JanssenProject · moabu · Jun 24, 2024 · Apr 3, 2024 · Apr 8, 2024 · Apr 16, 2024
@@ -152,8 +152,8 @@ private void initClientRepresentation() {
             clientRepresentation.setAuthenticationFlowBindingOverrides(authnFlowBindingOverrides);
 
             //set default saml attributes
-            samlShoulDocumentsBeSigned(false);
-            samlSignAssertions(false);
+            samlShoulDocumentsBeSigned(true);
+            samlSignAssertions(true);
             samlForcePostBinding(false);
             samlEncryptAssertions(false);
             samlForceArtifactBinding(false);

@@ -125,6 +125,12 @@ public SamlUserAttributeMapperBuilder attributeNameFormatUnspecified() {
             return this;
         }
 
+        public SamlUserAttributeMapperBuilder jansAttributeName(final String attributename) {
+
+            config.put("jans.attribute.name",attributename);
+            return this;
+        }
+
         public ProtocolMapper build() {
 
             return this.mapper;

@@ -87,14 +87,21 @@ public static void main(String[] args) throws InterruptedException, ParserCreate
                     Thread.sleep(1000);
                 }
             }
-            log.info("Application shutthing down");
+            log.info("Application shutting down");
         }catch(StartupError e) {
             log.error("Application startup failed",e);
             if(jobScheduler != null) {
                 jobScheduler.stop();
             }
             System.exit(-1);
             return;
+        }catch(Exception e) {
+            log.error("Fatal error starting application",e);
+            if(jobScheduler != null ) {
+                jobScheduler.stop();
+            }
+            System.exit(-1);
+            return;
         }
 
     }
@@ -163,10 +170,8 @@ private static final JobScheduler createQuartzJobSchedulerFromConfiguration(AppC
 
     private static final void runCronJobs() {
 
-        log.debug("Running trust relationship sync cron job");
         TrustRelationshipSyncJob trsyncjob = new TrustRelationshipSyncJob();
         trsyncjob.run(null);
-        log.debug("Trust relationship sync cron job complete");
     }
 
     private static final void performPostStartupOperations() {
@@ -271,7 +276,7 @@ public static class ShutdownHook extends Thread  {
         public void run() {
 
             try {
-                log.debug("Shutting down application");
+                log.info("Shutting down application");
                 if (jobScheduler != null) {
                     jobScheduler.stop();
                 }

@@ -39,12 +39,7 @@ public TrustRelationshipSyncJob() {
         this.keycloakApi = App.keycloakApi();
         this.realm = App.configuration().keycloakResourcesRealm();
         this.samlUserAttributeMapperId = App.configuration().keycloakResourcesSamlUserAttributeMapper();
-        try {
-            this.authnBrowserFlow = keycloakApi.getAuthenticationFlowFromAlias(realm,App.configuration().keycloakResourcesBrowserFlowAlias());
-        }catch(Exception e) {
-            log.warn("Could not properly initialize sync job",e);
-            this.authnBrowserFlow = null;
-        }
+        this.authnBrowserFlow = keycloakApi.getAuthenticationFlowFromAlias(realm,App.configuration().keycloakResourcesBrowserFlowAlias());
     }
 
     @Override
@@ -212,14 +207,19 @@ private void addReleasedAttributesToManagedSamlClient(ManagedSamlClient client,
 
         List<ProtocolMapper> protmappers = releasedattributes.stream().map((r)-> {
             log.debug("Preparing to add released attribute {} to managed saml client with clientId {}",r.getName(),client.clientId());
-            return ProtocolMapper
+            /*return ProtocolMapper
                     .samlUserAttributeMapper(samlUserAttributeMapperId)
                     .name(generateKeycloakUniqueProtocolMapperName(r))
                     .userAttribute(r.getName())
                     .friendlyName(r.getDisplayName()!=null?r.getDisplayName():r.getName())
                     .attributeName(r.getSaml2Uri())
                     .attributeNameFormatUriReference()
-                    .build();
+                    .build(); */
+            return ProtocolMapper
+                   .samlUserAttributeMapper(samlUserAttributeMapperId)
+                   .name(generateKeycloakUniqueProtocolMapperName(r))
+                   .jansAttributeName(r.getName())
+                   .build();
         }).toList();
 
         keycloakApi.addProtocolMappersToManagedSamlClient(realm, client, protmappers);
@@ -228,12 +228,16 @@ private void addReleasedAttributesToManagedSamlClient(ManagedSamlClient client,
     private void updateManagedSamlClientProtocolMapper(ManagedSamlClient client, ProtocolMapper mapper, JansAttributeRepresentation releasedattribute) {
 
         log.debug("Updating managed client released attribute. Client id: {} / Attribute name: {}",client.clientId(),releasedattribute.getName());
-        ProtocolMapper newmapper = ProtocolMapper
+        /*ProtocolMapper newmapper = ProtocolMapper
             .samlUserAttributeMapper(mapper)
             .userAttribute(releasedattribute.getName())
             .friendlyName(releasedattribute.getDisplayName()!=null?releasedattribute.getDisplayName():releasedattribute.getName())
             .attributeName(releasedattribute.getSaml2Uri())
             .attributeNameFormatUriReference()
+            .build(); */
+        ProtocolMapper newmapper = ProtocolMapper
+            .samlUserAttributeMapper(mapper)
+            .jansAttributeName(releasedattribute.getName())
             .build();
         keycloakApi.updateManagedSamlClientProtocolMapper(realm, client,newmapper);
     }

@@ -39,7 +39,8 @@ public void execute(JobExecutionContext context) throws JobExecutionException {
             ExecutionContext effectivecontext = new QuartzExecutionContext(context.getMergedJobDataMap());
             job.run(effectivecontext);
         } catch(ReflectiveOperationException e) {
-            e.printStackTrace();
+            throw new JobExecutionException("Failed to run job " + jobname,e);
+        }catch(Exception e) {
             throw new JobExecutionException("Failed to run job " + jobname,e);
         }
     }

@@ -28,4 +28,4 @@ app.job.trustrelationship-sync.schedule-interval=PT10M
 # keycloak resources configuration 
 app.keycloak.resources.realm=jans
 app.keycloak.resources.authn.browser.flow-alias=janssen login
-app.keycloak.resources.saml.user-attribute-mapper=saml-user-attribute-mapper
+app.keycloak.resources.saml.user-attribute-mapper=kc-jans-saml-user-attribute-mapper
@@ -25,7 +25,7 @@
       <File>${app.logdir}/scheduler.log</File>
       <append>true</append>
       <rollingPolicy class="TimeBasedRollingPolicy">
-        <fileNamePattern>${app.logdir}/scheduler-%d{yyyy-mm-dd}.log.gz</fileNamePattern>
+        <fileNamePattern>${app.logdir}/scheduler-%d{yyyy-MM-dd}.log.gz</fileNamePattern>
         <maxHistory>${app.logging.loghistory:-180}</maxHistory>
       </rollingPolicy>
 

@@ -60,6 +60,7 @@
       <module>authenticator</module>
       <module>storage-spi</module>
       <module>job-scheduler</module>
+      <module>spi</module>
     </modules>
 
     <repositories>
@@ -144,14 +145,6 @@
         </dependency>
         <!-- end nimbus dependencies-->
 
-        <!-- janssen dependencies -->
-        <dependency>
-          <groupId>io.jans</groupId>
-          <artifactId>jans-scim-model</artifactId>
-          <version>${jans.version}</version>
-        </dependency>
-        <!-- end janssen dependencies-->
-
         <!-- jakarta dependencies -->
         <dependency>
           <groupId>jakarta.ws.rs</groupId>
@@ -282,7 +275,55 @@
         <dependency>
           <groupId>io.jans</groupId>
           <artifactId>jans-core-saml</artifactId>
-          <version>${project.version}</version>
+          <version>${jans.version}</version>
+        </dependency>
+
+        <dependency>
+          <groupId>io.jans</groupId>
+          <artifactId>jans-scim-model</artifactId>
+          <version>${jans.version}</version>
+        </dependency>
+
+        <dependency>
+          <groupId>io.jans</groupId>
+          <artifactId>jans-core-standalone</artifactId>
+          <version>${jans.version}</version>
+        </dependency>
+
+        <dependency>
+          <groupId>io.jans</groupId>
+          <artifactId>jans-orm-standalone</artifactId>
+          <version>${jans.version}</version>
+        </dependency>
+
+        <dependency>
+          <groupId>io.jans</groupId>
+          <artifactId>jans-orm-couchbase</artifactId>
+          <version>${jans.version}</version>
+        </dependency>
+
+        <dependency>
+          <groupId>io.jans</groupId>
+          <artifactId>jans-orm-hybrid</artifactId>
+          <version>${jans.version}</version>
+        </dependency>
+
+        <dependency>
+          <groupId>io.jans</groupId>
+          <artifactId>jans-orm-ldap</artifactId>
+          <version>${jans.version}</version>
+        </dependency>
+
+        <dependency>
+          <groupId>io.jans</groupId>
+          <artifactId>jans-orm-sql</artifactId>
+          <version>${jans.version}</version>
+        </dependency>
+
+        <dependency>
+          <groupId>io.jans</groupId>
+          <artifactId>jans-core-service</artifactId>
+          <version>${jans.version}</version>
         </dependency>
         <!-- end jans dependencies -->
       </dependencies>
@@ -335,14 +376,15 @@
                   com.fasterxml.jackson.core,
                   commons-codec,
                   commons-lang3,
-                  commons-lang,
                   commons-collections4,
                   commons-io,
                   commons-logging,
                   commons-text,
-                  org.apache.commons,
-                  commons-configuration
+                  jakarta.persistence
                 </excludeGroupIds>
+                <excludeArtifactIds>
+
+                </excludeArtifactIds>
               </configuration>
             </execution>
           </executions>

diff --git a/jans-keycloak-integration/protocol-mapper/pom.xml b/jans-keycloak-integration/protocol-mapper/pom.xml
@@ -0,0 +1,124 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+
+  <modelVersion>4.0.0</modelVersion>
+  <groupId>io.jans</groupId>
+  <artifactId>kc-jans-protocol-mapper</artifactId>
+  <name>kc-jans-protocol-mapper</name>
+  <packaging>jar</packaging>
+
+  <parent>
+    <groupId>io.jans</groupId>
+    <artifactId>jans-kc-parent</artifactId>
+    <version>1.1.2-SNAPSHOT</version>
+  </parent>
+
+  <prerequisites>
+    <maven>${maven.min-version}</maven>
+  </prerequisites>
+
+  <dependencies>
+
+    <!-- keycloak dependencies -->
+    <dependency>
+        <groupId>org.keycloak</groupId>
+        <artifactId>keycloak-core</artifactId>
+    </dependency>
+
+    <dependency>
+        <groupId>org.keycloak</groupId>
+        <artifactId>keycloak-server-spi</artifactId>
+    </dependency>
+
+    <dependency>
+        <groupId>org.keycloak</groupId>
+        <artifactId>keycloak-server-spi-private</artifactId>
+    </dependency>
+
+    <dependency>
+        <groupId>org.keycloak</groupId>
+        <artifactId>keycloak-services</artifactId>
+    </dependency>
+
+    <dependency>
+      <groupId>org.keycloak</groupId>
+      <artifactId>keycloak-saml-core-public</artifactId>
+    </dependency>
+    <!-- end keycloak dependencies-->
+
+    <!-- jans dependencies -->
+    <dependency>
+      <groupId>io.jans</groupId>
+      <artifactId>jans-core-standalone</artifactId>
+    </dependency>
+
+    <dependency>
+      <groupId>io.jans</groupId>
+      <artifactId>jans-core-service</artifactId>
+    </dependency>
+
+    <dependency>
+      <groupId>io.jans</groupId>
+      <artifactId>jans-orm-standalone</artifactId>
+    </dependency>
+
+    <dependency>
+      <groupId>io.jans</groupId>
+      <artifactId>jans-orm-couchbase</artifactId>
+    </dependency>
+
+    <dependency>
+      <groupId>io.jans</groupId>
+      <artifactId>jans-orm-hybrid</artifactId>
+    </dependency>
+
+    <dependency>
+      <groupId>io.jans</groupId>
+      <artifactId>jans-orm-ldap</artifactId>
+    </dependency>
+
+    <dependency>
+      <groupId>io.jans</groupId>
+      <artifactId>jans-orm-sql</artifactId>
+    </dependency>
+    <!-- end jans dependencies -->
+
+    <!-- log adapter -->
+    <dependency>
+      <groupId>org.jboss.slf4j</groupId>
+      <artifactId>slf4j-jboss-logmanager</artifactId>
+      <version>2.0.1.Final</version>
+    </dependency>
+    <!-- log adapter -->
+
+    <dependency>
+      <groupId>org.apache.commons</groupId>
+      <artifactId>commons-dbcp2</artifactId>
+      <version>2.12.0</version>
+    </dependency>
+  </dependencies>
+
+  <build>
+    <plugins>
+      <!-- maven deps plugin -->
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-dependency-plugin</artifactId>
+      </plugin>
+      <!-- end maven deps plugin-->
+
+      <!-- maven assembly plugin -->
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-assembly-plugin</artifactId>
+      </plugin>
+      <!-- end maven assembly plugin -->
+
+      <!-- maven compiler plugin -->
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-compiler-plugin</artifactId>
+      </plugin>
+      <!-- end maven compiler plugin -->
+    </plugins>
+  </build>
+</project>
diff --git a/jans-keycloak-integration/protocol-mapper/src/assembly/dependencies.xml b/jans-keycloak-integration/protocol-mapper/src/assembly/dependencies.xml
@@ -0,0 +1,24 @@
+<assembly xmlns="http://maven.apache.org/ASSEMBLY/2.2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/ASSEMBLY/2.2.0 https://maven.apache.org/xsd/assembly-2.2.0.xsd">
+  <id>deps</id>
+  <formats>
+    <format>zip</format>
+  </formats>
+  <includeBaseDirectory>false</includeBaseDirectory>
+  <fileSets>
+    <fileSet>
+      <directory>target/deps/</directory>
+      <outputDirectory>.</outputDirectory>
+      <includes>
+        <include>*.jar</include>
+      </includes>
+    </fileSet>
+    <fileSet>
+      <directory>src/main/resources/assembly</directory>
+      <outputDirectory>.</outputDirectory>
+      <includes>
+       <include>*.DONOTDELETE</include>
+      </includes>
+    </fileSet>
+  </fileSets>
+</assembly>