloak.admin.client.CreatedResponseUtil; import org.keycloak.admin.client.resource.ClientResource; import org.keycloak.admin.client.resource.ClientsResource; @@ -42,8 +44,6 @@ import java.util.Optional; import java.util.Set; import java.util.stream.Collectors; -import javax.ws.rs.WebApplicationException; -import javax.ws.rs.core.Response; @Service public class ClientRepository { diff --git a/src/main/java/de/adorsys/keycloak/config/repository/ClientScopeRepository.java b/src/main/java/de/adorsys/keycloak/config/repository/ClientScopeRepository.java index e70a46100..4c2cbcd14 100644 --- a/src/main/java/de/adorsys/keycloak/config/repository/ClientScopeRepository.java +++ b/src/main/java/de/adorsys/keycloak/config/repository/ClientScopeRepository.java @@ -22,6 +22,8 @@ import de.adorsys.keycloak.config.exception.ImportProcessingException; import de.adorsys.keycloak.config.util.ResponseUtil; +import jakarta.ws.rs.WebApplicationException; +import jakarta.ws.rs.core.Response; import org.keycloak.admin.client.CreatedResponseUtil; import org.keycloak.admin.client.resource.ClientScopeResource; import org.keycloak.admin.client.resource.ClientScopesResource; @@ -36,8 +38,6 @@ import java.util.Objects; import java.util.Optional; import java.util.stream.Collectors; -import javax.ws.rs.WebApplicationException; -import javax.ws.rs.core.Response; @Service public class ClientScopeRepository { diff --git a/src/main/java/de/adorsys/keycloak/config/repository/ComponentRepository.java b/src/main/java/de/adorsys/keycloak/config/repository/ComponentRepository.java index 25957dbe6..c95022640 100644 --- a/src/main/java/de/adorsys/keycloak/config/repository/ComponentRepository.java +++ b/src/main/java/de/adorsys/keycloak/config/repository/ComponentRepository.java @@ -23,6 +23,8 @@ import de.adorsys.keycloak.config.exception.ImportProcessingException; import de.adorsys.keycloak.config.exception.KeycloakRepositoryException; import de.adorsys.keycloak.config.util.ResponseUtil; +import jakarta.ws.rs.WebApplicationException; +import jakarta.ws.rs.core.Response; import org.keycloak.admin.client.CreatedResponseUtil; import org.keycloak.admin.client.resource.ComponentsResource; import org.keycloak.admin.client.resource.RealmResource; @@ -34,8 +36,6 @@ import java.util.List; import java.util.Objects; import java.util.Optional; -import javax.ws.rs.WebApplicationException; -import javax.ws.rs.core.Response; @Service public class ComponentRepository { diff --git a/src/main/java/de/adorsys/keycloak/config/repository/ExecutionFlowRepository.java b/src/main/java/de/adorsys/keycloak/config/repository/ExecutionFlowRepository.java index ad429c4e7..0b9a50dcf 100644 --- a/src/main/java/de/adorsys/keycloak/config/repository/ExecutionFlowRepository.java +++ b/src/main/java/de/adorsys/keycloak/config/repository/ExecutionFlowRepository.java @@ -22,6 +22,8 @@ import de.adorsys.keycloak.config.exception.ImportProcessingException; import de.adorsys.keycloak.config.exception.KeycloakRepositoryException; +import jakarta.ws.rs.WebApplicationException; +import jakarta.ws.rs.core.Response; import org.keycloak.admin.client.CreatedResponseUtil; import org.keycloak.admin.client.resource.AuthenticationManagementResource; import org.keycloak.representations.idm.AuthenticationExecutionExportRepresentation; @@ -37,8 +39,6 @@ import java.util.Map; import java.util.Objects; import java.util.stream.Collectors; -import javax.ws.rs.WebApplicationException; -import javax.ws.rs.core.Response; @Service public class ExecutionFlowRepository { diff --git a/src/main/java/de/adorsys/keycloak/config/repository/GroupRepository.java b/src/main/java/de/adorsys/keycloak/config/repository/GroupRepository.java index 88628176f..8feceb10f 100644 --- a/src/main/java/de/adorsys/keycloak/config/repository/GroupRepository.java +++ b/src/main/java/de/adorsys/keycloak/config/repository/GroupRepository.java @@ -21,6 +21,7 @@ package de.adorsys.keycloak.config.repository; import de.adorsys.keycloak.config.exception.ImportProcessingException; +import jakarta.ws.rs.core.Response; import org.keycloak.admin.client.CreatedResponseUtil; import org.keycloak.admin.client.resource.GroupResource; import org.keycloak.admin.client.resource.GroupsResource; @@ -39,7 +40,6 @@ import java.util.Objects; import java.util.Optional; import java.util.stream.Collectors; -import javax.ws.rs.core.Response; @Service public class GroupRepository { diff --git a/src/main/java/de/adorsys/keycloak/config/repository/IdentityProviderMapperRepository.java b/src/main/java/de/adorsys/keycloak/config/repository/IdentityProviderMapperRepository.java index ac71c2b65..e1b3a88a7 100644 --- a/src/main/java/de/adorsys/keycloak/config/repository/IdentityProviderMapperRepository.java +++ b/src/main/java/de/adorsys/keycloak/config/repository/IdentityProviderMapperRepository.java @@ -20,6 +20,7 @@ package de.adorsys.keycloak.config.repository; +import jakarta.ws.rs.core.Response; import org.keycloak.admin.client.CreatedResponseUtil; import org.keycloak.admin.client.resource.IdentityProviderResource; import org.keycloak.admin.client.resource.IdentityProvidersResource; @@ -32,7 +33,6 @@ import java.util.List; import java.util.Objects; import java.util.Optional; -import javax.ws.rs.core.Response; @Service public class IdentityProviderMapperRepository { diff --git a/src/main/java/de/adorsys/keycloak/config/repository/IdentityProviderRepository.java b/src/main/java/de/adorsys/keycloak/config/repository/IdentityProviderRepository.java index aa7301c3e..f9400bb55 100644 --- a/src/main/java/de/adorsys/keycloak/config/repository/IdentityProviderRepository.java +++ b/src/main/java/de/adorsys/keycloak/config/repository/IdentityProviderRepository.java @@ -22,6 +22,8 @@ import de.adorsys.keycloak.config.provider.KeycloakProvider; import de.adorsys.keycloak.config.resource.ManagementPermissions; +import jakarta.ws.rs.NotFoundException; +import jakarta.ws.rs.core.Response; import org.keycloak.admin.client.CreatedResponseUtil; import org.keycloak.admin.client.resource.IdentityProviderResource; import org.keycloak.admin.client.resource.IdentityProvidersResource; @@ -32,8 +34,6 @@ import java.util.List; import java.util.Optional; -import javax.ws.rs.NotFoundException; -import javax.ws.rs.core.Response; @Service public class IdentityProviderRepository { diff --git a/src/main/java/de/adorsys/keycloak/config/repository/RealmRepository.java b/src/main/java/de/adorsys/keycloak/config/repository/RealmRepository.java index c71a6483a..5ac05dab7 100644 --- a/src/main/java/de/adorsys/keycloak/config/repository/RealmRepository.java +++ b/src/main/java/de/adorsys/keycloak/config/repository/RealmRepository.java @@ -23,6 +23,7 @@ import de.adorsys.keycloak.config.exception.KeycloakRepositoryException; import de.adorsys.keycloak.config.provider.KeycloakProvider; import de.adorsys.keycloak.config.util.ResponseUtil; +import jakarta.ws.rs.WebApplicationException; import org.keycloak.admin.client.Keycloak; import org.keycloak.admin.client.resource.RealmResource; import org.keycloak.admin.client.resource.RealmsResource; @@ -30,8 +31,6 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; -import javax.ws.rs.WebApplicationException; - @Service public class RealmRepository { private final KeycloakProvider keycloakProvider; @@ -44,7 +43,7 @@ public RealmRepository(KeycloakProvider keycloakProvider) { public boolean exists(String realmName) { try { get(realmName); - } catch (javax.ws.rs.NotFoundException e) { + } catch (jakarta.ws.rs.NotFoundException e) { return false; } diff --git a/src/main/java/de/adorsys/keycloak/config/repository/RequiredActionRepository.java b/src/main/java/de/adorsys/keycloak/config/repository/RequiredActionRepository.java index 4b55fb683..187b7bfa4 100644 --- a/src/main/java/de/adorsys/keycloak/config/repository/RequiredActionRepository.java +++ b/src/main/java/de/adorsys/keycloak/config/repository/RequiredActionRepository.java @@ -63,7 +63,7 @@ public RequiredActionProviderRepresentation getByAlias(String realmName, String try { AuthenticationManagementResource flows = authenticationFlowRepository.getFlowResources(realmName); return flows.getRequiredAction(requiredActionAlias); - } catch (javax.ws.rs.NotFoundException e) { + } catch (jakarta.ws.rs.NotFoundException e) { return null; } } diff --git a/src/main/java/de/adorsys/keycloak/config/repository/RoleRepository.java b/src/main/java/de/adorsys/keycloak/config/repository/RoleRepository.java index 94833431c..ee9bc281d 100644 --- a/src/main/java/de/adorsys/keycloak/config/repository/RoleRepository.java +++ b/src/main/java/de/adorsys/keycloak/config/repository/RoleRepository.java @@ -60,7 +60,7 @@ public Optional searchRealmRole(String realmName, String nam try { maybeRole = Optional.of(roleResource.toRepresentation()); - } catch (javax.ws.rs.NotFoundException e) { + } catch (jakarta.ws.rs.NotFoundException e) { maybeRole = Optional.empty(); } @@ -136,7 +136,7 @@ public List getClientRolesByName(String realmName, String cl for (String roleName : roleNames) { try { roles.add(clientResource.roles().get(roleName).toRepresentation()); - } catch (javax.ws.rs.NotFoundException e) { + } catch (jakarta.ws.rs.NotFoundException e) { throw new KeycloakRepositoryException( "Cannot find client role '%s' for client '%s' within realm '%s'", roleName, clientId, realmName @@ -179,7 +179,7 @@ public List searchRealmRoles(String realmName, List RoleRepresentation role = realmResource.roles().get(roleName).toRepresentation(); roles.add(role); - } catch (javax.ws.rs.NotFoundException e) { + } catch (jakarta.ws.rs.NotFoundException e) { throw new ImportProcessingException( String.format("Could not find role '%s' in realm '%s'!", roleName, realmName) ); diff --git a/src/main/java/de/adorsys/keycloak/config/repository/UserProfileRepository.java b/src/main/java/de/adorsys/keycloak/config/repository/UserProfileRepository.java index b15113b69..2177c8239 100644 --- a/src/main/java/de/adorsys/keycloak/config/repository/UserProfileRepository.java +++ b/src/main/java/de/adorsys/keycloak/config/repository/UserProfileRepository.java @@ -22,6 +22,7 @@ import de.adorsys.keycloak.config.exception.KeycloakRepositoryException; import de.adorsys.keycloak.config.util.JsonUtil; +import jakarta.ws.rs.core.Response; import org.keycloak.admin.client.resource.UserProfileResource; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -30,7 +31,6 @@ import org.springframework.util.StringUtils; import java.util.Optional; -import javax.ws.rs.core.Response; @Component public class UserProfileRepository { diff --git a/src/main/java/de/adorsys/keycloak/config/repository/UserRepository.java b/src/main/java/de/adorsys/keycloak/config/repository/UserRepository.java index e778751a2..475ee4568 100644 --- a/src/main/java/de/adorsys/keycloak/config/repository/UserRepository.java +++ b/src/main/java/de/adorsys/keycloak/config/repository/UserRepository.java @@ -21,6 +21,7 @@ package de.adorsys.keycloak.config.repository; import de.adorsys.keycloak.config.exception.KeycloakRepositoryException; +import jakarta.ws.rs.core.Response; import org.keycloak.admin.client.CreatedResponseUtil; import org.keycloak.admin.client.resource.RealmResource; import org.keycloak.admin.client.resource.UserResource; @@ -32,7 +33,6 @@ import java.util.List; import java.util.Optional; -import javax.ws.rs.core.Response; @Service public class UserRepository { diff --git a/src/main/java/de/adorsys/keycloak/config/resource/ManagementPermissions.java b/src/main/java/de/adorsys/keycloak/config/resource/ManagementPermissions.java index bb46b28fc..6ccf2bc7c 100644 --- a/src/main/java/de/adorsys/keycloak/config/resource/ManagementPermissions.java +++ b/src/main/java/de/adorsys/keycloak/config/resource/ManagementPermissions.java @@ -20,11 +20,10 @@ package de.adorsys.keycloak.config.resource; +import jakarta.ws.rs.*; import org.keycloak.representations.idm.ManagementPermissionReference; import org.keycloak.representations.idm.ManagementPermissionRepresentation; -import javax.ws.rs.*; - /** * Routes which are somehow missing from the official Keycloak client library *

diff --git a/src/main/java/de/adorsys/keycloak/config/service/ClientAuthorizationImportService.java b/src/main/java/de/adorsys/keycloak/config/service/ClientAuthorizationImportService.java index 1663b2b7d..5e1ee3cae 100644 --- a/src/main/java/de/adorsys/keycloak/config/service/ClientAuthorizationImportService.java +++ b/src/main/java/de/adorsys/keycloak/config/service/ClientAuthorizationImportService.java @@ -32,6 +32,7 @@ import de.adorsys.keycloak.config.util.CloneUtil; import de.adorsys.keycloak.config.util.JsonUtil; import de.adorsys.keycloak.config.util.KeycloakUtil; +import jakarta.ws.rs.NotFoundException; import org.keycloak.representations.idm.ClientRepresentation; import org.keycloak.representations.idm.authorization.PolicyRepresentation; import org.keycloak.representations.idm.authorization.ResourceRepresentation; @@ -47,7 +48,6 @@ import java.util.Map; import java.util.Objects; import java.util.stream.Collectors; -import javax.ws.rs.NotFoundException; import static de.adorsys.keycloak.config.properties.ImportConfigProperties.ImportManagedProperties.ImportManagedPropertiesValues.FULL; import static java.lang.Boolean.TRUE; diff --git a/src/main/java/de/adorsys/keycloak/config/service/ClientImportService.java b/src/main/java/de/adorsys/keycloak/config/service/ClientImportService.java index ea0c64b53..44a3c02d8 100644 --- a/src/main/java/de/adorsys/keycloak/config/service/ClientImportService.java +++ b/src/main/java/de/adorsys/keycloak/config/service/ClientImportService.java @@ -28,6 +28,7 @@ import de.adorsys.keycloak.config.repository.ClientScopeRepository; import de.adorsys.keycloak.config.service.state.StateService; import de.adorsys.keycloak.config.util.*; +import jakarta.ws.rs.WebApplicationException; import org.apache.commons.lang3.ArrayUtils; import org.keycloak.common.util.CollectionUtil; import org.keycloak.representations.idm.ClientRepresentation; @@ -40,7 +41,6 @@ import java.util.*; import java.util.function.Consumer; import java.util.stream.Collectors; -import javax.ws.rs.WebApplicationException; import static de.adorsys.keycloak.config.properties.ImportConfigProperties.ImportManagedProperties.ImportManagedPropertiesValues.FULL; import static java.lang.Boolean.TRUE; diff --git a/src/main/java/de/adorsys/keycloak/config/service/DefaultGroupsImportService.java b/src/main/java/de/adorsys/keycloak/config/service/DefaultGroupsImportService.java index 8f7f0823b..666e01b9b 100644 --- a/src/main/java/de/adorsys/keycloak/config/service/DefaultGroupsImportService.java +++ b/src/main/java/de/adorsys/keycloak/config/service/DefaultGroupsImportService.java @@ -67,7 +67,7 @@ public void doImport(RealmImport realmImport) { try { String newDefaultGroupId = groupRepository.getGroupByPath(realmName, newDefaultGroup).getId(); realmResource.addDefaultGroup(newDefaultGroupId); - } catch (javax.ws.rs.NotFoundException ignored) { + } catch (jakarta.ws.rs.NotFoundException ignored) { throw new InvalidImportException(String.format("Unable to add default group '%s'. Does group exists?", newDefaultGroup)); } } diff --git a/src/main/java/de/adorsys/keycloak/config/service/ExecutionFlowsImportService.java b/src/main/java/de/adorsys/keycloak/config/service/ExecutionFlowsImportService.java index ae885891f..6984441a3 100644 --- a/src/main/java/de/adorsys/keycloak/config/service/ExecutionFlowsImportService.java +++ b/src/main/java/de/adorsys/keycloak/config/service/ExecutionFlowsImportService.java @@ -27,6 +27,7 @@ import de.adorsys.keycloak.config.repository.ExecutionFlowRepository; import de.adorsys.keycloak.config.util.AuthenticationFlowUtil; import de.adorsys.keycloak.config.util.ResponseUtil; +import jakarta.ws.rs.WebApplicationException; import org.keycloak.representations.idm.*; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -38,7 +39,6 @@ import java.util.Objects; import java.util.Optional; import java.util.stream.Collectors; -import javax.ws.rs.WebApplicationException; /** * Imports executions and execution-flows of existing top-level flows diff --git a/src/main/java/de/adorsys/keycloak/config/service/clientauthorization/ClientPermissionResolver.java b/src/main/java/de/adorsys/keycloak/config/service/clientauthorization/ClientPermissionResolver.java index dbb9f2097..3016cfd03 100644 --- a/src/main/java/de/adorsys/keycloak/config/service/clientauthorization/ClientPermissionResolver.java +++ b/src/main/java/de/adorsys/keycloak/config/service/clientauthorization/ClientPermissionResolver.java @@ -23,11 +23,10 @@ import de.adorsys.keycloak.config.exception.ImportProcessingException; import de.adorsys.keycloak.config.exception.KeycloakRepositoryException; import de.adorsys.keycloak.config.repository.ClientRepository; +import jakarta.ws.rs.NotFoundException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import javax.ws.rs.NotFoundException; - public class ClientPermissionResolver implements PermissionResolver { private static final Logger logger = LoggerFactory.getLogger(ClientPermissionResolver.class); diff --git a/src/main/java/de/adorsys/keycloak/config/service/clientauthorization/GroupPermissionResolver.java b/src/main/java/de/adorsys/keycloak/config/service/clientauthorization/GroupPermissionResolver.java index 59a0e7231..fcb9d1cc3 100644 --- a/src/main/java/de/adorsys/keycloak/config/service/clientauthorization/GroupPermissionResolver.java +++ b/src/main/java/de/adorsys/keycloak/config/service/clientauthorization/GroupPermissionResolver.java @@ -23,11 +23,10 @@ import de.adorsys.keycloak.config.exception.ImportProcessingException; import de.adorsys.keycloak.config.exception.KeycloakRepositoryException; import de.adorsys.keycloak.config.repository.GroupRepository; +import jakarta.ws.rs.NotFoundException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import javax.ws.rs.NotFoundException; - public class GroupPermissionResolver implements PermissionResolver { private static final Logger logger = LoggerFactory.getLogger(GroupPermissionResolver.class); diff --git a/src/main/java/de/adorsys/keycloak/config/service/clientauthorization/RolePermissionResolver.java b/src/main/java/de/adorsys/keycloak/config/service/clientauthorization/RolePermissionResolver.java index ec7bef3d5..ac017c387 100644 --- a/src/main/java/de/adorsys/keycloak/config/service/clientauthorization/RolePermissionResolver.java +++ b/src/main/java/de/adorsys/keycloak/config/service/clientauthorization/RolePermissionResolver.java @@ -23,11 +23,10 @@ import de.adorsys.keycloak.config.exception.ImportProcessingException; import de.adorsys.keycloak.config.exception.KeycloakRepositoryException; import de.adorsys.keycloak.config.repository.RoleRepository; +import jakarta.ws.rs.NotFoundException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import javax.ws.rs.NotFoundException; - public class RolePermissionResolver implements PermissionResolver { private static final Logger logger = LoggerFactory.getLogger(RolePermissionResolver.class); diff --git a/src/main/java/de/adorsys/keycloak/config/util/ResponseUtil.java b/src/main/java/de/adorsys/keycloak/config/util/ResponseUtil.java index df34bda18..328088368 100644 --- a/src/main/java/de/adorsys/keycloak/config/util/ResponseUtil.java +++ b/src/main/java/de/adorsys/keycloak/config/util/ResponseUtil.java @@ -20,9 +20,7 @@ package de.adorsys.keycloak.config.util; -import org.jboss.resteasy.client.jaxrs.internal.ClientResponse; - -import javax.ws.rs.WebApplicationException; +import jakarta.ws.rs.WebApplicationException; public class ResponseUtil { ResponseUtil() { @@ -30,7 +28,12 @@ public class ResponseUtil { } public static String getErrorMessage(WebApplicationException error) { - String errorBody = !((ClientResponse) error.getResponse()).isClosed() ? error.getResponse().readEntity(String.class).trim() : ""; + String errorBody; + try { + errorBody = error.getResponse().readEntity(String.class).trim(); + } catch (Exception ignore) { + errorBody = ""; + } return error.getMessage() + errorBody; } } diff --git a/src/main/java/de/adorsys/keycloak/config/util/ResteasyUtil.java b/src/main/java/de/adorsys/keycloak/config/util/ResteasyUtil.java index 79b584628..93e64a91a 100644 --- a/src/main/java/de/adorsys/keycloak/config/util/ResteasyUtil.java +++ b/src/main/java/de/adorsys/keycloak/config/util/ResteasyUtil.java @@ -61,7 +61,7 @@ public static ResteasyClient getClient(boolean sslVerification, URL httpProxy, D ); } - clientBuilder.register(new CookieClientFilter()); + clientBuilder.register(CookieClientFilter.class); return clientBuilder.build(); } diff --git a/src/main/java/de/adorsys/keycloak/config/util/resteasy/CookieClientFilter.java b/src/main/java/de/adorsys/keycloak/config/util/resteasy/CookieClientFilter.java index 4608b6aef..9c05cd2ee 100644 --- a/src/main/java/de/adorsys/keycloak/config/util/resteasy/CookieClientFilter.java +++ b/src/main/java/de/adorsys/keycloak/config/util/resteasy/CookieClientFilter.java @@ -20,30 +20,37 @@ package de.adorsys.keycloak.config.util.resteasy; +import jakarta.ws.rs.client.ClientRequestContext; +import jakarta.ws.rs.client.ClientRequestFilter; +import jakarta.ws.rs.client.ClientResponseContext; +import jakarta.ws.rs.client.ClientResponseFilter; + import java.util.ArrayList; import java.util.HashMap; import java.util.Map; -import javax.ws.rs.client.ClientRequestContext; -import javax.ws.rs.client.ClientRequestFilter; -import javax.ws.rs.client.ClientResponseContext; -import javax.ws.rs.client.ClientResponseFilter; // By default, the RESTeasy cookie handling is very limited. There is no access to the underlying httpEngine. // The underlying httpEngine uses an old CookieSpec by default which is going to refuse valid cookie today. // Instead, build the httpEngine from scratch, we are using a RESTeasy filter to grab a re-attach cookie. // Currently, this filter does not valide cookie or is able to remove cookies. // A cookie managed is required to handle sticky sessions at cookie base + public class CookieClientFilter implements ClientRequestFilter, ClientResponseFilter { - private final Map cookies = new HashMap<>(); + + /** + * Hold the additional cookies across multiple interactions in the same thread. + */ + private final ThreadLocal> cookies = ThreadLocal.withInitial(HashMap::new); @Override public void filter(ClientRequestContext clientRequestContext) { - clientRequestContext.getHeaders().put("Cookie", new ArrayList<>(cookies.values())); + clientRequestContext.getHeaders().put("Cookie", new ArrayList<>(cookies.get().values())); } @Override public void filter(ClientRequestContext requestContext, ClientResponseContext responseContext) { - responseContext.getCookies().forEach((name, cookie) -> cookies.put(name, String.format("%s=%s", + cookies.remove(); + responseContext.getCookies().forEach((name, cookie) -> cookies.get().put(name, String.format("%s=%s", cookie.toCookie().getName(), cookie.toCookie().getValue() ))); diff --git a/src/test/java/de/adorsys/keycloak/config/mock/CookieMockIT.java b/src/test/java/de/adorsys/keycloak/config/mock/CookieMockIT.java index 51bd416f9..ecb602521 100644 --- a/src/test/java/de/adorsys/keycloak/config/mock/CookieMockIT.java +++ b/src/test/java/de/adorsys/keycloak/config/mock/CookieMockIT.java @@ -57,6 +57,7 @@ class CookieMockIT extends AbstractImportTest { @Test void run() throws Exception { mockServerClient.when(request().withPath("/realms/master/protocol/openid-connect/token")).respond(KeycloakMock::grantToken); + mockServerClient.when(request().withPath("/admin/realms")).respond(KeycloakMock::realm); mockServerClient.when(request().withPath("/admin/realms/simple")).respond(KeycloakMock::realm); mockServerClient.when(request().withPath("/admin/realms/simple/default-default-client-scopes")).respond(KeycloakMock::emptyList); mockServerClient.when(request().withPath("/admin/realms/simple/default-optional-client-scopes")).respond(KeycloakMock::emptyList); diff --git a/src/test/java/de/adorsys/keycloak/config/provider/KeycloakProviderIT.java b/src/test/java/de/adorsys/keycloak/config/provider/KeycloakProviderIT.java index 35b93c88b..f7dd3104a 100644 --- a/src/test/java/de/adorsys/keycloak/config/provider/KeycloakProviderIT.java +++ b/src/test/java/de/adorsys/keycloak/config/provider/KeycloakProviderIT.java @@ -23,6 +23,8 @@ import de.adorsys.keycloak.config.AbstractImportIT; import de.adorsys.keycloak.config.exception.KeycloakProviderException; import de.adorsys.keycloak.config.resource.ManagementPermissions; +import jakarta.ws.rs.NotFoundException; +import jakarta.ws.rs.ProcessingException; import org.apache.http.conn.ConnectTimeoutException; import org.junit.jupiter.api.Nested; import org.junit.jupiter.api.Test; @@ -33,8 +35,6 @@ import java.net.SocketTimeoutException; import java.net.URISyntaxException; -import javax.ws.rs.NotFoundException; -import javax.ws.rs.ProcessingException; import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.matchesPattern; diff --git a/src/test/java/de/adorsys/keycloak/config/service/ImportUsersIT.java b/src/test/java/de/adorsys/keycloak/config/service/ImportUsersIT.java index 965d7cd2d..12c56afde 100644 --- a/src/test/java/de/adorsys/keycloak/config/service/ImportUsersIT.java +++ b/src/test/java/de/adorsys/keycloak/config/service/ImportUsersIT.java @@ -146,7 +146,7 @@ void shouldUpdateRealmWithChangedClientUserPassword() throws IOException { assertThat(user.getLastName(), is("My clientuser's lastname")); // check if login with old password fails - assertThrows(javax.ws.rs.NotAuthorizedException.class, () -> + assertThrows(jakarta.ws.rs.NotAuthorizedException.class, () -> keycloakAuthentication.login( REALM_NAME, "moped-client", @@ -204,7 +204,7 @@ void shouldUpdateRealmWithChangedClientUserPassword() throws IOException { // check if login with new password fails - assertThrows(javax.ws.rs.NotAuthorizedException.class, () -> + assertThrows(jakarta.ws.rs.NotAuthorizedException.class, () -> keycloakAuthentication.login( REALM_NAME, "moped-client", diff --git a/src/test/resources/import-files/exported-realm/22.0.0/master-realm.json b/src/test/resources/import-files/exported-realm/22.0.0/master-realm.json new file mode 100644 index 000000000..d04669c6e --- /dev/null +++ b/src/test/resources/import-files/exported-realm/22.0.0/master-realm.json @@ -0,0 +1,2119 @@ +{ + "id": "fe9a0727-caf1-4af3-aece-91b2eb364086", + "realm": "master", + "displayName": "Keycloak", + "displayNameHtml": "

Keycloak
", + "notBefore": 0, + "defaultSignatureAlgorithm": "RS256", + "revokeRefreshToken": false, + "refreshTokenMaxReuse": 0, + "accessTokenLifespan": 60, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "oauth2DeviceCodeLifespan": 600, + "oauth2DevicePollingInterval": 5, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": true, + "duplicateEmailsAllowed": false, + "resetPasswordAllowed": false, + "editUsernameAllowed": false, + "bruteForceProtected": false, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 30, + "roles": { + "realm": [ + { + "id": "bd0772c1-9825-46e8-8231-a3e6cd3d0b63", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "fe9a0727-caf1-4af3-aece-91b2eb364086", + "attributes": {} + }, + { + "id": "ed607ffe-e565-43fb-837c-e33ee65be027", + "name": "default-roles-master", + "description": "${role_default-roles}", + "composite": true, + "composites": { + "realm": [ + "offline_access", + "uma_authorization" + ], + "client": { + "account": [ + "view-profile", + "manage-account" + ] + } + }, + "clientRole": false, + "containerId": "fe9a0727-caf1-4af3-aece-91b2eb364086", + "attributes": {} + }, + { + "id": "17a68ca9-608e-41c4-907c-5c4c3c8f33c3", + "name": "admin", + "description": "${role_admin}", + "composite": true, + "composites": { + "realm": [ + "create-realm" + ], + "client": { + "master-realm": [ + "view-identity-providers", + "query-groups", + "manage-users", + "query-realms", + "create-client", + "query-clients", + "manage-clients", + "manage-events", + "manage-identity-providers", + "view-authorization", + "view-realm", + "manage-realm", + "view-events", + "view-clients", + "impersonation", + "query-users", + "view-users", + "manage-authorization" + ] + } + }, + "clientRole": false, + "containerId": "fe9a0727-caf1-4af3-aece-91b2eb364086", + "attributes": {} + }, + { + "id": "a763fb72-a223-49f9-9a27-9ae10809061b", + "name": "create-realm", + "description": "${role_create-realm}", + "composite": false, + "clientRole": false, + "containerId": "fe9a0727-caf1-4af3-aece-91b2eb364086", + "attributes": {} + }, + { + "id": "072e611a-ca30-4167-b437-59e67f2afe66", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "fe9a0727-caf1-4af3-aece-91b2eb364086", + "attributes": {} + } + ], + "client": { + "security-admin-console": [], + "admin-cli": [], + "account-console": [], + "broker": [ + { + "id": "9d03534e-189b-4ed5-a3e9-57d0f073b3b3", + "name": "read-token", + "description": "${role_read-token}", + "composite": false, + "clientRole": true, + "containerId": "8e5be45a-ada4-4a2d-b8d7-6d94262887ac", + "attributes": {} + } + ], + "master-realm": [ + { + "id": "4792a12c-f60f-401a-ad22-c17f6c763450", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "d250fcd0-836d-4728-a6a2-b4b3ceeb5119", + "attributes": {} + }, + { + "id": "1e5cc32d-a88f-485e-abde-622270a7a015", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "d250fcd0-836d-4728-a6a2-b4b3ceeb5119", + "attributes": {} + }, + { + "id": "25d84017-4d65-4614-b098-45de06c7ca0b", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "d250fcd0-836d-4728-a6a2-b4b3ceeb5119", + "attributes": {} + }, + { + "id": "fa717653-bd68-4db8-810d-a63fb4d94352", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "d250fcd0-836d-4728-a6a2-b4b3ceeb5119", + "attributes": {} + }, + { + "id": "4c059307-338f-41d0-b788-95b69881fbf9", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "d250fcd0-836d-4728-a6a2-b4b3ceeb5119", + "attributes": {} + }, + { + "id": "8dc1fac0-7bcf-44af-a15d-19ac12e47041", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "d250fcd0-836d-4728-a6a2-b4b3ceeb5119", + "attributes": {} + }, + { + "id": "9672e8df-f0d6-4981-9920-ec971c9a8399", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "d250fcd0-836d-4728-a6a2-b4b3ceeb5119", + "attributes": {} + }, + { + "id": "0248977f-bdf5-4ebc-87ab-54cf75c1a2fb", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "d250fcd0-836d-4728-a6a2-b4b3ceeb5119", + "attributes": {} + }, + { + "id": "e0172ce4-73e3-479b-b2b3-0cefaa3d66b4", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "d250fcd0-836d-4728-a6a2-b4b3ceeb5119", + "attributes": {} + }, + { + "id": "511fbc76-68a1-4f82-b381-7f6b406805fc", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "d250fcd0-836d-4728-a6a2-b4b3ceeb5119", + "attributes": {} + }, + { + "id": "de9357d7-1205-43de-8e2a-331ad37ff51a", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "d250fcd0-836d-4728-a6a2-b4b3ceeb5119", + "attributes": {} + }, + { + "id": "6471ec78-176b-4497-af94-fc2574384b28", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "d250fcd0-836d-4728-a6a2-b4b3ceeb5119", + "attributes": {} + }, + { + "id": "ecc6253c-10d3-411b-a0ec-c6bf871cb810", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "master-realm": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "d250fcd0-836d-4728-a6a2-b4b3ceeb5119", + "attributes": {} + }, + { + "id": "5ea5c1f1-f5a7-46fe-ab8e-b60b438fea15", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "d250fcd0-836d-4728-a6a2-b4b3ceeb5119", + "attributes": {} + }, + { + "id": "550f75d3-da43-4480-99d9-a5bd90c84c2a", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "d250fcd0-836d-4728-a6a2-b4b3ceeb5119", + "attributes": {} + }, + { + "id": "901ccbf5-1ac2-4832-968e-81fed9f94e88", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "d250fcd0-836d-4728-a6a2-b4b3ceeb5119", + "attributes": {} + }, + { + "id": "ddc465c5-4b61-408e-8af2-ee9d5c0d7405", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "master-realm": [ + "query-groups", + "query-users" + ] + } + }, + "clientRole": true, + "containerId": "d250fcd0-836d-4728-a6a2-b4b3ceeb5119", + "attributes": {} + }, + { + "id": "0f9d32db-083e-4a32-a9ff-7874a7bb0314", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "d250fcd0-836d-4728-a6a2-b4b3ceeb5119", + "attributes": {} + } + ], + "account": [ + { + "id": "a45149f8-f149-45ae-b4dd-3209b3f37fb1", + "name": "view-profile", + "description": "${role_view-profile}", + "composite": false, + "clientRole": true, + "containerId": "d6833f20-c14e-4362-8b8d-b3b829207aa0", + "attributes": {} + }, + { + "id": "57fe9b1d-8030-48b7-9b69-f4dd4a664efa", + "name": "manage-account", + "description": "${role_manage-account}", + "composite": true, + "composites": { + "client": { + "account": [ + "manage-account-links" + ] + } + }, + "clientRole": true, + "containerId": "d6833f20-c14e-4362-8b8d-b3b829207aa0", + "attributes": {} + }, + { + "id": "11d2ecd4-6b1f-4cab-98d6-fce5144b2cc1", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "composite": false, + "clientRole": true, + "containerId": "d6833f20-c14e-4362-8b8d-b3b829207aa0", + "attributes": {} + }, + { + "id": "67c65707-610f-42c4-840f-f57385b41e63", + "name": "view-applications", + "description": "${role_view-applications}", + "composite": false, + "clientRole": true, + "containerId": "d6833f20-c14e-4362-8b8d-b3b829207aa0", + "attributes": {} + }, + { + "id": "ed33a575-2970-49cb-b09c-b1c2d5b5dacd", + "name": "delete-account", + "description": "${role_delete-account}", + "composite": false, + "clientRole": true, + "containerId": "d6833f20-c14e-4362-8b8d-b3b829207aa0", + "attributes": {} + }, + { + "id": "8912e6c5-fbda-494d-84f1-52ae2251dfbb", + "name": "manage-consent", + "description": "${role_manage-consent}", + "composite": true, + "composites": { + "client": { + "account": [ + "view-consent" + ] + } + }, + "clientRole": true, + "containerId": "d6833f20-c14e-4362-8b8d-b3b829207aa0", + "attributes": {} + }, + { + "id": "2e5ee1af-16ff-4b7d-8396-5d8beb6389a6", + "name": "view-consent", + "description": "${role_view-consent}", + "composite": false, + "clientRole": true, + "containerId": "d6833f20-c14e-4362-8b8d-b3b829207aa0", + "attributes": {} + }, + { + "id": "86cba986-0779-4ebd-8e94-530f78f9a0ba", + "name": "view-groups", + "description": "${role_view-groups}", + "composite": false, + "clientRole": true, + "containerId": "d6833f20-c14e-4362-8b8d-b3b829207aa0", + "attributes": {} + } + ] + } + }, + "groups": [], + "defaultRole": { + "id": "ed607ffe-e565-43fb-837c-e33ee65be027", + "name": "default-roles-master", + "description": "${role_default-roles}", + "composite": true, + "clientRole": false, + "containerId": "fe9a0727-caf1-4af3-aece-91b2eb364086" + }, + "requiredCredentials": [ + "password" + ], + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpPolicyCodeReusable": false, + "otpSupportedApplications": [ + "totpAppMicrosoftAuthenticatorName", + "totpAppFreeOTPName", + "totpAppGoogleName" + ], + "webAuthnPolicyRpEntityName": "keycloak", + "webAuthnPolicySignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyRpId": "", + "webAuthnPolicyAttestationConveyancePreference": "not specified", + "webAuthnPolicyAuthenticatorAttachment": "not specified", + "webAuthnPolicyRequireResidentKey": "not specified", + "webAuthnPolicyUserVerificationRequirement": "not specified", + "webAuthnPolicyCreateTimeout": 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyPasswordlessRpEntityName": "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyPasswordlessRpId": "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", + "webAuthnPolicyPasswordlessCreateTimeout": 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": [ + "offline_access" + ] + } + ], + "clientScopeMappings": { + "account": [ + { + "client": "account-console", + "roles": [ + "manage-account", + "view-groups" + ] + } + ] + }, + "clients": [ + { + "id": "d6833f20-c14e-4362-8b8d-b3b829207aa0", + "clientId": "account", + "name": "${client_account}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/master/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/master/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "post.logout.redirect.uris": "+" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "acr", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "900a454e-0032-4ad5-8db2-7b3219233af2", + "clientId": "account-console", + "name": "${client_account-console}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/master/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/master/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "post.logout.redirect.uris": "+", + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "b51376a8-8836-4321-a291-4880c8984f5c", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ], + "defaultClientScopes": [ + "web-origins", + "acr", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "a4638d7b-7706-402f-8f5d-114ec75adc85", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "acr", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "8e5be45a-ada4-4a2d-b8d7-6d94262887ac", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "acr", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "d250fcd0-836d-4728-a6a2-b4b3ceeb5119", + "clientId": "master-realm", + "name": "master Realm", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "acr", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "bcdb733a-370f-42f7-8a3a-ac77b45b203a", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "rootUrl": "${authAdminUrl}", + "baseUrl": "/admin/master/console/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/admin/master/console/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "post.logout.redirect.uris": "+", + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "bfa0a1cf-f8a6-44e1-bcc0-665c1106a8b4", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "acr", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + } + ], + "clientScopes": [ + { + "id": "8453019a-1a01-4b48-9f4a-c5dc32012d31", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "949965b3-c574-4f28-8255-6bf051f59b74", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "25ee7ce3-82f3-4834-a38e-a5d6fedcebb1", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "2b3b996f-8ba3-4fd0-881e-1a1eac35ac20", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "6d41046c-6277-4552-b2c6-22e0c2b8adf8", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "b15a1332-63ff-4e61-a827-d3dcb46aa896", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + }, + { + "id": "2db39880-c9da-4af9-a7f3-110aba7cccc0", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + }, + { + "id": "c507a5d1-2d3b-4d7b-b23f-26b361c4b378", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "398333f4-f210-470e-bf79-0a4df409c3dc", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "7cb9021d-c0f8-4494-a14f-96c632ed1138", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "long" + } + }, + { + "id": "6faf3ea7-c50a-4233-84ed-903f2db1fc2e", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + }, + { + "id": "a520c15f-ff7a-463f-a27f-b6625c61a7c9", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "fb4c745f-8a6a-4105-8a1b-34f51b7666a4", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + }, + { + "id": "c42bbc1c-3337-40c8-9e64-7278fb62c140", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "78438c0c-5cc3-4a21-b2bd-01356bf1ad98", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "c027fd3e-020b-41ef-a2e0-c848842ec358", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "4c3418a5-86d5-4d8d-b0e2-81c7a54c03b6", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + }, + { + "id": "5ab0ec66-8717-4da1-bf40-db54e8613b6b", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } + } + ] + }, + { + "id": "9da19806-e2cb-4236-80ea-d70ff7bc1a4d", + "name": "acr", + "description": "OpenID Connect scope for add acr (authentication context class reference) to the token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "b0b72d46-e151-43f4-8265-dcf12453fdaa", + "name": "acr loa level", + "protocol": "openid-connect", + "protocolMapper": "oidc-acr-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true" + } + } + ] + }, + { + "id": "16f6ea41-4f52-42fc-a3c0-d86fcacdcb7f", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "42729627-9f2b-4cba-ae37-3bad213f5f08", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + }, + { + "id": "9ffa03ec-2d62-4b9d-9947-fca8703101a6", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "f9b91ed5-6088-4b4f-b165-024f6a439b20", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "167c82d4-6de3-4db6-bdc8-573daf5b5f60", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] + }, + { + "id": "0607392f-eb1a-4d7d-ae28-ededfe340deb", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" + } + }, + { + "id": "374a91a3-1015-4082-a8c1-a6243efac44a", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "910eab86-87b7-40df-8eda-549d9b5d50d5", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "e95883d7-83bb-4fc5-964e-1a0bcbab2e52", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "2d594c70-6291-49ff-a667-9d2a5f9b62f4", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + }, + { + "id": "bb527273-746a-446e-b04d-65af636f3d96", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "1c57cb88-2ef1-4969-9e88-87c40b2fb40f", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String", + "multivalued": "true" + } + } + ] + }, + { + "id": "853a0842-30c9-401d-bb72-0c8a9624dc27", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "c6d81bea-4af9-4249-bf3c-e2cd9d326794", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "b69fa6c6-b55a-4fed-93b7-a8183302ffbc", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "5e8f7a93-17b3-4aac-9461-6ad23c81ebdb", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "5d8343a8-7710-4e2c-abc6-75333e7395ab", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + } + ], + "defaultDefaultClientScopes": [ + "role_list", + "profile", + "email", + "roles", + "web-origins", + "acr" + ], + "defaultOptionalClientScopes": [ + "offline_access", + "address", + "phone", + "microprofile-jwt" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "referrerPolicy": "no-referrer", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "xXSSProtection": "1; mode=block", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": {}, + "eventsEnabled": false, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [], + "adminEventsEnabled": false, + "adminEventsDetailsEnabled": false, + "identityProviders": [], + "identityProviderMappers": [], + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "c724fa9f-5287-4499-959a-a70080d39b37", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "262de187-33e1-473c-b07b-15a90882786a", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "11213ff6-e25d-45b1-95f5-717b21fafe1c", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "9a1a0b47-b935-491b-ad48-72df6e5bbdcf", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "465a3dd4-dc15-4e6c-b8c7-4cf9c967eec6", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + }, + { + "id": "8af154da-58c9-4488-a345-a80c2d46758c", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "saml-user-property-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-address-mapper", + "oidc-sha256-pairwise-sub-mapper", + "saml-user-attribute-mapper", + "oidc-usermodel-property-mapper", + "saml-role-list-mapper", + "oidc-full-name-mapper" + ] + } + }, + { + "id": "1f489868-f889-4f81-9e2d-3f15c5917a35", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-address-mapper", + "saml-role-list-mapper", + "saml-user-attribute-mapper", + "oidc-sha256-pairwise-sub-mapper", + "saml-user-property-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-usermodel-property-mapper", + "oidc-full-name-mapper" + ] + } + }, + { + "id": "27a49c3d-5fce-44a9-be8e-831c935db6a1", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "fbedfedd-0ebd-45b1-8eef-810ed3761cb3", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "8a6ef2b0-7822-4f8f-9030-59b7494e8367", + "name": "rsa-enc-generated", + "providerId": "rsa-enc-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "RSA-OAEP" + ] + } + }, + { + "id": "db2dcf80-197d-4bef-9603-fea8150f608b", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "465fec9e-7954-42d2-916d-f4d3f2a9449e", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "HS256" + ] + } + } + ] + }, + "internationalizationEnabled": false, + "supportedLocales": [], + "authenticationFlows": [ + { + "id": "629e18e0-8e0b-4631-af01-6cfc15b4e342", + "alias": "Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false + } + ] + }, + { + "id": "496b2f7d-5200-4c41-8ff7-3e3656a4518b", + "alias": "Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "40b72649-ddaf-443a-8899-1f3efa62a67a", + "alias": "Direct Grant - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "direct-grant-validate-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "69f3ab77-202b-49db-a804-3c19bc1accf6", + "alias": "First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "fc236df6-241d-4b0b-a6ac-a0bdb38f32e2", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Account verification options", + "userSetupAllowed": false + } + ] + }, + { + "id": "c2b39bed-90d8-4f5b-b37e-41e1af3d176c", + "alias": "Reset - Conditional OTP", + "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "reset-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "5b339127-7e60-4bd8-96be-7b6a7b2f1a8f", + "alias": "User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false + } + ] + }, + { + "id": "9a74cbd3-ef46-43f6-927b-7d1f6724a73f", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "First broker login - Conditional OTP", + "userSetupAllowed": false + } + ] + }, + { + "id": "7ad022b3-5483-4739-8a29-56d57be407ab", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "autheticatorFlow": true, + "flowAlias": "forms", + "userSetupAllowed": false + } + ] + }, + { + "id": "6d729d8e-38d8-4364-bf36-93a6680641cd", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "client-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "client-secret-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 30, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "client-x509", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 40, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "8fbccafd-9d47-4fb0-a5bd-aef29e8cc086", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "direct-grant-validate-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 30, + "autheticatorFlow": true, + "flowAlias": "Direct Grant - Conditional OTP", + "userSetupAllowed": false + } + ] + }, + { + "id": "e7afa23d-ff3b-4301-98c6-b6740a31b4d2", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "45b237bc-8bd5-49b6-9d6c-6645e01d7ff4", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "User creation or linking", + "userSetupAllowed": false + } + ] + }, + { + "id": "02d87692-fd7b-4531-ab72-f8dae885598b", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Browser - Conditional OTP", + "userSetupAllowed": false + } + ] + }, + { + "id": "a74c53fc-6fc0-4d78-8d26-8c8764a5d181", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": true, + "flowAlias": "registration form", + "userSetupAllowed": false + } + ] + }, + { + "id": "e6e2920b-4a0f-4419-af9c-98b83d5268d0", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "registration-profile-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 40, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "registration-password-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 50, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "registration-recaptcha-action", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 60, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "registration-terms-and-conditions", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 70, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "e0201b96-dd16-4a6a-b014-4943178ed245", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "reset-credential-email", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "reset-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 30, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 40, + "autheticatorFlow": true, + "flowAlias": "Reset - Conditional OTP", + "userSetupAllowed": false + } + ] + }, + { + "id": "4d37a087-23e3-4920-aac2-4cc9f9787874", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "974fac30-fe4a-433d-92bd-d4962a7f9c6d", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "a5113aba-7be6-412e-9d08-33b7217b2686", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} + }, + { + "alias": "TERMS_AND_CONDITIONS", + "name": "Terms and Conditions", + "providerId": "TERMS_AND_CONDITIONS", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} + }, + { + "alias": "delete_account", + "name": "Delete Account", + "providerId": "delete_account", + "enabled": false, + "defaultAction": false, + "priority": 60, + "config": {} + }, + { + "alias": "webauthn-register", + "name": "Webauthn Register", + "providerId": "webauthn-register", + "enabled": true, + "defaultAction": false, + "priority": 70, + "config": {} + }, + { + "alias": "webauthn-register-passwordless", + "name": "Webauthn Register Passwordless", + "providerId": "webauthn-register-passwordless", + "enabled": true, + "defaultAction": false, + "priority": 80, + "config": {} + }, + { + "alias": "update_user_locale", + "name": "Update User Locale", + "providerId": "update_user_locale", + "enabled": true, + "defaultAction": false, + "priority": 1000, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "cibaBackchannelTokenDeliveryMode": "poll", + "cibaExpiresIn": "120", + "cibaAuthRequestedUserHint": "login_hint", + "parRequestUriLifespan": "60", + "cibaInterval": "5", + "realmReusableOtpCode": "false" + }, + "keycloakVersion": "22.0.0", + "userManagedAccessAllowed": false, + "clientProfiles": { + "profiles": [] + }, + "clientPolicies": { + "policies": [] + } +} \ No newline at end of file diff --git a/src/test/resources/import-files/roles/71.1_import_realm_with_nested_composites.json b/src/test/resources/import-files/roles/71.1_import_realm_with_nested_composites.json index 7fcb148e3..8d7365bad 100644 --- a/src/test/resources/import-files/roles/71.1_import_realm_with_nested_composites.json +++ b/src/test/resources/import-files/roles/71.1_import_realm_with_nested_composites.json @@ -1,6 +1,7 @@ { "enabled": true, "realm": "realmWithRoles71", + "internationalizationEnabled": true, "roles": { "realm": [ { diff --git a/src/test/resources/import-files/roles/71.2_import_realm_with_nested_composites.json b/src/test/resources/import-files/roles/71.2_import_realm_with_nested_composites.json index b09a4389e..0ac57ac21 100644 --- a/src/test/resources/import-files/roles/71.2_import_realm_with_nested_composites.json +++ b/src/test/resources/import-files/roles/71.2_import_realm_with_nested_composites.json @@ -1,6 +1,7 @@ { "enabled": true, "realm": "realmWithRoles71", + "internationalizationEnabled": true, "roles": { "realm": [ { diff --git a/src/test/resources/import-files/roles/71.3_import_realm_with_nested_composites.json b/src/test/resources/import-files/roles/71.3_import_realm_with_nested_composites.json index 4b5bcaa01..05e0a8632 100644 --- a/src/test/resources/import-files/roles/71.3_import_realm_with_nested_composites.json +++ b/src/test/resources/import-files/roles/71.3_import_realm_with_nested_composites.json @@ -1,6 +1,7 @@ { "enabled": true, "realm": "realmWithRoles71", + "internationalizationEnabled": true, "roles": { "realm": [ { diff --git a/src/test/resources/import-files/users/00_create_realm_with_user.json b/src/test/resources/import-files/users/00_create_realm_with_user.json index 6d40537b7..6a3562e2e 100644 --- a/src/test/resources/import-files/users/00_create_realm_with_user.json +++ b/src/test/resources/import-files/users/00_create_realm_with_user.json @@ -1,6 +1,7 @@ { "enabled": true, "realm": "realmWithUsers", + "internationalizationEnabled": true, "users": [ { "username": "myuser", diff --git a/src/test/resources/import-files/users/01_update_realm_add_clientuser.json b/src/test/resources/import-files/users/01_update_realm_add_clientuser.json index c79b269f1..28a2125de 100644 --- a/src/test/resources/import-files/users/01_update_realm_add_clientuser.json +++ b/src/test/resources/import-files/users/01_update_realm_add_clientuser.json @@ -1,6 +1,7 @@ { "enabled": true, "realm": "realmWithUsers", + "internationalizationEnabled": true, "users": [ { "username": "myuser", diff --git a/src/test/resources/import-files/users/02.1_update_realm_change_clientusers_password.json b/src/test/resources/import-files/users/02.1_update_realm_change_clientusers_password.json index 073f35cbe..9c99b74db 100644 --- a/src/test/resources/import-files/users/02.1_update_realm_change_clientusers_password.json +++ b/src/test/resources/import-files/users/02.1_update_realm_change_clientusers_password.json @@ -1,6 +1,7 @@ { "enabled": true, "realm": "realmWithUsers", + "internationalizationEnabled": true, "users": [ { "username": "myuser", diff --git a/src/test/resources/import-files/users/02.2_update_realm_change_clientusers_password.json b/src/test/resources/import-files/users/02.2_update_realm_change_clientusers_password.json index 6e3123d2e..008318e42 100644 --- a/src/test/resources/import-files/users/02.2_update_realm_change_clientusers_password.json +++ b/src/test/resources/import-files/users/02.2_update_realm_change_clientusers_password.json @@ -1,6 +1,7 @@ { "enabled": true, "realm": "realmWithUsers", + "internationalizationEnabled": true, "users": [ { "username": "myuser", diff --git a/src/test/resources/import-files/users/50.1_create_realm_with_email_as_username_without_username.json b/src/test/resources/import-files/users/50.1_create_realm_with_email_as_username_without_username.json index c8bfc42f7..177d003e5 100644 --- a/src/test/resources/import-files/users/50.1_create_realm_with_email_as_username_without_username.json +++ b/src/test/resources/import-files/users/50.1_create_realm_with_email_as_username_without_username.json @@ -1,6 +1,7 @@ { "enabled": true, "realm": "realmWithUsers", + "internationalizationEnabled": true, "registrationAllowed": true, "registrationEmailAsUsername": true, "users": [ diff --git a/src/test/resources/import-files/users/50.2_update_realm_with_email_as_username_without_username.json b/src/test/resources/import-files/users/50.2_update_realm_with_email_as_username_without_username.json index adb73e8fd..058df39a7 100644 --- a/src/test/resources/import-files/users/50.2_update_realm_with_email_as_username_without_username.json +++ b/src/test/resources/import-files/users/50.2_update_realm_with_email_as_username_without_username.json @@ -1,6 +1,7 @@ { "enabled": true, "realm": "realmWithUsers", + "internationalizationEnabled": true, "registrationAllowed": true, "registrationEmailAsUsername": true, "users": [ diff --git a/src/test/resources/import-files/users/50.3_update_realm_with_email_as_username_with_invalid_username.json b/src/test/resources/import-files/users/50.3_update_realm_with_email_as_username_with_invalid_username.json index 295162e58..ccd14e472 100644 --- a/src/test/resources/import-files/users/50.3_update_realm_with_email_as_username_with_invalid_username.json +++ b/src/test/resources/import-files/users/50.3_update_realm_with_email_as_username_with_invalid_username.json @@ -1,6 +1,7 @@ { "enabled": true, "realm": "realmWithUsers", + "internationalizationEnabled": true, "registrationAllowed": true, "registrationEmailAsUsername": true, "users": [ diff --git a/src/test/resources/import-files/users/50.4_update_realm_with_email_as_username_with_correct_username.json b/src/test/resources/import-files/users/50.4_update_realm_with_email_as_username_with_correct_username.json index 213bd6d8f..a7c2bc42c 100644 --- a/src/test/resources/import-files/users/50.4_update_realm_with_email_as_username_with_correct_username.json +++ b/src/test/resources/import-files/users/50.4_update_realm_with_email_as_username_with_correct_username.json @@ -1,6 +1,7 @@ { "enabled": true, "realm": "realmWithUsers", + "internationalizationEnabled": true, "registrationAllowed": true, "registrationEmailAsUsername": true, "users": [