From c542fb6a9283a0aa0b61ef443505b25697915869 Mon Sep 17 00:00:00 2001
From: Rolain Djeumen <uprightech@gmail.com>
Date: Tue, 2 Apr 2024 09:00:35 +0100
Subject: [PATCH 1/2] fix(jans-keycloak-integration): runtime issues with
 storage-spi in kc #8199 * modified configuration parameter names in
 `PluginConfiguration`

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
---
 .../kc/spi/storage/config/PluginConfiguration.java | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/jans-keycloak-integration/storage-spi/src/main/java/io/jans/kc/spi/storage/config/PluginConfiguration.java b/jans-keycloak-integration/storage-spi/src/main/java/io/jans/kc/spi/storage/config/PluginConfiguration.java
index 898370f0743..7e1642b144f 100644
--- a/jans-keycloak-integration/storage-spi/src/main/java/io/jans/kc/spi/storage/config/PluginConfiguration.java
+++ b/jans-keycloak-integration/storage-spi/src/main/java/io/jans/kc/spi/storage/config/PluginConfiguration.java
@@ -4,13 +4,13 @@
 
 public class PluginConfiguration {
 
-    private static final String AUTH_TOKEN_ENDPOINT_KEY = "jans-storage-auth-token-endpoint";
-    private static final String SCIM_USER_ENDPOINT_KEY = "jans-storage-scim-user-endpoint";
-    private static final String SCIM_USER_SEARCH_ENDPOINT_KEY = "jans-storage-scim-user-search-endpoint";
-    private static final String SCIM_OAUTH_SCOPE_KEY = "jans-storage-scim-oauth-scope";
-    private static final String SCIM_CLIENT_ID_KEY = "jans-storage-scim-client-id";
-    private static final String SCIM_CLIENT_SECRET = "jans-storage-scim-client-secret";
-
+    private static final String AUTH_TOKEN_ENDPOINT_KEY = "auth-token-endpoint";
+    private static final String SCIM_USER_ENDPOINT_KEY = "scim-user-endpoint";
+    private static final String SCIM_USER_SEARCH_ENDPOINT_KEY = "scim-user-search-endpoint";
+    private static final String SCIM_OAUTH_SCOPE_KEY = "scim-oauth-scope";
+    private static final String SCIM_CLIENT_ID_KEY = "scim-client-id";
+    private static final String SCIM_CLIENT_SECRET = "scim-client-secret";
+    
     private String authTokenEndpoint;
     private String scimUserEndpoint;
     private String scimUserSearchEndpoint;

From 01c572465460eb411371bac868bb555146532dc4 Mon Sep 17 00:00:00 2001
From: Rolain Djeumen <uprightech@gmail.com>
Date: Wed, 3 Apr 2024 08:49:56 +0100
Subject: [PATCH 2/2] fix(jans-keycloak-integration): various runtime issues
 with storage spi in kc #8199 * fixes to how the scim oauth scopes are stored
 and fetched * removed references to commons-lang 2 causing runtime errors

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
---
 .../storage/config/PluginConfiguration.java   | 19 +++++++++++++------
 .../kc/spi/storage/service/ScimService.java   |  2 +-
 .../kc/spi/storage/service/UserAdapter.java   |  2 +-
 .../io/jans/kc/spi/storage/util/JansUtil.java | 11 +++++------
 4 files changed, 20 insertions(+), 14 deletions(-)

diff --git a/jans-keycloak-integration/storage-spi/src/main/java/io/jans/kc/spi/storage/config/PluginConfiguration.java b/jans-keycloak-integration/storage-spi/src/main/java/io/jans/kc/spi/storage/config/PluginConfiguration.java
index 7e1642b144f..77950fe6c11 100644
--- a/jans-keycloak-integration/storage-spi/src/main/java/io/jans/kc/spi/storage/config/PluginConfiguration.java
+++ b/jans-keycloak-integration/storage-spi/src/main/java/io/jans/kc/spi/storage/config/PluginConfiguration.java
@@ -1,5 +1,8 @@
 package io.jans.kc.spi.storage.config;
 
+import java.util.Arrays;
+import java.util.ArrayList;
+import java.util.List;
 import org.keycloak.Config;
 
 public class PluginConfiguration {
@@ -7,14 +10,14 @@ public class PluginConfiguration {
     private static final String AUTH_TOKEN_ENDPOINT_KEY = "auth-token-endpoint";
     private static final String SCIM_USER_ENDPOINT_KEY = "scim-user-endpoint";
     private static final String SCIM_USER_SEARCH_ENDPOINT_KEY = "scim-user-search-endpoint";
-    private static final String SCIM_OAUTH_SCOPE_KEY = "scim-oauth-scope";
+    private static final String SCIM_OAUTH_SCOPES_KEY = "scim-oauth-scopes";
     private static final String SCIM_CLIENT_ID_KEY = "scim-client-id";
     private static final String SCIM_CLIENT_SECRET = "scim-client-secret";
     
     private String authTokenEndpoint;
     private String scimUserEndpoint;
     private String scimUserSearchEndpoint;
-    private String scimOauthScope;
+    private List<String> scimOauthScopes;
     private String scimClientId;
     private String scimClientSecret;
 
@@ -28,7 +31,11 @@ public static PluginConfiguration fromKeycloakConfiguration(Config.Scope config)
         ret.authTokenEndpoint = config.get(AUTH_TOKEN_ENDPOINT_KEY);
         ret.scimUserEndpoint = config.get(SCIM_USER_ENDPOINT_KEY);
         ret.scimUserSearchEndpoint = config.get(SCIM_USER_SEARCH_ENDPOINT_KEY);
-        ret.scimOauthScope = config.get(SCIM_OAUTH_SCOPE_KEY);
+        ret.scimOauthScopes = new ArrayList<>();
+        String tmpscopes = config.get(SCIM_OAUTH_SCOPES_KEY);
+        if(tmpscopes != null) {
+            ret.scimOauthScopes = Arrays.asList(tmpscopes.split(","));
+        }
         ret.scimClientId = config.get(SCIM_CLIENT_ID_KEY);
         ret.scimClientSecret = config.get(SCIM_CLIENT_SECRET);
         return ret;
@@ -50,9 +57,9 @@ public String getScimUserSearchEndpoint() {
         return scimUserSearchEndpoint;
     }
 
-    public String getScimOauthScope() {
+    public List<String> getScimOauthScopes() {
 
-        return scimOauthScope;
+        return scimOauthScopes;
     }
 
     public String getScimClientId() {
@@ -70,7 +77,7 @@ public boolean isValid() {
         return authTokenEndpoint != null 
                && scimUserEndpoint != null
                && scimUserSearchEndpoint != null
-               && scimOauthScope != null 
+               && scimOauthScopes != null 
                && scimClientId != null
                && scimClientSecret != null;
     }
diff --git a/jans-keycloak-integration/storage-spi/src/main/java/io/jans/kc/spi/storage/service/ScimService.java b/jans-keycloak-integration/storage-spi/src/main/java/io/jans/kc/spi/storage/service/ScimService.java
index ea9c7ffe783..13002f1de2f 100644
--- a/jans-keycloak-integration/storage-spi/src/main/java/io/jans/kc/spi/storage/service/ScimService.java
+++ b/jans-keycloak-integration/storage-spi/src/main/java/io/jans/kc/spi/storage/service/ScimService.java
@@ -101,7 +101,7 @@ public UserResource postData(String uri, String accessToken, String filter) {
             HttpClient client = HttpClientBuilder.create().build();
 
             SearchRequest searchRequest = createSearchRequest(filter);
-            log.debugv("ScimService::postData() - client:{0}, searchRequest:{1}, accessToken:{2}", client, searchRequest,
+            log.debugv("ScimService::postData() - client:{0}, searchRequest:{1}, accessToken:{2}", client, searchRequest.toString(),
                     accessToken);
 
             JsonNode jsonNode = SimpleHttp.doPost(uri, client).auth(accessToken).json(searchRequest).asJson();
diff --git a/jans-keycloak-integration/storage-spi/src/main/java/io/jans/kc/spi/storage/service/UserAdapter.java b/jans-keycloak-integration/storage-spi/src/main/java/io/jans/kc/spi/storage/service/UserAdapter.java
index b26bb3e0e1c..8e52331fb93 100644
--- a/jans-keycloak-integration/storage-spi/src/main/java/io/jans/kc/spi/storage/service/UserAdapter.java
+++ b/jans-keycloak-integration/storage-spi/src/main/java/io/jans/kc/spi/storage/service/UserAdapter.java
@@ -9,7 +9,7 @@
 import java.util.Set;
 import java.util.stream.Stream;
 
-import org.apache.commons.lang.StringUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.keycloak.common.util.MultivaluedHashMap;
 import org.keycloak.component.ComponentModel;
 import org.keycloak.credential.LegacyUserCredentialManager;
diff --git a/jans-keycloak-integration/storage-spi/src/main/java/io/jans/kc/spi/storage/util/JansUtil.java b/jans-keycloak-integration/storage-spi/src/main/java/io/jans/kc/spi/storage/util/JansUtil.java
index 826bc155eea..ff33cf8f614 100644
--- a/jans-keycloak-integration/storage-spi/src/main/java/io/jans/kc/spi/storage/util/JansUtil.java
+++ b/jans-keycloak-integration/storage-spi/src/main/java/io/jans/kc/spi/storage/util/JansUtil.java
@@ -13,7 +13,7 @@
 import java.util.stream.*;
 
 import org.apache.commons.codec.binary.Base64;
-import org.apache.commons.lang.StringUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.apache.http.client.HttpClient;
 import org.apache.http.impl.client.HttpClientBuilder;
 
@@ -67,16 +67,15 @@ public String getScimClientSecret() {
         return pluginConfiguration.getScimClientSecret();
     }
 
-    public String getScimOauthScope() {
+    public List<String> getScimOauthScopes() {
         log.debugv("JansUtil::getScimOauthScope() - {0}",
-                pluginConfiguration.getScimOauthScope());
-        return pluginConfiguration.getScimOauthScope();
+                pluginConfiguration.getScimOauthScopes());
+        return pluginConfiguration.getScimOauthScopes();
     }
 
     public String requestScimAccessToken() throws IOException {
         log.debug("JansUtil::requestScimAccessToken() ");
-        List<String> scopes = new ArrayList<>();
-        scopes.add(getScimOauthScope());
+        List<String> scopes = getScimOauthScopes();
         String token = requestAccessToken(getScimClientId(), scopes);
         log.debugv("JansUtil::requestScimAccessToken() - token:{0} ", token);
         return token;