gCubeSystem
/
keycloak-d4science-spi-parent
17
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: gCubeSystem:8529c7634e0e423b695d3be17e59874b8d7efab1
Branches Tags
gCubeSystem:master
gCubeSystem:r5.16.0
gCubeSystem:v2.1.0
gCubeSystem:r5.14.0
gCubeSystem:v2.0.0
gCubeSystem:r5.4.0
gCubeSystem:v1.1.0
gCubeSystem:r5.0.0
gCubeSystem:v1.0.1
...
compare: gCubeSystem:a162aae3b0b5292612169910f18637613c0d25e2
Branches Tags
gCubeSystem:master
gCubeSystem:r5.16.0
gCubeSystem:v2.1.0
gCubeSystem:r5.14.0
gCubeSystem:v2.0.0
gCubeSystem:r5.4.0
gCubeSystem:v1.1.0
gCubeSystem:r5.0.0
gCubeSystem:v1.0.1

5 Commits
8529c7634e ... a162aae3b0

Author SHA1 Message Date
Mauro Mugnaini a162aae3b0
Updated reference to `parent`, `README`s and `CHANGELOG`s updated 2024-04-18 12:21:14 +02:00
Mauro Mugnaini 13abd21c72
Removed the `delete-account` module from build. Artifacts' minor version is now aligned with Keycloak (KC) major. Moved to `24.0.3` version of KC 2024-04-18 12:18:37 +02:00
Mauro Mugnaini fad5715a16
Completely rewrote the implementation and configuration method, now both `admin` and `d4science` realms are configured by default as interesting realms. 
Added specific SPI configurations with `spi-events-listener-orchestrator-event-publisher-` prefix: `include-realms`, `exclude-realms`, `include-admin-types`, `exclude-admin-types`, `include-events` and `exclude-events`
 2024-04-18 12:16:23 +02:00
Mauro Mugnaini b9ae2f9b6b
Removed the old `d4cience.v2` theme and `admin` part of the `d4science` base theme 2024-04-18 12:13:03 +02:00
Mauro Mugnaini b9deaea561
Removed module for the build of the legacy `.ear` file to be deployed on `wildfly` based distributions 2024-04-18 12:10:46 +02:00
50 changed files with 454 additions and 1951 deletions
Show Stats Expand all files Collapse all files

3
CHANGELOG.md
View File

@ -2,7 +2,8 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
# Changelog for "keycloak-d4science-spi-parent"
## [v2.2.0-SNAPSHOT]
## [v2.24.0-SNAPSHOT]
Now the minor part of the version (the `24` in the `2.24.x`) shows the compatibility to the specific Keycloak major version, in this case `24.x.x`
## [v2.1.0]
- Added new [protocol-mapper](protocol-mapper/README.md) module to make the custom protocol mappers available

1
README.md
View File

@ -11,7 +11,6 @@ The project is a Maven master POM project and it is composed of several modules:
* [avatar-storage](avatar-storage/README.md)
* [event-listener-provider](event-listener-provider/README.md)
* [identity-provider-mapper](identity-provider-mapper/README.md)
* [keycloak-d4science-spi-ear](keycloak-d4science-spi-ear/README.md) [*** REMOVED from build since the wildfly distribution is no more available ***]
* [keycloak-d4science-theme](keycloak-d4science-theme/README.md)
* [keycloak-d4science-script](keycloak-d4science-script/README.md)
* [ldap-storage-mapper](ldap-storage-mapper/README.md)

5
avatar-importer/CHANGELOG.md
View File

@ -2,7 +2,10 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
# Changelog for "avatar-importer"
## [v2.2.0-SNAPSHOT]
## [v2.24.0-SNAPSHOT]
Removed LinkedIn OAuth2 deprecated provider and added the new OIDC version to supported providers
Moved from `commons-lang` to `commons-lang3` artifactId in `org.apache.commons` groupId.
Now the minor part of the version (the `24` in the `2.24.x`) shows the compatibility to the specific Keycloak major version, in this case `24.x.x`
## [v2.1.0]
Changes in other sub-components

2
avatar-importer/pom.xml
View File

@ -5,7 +5,7 @@
<parent>
<groupId>org.gcube.iam</groupId>
<artifactId>keycloak-d4science-spi-parent</artifactId>
<version>2.2.0-SNAPSHOT</version>
<version>2.24.0-SNAPSHOT</version>
</parent>
<artifactId>avatar-importer</artifactId>

4
avatar-realm-resource/CHANGELOG.md
View File

@ -2,7 +2,9 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
# Changelog for "avatar-realm-resource"
## [v2.2.0-SNAPSHOT]
## [v2.24.0-SNAPSHOT]
Moved code from `Resteasy classic` to `Reateasy reactive` since now Quarkus uses this framework.
Now the minor part of the version (the `24` in the `2.24.x`) shows the compatibility to the specific Keycloak major version, in this case `24.x.x`
## [v2.1.0]
Changes in other sub-components

5
avatar-realm-resource/README.md
View File

@ -23,7 +23,7 @@ To build the JAR artifact it is sufficient to type
The type of the storage to be used is configured in the `org.gcube.keycloak.avatar.storage.AvatarStorageProviderFactory` file under the `META-INF/services/` folder of the module source/JAR.
To use the S3 persistence (default), the content of the file should be: `org.gcube.keycloak.avatar.storage.s3.MinioAvatarStorageProviderFactory`
This uses the S3 persistence by default and the content of the file is: `org.gcube.keycloak.avatar.storage.s3.MinioAvatarStorageProviderFactory`
#### Quarkus based Keycloak
@ -31,7 +31,8 @@ In order to deploy the module it is sufficient to copy into the `[keycloak-home]
### Configuration
In order to configure the storage provider you have to add some lines to the `[keycloak-home]/conf/keycloak.conf` configuration file.
In order to configure the storage provider you have can either add some lines to the `[keycloak-home]/conf/keycloak.conf` configuration file, use the CLI parameters or use the ENV variables.
(Please, refer to the [Keycloak documentation section](https://www.keycloak.org/server/configuration) for further info)
Let's see the specific setting for every provider.

40
avatar-realm-resource/pom.xml
View File

@ -7,7 +7,7 @@
<parent>
<groupId>org.gcube.iam</groupId>
<artifactId>keycloak-d4science-spi-parent</artifactId>
<version>2.2.0-SNAPSHOT</version>
<version>2.24.0-SNAPSHOT</version>
</parent>
<artifactId>avatar-realm-resource</artifactId>
@ -42,11 +42,49 @@
<artifactId>minio</artifactId>
<version>${minio.version}</version>
</dependency>
<dependency>
<groupId>com.carrotsearch.thirdparty</groupId>
<artifactId>simple-xml-safe</artifactId>
<version>2.7.1</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-compress</artifactId>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.xerial.snappy</groupId>
<artifactId>snappy-java</artifactId>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>com.squareup.okhttp3</groupId>
<artifactId>okhttp</artifactId>
<version>${okhttp3.version}</version>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio</artifactId>
<version>3.2.0</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio-jvm</artifactId>
<version>3.2.0</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.jetbrains.kotlin</groupId>
<artifactId>kotlin-stdlib</artifactId>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.jetbrains.kotlin</groupId>
<artifactId>kotlin-stdlib-jdk8</artifactId>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.mockito</groupId>
<artifactId>mockito-core</artifactId>

3
avatar-storage/CHANGELOG.md
View File

@ -2,7 +2,8 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
# Changelog for "avatar-storage"
## [v2.2.0-SNAPSHOT]
## [v2.24.0-SNAPSHOT]
Now the minor part of the version (the `24` in the `2.24.x`) shows the compatibility to the specific Keycloak major version, in this case `24.x.x`
## [v2.1.0]
Changes in other sub-components

2
avatar-storage/pom.xml
View File

@ -7,7 +7,7 @@
<parent>
<groupId>org.gcube.iam</groupId>
<artifactId>keycloak-d4science-spi-parent</artifactId>
<version>2.2.0-SNAPSHOT</version>
<version>2.24.0-SNAPSHOT</version>
</parent>
<artifactId>avatar-storage</artifactId>

3
delete-account/CHANGELOG.md
View File

@ -2,7 +2,8 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
# Changelog for "delete-account"
## [v2.2.0-SNAPSHOT]
## [v2.24.0-SNAPSHOT]
This module has been deprecated and disabled/removed from build since now the built in delete account functionality can be used.
## [v2.1.0]
Changes in other sub-components

5
event-listener-provider/CHANGELOG.md
View File

@ -2,7 +2,10 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
# Changelog for "event-listener-provider"
## [v2.2.0-SNAPSHOT]
## [v2.24.0-SNAPSHOT]
Revised implementation, now both `admin` and `d4science` realms are configured by default as interesting realms.
Added specific SPI configurations with `spi-events-listener-orchestrator-event-publisher-` prefix: `include-realms`, `exclude-realms`, `include-admin-types`, `exclude-admin-types`, `include-events` and `exclude-events`
Now the minor part of the version (the `24` in the `2.24.x`) shows the compatibility to the specific Keycloak major version, in this case `24.x.x`
## [v2.1.0]
Changes in other sub-components

26
event-listener-provider/README.md
View File

@ -25,6 +25,32 @@ To build the JAR file it is sufficient to type
In order to deploy the module it is sufficient to copy into the `[keycloak-home]/providers` folder.
### Configuration
In order to configure the `Orchestrator`'s server endpoint URL it is sufficient to create a new client inside the `d4science` realm (or in the realm specified in the `target-orchestrator-realm` configuration) with id `conductor-server` and set-up the API URL in the `Home URL` field (e.g. https://conductor.dev.d4science.org/api/workflow/).
To perform authorized requests to the `orchestrator`, with an UMA token as `bearer`, a specific client with id `keycloak-server` has to be created in the same realm of the orchestrator client. This client should be configured to obtain an UMA ticket with audience: `conductor-server`.
Additionally, if the `Home URL` for this client is configured with a token endpoint URL, this will be used to obtain the UMA ticket, instead of the token URL of the Keycloak instance where the SPI is running.
Since version `2.24.0` it is possible to configure the SPI configurations with the following entries:
* `target-orchestrator-realm` - to specify in which realm looking for the the configured clients, overriding the default that is: `d4science`
* `include-realms` - to specify the interesting realms (default are: `d4science` and `master`)
* `exclude-realms` - to specify the non interesting realms
* `include-admin-types` - To specify the admin's `ResourceType`s to include (default are: `user`, `client` and `realm`)
* `exclude-admin-types`- To specify the admin's `ResourceType`s to exclude
* `include-events` - To specify the `EventType`s to include (default are: `register` and `delete_account`)
* `exclude-events` - To specify the `EventType`s to exclude
The prefix to add for the configuration is `spi-events-listener-orchestrator-event-publisher-` and f.e. to configure the interesting realms it is sufficient to use:
```bash
spi-events-listener-orchestrator-event-publisher-include-realms=d4science,master
```
This can be achieved either by adding some lines to the `[keycloak-home]/conf/keycloak.conf` configuration file, by using the CLI parameters or using the ENV variables.
(Please, refer to the [Keycloak documentation section](https://www.keycloak.org/server/configuration) for further info)
## Change log
See [CHANGELOG.md](CHANGELOG.md).

16
event-listener-provider/pom.xml
View File

@ -7,7 +7,7 @@
<parent>
<groupId>org.gcube.iam</groupId>
<artifactId>keycloak-d4science-spi-parent</artifactId>
<version>2.2.0-SNAPSHOT</version>
<version>2.24.0-SNAPSHOT</version>
</parent>
<artifactId>event-listener-provider</artifactId>
@ -18,12 +18,20 @@
</properties>
<scm>
<connection>scm:git:https://code-repo.d4science.org/gCubeSystem/${project.parent.artifactId}.git</connection>
<developerConnection>scm:git:https://code-repo.d4science.org/gCubeSystem/${project.parent.artifactId}.git</developerConnection>
<url>https://code-repo.d4science.org/gCubeSystem/${project.parent.artifactId}</url>
<connection>
scm:git:https://code-repo.d4science.org/gCubeSystem/${project.parent.artifactId}.git</connection>
<developerConnection>
scm:git:https://code-repo.d4science.org/gCubeSystem/${project.parent.artifactId}.git</developerConnection>
<url>
https://code-repo.d4science.org/gCubeSystem/${project.parent.artifactId}</url>
</scm>
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-services</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.gcube.common</groupId>
<artifactId>event-publisher-library</artifactId>

30
event-listener-provider/src/main/java/org/gcube/keycloak/event/KeycloakEvent.java
View File

@ -62,17 +62,23 @@ public class KeycloakEvent extends Event {
}
public static KeycloakEvent newKeycloakAdminEvent(AdminEvent adminEvent, boolean includeRepresentation) {
KeycloakEvent keycloakEvent = new KeycloakEvent(ADMIN_NAME, adminEvent.getRealmId(), adminEvent.getTime());
KeycloakEvent keycloakEvent = new KeycloakEvent(constructAdminEventName(adminEvent), adminEvent.getRealmId(),
adminEvent.getTime());
keycloakEvent.setOperation(adminEvent.getOperationType().name());
if (includeRepresentation) {
keycloakEvent.setOperation(adminEvent.getOperationType().name().toLowerCase());
if (includeRepresentation && adminEvent.getRepresentation() != null) {
keycloakEvent.setRepresentation(adminEvent.getRepresentation());
}
keycloakEvent.setResource(adminEvent.getResourcePath());
keycloakEvent.setResourceType(adminEvent.getResourceTypeAsString());
keycloakEvent.setResourceType(adminEvent.getResourceTypeAsString().toLowerCase());
return keycloakEvent;
}
protected static String constructAdminEventName(AdminEvent adminEvent) {
return ADMIN_NAME + "_" + adminEvent.getResourceTypeAsString().toLowerCase() + "_"
+ adminEvent.getOperationType().name().toLowerCase();
}
public static KeycloakEvent newKeycloakEvent(org.keycloak.events.Event event) {
KeycloakEvent keycloakEvent = new KeycloakEvent(event.getType().name().toLowerCase(), event.getRealmId(),
event.getTime(), event.getDetails());
@ -88,7 +94,7 @@ public class KeycloakEvent extends Event {
}
private static OffsetDateTime convertEventDate(long millis) {
OrchestratorEventPublisherProvider.logger.debugf("Creating offset date time from millis %d -> %t", millis, millis);
OrchestratorEventPublisherProvider.logger.debugf("Creating offset date time from millis: %d", millis);
return Instant.ofEpochMilli(millis).atZone(ZoneOffset.systemDefault()).toOffsetDateTime();
}
@ -102,11 +108,15 @@ public class KeycloakEvent extends Event {
@SuppressWarnings("unchecked")
public void setRepresentation(String representation) {
try {
put(REPRESENTATION, new JSONParser().parse(representation));
} catch (ParseException e) {
e.printStackTrace();
set(REPRESENTATION, representation);
if (representation != null) {
try {
put(REPRESENTATION, new JSONParser().parse(representation));
} catch (ParseException e) {
e.printStackTrace();
set(REPRESENTATION, representation);
}
} else {
remove(REPRESENTATION);
}
}

69
event-listener-provider/src/main/java/org/gcube/keycloak/event/NoOpEventPublisherProvider.java
View File

@ -1,69 +0,0 @@
package org.gcube.keycloak.event;
import org.gcube.event.publisher.EventSender;
import org.json.simple.JSONObject;
import org.keycloak.events.Event;
import org.keycloak.events.admin.AdminEvent;
/**
* Added to avoid errors for not configured provider also in realm where event listener is not configured (KC bug?)
*
* @author <a href="mailto:mauro.mugnaini@nubisware.com">Mauro Mugnaini</a>
*
*/
public class NoOpEventPublisherProvider extends OrchestratorEventPublisherProvider {
public NoOpEventPublisherProvider() {
super();
}
@Override
public void close() {
}
@Override
public void onEvent(Event event) {
// Nothing to do
}
@Override
public void onEvent(AdminEvent event, boolean includeRepresentation) {
// Nothing to do
}
@Override
protected EventSender createEventSender() {
return new EventSender() {
@Override
public void send(org.gcube.event.publisher.Event event) {
// Nothing to do
}
@Override
public String sendAndGetResult(org.gcube.event.publisher.Event event) {
// Nothing to do
return null;
}
@Override
public JSONObject retrive(String id) {
// Nothing to do
return null;
}
@Override
public int getLastSendHTTPResponseCode() {
// Nothing to do
return 0;
}
@Override
public int getLastRetrieveHTTPResponseCode() {
// Nothing to do
return 0;
}
};
}
}

172
event-listener-provider/src/main/java/org/gcube/keycloak/event/OrchestratorEventPublisherProvider.java
View File

@ -1,7 +1,9 @@
package org.gcube.keycloak.event;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.Collections;
import java.util.EventListener;
import java.util.HashSet;
import java.util.Set;
import org.gcube.event.publisher.AbstractEventPublisher;
@ -10,8 +12,11 @@ import org.gcube.event.publisher.HTTPWithUMAAuthEventSender;
import org.jboss.logging.Logger;
import org.keycloak.events.Event;
import org.keycloak.events.EventListenerProvider;
import org.keycloak.events.EventListenerTransaction;
import org.keycloak.events.EventType;
import org.keycloak.events.admin.AdminEvent;
import org.keycloak.events.admin.ResourceType;
import org.keycloak.models.KeycloakTransactionManager;
/**
* @author <a href="mailto:marco.lettere@nubisware.com">Marco Lettere</a>
@ -22,69 +27,140 @@ public class OrchestratorEventPublisherProvider extends AbstractEventPublisher
public static final Logger logger = Logger.getLogger(OrchestratorEventPublisherProvider.class);
private static final Set<EventType> INTERESTING_EVENTS = new HashSet<>();
private final String realmName;
private final EventListenerTransaction tx;
private final String orchestratorEndpoint;
private final String keycloakTokenEndpoint;
private final String keycloakClientId;
private final String keycloakClientSecret;
private final String orchestratorAudience;
private final Set<ResourceType> interestingAdminEventResourceTypes;
private final Set<EventType> interestingEvents;
static {
INTERESTING_EVENTS.add(EventType.CLIENT_DELETE);
INTERESTING_EVENTS.add(EventType.CLIENT_DELETE_ERROR);
INTERESTING_EVENTS.add(EventType.FEDERATED_IDENTITY_LINK);
INTERESTING_EVENTS.add(EventType.FEDERATED_IDENTITY_LINK_ERROR);
INTERESTING_EVENTS.add(EventType.IDENTITY_PROVIDER_FIRST_LOGIN);
INTERESTING_EVENTS.add(EventType.IDENTITY_PROVIDER_FIRST_LOGIN_ERROR);
INTERESTING_EVENTS.add(EventType.REGISTER);
INTERESTING_EVENTS.add(EventType.REGISTER_ERROR);
INTERESTING_EVENTS.add(EventType.UPDATE_EMAIL);
INTERESTING_EVENTS.add(EventType.VERIFY_EMAIL_ERROR);
INTERESTING_EVENTS.add(EventType.DELETE_ACCOUNT);
/**
* Default constructor for dummy use
*/
public OrchestratorEventPublisherProvider() {
this.realmName = null;
this.tx = null;
orchestratorEndpoint = null;
keycloakTokenEndpoint = null;
keycloakClientId = null;
keycloakClientSecret = null;
orchestratorAudience = null;
this.interestingAdminEventResourceTypes = Collections.emptySet();
this.interestingEvents = Collections.emptySet();
logger.tracef("Created new dummy instance");
}
public OrchestratorEventPublisherProvider() {
public OrchestratorEventPublisherProvider(String realmName, KeycloakTransactionManager transactionManager,
String orchestratorEndpoint, String keycloakTokenEndpoint, String keycloakClientId,
String keycloakClientSecret, String orchestratorAudience,
Set<ResourceType> interestingAdminEventResourceTypes, Set<EventType> interestingEvents) {
super();
this.realmName = realmName;
this.interestingAdminEventResourceTypes = interestingAdminEventResourceTypes;
this.interestingEvents = interestingEvents;
tx = new EventListenerTransaction(this::sendAdminEvent, this::sendEvent);
transactionManager.enlistAfterCompletion(tx);
this.orchestratorEndpoint = orchestratorEndpoint;
this.keycloakTokenEndpoint = keycloakTokenEndpoint;
this.keycloakClientId = keycloakClientId;
this.keycloakClientSecret = keycloakClientSecret;
this.orchestratorAudience = orchestratorAudience;
// Creating every time a new sender to be sure new settings are used, if changed
this.setEventSender(newEventSender(realmName));
logger.tracef("Created new instance for realm: %s. Admin events: %2. Events:", realmName,
interestingAdminEventResourceTypes, interestingEvents);
}
@Override
protected EventSender createEventSender() {
// Will be set in the constructor by using the setter, instance variables are still not available at this moment
return null;
}
protected EventSender newEventSender(String realmName) {
if (orchestratorEndpoint != null) {
try {
if (keycloakClientSecret != null) {
logger.tracef(
"Creating event sender for realm %s. Endpoint: %s, KC token endpoint: %s, UMA adience: %s",
realmName, orchestratorEndpoint, keycloakTokenEndpoint, orchestratorAudience);
return new HTTPWithUMAAuthEventSender(new URL(orchestratorEndpoint), keycloakClientId,
keycloakClientSecret, new URL(keycloakTokenEndpoint), orchestratorAudience);
} else {
logger.debugf("Creating unauthorized event sender with endpoint: %s", orchestratorEndpoint);
return new HTTPWithUMAAuthEventSender(new URL(orchestratorEndpoint), null, null, null, null);
}
} catch (MalformedURLException e) {
logger.errorf("Can't construct endpoint URL from string", e);
}
} else {
logger.errorf("Orchestrator endpoint is not available for realm: %s", realmName);
}
return null;
}
@Override
public void close() {
}
@Override
public void onEvent(AdminEvent adminEvent, boolean includeRepresentation) {
if (getEventSender() != null) {
if (adminEvent.getError() != null) {
logger.debug("Skipping error admin event publish");
return;
}
if (interestingAdminEventResourceTypes.contains(adminEvent.getResourceType())) {
logger.tracef("Enqued admin event for resource type: %s", adminEvent.getResourceType().name());
tx.addAdminEvent(adminEvent, includeRepresentation);
} else {
logger.tracef("Skipping not interesting admin event resource type: %s",
adminEvent.getResourceType().name());
}
} else {
logger.debugf("Can't publish admin events since since event sender is null for realm: %s", realmName);
}
}
public void sendAdminEvent(AdminEvent adminEvent, boolean includeRepresentation) {
if (getEventSender() != null) {
logger.debugf("Publishing new admin event '%s' to orchestrator for realm: %s",
adminEvent.getOperationType().name(), realmName);
publish(KeycloakEvent.newKeycloakAdminEvent(adminEvent, includeRepresentation));
} else {
logger.debugf("Can't publish admin events since event sender is null. Current realm: %s", realmName);
}
}
@Override
public void onEvent(Event event) {
if (!INTERESTING_EVENTS.contains(event.getType())) {
logger.tracef("Skipping publish of not interesting event: %s", event.getType().toString());
return;
if (getEventSender() != null) {
EventType eventType = event.getType();
if (interestingEvents.contains(eventType)) {
logger.tracef("Enqued event of type: %s", eventType.name());
tx.addEvent(event);
return;
} else {
logger.tracef("Skipping not interesting event: %s", eventType.name());
}
} else {
logger.debugf("Can't publish events since since event sender is null for realm: %s", realmName);
}
logger.debug("Publishing new event to orchestrator");
publish(KeycloakEvent.newKeycloakEvent(event));
}
@Override
public void onEvent(AdminEvent event, boolean includeRepresentation) {
if (event.getError() != null) {
logger.debug("Skipping error admin event publish");
return;
public void sendEvent(Event event) {
if (getEventSender() != null) {
logger.debugf("Publishing new event '%s' to orchestrator for realm %s", event.getType().name(), realmName);
publish(KeycloakEvent.newKeycloakEvent(event));
} else {
logger.debugf("Can't publish events since event sender is null. Current realm: %s", realmName);
}
logger.debug("Publishing new admin event to orchestrator");
publish(KeycloakEvent.newKeycloakAdminEvent(event, includeRepresentation));
}
@Override
protected EventSender createEventSender() {
logger.infof(
"Creating the HTTP event sender with endpoint: %s, clientId: %s, KC token endpoint: %s, UMA adience: %s",
OrchestratorEventPublisherProviderFactory.ORCHESTRATOR_ENDPOINT,
OrchestratorEventPublisherProviderFactory.KEYCLOAK_CLIENT_ID,
OrchestratorEventPublisherProviderFactory.KEYCLOAK_ENDPOINT,
OrchestratorEventPublisherProviderFactory.ORCHESTRATOR_AUDIENCE_ID);
return OrchestratorEventPublisherProviderFactory.KEYCLOAK_ENDPOINT != null
? new HTTPWithUMAAuthEventSender(
OrchestratorEventPublisherProviderFactory.ORCHESTRATOR_ENDPOINT,
OrchestratorEventPublisherProviderFactory.KEYCLOAK_CLIENT_ID,
OrchestratorEventPublisherProviderFactory.KEYCLOAK_CLIENT_SECRET,
OrchestratorEventPublisherProviderFactory.KEYCLOAK_ENDPOINT,
OrchestratorEventPublisherProviderFactory.ORCHESTRATOR_AUDIENCE_ID)
: new HTTPWithUMAAuthEventSender(
OrchestratorEventPublisherProviderFactory.ORCHESTRATOR_ENDPOINT,
null, null, null, null);
}
}

265
event-listener-provider/src/main/java/org/gcube/keycloak/event/OrchestratorEventPublisherProviderFactory.java
View File

@ -1,15 +1,22 @@
package org.gcube.keycloak.event;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import org.gcube.event.publisher.EventSender;
import org.jboss.logging.Logger;
import org.keycloak.Config.Scope;
import org.keycloak.events.Event;
import org.keycloak.events.EventListenerProviderFactory;
import org.keycloak.events.EventType;
import org.keycloak.events.admin.ResourceType;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.RealmModel;
import org.keycloak.protocol.oidc.OIDCWellKnownProviderFactory;
import org.keycloak.protocol.oidc.representations.OIDCConfigurationRepresentation;
/**
* @author <a href="mailto:marco.lettere@nubisware.com">Marco Lettere</a>
@ -19,23 +26,50 @@ public class OrchestratorEventPublisherProviderFactory implements EventListenerP
private static final Logger logger = Logger.getLogger(OrchestratorEventPublisherProviderFactory.class);
public static final String MASTER_REALM_NAME = "master";
public static final String ORCHESTRATOR_CLIENT_ID = "orchestrator";
public static final String ORCHESTRATOR_AUDIENCE_ID = "conductor-server";
public static final String KEYCLOAK_CLIENT_ID = "keycloak-client";
private static final String MASTER_REALM_NAME = "master";
private static final String D4SCIENCE_REALM_NAME = "d4science";
private static final String ORCHESTRATOR_CLIENT_ID = "conductor-server";
private static final String ORCHESTRATOR_AUDIENCE = ORCHESTRATOR_CLIENT_ID;
private static final String KEYCLOAK_CLIENT_ID = "keycloak-server";
private static final int CHECK_DELAY = 60 * 1000; // One minute
private static final int CHECK_DELAY = 30 * 1000;
private static final String DEFAULT_TARGET_ORCHESTRATOR_REALM;
private static final Set<String> DEFAULT_REALM_NAMES;
private static final Set<EventType> DEFAULT_INTERESTING_EVENTS;
private static final Set<ResourceType> DEFAULT_INTERESTING_ADMIN_EVENT_RESOURCE_TYPES;
protected static Long LAST_ENDPOINT_CHECK = Long.valueOf(0);
public static URL ORCHESTRATOR_ENDPOINT;
public static URL KEYCLOAK_ENDPOINT;
public static String KEYCLOAK_CLIENT_SECRET;
private static String THIS_KEYCLOAK_TOKEN_ENDPOINT;
private static ClientModel ORCHESTRATOR_CLIENT;
private static ClientModel KEYCLOAK_CLIENT;
protected Long lastEndpointCheck = Long.valueOf(0);
protected OrchestratorEventPublisherProvider oepp;
private String targetOrchestratorRealm;
private Set<String> interestingRealms = new HashSet<>();
private Set<EventType> interestingEvents = new HashSet<>();
private Set<ResourceType> interestingAdminEventResourceTypes = new HashSet<>();
public OrchestratorEventPublisherProviderFactory() {
logger.info("New OrchestratorEventPublisherProviderFactory has been created");
static {
DEFAULT_TARGET_ORCHESTRATOR_REALM = D4SCIENCE_REALM_NAME;
DEFAULT_REALM_NAMES = new HashSet<>();
DEFAULT_INTERESTING_EVENTS = new HashSet<>();
DEFAULT_INTERESTING_ADMIN_EVENT_RESOURCE_TYPES = new HashSet<>();
Collections.addAll(DEFAULT_REALM_NAMES,
MASTER_REALM_NAME,
D4SCIENCE_REALM_NAME);
Collections.addAll(DEFAULT_INTERESTING_ADMIN_EVENT_RESOURCE_TYPES,
ResourceType.CLIENT,
ResourceType.REALM,
ResourceType.USER);
Collections.addAll(DEFAULT_INTERESTING_EVENTS,
// EventType.FEDERATED_IDENTITY_LINK,
// EventType.IDENTITY_PROVIDER_FIRST_LOGIN,
// EventType.LOGIN,
EventType.REGISTER,
// EventType.UPDATE_EMAIL,
EventType.DELETE_ACCOUNT);
}
@Override
@ -43,88 +77,82 @@ public class OrchestratorEventPublisherProviderFactory implements EventListenerP
}
@Override
public synchronized OrchestratorEventPublisherProvider create(KeycloakSession keycloakSession) {
Long now = System.currentTimeMillis();
Long elapsed = now - lastEndpointCheck;
if (oepp == null || elapsed > CHECK_DELAY) {
lastEndpointCheck = now;
ClientModel orchestratorClient = getClientInActualOrMasterRealm(keycloakSession, ORCHESTRATOR_CLIENT_ID);
URL newOrchestratorEndpoint;
if (orchestratorClient != null) {
logger.trace("Getting configured orchestrator endpoint address from client's base URL");
try {
newOrchestratorEndpoint = new URL(orchestratorClient.getBaseUrl());
} catch (MalformedURLException e) {
logger.errorf("Can't create new orchestrator endpoint address: %s", orchestratorClient.getBaseUrl());
oepp = new NoOpEventPublisherProvider();
return oepp;
}
} else {
logger.debugf("Can't go ahead without a configured '%f' client", ORCHESTRATOR_CLIENT_ID);
oepp = null;
return oepp;
public OrchestratorEventPublisherProvider create(KeycloakSession keycloakSession) {
synchronized (this) {
Long now = System.currentTimeMillis();
Long elapsed = now - LAST_ENDPOINT_CHECK;
if (elapsed > CHECK_DELAY) {
LAST_ENDPOINT_CHECK = now;
checkForConfigChanges(keycloakSession);
// } else {
// logger.tracef("Next check is in %d millis", CHECK_DELAY - elapsed);
}
ClientModel keycloakClient = getClientInActualOrMasterRealm(keycloakSession, KEYCLOAK_CLIENT_ID);
URL newKeycloakEndpoint;
String keycloakClientSecret;
if (keycloakClient != null) {
try {
logger.debug("Getting configured keycloak endpoint address from client's base URL");
newKeycloakEndpoint = new URL(keycloakClient.getBaseUrl());
// Only do it if URL has been configured properly
logger.debug("Getting configured keycloak client client-secret from client");
keycloakClientSecret = keycloakClient.getSecret();
} catch (MalformedURLException e) {
logger.errorf("Can't create new keycloak token address: %s", keycloakClient.getBaseUrl(), e);
oepp = new NoOpEventPublisherProvider();
return oepp;
}
} else {
logger.debugf("Can't go ahead without a configured '%f' client", KEYCLOAK_CLIENT_ID);
oepp = new NoOpEventPublisherProvider();
return oepp;
}
if (oepp == null || !newOrchestratorEndpoint.equals(ORCHESTRATOR_ENDPOINT)
|| !newKeycloakEndpoint.equals(KEYCLOAK_ENDPOINT)
|| !keycloakClientSecret.equals(KEYCLOAK_CLIENT_SECRET)) {
logger.info("Creating new orchestrator event publisher provider");
// Address and other fileds will be then read from static fields in this class by
// the createEventSender() called by the superclass' constructor, overridden in the impl.
ORCHESTRATOR_ENDPOINT = newOrchestratorEndpoint;
KEYCLOAK_ENDPOINT = newKeycloakEndpoint;
KEYCLOAK_CLIENT_SECRET = keycloakClientSecret;
oepp = new OrchestratorEventPublisherProvider();
}
} else {
logger.tracef("Next check is in %d millis", CHECK_DELAY - elapsed);
}
return oepp;
String realmName = keycloakSession.getContext().getRealm().getName();
if (interestingRealms.contains(realmName)) {
// logger.debugf("Returning new provider to handle event in realm: %s", realmName);
return new OrchestratorEventPublisherProvider(realmName, keycloakSession.getTransactionManager(),
getOrchestratorEndpoint(), getKeycloakTokenEndpoint(), KEYCLOAK_CLIENT_ID,
getKeycloakClientSecret(), ORCHESTRATOR_AUDIENCE, interestingAdminEventResourceTypes,
interestingEvents);
} else {
logger.debugf("Returning a dummy provider to handle the event in realm: %s", realmName);
return new OrchestratorEventPublisherProvider() {
@Override
public void onEvent(Event event) {
}
@Override
public void onEvent(org.keycloak.events.admin.AdminEvent adminEvent, boolean includeRepresentation) {
};
@Override
protected EventSender createEventSender() {
return null;
};
};
}
}
protected ClientModel getClientInActualOrMasterRealm(KeycloakSession keycloakSession, String clientId) {
logger.debug("Getting actual realm from session's context");
RealmModel realm = keycloakSession.getContext().getRealm();
logger.debugf("Trying getting '%s' client in current realm: '%s'", clientId, realm.getName());
ClientModel client = realm.getClientByClientId(clientId);
if (client == null) {
if (!MASTER_REALM_NAME.equals(realm.getName())) {
logger.debugf("Not found. Now trying getting '%s' in '%s' realm", clientId, MASTER_REALM_NAME);
realm = keycloakSession.realms().getRealmByName(MASTER_REALM_NAME);
client = realm.getClientByClientId(clientId);
if (client == null) {
logger.warnf("Cannot find '%s' client not even in '%s' realm", clientId, realm.getName(),
MASTER_REALM_NAME);
return null;
}
} else {
logger.trace("Not found.");
public String getOrchestratorEndpoint() {
return ORCHESTRATOR_CLIENT != null ? ORCHESTRATOR_CLIENT.getBaseUrl() : null;
}
public String getKeycloakClientSecret() {
return KEYCLOAK_CLIENT != null ? KEYCLOAK_CLIENT.getSecret() : null;
}
public String getKeycloakTokenEndpoint() {
if (KEYCLOAK_CLIENT != null) {
if (KEYCLOAK_CLIENT.getBaseUrl() != null) {
return KEYCLOAK_CLIENT.getBaseUrl();
}
}
logger.debugf("Client '%s' found", clientId);
return THIS_KEYCLOAK_TOKEN_ENDPOINT;
}
protected void checkForConfigChanges(KeycloakSession keycloakSession) {
if (THIS_KEYCLOAK_TOKEN_ENDPOINT == null) {
THIS_KEYCLOAK_TOKEN_ENDPOINT = ((OIDCConfigurationRepresentation) new OIDCWellKnownProviderFactory()
.create(keycloakSession).getConfig()).getTokenEndpoint();
logger.debugf("Keycloak (this) token endpoint is: %s", THIS_KEYCLOAK_TOKEN_ENDPOINT);
}
RealmModel realm = keycloakSession.realms().getRealmByName(targetOrchestratorRealm);
if (realm == null) {
logger.errorf("Target orchestrator realm not: %s", targetOrchestratorRealm);
return;
}
ORCHESTRATOR_CLIENT = getClientInRealm(realm, ORCHESTRATOR_CLIENT_ID);
KEYCLOAK_CLIENT = getClientInRealm(realm, KEYCLOAK_CLIENT_ID);
}
protected ClientModel getClientInRealm(RealmModel realm, String clientId) {
ClientModel client = realm.getClientByClientId(clientId);
if (client == null) {
logger.errorf("Client '%s' not found in target orchestrator realm: %s", clientId, realm.getName());
}
return client;
}
@ -134,7 +162,60 @@ public class OrchestratorEventPublisherProviderFactory implements EventListenerP
}
@Override
public void init(Scope scope) {
public void init(Scope config) {
this.targetOrchestratorRealm = config.get("target-orchestrator-realm", DEFAULT_TARGET_ORCHESTRATOR_REALM);
logger.infof("Target orchestrator realm is: %s", targetOrchestratorRealm);
String[] includeRealms = config.getArray("include-realms");
if (includeRealms != null) {
for (String realm : includeRealms) {
this.interestingRealms.add(realm);
}
} else {
this.interestingRealms.addAll(DEFAULT_REALM_NAMES);
}
String[] excludeRealms = config.getArray("exclude-realms");
if (excludeRealms != null) {
for (String realm : excludeRealms) {
this.interestingRealms.remove(realm);
}
}
logger.infof("Interesting realms are: %s", interestingRealms);
String[] includeTypes = config.getArray("include-admin-types");
if (includeTypes != null) {
for (String type : includeTypes) {
this.interestingAdminEventResourceTypes.add(ResourceType.valueOf(type.toUpperCase()));
}
} else {
this.interestingAdminEventResourceTypes.addAll(DEFAULT_INTERESTING_ADMIN_EVENT_RESOURCE_TYPES);
}
String[] excludeTypes = config.getArray("exclude-admin-types");
if (excludeTypes != null) {
for (String type : excludeTypes) {
this.interestingAdminEventResourceTypes.remove(ResourceType.valueOf(type.toUpperCase()));
}
}
logger.infof("Interesting admin events resource types are: %s", interestingAdminEventResourceTypes);
String[] includeEvents = config.getArray("include-events");
if (includeEvents != null) {
for (String type : includeEvents) {
this.interestingEvents.add(EventType.valueOf(type.toUpperCase()));
}
} else {
this.interestingEvents.addAll(DEFAULT_INTERESTING_EVENTS);
}
String[] excludeEvents = config.getArray("exclude-events");
if (excludeEvents != null) {
for (String type : excludeEvents) {
this.interestingEvents.remove(EventType.valueOf(type.toUpperCase()));
}
}
logger.infof("Interesting events are: %s", interestingEvents);
}
@Override

3
identity-provider-mapper/CHANGELOG.md
View File

@ -2,7 +2,8 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
# Changelog for "identity-provider-mapper"
## [v2.2.0-SNAPSHOT]
## [v2.24.0-SNAPSHOT]
Now the minor part of the version (the `24` in the `2.24.x`) shows the compatibility to the specific Keycloak major version, in this case `24.x.x`
## [v2.1.0]
Changes in other sub-components

2
identity-provider-mapper/pom.xml
View File

@ -7,7 +7,7 @@
<parent>
<groupId>org.gcube.iam</groupId>
<artifactId>keycloak-d4science-spi-parent</artifactId>
<version>2.2.0-SNAPSHOT</version>
<version>2.24.0-SNAPSHOT</version>
</parent>
<artifactId>identity-provider-mapper</artifactId>

19
keycloak-d4science-bundle/CHANGELOG.md
View File

@ -1,19 +0,0 @@
This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
# Changelog for "keycloak-d4science-bundle"
## [v2.0.0]
- Added theme JAR to EAR bundle
- changes in sub-components
## [v1.1.0]
changes in sub-components
## [v1.0.1]
changes in sub-components
## [v1.0.0]
Prepared for the release in pre-prod
## [v0.2.0-SNAPSHOT]
- Extracted sub-module from the original project. It bundle all the modules in one J2EE EAR ready to be deployed

26
keycloak-d4science-bundle/FUNDING.md
View File

@ -1,26 +0,0 @@
# Acknowledgments
The projects leading to this software have received funding from a series of European Union programmes including:
- the Sixth Framework Programme for Research and Technological Development
- [DILIGENT](https://cordis.europa.eu/project/id/004260) (grant no. 004260).
- the Seventh Framework Programme for research, technological development and demonstration
- [D4Science](https://cordis.europa.eu/project/id/212488) (grant no. 212488);
- [D4Science-II](https://cordis.europa.eu/project/id/239019) (grant no.239019);
- [ENVRI](https://cordis.europa.eu/project/id/283465) (grant no. 283465);
- [iMarine](https://cordis.europa.eu/project/id/283644) (grant no. 283644);
- [EUBrazilOpenBio](https://cordis.europa.eu/project/id/288754) (grant no. 288754).
- the H2020 research and innovation programme
- [SoBigData](https://cordis.europa.eu/project/id/654024) (grant no. 654024);
- [PARTHENOS](https://cordis.europa.eu/project/id/654119) (grant no. 654119);
- [EGI-Engage](https://cordis.europa.eu/project/id/654142) (grant no. 654142);
- [ENVRI PLUS](https://cordis.europa.eu/project/id/654182) (grant no. 654182);
- [BlueBRIDGE](https://cordis.europa.eu/project/id/675680) (grant no. 675680);
- [PerformFISH](https://cordis.europa.eu/project/id/727610) (grant no. 727610);
- [AGINFRA PLUS](https://cordis.europa.eu/project/id/731001) (grant no. 731001);
- [DESIRA](https://cordis.europa.eu/project/id/818194) (grant no. 818194);
- [ARIADNEplus](https://cordis.europa.eu/project/id/823914) (grant no. 823914);
- [RISIS 2](https://cordis.europa.eu/project/id/824091) (grant no. 824091);
- [EOSC-Pillar](https://cordis.europa.eu/project/id/857650) (grant no. 857650);
- [Blue Cloud](https://cordis.europa.eu/project/id/862409) (grant no. 862409);
- [SoBigData-PlusPlus](https://cordis.europa.eu/project/id/871042) (grant no. 871042);

311
keycloak-d4science-bundle/LICENSE.md
View File

@ -1,311 +0,0 @@
#European Union Public Licence V.1.1
##*EUPL © the European Community 2007*
This **European Union Public Licence** (the **“EUPL”**) applies to the Work or Software
(as defined below) which is provided under the terms of this Licence. Any use of
the Work, other than as authorised under this Licence is prohibited (to the
extent such use is covered by a right of the copyright holder of the Work).
The Original Work is provided under the terms of this Licence when the Licensor
(as defined below) has placed the following notice immediately following the
copyright notice for the Original Work:
**Licensed under the EUPL V.1.1**
or has expressed by any other mean his willingness to license under the EUPL.
##1. Definitions
In this Licence, the following terms have the following meaning:
- The Licence: this Licence.
- The Original Work or the Software: the software distributed and/or
communicated by the Licensor under this Licence, available as Source Code and
also as Executable Code as the case may be.
- Derivative Works: the works or software that could be created by the Licensee,
based upon the Original Work or modifications thereof. This Licence does not
define the extent of modification or dependence on the Original Work required
in order to classify a work as a Derivative Work; this extent is determined by
copyright law applicable in the country mentioned in Article 15.
- The Work: the Original Work and/or its Derivative Works.
- The Source Code: the human-readable form of the Work which is the most
convenient for people to study and modify.
- The Executable Code: any code which has generally been compiled and which is
meant to be interpreted by a computer as a program.
- The Licensor: the natural or legal person that distributes and/or communicates
the Work under the Licence.
- Contributor(s): any natural or legal person who modifies the Work under the
Licence, or otherwise contributes to the creation of a Derivative Work.
- The Licensee or “You”: any natural or legal person who makes any usage of the
Software under the terms of the Licence.
- Distribution and/or Communication: any act of selling, giving, lending,
renting, distributing, communicating, transmitting, or otherwise making
available, on-line or off-line, copies of the Work or providing access to its
essential functionalities at the disposal of any other natural or legal
person.
##2. Scope of the rights granted by the Licence
The Licensor hereby grants You a world-wide, royalty-free, non-exclusive,
sub-licensable licence to do the following, for the duration of copyright vested
in the Original Work:
- use the Work in any circumstance and for all usage, reproduce the Work, modify
- the Original Work, and make Derivative Works based upon the Work, communicate
- to the public, including the right to make available or display the Work or
- copies thereof to the public and perform publicly, as the case may be, the
- Work, distribute the Work or copies thereof, lend and rent the Work or copies
- thereof, sub-license rights in the Work or copies thereof.
Those rights can be exercised on any media, supports and formats, whether now
known or later invented, as far as the applicable law permits so.
In the countries where moral rights apply, the Licensor waives his right to
exercise his moral right to the extent allowed by law in order to make effective
the licence of the economic rights here above listed.
The Licensor grants to the Licensee royalty-free, non exclusive usage rights to
any patents held by the Licensor, to the extent necessary to make use of the
rights granted on the Work under this Licence.
##3. Communication of the Source Code
The Licensor may provide the Work either in its Source Code form, or as
Executable Code. If the Work is provided as Executable Code, the Licensor
provides in addition a machine-readable copy of the Source Code of the Work
along with each copy of the Work that the Licensor distributes or indicates, in
a notice following the copyright notice attached to the Work, a repository where
the Source Code is easily and freely accessible for as long as the Licensor
continues to distribute and/or communicate the Work.
##4. Limitations on copyright
Nothing in this Licence is intended to deprive the Licensee of the benefits from
any exception or limitation to the exclusive rights of the rights owners in the
Original Work or Software, of the exhaustion of those rights or of other
applicable limitations thereto.
##5. Obligations of the Licensee
The grant of the rights mentioned above is subject to some restrictions and
obligations imposed on the Licensee. Those obligations are the following:
Attribution right: the Licensee shall keep intact all copyright, patent or
trademarks notices and all notices that refer to the Licence and to the
disclaimer of warranties. The Licensee must include a copy of such notices and a
copy of the Licence with every copy of the Work he/she distributes and/or
communicates. The Licensee must cause any Derivative Work to carry prominent
notices stating that the Work has been modified and the date of modification.
Copyleft clause: If the Licensee distributes and/or communicates copies of the
Original Works or Derivative Works based upon the Original Work, this
Distribution and/or Communication will be done under the terms of this Licence
or of a later version of this Licence unless the Original Work is expressly
distributed only under this version of the Licence. The Licensee (becoming
Licensor) cannot offer or impose any additional terms or conditions on the Work
or Derivative Work that alter or restrict the terms of the Licence.
Compatibility clause: If the Licensee Distributes and/or Communicates Derivative
Works or copies thereof based upon both the Original Work and another work
licensed under a Compatible Licence, this Distribution and/or Communication can
be done under the terms of this Compatible Licence. For the sake of this clause,
“Compatible Licence” refers to the licences listed in the appendix attached to
this Licence. Should the Licensees obligations under the Compatible Licence
conflict with his/her obligations under this Licence, the obligations of the
Compatible Licence shall prevail.
Provision of Source Code: When distributing and/or communicating copies of the
Work, the Licensee will provide a machine-readable copy of the Source Code or
indicate a repository where this Source will be easily and freely available for
as long as the Licensee continues to distribute and/or communicate the Work.
Legal Protection: This Licence does not grant permission to use the trade names,
trademarks, service marks, or names of the Licensor, except as required for
reasonable and customary use in describing the origin of the Work and
reproducing the content of the copyright notice.
##6. Chain of Authorship
The original Licensor warrants that the copyright in the Original Work granted
hereunder is owned by him/her or licensed to him/her and that he/she has the
power and authority to grant the Licence.
Each Contributor warrants that the copyright in the modifications he/she brings
to the Work are owned by him/her or licensed to him/her and that he/she has the
power and authority to grant the Licence.
Each time You accept the Licence, the original Licensor and subsequent
Contributors grant You a licence to their contributions to the Work, under the
terms of this Licence.
##7. Disclaimer of Warranty
The Work is a work in progress, which is continuously improved by numerous
contributors. It is not a finished work and may therefore contain defects or
“bugs” inherent to this type of software development.
For the above reason, the Work is provided under the Licence on an “as is” basis
and without warranties of any kind concerning the Work, including without
limitation merchantability, fitness for a particular purpose, absence of defects
or errors, accuracy, non-infringement of intellectual property rights other than
copyright as stated in Article 6 of this Licence.
This disclaimer of warranty is an essential part of the Licence and a condition
for the grant of any rights to the Work.
##8. Disclaimer of Liability
Except in the cases of wilful misconduct or damages directly caused to natural
persons, the Licensor will in no event be liable for any direct or indirect,
material or moral, damages of any kind, arising out of the Licence or of the use
of the Work, including without limitation, damages for loss of goodwill, work
stoppage, computer failure or malfunction, loss of data or any commercial
damage, even if the Licensor has been advised of the possibility of such
damage. However, the Licensor will be liable under statutory product liability
laws as far such laws apply to the Work.
##9. Additional agreements
While distributing the Original Work or Derivative Works, You may choose to
conclude an additional agreement to offer, and charge a fee for, acceptance of
support, warranty, indemnity, or other liability obligations and/or services
consistent with this Licence. However, in accepting such obligations, You may
act only on your own behalf and on your sole responsibility, not on behalf of
the original Licensor or any other Contributor, and only if You agree to
indemnify, defend, and hold each Contributor harmless for any liability incurred
by, or claims asserted against such Contributor by the fact You have accepted
any such warranty or additional liability.
##10. Acceptance of the Licence
The provisions of this Licence can be accepted by clicking on an icon “I agree”
placed under the bottom of a window displaying the text of this Licence or by
affirming consent in any other similar way, in accordance with the rules of
applicable law. Clicking on that icon indicates your clear and irrevocable
acceptance of this Licence and all of its terms and conditions.
Similarly, you irrevocably accept this Licence and all of its terms and
conditions by exercising any rights granted to You by Article 2 of this Licence,
such as the use of the Work, the creation by You of a Derivative Work or the
Distribution and/or Communication by You of the Work or copies thereof.
##11. Information to the public
In case of any Distribution and/or Communication of the Work by means of
electronic communication by You (for example, by offering to download the Work
from a remote location) the distribution channel or media (for example, a
website) must at least provide to the public the information requested by the
applicable law regarding the Licensor, the Licence and the way it may be
accessible, concluded, stored and reproduced by the Licensee.
##12. Termination of the Licence
The Licence and the rights granted hereunder will terminate automatically upon
any breach by the Licensee of the terms of the Licence.
Such a termination will not terminate the licences of any person who has
received the Work from the Licensee under the Licence, provided such persons
remain in full compliance with the Licence.
##13. Miscellaneous
Without prejudice of Article 9 above, the Licence represents the complete
agreement between the Parties as to the Work licensed hereunder.
If any provision of the Licence is invalid or unenforceable under applicable
law, this will not affect the validity or enforceability of the Licence as a
whole. Such provision will be construed and/or reformed so as necessary to make
it valid and enforceable.
The European Commission may publish other linguistic versions and/or new
versions of this Licence, so far this is required and reasonable, without
reducing the scope of the rights granted by the Licence. New versions of the
Licence will be published with a unique version number.
All linguistic versions of this Licence, approved by the European Commission,
have identical value. Parties can take advantage of the linguistic version of
their choice.
##14. Jurisdiction
Any litigation resulting from the interpretation of this License, arising
between the European Commission, as a Licensor, and any Licensee, will be
subject to the jurisdiction of the Court of Justice of the European Communities,
as laid down in article 238 of the Treaty establishing the European Community.
Any litigation arising between Parties, other than the European Commission, and
resulting from the interpretation of this License, will be subject to the
exclusive jurisdiction of the competent court where the Licensor resides or
conducts its primary business.
##15. Applicable Law
This Licence shall be governed by the law of the European Union country where
the Licensor resides or has his registered office.
This licence shall be governed by the Belgian law if:
- a litigation arises between the European Commission, as a Licensor, and any
- Licensee; the Licensor, other than the European Commission, has no residence
- or registered office inside a European Union country.
---
##Appendix
**“Compatible Licences”** according to article 5 EUPL are:
- GNU General Public License (GNU GPL) v. 2
- Open Software License (OSL) v. 2.1, v. 3.0
- Common Public License v. 1.0
- Eclipse Public License v. 1.0
- Cecill v. 2.0

47
keycloak-d4science-bundle/README.md
View File

@ -1,47 +0,0 @@
# Keycloak D4Science Bundle
[*** This module has been removed from build since the wildfly distribution (J2EE) is no more available ***]
**Keycloak D4Science Bundle** assembles all the modules in one J2EE EAR ready to be deployed inside a Keycloak installation.
## Structure of the project
The source of the EAR configuration is located under `src/main/application` folder.
## Built With
* [OpenJDK](https://openjdk.java.net/) - The JDK used
* [Maven](https://maven.apache.org/) - Dependency Management
## Documentation
This is one of the modules that composes the EAR deployment defined in the "brother" module [keycloak-d4science-spi](../keycloak-d4science-spi-ear/README.md).
To build the fat EAR bundle it is sufficient to type
mvn clean package
## Change log
See [CHANGELOG.md](CHANGELOG.md).
## Authors
* **Mauro Mugnaini** ([Nubisware S.r.l.](http://www.nubisware.com))
## How to Cite this Software
[Intentionally left blank]
## License
This project is licensed under the EUPL V.1.1 License - see the [LICENSE.md](LICENSE.md) file for details.
## About the gCube Framework
This software is part of the [gCubeFramework](https://www.gcube-system.org/ "gCubeFramework"): an
open-source software toolkit used for building and operating Hybrid Data
Infrastructures enabling the dynamic deployment of Virtual Research Environments
by favouring the realisation of reuse oriented policies.
The projects leading to this software have received funding from a series of European Union programmes see [FUNDING.md](FUNDING.md)
## Acknowledgments
[Intentionally left blank]

149
keycloak-d4science-bundle/pom.xml
View File

@ -1,149 +0,0 @@
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.gcube.iam</groupId>
<artifactId>keycloak-d4science-spi-parent</artifactId>
<version>2.0.0</version>
</parent>
<artifactId>keycloak-d4science-bundle</artifactId>
<packaging>ear</packaging>
<scm>
<connection>scm:git:https://code-repo.d4science.org/gCubeSystem/${project.parent.artifactId}.git</connection>
<developerConnection>scm:git:https://code-repo.d4science.org/gCubeSystem/${project.parent.artifactId}.git</developerConnection>
<url>https://code-repo.d4science.org/gCubeSystem/${project.parent.artifactId}</url>
</scm>
<dependencies>
<dependency>
<groupId>org.gcube.iam</groupId>
<artifactId>avatar-importer</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.gcube.iam</groupId>
<artifactId>avatar-realm-resource</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.gcube.iam</groupId>
<artifactId>avatar-storage</artifactId>
<version>${project.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.gcube.iam</groupId>
<artifactId>delete-account</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.gcube.iam</groupId>
<artifactId>event-listener-provider</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.gcube.iam</groupId>
<artifactId>identity-provider-mapper</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.gcube.iam</groupId>
<artifactId>keycloak-d4science-script</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.gcube.iam</groupId>
<artifactId>keycloak-d4science-theme</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.gcube.iam</groupId>
<artifactId>ldap-storage-mapper</artifactId>
<version>${project.version}</version>
</dependency>
<!-- This should be declared since in the BOM is declared as provided -->
<dependency>
<groupId>com.googlecode.json-simple</groupId>
<artifactId>json-simple</artifactId>
<version>${json-simple.version}</version>
<scope>runtime</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-ear-plugin</artifactId>
<version>3.0.1</version>
<configuration>
<defaultLibBundleDir>lib</defaultLibBundleDir>
<modules>
<jarModule>
<groupId>org.gcube.iam</groupId>
<artifactId>avatar-importer</artifactId>
<includeInApplicationXml>true</includeInApplicationXml>
<bundleFileName>avatar-importer-${project.version}.jar</bundleFileName>
<bundleDir>/</bundleDir>
</jarModule>
<jarModule>
<groupId>org.gcube.iam</groupId>
<artifactId>avatar-realm-resource</artifactId>
<includeInApplicationXml>true</includeInApplicationXml>
<bundleFileName>avatar-realm-resource-${project.version}.jar</bundleFileName>
<bundleDir>/</bundleDir>
</jarModule>
<jarModule>
<groupId>org.gcube.iam</groupId>
<artifactId>delete-account</artifactId>
<includeInApplicationXml>true</includeInApplicationXml>
<bundleFileName>delete-account-${project.version}.jar</bundleFileName>
<bundleDir>/</bundleDir>
</jarModule>
<jarModule>
<groupId>org.gcube.iam</groupId>
<artifactId>event-listener-provider</artifactId>
<includeInApplicationXml>true</includeInApplicationXml>
<bundleFileName>event-listener-provider-${project.version}.jar</bundleFileName>
<bundleDir>/</bundleDir>
</jarModule>
<jarModule>
<groupId>org.gcube.iam</groupId>
<artifactId>identity-provider-mapper</artifactId>
<includeInApplicationXml>true</includeInApplicationXml>
<bundleFileName>identity-provider-mapper-${project.version}.jar</bundleFileName>
<bundleDir>/</bundleDir>
</jarModule>
<jarModule>
<groupId>org.gcube.iam</groupId>
<artifactId>keycloak-d4science-script</artifactId>
<includeInApplicationXml>true</includeInApplicationXml>
<bundleFileName>keycloak-d4science-script-${project.version}.jar</bundleFileName>
<bundleDir>/</bundleDir>
</jarModule>
<jarModule>
<groupId>org.gcube.iam</groupId>
<artifactId>keycloak-d4science-theme</artifactId>
<includeInApplicationXml>true</includeInApplicationXml>
<bundleFileName>keycloak-d4science-theme-${project.version}.jar</bundleFileName>
<bundleDir>/</bundleDir>
</jarModule>
<jarModule>
<groupId>org.gcube.iam</groupId>
<artifactId>ldap-storage-mapper</artifactId>
<includeInApplicationXml>true</includeInApplicationXml>
<bundleFileName>ldap-storage-mapper-${project.version}.jar</bundleFileName>
<bundleDir>/</bundleDir>
</jarModule>
</modules>
</configuration>
</plugin>
</plugins>
</build>
</project>

94
keycloak-d4science-bundle/src/main/application/META-INF/jboss-deployment-structure.xml
View File

@ -1,94 +0,0 @@
<jboss-deployment-structure>
<deployment>
<module-alias name="deployment.d4science.spi" />
</deployment>
<sub-deployment name="avatar-importer.jar">
<dependencies>
<module name="com.google.guava" />
<module name="org.apache.commons.codec" />
<module name="org.apache.commons.lang" />
<module name="org.apache.commons.io" />
<module name="org.gcube.keycloak.avatar-storage" />
<module name="org.keycloak.keycloak-core" />
<module name="org.keycloak.keycloak-server-spi" />
<module name="org.keycloak.keycloak-server-spi-private" />
<module name="org.keycloak.keycloak-services" />
<module name="org.jboss.logging" />
<module name="org.slf4j" />
</dependencies>
</sub-deployment>
<sub-deployment name="avatar-realm-resource.jar">
<dependencies>
<module name="javax.servlet.api" />
<module name="javax.ws.rs.api" />
<module name="org.apache.commons.io" />
<module name="org.gcube.keycloak.avatar-storage" />
<module name="org.hibernate" />
<module name="org.keycloak.keycloak-core" />
<module name="org.keycloak.keycloak-ldap-federation" />
<module name="org.keycloak.keycloak-server-spi" />
<module name="org.keycloak.keycloak-server-spi-private" />
<module name="org.keycloak.keycloak-services" />
<module name="org.jboss.logging" />
<module name="org.jboss.resteasy.resteasy-jaxb-provider" />
<module name="org.jboss.resteasy.resteasy-jaxrs" />
<module name="org.jboss.resteasy.resteasy-multipart-provider" />
<module name="org.slf4j" />
</dependencies>
</sub-deployment>
<sub-deployment name="delete-account.jar">
<dependencies>
<module name="javax.servlet.api" />
<module name="javax.ws.rs.api" />
<module name="org.gcube.keycloak.avatar-storage" />
<module name="org.keycloak.keycloak-core" />
<module name="org.keycloak.keycloak-server-spi" />
<module name="org.keycloak.keycloak-server-spi-private" />
<module name="org.keycloak.keycloak-services" />
<module name="org.jboss.logging" />
<module name="org.jboss.resteasy.resteasy-jaxrs" />
<module name="org.slf4j" />
</dependencies>
</sub-deployment>
<sub-deployment name="event-listener-provider.jar">
<dependencies>
<module name="org.keycloak.keycloak-core" />
<module name="org.keycloak.keycloak-server-spi" />
<module name="org.keycloak.keycloak-server-spi-private" />
<module name="org.keycloak.keycloak-services" />
<module name="org.jboss.logging" />
<module name="org.slf4j" />
</dependencies>
</sub-deployment>
<sub-deployment name="identity-provider-mapper.jar">
<dependencies>
<module name="org.keycloak.keycloak-core" />
<module name="org.keycloak.keycloak-server-spi" />
<module name="org.keycloak.keycloak-server-spi-private" />
<module name="org.keycloak.keycloak-services" />
<module name="org.jboss.logging" />
<module name="org.slf4j" />
</dependencies>
</sub-deployment>
<sub-deployment name="keycloak-d4science-theme.jar">
<dependencies>
<module name="org.keycloak.keycloak-core" />
</dependencies>
</sub-deployment>
<sub-deployment name="keycloak-d4science-script.jar">
<dependencies>
<module name="org.keycloak.keycloak-core" />
</dependencies>
</sub-deployment>
<sub-deployment name="ldap-storage-mapper.jar">
<dependencies>
<module name="org.keycloak.keycloak-core" />
<module name="org.keycloak.keycloak-ldap-federation" />
<module name="org.keycloak.keycloak-server-spi" />
<module name="org.keycloak.keycloak-server-spi-private" />
<module name="org.keycloak.keycloak-services" />
<module name="org.jboss.logging" />
<module name="org.slf4j" />
</dependencies>
</sub-deployment>
</jboss-deployment-structure>

3
keycloak-d4science-script/CHANGELOG.md
View File

@ -2,7 +2,8 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
# Changelog for "keycloak-d4science-themes"
## [v2.2.0-SNAPSHOT]
## [v2.24.0-SNAPSHOT]
Now the minor part of the version (the `24` in the `2.24.x`) shows the compatibility to the specific Keycloak major version, in this case `24.x.x`
## [v2.1.0]
Changes in other sub-components

2
keycloak-d4science-script/pom.xml
View File

@ -7,7 +7,7 @@
<parent>
<groupId>org.gcube.iam</groupId>
<artifactId>keycloak-d4science-spi-parent</artifactId>
<version>2.2.0-SNAPSHOT</version>
<version>2.24.0-SNAPSHOT</version>
</parent>
<artifactId>keycloak-d4science-script</artifactId>

4
keycloak-d4science-theme/CHANGELOG.md
View File

@ -2,7 +2,9 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
# Changelog for "keycloak-d4science-themes"
## [v2.2.0-SNAPSHOT]
## [v2.24.0-SNAPSHOT]
New theme support for account (Keycloak.v3) and others (Keycloak.v2). `d4science.v2` theme has been deprecated (and removed from declarations) and now only `d4science` will be the theme to be used/extended.
Now the minor part of the version (the `24` in the `2.24.x`) shows the compatibility to the specific Keycloak major version, in this case `24.x.x`
## [v2.1.0]
- Revised terms, EU links, D4Science and Blue-Cloud logo updated (#25444)

26
keycloak-d4science-theme/pom.xml
View File

@ -7,7 +7,7 @@
<parent>
<groupId>org.gcube.iam</groupId>
<artifactId>keycloak-d4science-spi-parent</artifactId>
<version>2.2.0-SNAPSHOT</version>
<version>2.24.0-SNAPSHOT</version>
</parent>
<artifactId>keycloak-d4science-theme</artifactId>
@ -17,10 +17,24 @@
<maven.javadoc.skip>true</maven.javadoc.skip>
</properties>
<scm>
<connection>scm:git:https://code-repo.d4science.org/gCubeSystem/${project.parent.artifactId}.git</connection>
<developerConnection>scm:git:https://code-repo.d4science.org/gCubeSystem/${project.parent.artifactId}.git</developerConnection>
<url>https://code-repo.d4science.org/gCubeSystem/${project.parent.artifactId}</url>
</scm>
<scm>
<connection>
scm:git:https://code-repo.d4science.org/gCubeSystem/${project.parent.artifactId}.git</connection>
<developerConnection>
scm:git:https://code-repo.d4science.org/gCubeSystem/${project.parent.artifactId}.git</developerConnection>
<url>
https://code-repo.d4science.org/gCubeSystem/${project.parent.artifactId}</url>
</scm>
<build>
<resources>
<resource>
<directory>src/main/resources</directory>
<excludes>
<exclude>**/src/**/*</exclude>
</excludes>
</resource>
</resources>
</build>
</project>

5
keycloak-d4science-theme/src/main/resources/META-INF/keycloak-themes.json
View File

@ -16,15 +16,10 @@
"name": "d4science",
"types": [
"account",
"admin",
"email",
"login"
]
},
{
"name": "d4science.v2",
"types": [ "account" ]
},
{
"name": "dante.d4science.org",
"types": [ "login" ]

293
keycloak-d4science-theme/src/main/resources/theme/d4science.v2/account/index.ftl
View File

@ -1,293 +0,0 @@
<!DOCTYPE html>
<html>
<head>
<title>${msg("accountManagementTitle")}</title>
<meta charset="UTF-8">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
<meta name="robots" content="noindex, nofollow">
<meta name="viewport" content="width=device-width, initial-scale=1">
<script>
<#if properties.developmentMode?has_content && properties.developmentMode == "true">
var developmentMode = true;
var reactRuntime = 'react.development.js';
var reactDOMRuntime = 'react-dom.development.js';
var reactRouterRuntime = 'react-router-dom.js';
<#else>
var developmentMode = false;
var reactRuntime = 'react.production.min.js';
var reactDOMRuntime = 'react-dom.production.min.js';
var reactRouterRuntime = 'react-router-dom.min.js';
</#if>
var authUrl = '${authUrl}';
var baseUrl = '${baseUrl}';
var realm = '${realm.name}';
var resourceUrl = '${resourceUrl}';
var isReactLoading = false;
<#if properties.logo?has_content>
var brandImg = resourceUrl + '${properties.logo}';
<#else>
var brandImg = resourceUrl + '/public/logo.svg';
</#if>
<#if properties.logoUrl?has_content>
var brandUrl = '${properties.logoUrl}';
<#else>
var brandUrl = baseUrl;
</#if>
var features = {
isRegistrationEmailAsUsername : ${realm.registrationEmailAsUsername?c},
isEditUserNameAllowed : ${realm.editUsernameAllowed?c},
isInternationalizationEnabled : ${realm.isInternationalizationEnabled()?c},
isLinkedAccountsEnabled : ${realm.identityFederationEnabled?c},
isMyResourcesEnabled : ${(realm.userManagedAccessAllowed && isAuthorizationEnabled)?c},
deleteAccountAllowed : ${deleteAccountAllowed?c},
updateEmailFeatureEnabled: ${updateEmailFeatureEnabled?c},
updateEmailActionEnabled: ${updateEmailActionEnabled?c},
isViewGroupsEnabled : ${isViewGroupsEnabled?c}
}
var availableLocales = [];
<#list supportedLocales as locale, label>
availableLocales.push({locale : '${locale}', label : '${label}'});
</#list>
<#if referrer??>
var referrer = '${referrer}';
var referrerName = '${referrerName}';
var referrerUri = '${referrer_uri}'.replace('&amp;', '&');
</#if>
<#if msg??>
var locale = '${locale}';
<#outputformat "JavaScript">
var l18nMsg = JSON.parse('${msgJSON?js_string}');
</#outputformat>
<#else>
var locale = 'en';
var l18Msg = {};
</#if>
</script>
<#if properties.favIcon?has_content>
<link rel="icon" href="${resourceUrl}${properties.favIcon}" type="image/x-icon"/>
<#else>
<link rel="icon" href="${resourceUrl}/public/favicon.ico" type="image/x-icon"/>
</#if>
<script src="${authUrl}js/keycloak.js"></script>
<#if properties.developmentMode?has_content && properties.developmentMode == "true">
<!-- Don't use this in production: -->
<script src="${resourceUrl}/node_modules/react/umd/react.development.js" crossorigin></script>
<script src="${resourceUrl}/node_modules/react-dom/umd/react-dom.development.js" crossorigin></script>
<script src="https://unpkg.com/babel-standalone@6.26.0/babel.min.js"></script>
</#if>
<#if properties.extensions?has_content>
<#list properties.extensions?split(' ') as script>
<#if properties.developmentMode?has_content && properties.developmentMode == "true">
<script type="text/babel" src="${resourceUrl}/${script}"></script>
<#else>
<script type="text/javascript" src="${resourceUrl}/${script}"></script>
</#if>
</#list>
</#if>
<#if properties.scripts?has_content>
<#list properties.scripts?split(' ') as script>
<script type="text/javascript" src="${resourceUrl}/${script}"></script>
</#list>
</#if>
<script>
var content = <#include "resources/content.json"/>
</script>
<link rel="stylesheet" href="${resourceCommonUrl}/node_modules/@patternfly/react-core/dist/styles/base.css"/>
<link rel="stylesheet" href="${resourceCommonUrl}/node_modules/@patternfly/patternfly/patternfly-addons.css"/>
<link rel="stylesheet" href="${resourceUrl}/public/app.css"/>
<link rel="stylesheet" href="${resourceUrl}/public/layout.css"/>
<#if properties.styles?has_content>
<#list properties.styles?split(' ') as style>
<link href="${resourceUrl}/${style}" rel="stylesheet"/>
</#list>
</#if>
</head>
<body>
<script>
var keycloak = new Keycloak({
authServerUrl: authUrl,
realm: realm,
clientId: 'account-console'
});
keycloak.init({onLoad: 'check-sso', pkceMethod: 'S256', promiseType: 'native'}).then((authenticated) => {
isReactLoading = true;
toggleReact();
if (!keycloak.authenticated) {
document.getElementById("landingSignInButton").style.display='inline';
document.getElementById("landingSignInLink").style.display='inline';
} else {
document.getElementById("landingSignOutButton").style.display='inline';
document.getElementById("landingSignOutLink").style.display='inline';
document.getElementById("landingLoggedInUser").innerHTML = loggedInUserName('${msg("unknownUser")}', '${msg("fullName")}');
}
loadjs("/Main.js");
}).catch(() => {
alert('failed to initialize keycloak');
});
</script>
<div id="main_react_container" style="display:none;height:100%"></div>
<div id="spinner_screen" style="display:block; height:100%">
<div style="width: 320px; height: 328px; text-align: center; position: absolute; top:0; bottom: 0; left: 0; right: 0; margin: auto;">
<#if properties.logo?has_content>
<img src="${resourceUrl}${properties.logoOnLoading}" alt="Logo" class="brand">
<#else>
<img src="${resourceUrl}/public/logo.svg" alt="Logo" class="brand">
</#if>
<p>${msg("loadingMessage")}</p>
<div>
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" style="margin: auto; background: rgb(255, 255, 255); display: block; shape-rendering: auto;" width="200px" height="200px" viewBox="0 0 100 100" preserveAspectRatio="xMidYMid">
<path d="M10 50A40 40 0 0 0 90 50A40 42 0 0 1 10 50" fill="#5DBCD2" stroke="none" transform="rotate(16.3145 50 51)">
<animateTransform attributeName="transform" type="rotate" dur="1s" repeatCount="indefinite" keyTimes="0;1" values="0 50 51;360 50 51"></animateTransform>
</path>
</svg>
</div>
</div>
</div>
<div id="welcomeScreen" style="display:none;height:100%">
<div class="pf-c-page" id="page-layout-default-nav">
<header role="banner" class="pf-c-page__header">
<div class="pf-c-page__header-brand">
<#if properties.logoUrl?has_content>
<a id="landingLogo" class="pf-c-page__header-brand-link" href="${properties.logoUrl}">
<#else>
<a id="landingLogo" class="pf-c-page__header-brand-link" href="${baseUrl}">
</#if>
<#if properties.logo?has_content>
<img class="pf-c-brand brand" src="${resourceUrl}${properties.logo}" alt="Logo">
<#else>
<img class="pf-c-brand brand" src="${resourceUrl}/public/logo.svg" alt="Logo">
</#if>
</a>
</div>
<div class="pf-c-page__header-tools">
<#if referrer?has_content && referrer_uri?has_content>
<div class="pf-c-page__header-tools-group pf-m-icons pf-u-display-none pf-u-display-flex-on-md">
<a id="landingReferrerLink" href="${referrer_uri}" class="pf-c-button pf-m-link" tabindex="0">
<span class="pf-c-button__icon pf-m-start">
<i class="pf-icon pf-icon-arrow" aria-hidden="true"></i>
</span>
${msg("backTo",referrerName)}
</a>
</div>
</#if>
<div class="pf-c-page__header-tools-group pf-m-icons pf-u-display-none pf-u-display-flex-on-md pf-u-mr-md">
<button id="landingSignInButton" tabindex="0" style="display:none" onclick="keycloak.login();" class="pf-c-button pf-m-primary" type="button">${msg("doSignIn")}</button>
<button id="landingSignOutButton" tabindex="0" style="display:none" onclick="keycloak.logout();" class="pf-c-button pf-m-primary" type="button">${msg("doSignOut")}</button>
</div>
<!-- Kebab for mobile -->
<div class="pf-c-page__header-tools-group pf-u-display-none-on-md">
<div id="landingMobileKebab" class="pf-c-dropdown pf-m-mobile" onclick="toggleMobileDropdown();"> <!-- pf-m-expanded -->
<button aria-label="Actions" tabindex="0" id="landingMobileKebabButton" class="pf-c-dropdown__toggle pf-m-plain" type="button" aria-expanded="true" aria-haspopup="true">
<svg fill="currentColor" height="1em" width="1em" viewBox="0 0 192 512" aria-hidden="true" role="img" style="vertical-align: -0.125em;"><path d="M96 184c39.8 0 72 32.2 72 72s-32.2 72-72 72-72-32.2-72-72 32.2-72 72-72zM24 80c0 39.8 32.2 72 72 72s72-32.2 72-72S135.8 8 96 8 24 40.2 24 80zm0 352c0 39.8 32.2 72 72 72s72-32.2 72-72-32.2-72-72-72-72 32.2-72 72z" transform=""></path></svg>
</button>
<ul id="landingMobileDropdown" aria-labelledby="landingMobileKebabButton" class="pf-c-dropdown__menu pf-m-align-right" role="menu" style="display:none">
<#if referrer?has_content && referrer_uri?has_content>
<li role="none">
<a id="landingMobileReferrerLink" href="${referrer_uri}" role="menuitem" tabindex="0" aria-disabled="false" class="pf-c-dropdown__menu-item">${msg("backTo",referrerName)}</a>
</li>
</#if>
<li id="landingSignInLink" role="none" style="display:none">
<a onclick="keycloak.login();" role="menuitem" tabindex="0" aria-disabled="false" class="pf-c-dropdown__menu-item">${msg("doLogIn")}</a>
</li>
<li id="landingSignOutLink" role="none" style="display:none">
<a onclick="keycloak.logout();" role="menuitem" tabindex="0" aria-disabled="false" class="pf-c-dropdown__menu-item">${msg("doSignOut")}</a>
</li>
</ul>
</div>
</div>
<span id="landingLoggedInUser"></span>
</div> <!-- end header tools -->
</header>
<main role="main" class="pf-c-page__main">
<section class="pf-c-page__main-section pf-m-limit-width pf-m-light pf-m-shadow-bottom">
<div class="pf-c-page__main-body">
<div class="pf-c-content" id="landingWelcomeMessage">
<h1>${msg("accountManagementWelcomeMessage")}</h1>
</div>
</div>
</section>
<section class="pf-c-page__main-section pf-m-limit-width pf-m-overflow-scroll">
<div class="pf-c-page__main-body">
<div class="pf-l-gallery pf-m-gutter">
<#assign content=theme.apply("content.json")?eval>
<#list content as item>
<div class="pf-l-gallery__item" id="landing-${item.id}">
<div class="pf-c-card pf-m-full-height">
<div>
<div class="pf-c-card__title pf-c-content">
<h2 class="pf-u-display-flex pf-u-w-100 pf-u-flex-direction-column">
<#if item.icon??>
<i class="pf-icon ${item.icon}"></i>
<#elseif item.iconSvg??>
<img src="${item.iconSvg}" alt="icon"/>
</#if>
${msg(item.label)}
</h2>
</div>
<div class="pf-c-card__body">
<#if item.descriptionLabel??>
<p class="pf-u-mb-md">${msg(item.descriptionLabel)}</p>
</#if>
<#if item.content??>
<#list item.content as sub>
<div id="landing-${sub.id}">
<a onclick="toggleReact(); window.location.hash='${sub.path}'">${msg(sub.label)}</a>
</div>
</#list>
<#else>
<a id="landing-${item.id}" onclick="toggleReact(); window.location.hash = '${item.path}'">${msg(item.label)}</a>
</#if>
</div>
</div>
</div>
</div>
</#list>
</div>
</div>
</section>
</main>
</div>
</div>
<script>
const removeHidden = (content) => {
content.forEach(c => {
if (c.hidden && eval(c.hidden)) {
document.getElementById('landing-' + c.id).remove();
}
if (c.content) removeHidden(c.content);
});
}
removeHidden(content);
</script>
</body>
</html>

24
keycloak-d4science-theme/src/main/resources/theme/d4science.v2/account/messages/messages_en.properties
View File

@ -1,24 +0,0 @@
accountManagementWelcomeMessage=Welcome to Keycloak Extended Account Console
personalBasicInfoHtmlTitle=Basic information
accountExtraInfoHtmlTitleHome=Profile settings
accountExtraSubMessageHome=Handle extra profile settings
accountExtraInfoHtmlTitle=Profile settings
accountExtraSubMessage=Handle profile: add/update your avatar, delete your account
avatarLabel=Avatar
uploadLabel=Select image file
dragdropInfo=Drag and drop an image file or upload one
browseButton=Browse
clearButton=Clear
avatarInfo=A 100x100px size is suggested. Images exceding 250x250px will be resized to 250px width or height mantaining their ratio. The maximum file size permitted is 1MB.
avatarUpdatedMessage=Avatar successfully updated
error-noAvatarFound=No avatar found on server
deleteAccount=Delete Account
deleteAccountInfoMessage=Deleting your account will disable your profile and remove your name and photo you''ve shared on D4Science gateway(s). Some information may still be visible to others, such as your name in the posts and private messages you sent.<br/>All files and folders you created of your workspace will be removed.
deleteAccountDialogHeader=Confirm account delete
deleteAccountWarningMessage=Clicking on the "Confirm" button is an undoable operation, your account will be removed and you'll be automatically logged out from all your sessions.
deleteAccountConfirmMessage=<br/>Do you really want to remove your account? <strong>NOTE: This action is irreversible!</strong>
doDeleteConfirm=Confirm
accountDeletedMessage=Your account has been deleted

24
keycloak-d4science-theme/src/main/resources/theme/d4science.v2/account/messages/messages_it.properties
View File

@ -1,24 +0,0 @@
accountManagementWelcomeMessage=Benvenuto nella gestione estesa degli account di Keycloak
personalBasicInfoHtmlTitle=Informazioni base
accountExtraInfoHtmlTitleHome=Impostazioni profilo
accountExtraSubMessageHome=Gestisce ulteriori impostazioni associate al profilo
accountExtraInfoHtmlTitle=Impostazioni del profilo
accountExtraSubMessage=Gestisce il profilo: aggiunta/modifica dell''avatar, cancellazione dell''account
avatarLabel=Avatar
uploadLabel=Seleziona un''immagine
dragdropInfo=Trascina qui un file immagine o selezionalo
browseButton=Seleziona
clearButton=Cancella
avatarInfo=Si consiglia una dimensione di 100x100px. Le immagini che eccedono 250x250px saranno ridimensionate a 250px di larghezza o altezza mantenendo il loro rapporto. La massima dimensione consentita del file \u00e8 di 1MB.
avatarUpdatedMessage=Avatar aggiornato con successo
error-noAvatarFound=Avatar non trovato sul server
deleteAccount=Delete Account
deleteAccountInfoMessage=La cancellazione del proprio account disabiliter\u00e0 il profilo e rimuover\u00e0 il nome e le foto condivise sul/sui gateway D4Science. Alcune informazioni potrebbero risultare ancora visibili agli altri utenti, come il nome nei post e nei messaggi privati inviati.<br/>Tutti i file e le cartelle create nel workspace personale saranno rimosse.
deleteAccountDialogHeader=Conferma cancellazione account
deleteAccountWarningMessage=Cliccando sul bottone "Conferma" si avvier\u00e0 un''operazione non annullabile, l''account personale sar\u00e0 rimosso e saranno terminate tutte le sessioni aperte nei vari siti.
deleteAccountConfirmMessage=<br/>Si vuole veramente cancellare il proprio account? <strong>NOTA BENE: Questa azione \u00e8 irreversibile!</strong>
doDeleteConfirm=Conferma
accountDeletedMessage=L''account \u00e8 stato cancellato

84
keycloak-d4science-theme/src/main/resources/theme/d4science.v2/account/resources/content.json
View File

@ -1,84 +0,0 @@
[
{
"id": "personal-info",
"path": "personal-info",
"icon": "pf-icon-user",
"label": "personalInfoSidebarTitle",
"descriptionLabel": "personalInfoIntroMessage",
"content" : [
{
"id": "personal-info-base",
"path": "personal-info-base",
"label": "personalBasicInfoHtmlTitle",
"modulePath": "/content/account-page/AccountPage.js",
"componentName": "AccountPage"
},
{
"id": "account-extra",
"path": "account-extra",
"label": "accountExtraInfoHtmlTitleHome",
"modulePath": "/content/d4science-page/AccountExtraPage.js",
"componentName": "AccountExtraPage"
}
]
},
{
"id": "security",
"icon": "pf-icon-security",
"label": "accountSecuritySidebarTitle",
"descriptionLabel": "accountSecurityIntroMessage",
"content": [
{
"id": "signingin",
"path": "security/signingin",
"label": "signingInSidebarTitle",
"modulePath": "/content/signingin-page/SigningInPage.js",
"componentName": "SigningInPage"
},
{
"id": "device-activity",
"path": "security/device-activity",
"label": "deviceActivitySidebarTitle",
"modulePath": "/content/device-activity-page/DeviceActivityPage.js",
"componentName": "DeviceActivityPage"
},
{
"id": "linked-accounts",
"path": "security/linked-accounts",
"label": "linkedAccountsSidebarTitle",
"modulePath": "/content/linked-accounts-page/LinkedAccountsPage.js",
"componentName": "LinkedAccountsPage",
"hidden": "!features.isLinkedAccountsEnabled"
}
]
},
{
"id": "applications",
"icon": "pf-icon-applications",
"path": "applications",
"label": "applications",
"descriptionLabel": "applicationsIntroMessage",
"modulePath": "/content/applications-page/ApplicationsPage.js",
"componentName": "ApplicationsPage"
},
{
"id": "groups",
"path": "groups",
"icon": "pf-icon-server-group",
"label": "groupLabel",
"descriptionLabel": "groupDescriptionLabel",
"modulePath": "/content/group-page/GroupsPage.js",
"componentName": "GroupsPage",
"hidden": "!features.isViewGroupsEnabled"
},
{
"id": "resources",
"icon": "pf-icon-repository",
"path": "resources",
"label": "resources",
"descriptionLabel": "resourceIntroMessage",
"modulePath": "/content/my-resources-page/MyResourcesPage.js",
"componentName": "MyResourcesPage",
"hidden": "!features.isMyResourcesEnabled"
}
]

110
keycloak-d4science-theme/src/main/resources/theme/d4science.v2/account/resources/content/d4science-page/AccountExtraPage.js
View File

@ -1,110 +0,0 @@
function _defineProperty(obj, key, value) { if (key in obj) { Object.defineProperty(obj, key, { value: value, enumerable: true, configurable: true, writable: true }); } else { obj[key] = value; } return obj; }
import * as React from "../../../resources/web_modules/react.js";
import { PageSection, PageSectionVariants, Button, Grid, GridItem, ExpandableSection, Modal } from "../../../resources/web_modules/@patternfly/react-core.js";
import { AccountServiceContext } from "../../account-service/AccountServiceContext.js";
import { Msg } from "../../widgets/Msg.js";
import { ContentPage } from "../ContentPage.js";
import { ContentAlert } from "../ContentAlert.js";
import { AvatarForm } from "./AvatarForm.js";
export class AccountExtraPage extends React.Component {
constructor(props, context) {
super(props);
_defineProperty(this, "context", void 0);
_defineProperty(this, "DEFAULT_STATE", {
isModalOpen: false
});
_defineProperty(this, "state", this.DEFAULT_STATE);
_defineProperty(this, "handleModalToggle", open => {
this.setState({
isModalOpen: open
});
});
_defineProperty(this, "modalConfirmDelete", event => {
const accountUrl = this.context["accountUrl"];
const deleteUrl = accountUrl + "-delete/request-delete";
this.context.doPost(deleteUrl, {}).then(() => {
ContentAlert.success('accountDeletedMessage');
window.location.reload();
});
this.setState({
isModalOpen: false
});
});
this.context = context;
}
render() {
const accountUrl = this.context["accountUrl"];
return /*#__PURE__*/React.createElement(ContentPage, {
title: "accountExtraInfoHtmlTitle",
introMessage: "accountExtraSubMessage"
}, /*#__PURE__*/React.createElement(PageSection, {
isFilled: true,
variant: PageSectionVariants.light
}, /*#__PURE__*/React.createElement(AvatarForm, {
accountUrl: accountUrl
}), /*#__PURE__*/React.createElement("div", {
id: "delete-account",
style: {
marginTop: "30px"
}
}, /*#__PURE__*/React.createElement(ExpandableSection, {
toggleText: Msg.localize('deleteAccount'),
displaySize: "large"
}, /*#__PURE__*/React.createElement(Grid, {
hasGutter: true
}, /*#__PURE__*/React.createElement(GridItem, {
span: 8
}, /*#__PURE__*/React.createElement("p", {
dangerouslySetInnerHTML: {
__html: Msg.localize('deleteAccountInfoMessage')
}
})), /*#__PURE__*/React.createElement(GridItem, {
span: 4
}, /*#__PURE__*/React.createElement(Button, {
id: "delete-account-btn",
variant: "danger",
onClick: e => this.handleModalToggle(true),
className: "delete-button"
}, /*#__PURE__*/React.createElement(Msg, {
msgKey: "doDelete"
}))))), /*#__PURE__*/React.createElement(Modal, {
width: '50%',
title: Msg.localize('deleteAccountDialogHeader'),
isOpen: this.state.isModalOpen,
onClose: () => this.handleModalToggle(false),
actions: [/*#__PURE__*/React.createElement(Button, {
key: "confirm",
variant: "danger",
onClick: this.modalConfirmDelete
}, /*#__PURE__*/React.createElement(Msg, {
msgKey: "doDeleteConfirm"
})), /*#__PURE__*/React.createElement(Button, {
key: "cancel",
variant: "secondary",
onClick: e => this.handleModalToggle(false)
}, /*#__PURE__*/React.createElement(Msg, {
msgKey: "doCancel"
}))]
}, /*#__PURE__*/React.createElement("div", {
dangerouslySetInnerHTML: {
__html: Msg.localize('deleteAccountWarningMessage')
}
}), /*#__PURE__*/React.createElement("div", {
dangerouslySetInnerHTML: {
__html: Msg.localize('deleteAccountConfirmMessage')
}
})))));
}
}
_defineProperty(AccountExtraPage, "contextType", AccountServiceContext);
//# sourceMappingURL=AccountExtraPage.js.map

1
keycloak-d4science-theme/src/main/resources/theme/d4science.v2/account/resources/content/d4science-page/AccountExtraPage.js.map
View File

File diff suppressed because one or more lines are too long

193
keycloak-d4science-theme/src/main/resources/theme/d4science.v2/account/resources/content/d4science-page/AvatarForm.js
View File

@ -1,193 +0,0 @@
function _defineProperty(obj, key, value) { if (key in obj) { Object.defineProperty(obj, key, { value: value, enumerable: true, configurable: true, writable: true }); } else { obj[key] = value; } return obj; }
import * as React from "../../../resources/web_modules/react.js";
import { Form, FormGroup, ActionGroup, FileUpload, Avatar, Button, Tooltip } from "../../../resources/web_modules/@patternfly/react-core.js";
import { OutlinedQuestionCircleIcon } from "../../../resources/web_modules/@patternfly/react-icons.js";
import { AccountServiceContext } from "../../account-service/AccountServiceContext.js";
import { ContentAlert } from "../ContentAlert.js";
import { Msg } from "../../widgets/Msg.js";
export class AvatarForm extends React.Component {
constructor(props, context) {
super(props);
_defineProperty(this, "context", void 0);
_defineProperty(this, "handleFileInputChange", void 0);
_defineProperty(this, "imageScale", (imgData, callback) => {
var img = new Image();
img.src = imgData;
img.onload = event => {
var canvas = document.createElement("canvas");
var ctx = canvas.getContext("2d");
ctx.drawImage(img, 0, 0);
var MAX_WIDTH = 250;
var MAX_HEIGHT = 250;
var width = img.width;
var height = img.height;
if (width > height) {
if (width > MAX_WIDTH) {
height *= MAX_WIDTH / width;
width = MAX_WIDTH;
}
} else {
if (height > MAX_HEIGHT) {
width *= MAX_HEIGHT / height;
height = MAX_HEIGHT;
}
}
canvas.width = width;
canvas.height = height;
ctx = canvas.getContext("2d");
ctx.drawImage(img, 0, 0, width, height);
canvas.toBlob(callback);
};
});
_defineProperty(this, "handleSubmit", event => {
event.preventDefault();
const form = event.target;
var formData = new FormData(form);
formData.append("image", this.state.imageBlob);
var xhr = new XMLHttpRequest();
xhr.onreadystatechange = () => {
if (xhr.readyState == 4) {
if (200 <= xhr.status && xhr.status <= 204) {
ContentAlert.success('avatarUpdatedMessage');
} else {
ContentAlert.danger(xhr.response);
} // force reload avatar
this.setState({
errors: {
avatar: ""
},
imageBlob: null,
filename: "",
avatarSrc: this.state.avatarUrl
});
}
};
xhr.open(form.method, form.action, true);
xhr.send(formData);
});
_defineProperty(this, "handleError", event => {
this.setState({
errors: {
avatar: Msg.localize('error-noAvatarFound')
},
avatarSrc: ""
});
});
this.context = context;
var currentAvatar = props.accountUrl + "-avatar";
this.state = {
errors: {
avatar: ''
},
imageBlob: null,
filename: "",
avatarUrl: currentAvatar,
avatarSrc: currentAvatar,
noAvatarSrc: "data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz4KPCEtLSBHZW5lcmF0b3I6IEFkb2JlIElsbHVzdHJhdG9yIDI0LjAuMiwgU1ZHIEV4cG9ydCBQbHVnLUluIC4gU1ZHIFZlcnNpb246IDYuMDAgQnVpbGQgMCkgIC0tPgo8c3ZnIHZlcnNpb249IjEuMSIgaWQ9IkxheWVyXzEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgeG1sbnM6eGxpbms9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiIHg9IjBweCIgeT0iMHB4IgoJIHZpZXdCb3g9IjAgMCAzNiAzNiIgc3R5bGU9ImVuYWJsZS1iYWNrZ3JvdW5kOm5ldyAwIDAgMzYgMzY7IiB4bWw6c3BhY2U9InByZXNlcnZlIj4KPHN0eWxlIHR5cGU9InRleHQvY3NzIj4KCS5zdDB7ZmlsbC1ydWxlOmV2ZW5vZGQ7Y2xpcC1ydWxlOmV2ZW5vZGQ7ZmlsbDojRjBGMEYwO30KCS5zdDF7ZmlsbC1ydWxlOmV2ZW5vZGQ7Y2xpcC1ydWxlOmV2ZW5vZGQ7ZmlsbDojRDJEMkQyO30KCS5zdDJ7ZmlsbDojQjhCQkJFO30KCS5zdDN7ZmlsbDojRDJEMkQyO30KPC9zdHlsZT4KPHJlY3QgY2xhc3M9InN0MCIgd2lkdGg9IjM2IiBoZWlnaHQ9IjM2Ii8+CjxwYXRoIGNsYXNzPSJzdDEiIGQ9Ik0xNy43LDIwLjFjLTMuNSwwLTYuNC0yLjktNi40LTYuNHMyLjktNi40LDYuNC02LjRzNi40LDIuOSw2LjQsNi40UzIxLjMsMjAuMSwxNy43LDIwLjF6Ii8+CjxwYXRoIGNsYXNzPSJzdDIiIGQ9Ik0xMy4zLDM2bDAtNi43Yy0yLDAuNC0yLjksMS40LTMuMSwzLjVMMTAuMSwzNkgxMy4zeiIvPgo8cGF0aCBjbGFzcz0ic3QzIiBkPSJNMTAuMSwzNmwwLjEtMy4yYzAuMi0yLjEsMS4xLTMuMSwzLjEtMy41bDAsNi43aDkuNGwwLTYuN2MyLDAuNCwyLjksMS40LDMuMSwzLjVsMC4xLDMuMmg0LjcKCWMtMC40LTMuOS0xLjMtOS0yLjktMTFjLTEuMS0xLjQtMi4zLTIuMi0zLjUtMi42cy0xLjgtMC42LTYuMy0wLjZzLTYuMSwwLjctNi4xLDAuN2MtMS4yLDAuNC0yLjQsMS4yLTMuNCwyLjYKCUM2LjcsMjcsNS44LDMyLjIsNS40LDM2SDEwLjF6Ii8+CjxwYXRoIGNsYXNzPSJzdDIiIGQ9Ik0yNS45LDM2bC0wLjEtMy4yYy0wLjItMi4xLTEuMS0zLjEtMy4xLTMuNWwwLDYuN0gyNS45eiIvPgo8L3N2Zz4="
};
var reader = new FileReader();
reader.onloadend = event => {
var imgData = String(event.target.result);
this.imageScale(imgData, blob => {
this.setState({
imageBlob: blob,
avatarSrc: URL.createObjectURL(blob)
});
});
};
this.handleFileInputChange = (file, filename) => {
if (filename != "") {
this.setState({
filename: filename
});
reader.readAsDataURL(file);
} else {
this.setState({
imageBlob: null,
filename: "",
avatarSrc: currentAvatar
});
}
};
}
render() {
const {
filename,
avatarUrl,
avatarSrc,
noAvatarSrc
} = this.state;
const avatarStyle = {
objectFit: 'cover',
width: '150px',
height: '150px',
border: '1px solid lightgray',
boxShadow: 'lightgray 6px 3px 10px 2px'
};
return /*#__PURE__*/React.createElement(Form, {
id: "avatarForm",
method: "post",
action: avatarUrl,
encType: "multipart/form-data",
onSubmit: event => this.handleSubmit(event)
}, /*#__PURE__*/React.createElement(FormGroup, {
label: Msg.localize('avatarLabel'),
fieldId: "avatar-current-or-preview",
helperTextInvalid: this.state.errors.avatar,
validated: this.state.errors.avatar === '' ? 'success' : 'error'
}, avatarSrc !== "" ? /*#__PURE__*/React.createElement(Avatar, {
src: avatarSrc,
style: avatarStyle,
alt: "Avatar image preview",
onError: this.handleError
}) : /*#__PURE__*/React.createElement(Avatar, {
src: noAvatarSrc,
style: avatarStyle,
alt: "No avatar found"
})), /*#__PURE__*/React.createElement(FormGroup, {
fieldId: "avatar-upload",
label: /*#__PURE__*/React.createElement("span", null, /*#__PURE__*/React.createElement(Msg, {
msgKey: "uploadLabel"
}), ' ', /*#__PURE__*/React.createElement(Tooltip, {
content: /*#__PURE__*/React.createElement(Msg, {
msgKey: "avatarInfo"
})
}, /*#__PURE__*/React.createElement(OutlinedQuestionCircleIcon, null)))
}, /*#__PURE__*/React.createElement(FileUpload, {
id: "simple-file",
filename: filename,
filenamePlaceholder: Msg.localize('dragdropInfo'),
browseButtonText: Msg.localize('browseButton'),
clearButtonText: Msg.localize('clearButton'),
onChange: this.handleFileInputChange
})), /*#__PURE__*/React.createElement(ActionGroup, null, /*#__PURE__*/React.createElement(Button, {
id: "save-btn",
type: "submit",
variant: "primary",
isDisabled: filename === ""
}, /*#__PURE__*/React.createElement(Msg, {
msgKey: "doSave"
}))));
}
}
_defineProperty(AvatarForm, "contextType", AccountServiceContext);
//# sourceMappingURL=AvatarForm.js.map

1
keycloak-d4science-theme/src/main/resources/theme/d4science.v2/account/resources/content/d4science-page/AvatarForm.js.map
View File

File diff suppressed because one or more lines are too long

23
keycloak-d4science-theme/src/main/resources/theme/d4science.v2/account/resources/css/styles.css
View File

@ -1,23 +0,0 @@
body {
/* --pf-global--FontFamily--sans-serif: Comic Sans MS; */
/* --pf-global--FontFamily--heading--sans-serif: Comic Sans MS; */
--pf-global--BackgroundColor--dark-100: #303030;
--pf-global--Color--100: #151515;
}
.pf-c-nav__list .pf-c-nav__link {
--pf-c-nav__list-link--Color: #303030;
--pf-c-nav__list-link--m-current--Color: #151515;
}
.pf-c-nav__simple-list .pf-c-nav__link {
--pf-c-nav__simple-list-link--Color: #303030;
--pf-c-nav__simple-list-link--m-current--Color: #151515;
}
.brand {
height: 50px !important;
}

BIN
keycloak-d4science-theme/src/main/resources/theme/d4science.v2/account/resources/public/d4science-logo-black.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 28 KiB

BIN
keycloak-d4science-theme/src/main/resources/theme/d4science.v2/account/resources/public/d4science-logo.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 28 KiB

BIN
keycloak-d4science-theme/src/main/resources/theme/d4science.v2/account/resources/public/favicon.ico
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 12 KiB

90
keycloak-d4science-theme/src/main/resources/theme/d4science.v2/account/src/app/content/d4science-page/AccountExtraPage.tsx
View File

@ -1,90 +0,0 @@
import * as React from 'react';
import { PageSection, PageSectionVariants,Button, Grid, GridItem, ExpandableSection, Modal } from '@patternfly/react-core';
import { AccountServiceContext } from '../../account-service/AccountServiceContext';
import { Msg } from '../../widgets/Msg';
import { ContentPage } from '../ContentPage';
import { ContentAlert } from '../ContentAlert';
import { AvatarForm } from './AvatarForm';
interface AccountExtraPageProps {
}
interface AccountExtraPageState {
isModalOpen: boolean;
}
export class AccountExtraPage extends React.Component<AccountExtraPageProps, AccountExtraPageState> {
static contextType = AccountServiceContext;
context: React.ContextType<typeof AccountServiceContext>;
constructor(props: any) {
super(props)
this.state = { isModalOpen: false }
}
private handleModalToggle = (open: boolean) => {
this.setState({ isModalOpen: open })
}
private modalConfirmDelete = (event: any) => {
const accountUrl = this.context!["accountUrl"]
const deleteUrl = accountUrl + "-delete/request-delete"
this.context!.doPost<void>(deleteUrl, {})
.then(() => {
ContentAlert.success('accountDeletedMessage')
window.location.reload();
})
this.setState({ isModalOpen: false })
}
public render(): React.ReactNode {
const accountUrl = this.context!["accountUrl"]
return (
<ContentPage title="accountExtraInfoHtmlTitle"
introMessage="accountExtraSubMessage"
>
<PageSection isFilled variant={PageSectionVariants.light}>
<AvatarForm accountUrl={accountUrl} />
<div id="delete-account" style={{marginTop:"30px"}}>
<ExpandableSection toggleText={Msg.localize('deleteAccount')} displaySize="large">
<Grid hasGutter>
<GridItem span={8}>
<p dangerouslySetInnerHTML={{ __html: Msg.localize('deleteAccountInfoMessage')}} />
</GridItem>
<GridItem span={4}>
<Button id="delete-account-btn" variant="danger"
onClick={(e) => this.handleModalToggle(true)} className="delete-button"
>
<Msg msgKey="doDelete" />
</Button>
</GridItem>
</Grid>
</ExpandableSection>
<Modal
width={'50%'}
title={Msg.localize('deleteAccountDialogHeader')}
isOpen={this.state.isModalOpen}
onClose={() => this.handleModalToggle(false)}
actions={[
<Button key="confirm" variant="danger" onClick={this.modalConfirmDelete}>
<Msg msgKey="doDeleteConfirm" />
</Button>,
<Button key="cancel" variant="secondary" onClick={(e) => this.handleModalToggle(false)}>
<Msg msgKey="doCancel" />
</Button>
]}
>
<div dangerouslySetInnerHTML={{ __html: Msg.localize('deleteAccountWarningMessage')}} />
<div dangerouslySetInnerHTML={{ __html: Msg.localize('deleteAccountConfirmMessage')}} />
</Modal>
</div>
</PageSection>
</ContentPage>
)
}
}

190
keycloak-d4science-theme/src/main/resources/theme/d4science.v2/account/src/app/content/d4science-page/AvatarForm.tsx
View File

@ -1,190 +0,0 @@
import * as React from 'react';
import * as CSS from 'csstype';
import { Form, FormGroup, ActionGroup, FileUpload, Avatar, Button, Tooltip } from "@patternfly/react-core";
import { OutlinedQuestionCircleIcon } from '@patternfly/react-icons';
import { AccountServiceContext } from '../../account-service/AccountServiceContext';
import { ContentAlert } from '../ContentAlert';
import { Msg } from '../../widgets/Msg';
interface AvatarFormProps {
accountUrl: string;
}
interface AvatarFormState {
errors: any;
imageBlob: any;
filename: string;
avatarUrl: string;
avatarSrc: string;
noAvatarSrc: string;
}
export class AvatarForm extends React.Component<AvatarFormProps, AvatarFormState> {
static contextType = AccountServiceContext;
context: React.ContextType<typeof AccountServiceContext>;
private handleFileInputChange: any;
constructor(props: AvatarFormProps, context: React.ContextType<typeof AccountServiceContext>) {
super(props);
this.context = context;
var currentAvatar = props.accountUrl + "-avatar"
this.state = {
errors: {avatar: ''},
imageBlob: null,
filename: "",
avatarUrl: currentAvatar,
avatarSrc: currentAvatar,
noAvatarSrc: "data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz4KPCEtLSBHZW5lcmF0b3I6IEFkb2JlIElsbHVzdHJhdG9yIDI0LjAuMiwgU1ZHIEV4cG9ydCBQbHVnLUluIC4gU1ZHIFZlcnNpb246IDYuMDAgQnVpbGQgMCkgIC0tPgo8c3ZnIHZlcnNpb249IjEuMSIgaWQ9IkxheWVyXzEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgeG1sbnM6eGxpbms9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiIHg9IjBweCIgeT0iMHB4IgoJIHZpZXdCb3g9IjAgMCAzNiAzNiIgc3R5bGU9ImVuYWJsZS1iYWNrZ3JvdW5kOm5ldyAwIDAgMzYgMzY7IiB4bWw6c3BhY2U9InByZXNlcnZlIj4KPHN0eWxlIHR5cGU9InRleHQvY3NzIj4KCS5zdDB7ZmlsbC1ydWxlOmV2ZW5vZGQ7Y2xpcC1ydWxlOmV2ZW5vZGQ7ZmlsbDojRjBGMEYwO30KCS5zdDF7ZmlsbC1ydWxlOmV2ZW5vZGQ7Y2xpcC1ydWxlOmV2ZW5vZGQ7ZmlsbDojRDJEMkQyO30KCS5zdDJ7ZmlsbDojQjhCQkJFO30KCS5zdDN7ZmlsbDojRDJEMkQyO30KPC9zdHlsZT4KPHJlY3QgY2xhc3M9InN0MCIgd2lkdGg9IjM2IiBoZWlnaHQ9IjM2Ii8+CjxwYXRoIGNsYXNzPSJzdDEiIGQ9Ik0xNy43LDIwLjFjLTMuNSwwLTYuNC0yLjktNi40LTYuNHMyLjktNi40LDYuNC02LjRzNi40LDIuOSw2LjQsNi40UzIxLjMsMjAuMSwxNy43LDIwLjF6Ii8+CjxwYXRoIGNsYXNzPSJzdDIiIGQ9Ik0xMy4zLDM2bDAtNi43Yy0yLDAuNC0yLjksMS40LTMuMSwzLjVMMTAuMSwzNkgxMy4zeiIvPgo8cGF0aCBjbGFzcz0ic3QzIiBkPSJNMTAuMSwzNmwwLjEtMy4yYzAuMi0yLjEsMS4xLTMuMSwzLjEtMy41bDAsNi43aDkuNGwwLTYuN2MyLDAuNCwyLjksMS40LDMuMSwzLjVsMC4xLDMuMmg0LjcKCWMtMC40LTMuOS0xLjMtOS0yLjktMTFjLTEuMS0xLjQtMi4zLTIuMi0zLjUtMi42cy0xLjgtMC42LTYuMy0wLjZzLTYuMSwwLjctNi4xLDAuN2MtMS4yLDAuNC0yLjQsMS4yLTMuNCwyLjYKCUM2LjcsMjcsNS44LDMyLjIsNS40LDM2SDEwLjF6Ii8+CjxwYXRoIGNsYXNzPSJzdDIiIGQ9Ik0yNS45LDM2bC0wLjEtMy4yYy0wLjItMi4xLTEuMS0zLjEtMy4xLTMuNWwwLDYuN0gyNS45eiIvPgo8L3N2Zz4="
}
var reader = new FileReader()
reader.onloadend = function (event: any) {
var imgData = String(event.target!.result)
this.imageScale(imgData, (blob: Blob) => {
this.setState({
imageBlob: blob,
avatarSrc: URL.createObjectURL(blob)
})
})
}.bind(this)
this.handleFileInputChange = (file: File, filename: string) => {
if (filename != "") {
this.setState({ filename: filename })
reader.readAsDataURL(file)
} else {
this.setState({
imageBlob: null,
filename: "",
avatarSrc: currentAvatar
})
}
}
}
private imageScale = (imgData: string, callback: any) => {
var img = new Image()
img.src = imgData
img.onload = (event: Event) => {
var canvas = document.createElement("canvas")
var ctx = canvas.getContext("2d")
ctx!.drawImage(img, 0, 0)
var MAX_WIDTH = 250
var MAX_HEIGHT = 250
var width = img.width
var height = img.height
if (width > height) {
if (width > MAX_WIDTH) {
height *= MAX_WIDTH / width
width = MAX_WIDTH
}
} else {
if (height > MAX_HEIGHT) {
width *= MAX_HEIGHT / height
height = MAX_HEIGHT
}
}
canvas.width = width
canvas.height = height
ctx = canvas.getContext("2d")
ctx!.drawImage(img, 0, 0, width, height)
canvas.toBlob(callback)
}
}
private handleSubmit = (event: React.FormEvent<HTMLFormElement>): void => {
event.preventDefault()
const form = event.target as HTMLFormElement
var formData = new FormData(form)
formData.append("image", this.state.imageBlob)
var xhr = new XMLHttpRequest();
xhr.onreadystatechange = () => {
if (xhr.readyState == 4) {
if (200 <= xhr.status && xhr.status <= 204) {
ContentAlert.success('avatarUpdatedMessage')
} else {
ContentAlert.danger(xhr.response)
}
// force reload avatar
this.setState({
errors: {avatar: ""},
imageBlob: null,
filename: "",
avatarSrc: this.state.avatarUrl
})
}
}
xhr.open(form.method, form.action, true);
xhr.send(formData);
}
private handleError = (event: any) => {
this.setState({
errors: {avatar: Msg.localize('error-noAvatarFound')},
avatarSrc: ""
})
}
render() {
const { filename, avatarUrl, avatarSrc, noAvatarSrc } = this.state
const avatarStyle: CSS.Properties = {
objectFit: 'cover',
width: '150px', height: '150px',
border: '1px solid lightgray',
boxShadow: 'lightgray 6px 3px 10px 2px'
}
return (
<Form id="avatarForm" method="post"
action={avatarUrl} encType="multipart/form-data"
onSubmit={event => this.handleSubmit(event)}
>
<FormGroup label={Msg.localize('avatarLabel')}
fieldId="avatar-current-or-preview"
helperTextInvalid={this.state.errors.avatar}
validated={this.state.errors.avatar === '' ? 'success' : 'error'}
>
{ avatarSrc !== ""
? <Avatar src={avatarSrc} style={avatarStyle} alt="Avatar image preview" onError={this.handleError}/>
: <Avatar src={noAvatarSrc} style={avatarStyle} alt="No avatar found" />
}
</FormGroup>
<FormGroup
fieldId="avatar-upload"
label={<span>
<Msg msgKey="uploadLabel" />
{' '}
<Tooltip content={<Msg msgKey="avatarInfo" />}>
<OutlinedQuestionCircleIcon />
</Tooltip>
</span>}
>
<FileUpload
id="simple-file"
filename={filename}
filenamePlaceholder={Msg.localize('dragdropInfo')}
browseButtonText={Msg.localize('browseButton')}
clearButtonText={Msg.localize('clearButton')}
onChange={this.handleFileInputChange}
/>
</FormGroup>
<ActionGroup>
<Button
id="save-btn" type="submit"
variant="primary"
isDisabled={filename === ""}
>
<Msg msgKey="doSave" />
</Button>
</ActionGroup>
</Form>
)
}
}

14
keycloak-d4science-theme/src/main/resources/theme/d4science.v2/account/theme.properties
View File

@ -1,14 +0,0 @@
parent=keycloak.v2
# This is the logo in upper lefthand corner.
# It must be a relative path.
logo=/public/d4science-logo.png
logoOnLoading=/public/d4science-logo-black.png
# This is the link followed when clicking on the logo.
# It can be any valid URL, including an external site.
logoUrl=https://www.d4science.org/
# This is the icon for the account console.
# It must be a relative path.
favIcon=/public/favicon.ico

3
ldap-storage-mapper/CHANGELOG.md
View File

@ -2,7 +2,8 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
# Changelog for "keycloak-extension-spi"
## [v2.2.0-SNAPSHOT]
## [v2.24.0-SNAPSHOT]
Now the minor part of the version (the `24` in the `2.24.x`) shows the compatibility to the specific Keycloak major version, in this case `24.x.x`
## [v2.1.0]
Changes in other sub-components

2
ldap-storage-mapper/pom.xml
View File

@ -7,7 +7,7 @@
<parent>
<groupId>org.gcube.iam</groupId>
<artifactId>keycloak-d4science-spi-parent</artifactId>
<version>2.2.0-SNAPSHOT</version>
<version>2.24.0-SNAPSHOT</version>
</parent>
<artifactId>ldap-storage-mapper</artifactId>

6
pom.xml
View File

@ -12,7 +12,7 @@
<groupId>org.gcube.iam</groupId>
<artifactId>keycloak-d4science-spi-parent</artifactId>
<version>2.2.0-SNAPSHOT</version>
<version>2.24.0-SNAPSHOT</version>
<packaging>pom</packaging>
<properties>
@ -31,7 +31,7 @@
<module>avatar-storage</module>
<module>avatar-realm-resource</module>
<module>avatar-importer</module>
<module>delete-account</module>
<!-- <module>delete-account</module>-->
<module>event-listener-provider</module>
<module>identity-provider-mapper</module>
<module>keycloak-d4science-script</module>
@ -46,7 +46,7 @@
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-parent</artifactId>
<version>24.0.2</version>
<version>24.0.3</version>
<type>pom</type>
<scope>import</scope>
</dependency>

3
protocol-mapper/CHANGELOG.md
View File

@ -2,7 +2,8 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
# Changelog for "identity-provider-mapper"
## [v2.2.0-SNAPSHOT]
## [v2.24.0-SNAPSHOT]
Now the minor part of the version (the `24` in the `2.24.x`) shows the compatibility to the specific Keycloak major version, in this case `24.x.x`
## [v2.1.0]
- Provided the `D4ScienceContextMapper` that maps the D4S context requested in a customizable HTTP header as token's claim having the configured name (defaulting to the 'aud' claim). Can also shrink the `resource access` token claim to have only the requested context entry.

2
protocol-mapper/pom.xml
View File

@ -7,7 +7,7 @@
<parent>
<groupId>org.gcube.iam</groupId>
<artifactId>keycloak-d4science-spi-parent</artifactId>
<version>2.2.0-SNAPSHOT</version>
<version>2.24.0-SNAPSHOT</version>
</parent>
<artifactId>protocol-mapper</artifactId>