Dropped keycloak version below 22 and old JDKs

.github/workflows/ci.yaml

@@ -31,9 +31,6 @@ jobs:
       fail-fast: false
       matrix:
         env:
-          # we keep 18.0.2 for backwards compatibility with RH-SSO 7.6
-          - KEYCLOAK_VERSION: 18.0.2
-          - KEYCLOAK_VERSION: 21.1.1
           - KEYCLOAK_VERSION: 22.0.4
           - KEYCLOAK_VERSION: 23.0.7
           - KEYCLOAK_VERSION: 24.0.1
@@ -57,16 +54,10 @@ jobs:
       - name: Adapt sources for Keycloak versions < 23.0.0
         if: ${{ matrix.env.KEYCLOAK_VERSION < '23.0.0' }}
         run: |
-          echo "JAVAX_PROFILE=-Ppre-keycloak23" >> $GITHUB_ENV
-
-      - name: Adapt sources for Keycloak versions < 22.0.0 (jakarta -> javax)
-        if: ${{ matrix.env.KEYCLOAK_VERSION < '22.0.0' }}
-        run: |
-          echo "JAVAX_PROFILE=-Ppre-keycloak22" >> $GITHUB_ENV
-          echo "ADJUSTED_RESTEASY_VERSION=-Dresteasy.version=4.7.7.Final" >> $GITHUB_ENV
+          echo "COMPATIBILITY_PROFILE=-Ppre-keycloak23" >> $GITHUB_ENV
 
       - name: Build & Test
-        run: ./mvnw ${MAVEN_CLI_OPTS} -Dkeycloak.version=${{ matrix.env.KEYCLOAK_VERSION }} ${ADJUSTED_RESTEASY_VERSION} clean verify -Pcoverage ${JAVAX_PROFILE}
+        run: ./mvnw ${MAVEN_CLI_OPTS} -Dkeycloak.version=${{ matrix.env.KEYCLOAK_VERSION }} clean verify -Pcoverage ${COMPATIBILITY_PROFILE}
 
       - name: Upload coverage to Codecov
         uses: codecov/codecov-action@v3
@@ -123,7 +114,7 @@ jobs:
         with:
           build-args: |-
             KEYCLOAK_VERSION=${{ matrix.env.KEYCLOAK_VERSION }}
-            MAVEN_CLI_OPTS=${{ env.MAVEN_CLI_OPTS }} ${{ env.ADJUSTED_RESTEASY_VERSION }} ${{ env.JAVAX_PROFILE }}
+            MAVEN_CLI_OPTS=${{ env.MAVEN_CLI_OPTS }} ${{ env.COMPATIBILITY_PROFILE }}
           cache-from: type=gha
           cache-to: type=gha,mode=max
           context: .
@@ -171,54 +162,10 @@ jobs:
       - name: Adapt sources for Keycloak versions < 23.0.0
         if: ${{ matrix.env.KEYCLOAK_VERSION < '23.0.0' }}
         run: |
-          echo "JAVAX_PROFILE=-Ppre-keycloak23" >> $GITHUB_ENV
-
-      - name: Adapt sources for Keycloak versions < 22.0.0 (jakarta -> javax)
-        if: ${{ matrix.env.KEYCLOAK_VERSION < '22.0.0' }}
-        run: |
-          echo "JAVAX_PROFILE=-Ppre-keycloak22" >> $GITHUB_ENV
-          echo "ADJUSTED_RESTEASY_VERSION=-Dresteasy.version=4.7.7.Final" >> $GITHUB_ENV
-
-      - name: Build & Test
-        run: ./mvnw ${MAVEN_CLI_OPTS} ${ADJUSTED_RESTEASY_VERSION} clean verify ${JAVAX_PROFILE}
-
-  build-legacy:
-    runs-on: ubuntu-latest
-    timeout-minutes: 10
-    strategy:
-      fail-fast: false
-      matrix:
-        env:
-          - KEYCLOAK_VERSION: 21.1.1
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Setup java
-        uses: actions/setup-java@v3
-        with:
-          distribution: 'temurin'
-          java-version: '21'
-
-      - uses: actions/cache@v3
-        with:
-          path: ~/.m2/repository
-          key: ${{ runner.os }}-maven-keycloak-legacy-${{ hashFiles('**/pom.xml') }}
-          restore-keys: |
-            ${{ runner.os }}-maven-keycloak-legacy
-
-      - name: Adapt sources for Keycloak versions < 23.0.0
-        if: ${{ matrix.env.KEYCLOAK_VERSION < '23.0.0' }}
-        run: |
-          echo "JAVAX_PROFILE=-Ppre-keycloak23" >> $GITHUB_ENV
-
-      - name: Adapt sources for Keycloak versions < 22.0.0 (jakarta -> javax)
-        if: ${{ matrix.env.KEYCLOAK_VERSION < '22.0.0' }}
-        run: |
-          echo "JAVAX_PROFILE=-Ppre-keycloak22" >> $GITHUB_ENV
-          echo "ADJUSTED_RESTEASY_VERSION=-Dresteasy.version=4.7.7.Final" >> $GITHUB_ENV
+          echo "COMPATIBILITY_PROFILE=-Ppre-keycloak23" >> $GITHUB_ENV
 
       - name: Build & Test
-        run: ./mvnw ${MAVEN_CLI_OPTS} -Dkeycloak.version=${{ matrix.env.KEYCLOAK_VERSION }} -Dkeycloak.dockerTagSuffix="" ${ADJUSTED_RESTEASY_VERSION} clean verify ${JAVAX_PROFILE}
+        run: ./mvnw ${MAVEN_CLI_OPTS} clean verify ${COMPATIBILITY_PROFILE}
 
   lint-other-files:
     runs-on: ubuntu-latest

docker-compose.yml

@@ -13,22 +13,6 @@ services:
     command:
       - start-dev
       - --features admin-fine-grained-authz
-  keycloak-legacy:
-    image: quay.io/keycloak/keycloak:${KEYCLOAK_VERSION}-legacy
-    environment:
-      KEYCLOAK_PASSWORD: admin123
-      KEYCLOAK_USER: admin
-      KEYCLOAK_LOGLEVEL: INFO
-      ROOT_LOGLEVEL: INFO
-    volumes:
-      - ./providers/:/opt/jboss/keycloak/providers/
-    ports:
-      - "8080:8080"
-      - "8787:8787"
-    command:
-      - "-c"
-      - "standalone.xml"
-      - "-Dkeycloak.profile.feature.admin_fine_grained_authz=enabled"
   openldap:
     image: osixia/openldap:1.5.0
     command:

pom.xml

@@ -682,68 +682,6 @@
     </build>
 
     <profiles>
-        <profile>
-            <id>pre-keycloak22</id>
-            <build>
-                <plugins>
-                    <plugin>
-                        <groupId>com.coderplus.maven.plugins</groupId>
-                        <artifactId>copy-rename-maven-plugin</artifactId>
-                        <version>1.0.1</version>
-                        <executions>
-                            <execution>
-                                <id>replace-subgrouputil-with-legacy</id>
-                                <phase>generate-sources</phase>
-                                <goals>
-                                    <goal>copy</goal>
-                                </goals>
-                                <configuration>
-                                    <sourceFile>${project.basedir}/src/test/java/de/adorsys/keycloak/config/test/util/SubGroupUtil.java.legacy</sourceFile>
-                                    <destinationFile>${project.basedir}/src/test/java/de/adorsys/keycloak/config/test/util/SubGroupUtil.java</destinationFile>
-                                </configuration>
-                            </execution>
-                        </executions>
-                    </plugin>
-                    <plugin>
-                        <groupId>com.google.code.maven-replacer-plugin</groupId>
-                        <artifactId>replacer</artifactId>
-                        <version>${maven-replacer.version}</version>
-                        <executions>
-                            <execution>
-                                <id>replace-pre-keycloak22</id>
-                                <phase>generate-sources</phase>
-                                <goals>
-                                    <goal>replace</goal>
-                                </goals>
-                            </execution>
-                        </executions>
-                        <configuration>
-                            <basedir>
-                                ${project.basedir}/src
-                            </basedir>
-                            <includes>
-                                <include>**/*.java</include>
-                            </includes>
-                            <replacements>
-                                <replacement>
-                                    <token>;
-import org.keycloak.representations.userprofile.config.UPConfig;</token>
-                                    <value>;</value>
-                                </replacement>
-                                <replacement>
-                                    <token>userProfileResource.update\(JsonUtil.readValue\(newUserProfileConfiguration, UPConfig.class\)\);</token>
-                                    <value>userProfileResource.update(newUserProfileConfiguration);</value>
-                                </replacement>
-                                <replacement>
-                                    <token>return groupResource.getSubGroups\(null, null, false\);</token>
-                                    <value>return groupResource.toRepresentation().getSubGroups();</value>
-                                </replacement>
-                            </replacements>
-                        </configuration>
-                    </plugin>
-                </plugins>
-            </build>
-        </profile>
         <profile>
             <id>pre-keycloak23</id>
             <build>

src/test/java/de/adorsys/keycloak/config/AbstractImportIT.java

@@ -60,31 +60,21 @@ abstract public class AbstractImportIT extends AbstractImportTest {
                 .waitingFor(Wait.forHttp("/"))
                 .withStartupTimeout(Duration.ofSeconds(300));
 
-        boolean isLegacyDistribution = KEYCLOAK_CONTAINER.getDockerImageName().contains("legacy")
-                || (VersionUtil.lt(KEYCLOAK_VERSION, "17") && !KEYCLOAK_CONTAINER.getDockerImageName().contains("keycloak-x"));
-
         List<String> command = new ArrayList<>();
 
-        if (isLegacyDistribution) {
-            command.add("-c");
-            command.add("standalone.xml");
-            command.add("-Dkeycloak.profile.feature.admin_fine_grained_authz=enabled");
-            command.add("-Dkeycloak.profile.feature.declarative_user_profile=enabled");
-        } else {
-            KEYCLOAK_CONTAINER.setCommand("start-dev");
-            command.add("start-dev");
-            command.add("--features");
-
-            StringBuilder featuresBuilder =
-                    new StringBuilder("admin-fine-grained-authz,client-policies,client-secret-rotation");
+        KEYCLOAK_CONTAINER.setCommand("start-dev");
+        command.add("start-dev");
+        command.add("--features");
 
-            if (VersionUtil.lt(KEYCLOAK_VERSION, "24")) {
-                featuresBuilder.append(",declarative-user-profile");
-            }
+        StringBuilder featuresBuilder =
+                new StringBuilder("admin-fine-grained-authz,client-policies,client-secret-rotation");
 
-            command.add(featuresBuilder.toString());
+        if (VersionUtil.lt(KEYCLOAK_VERSION, "24")) {
+            featuresBuilder.append(",declarative-user-profile");
         }
 
+        command.add(featuresBuilder.toString());
+
         if (System.getProperties().getOrDefault("skipContainerStart", "false").equals("false")) {
             KEYCLOAK_CONTAINER.setCommand(command.toArray(new String[0]));
             KEYCLOAK_CONTAINER.start();
@@ -97,11 +87,7 @@ abstract public class AbstractImportIT extends AbstractImportTest {
                     "http://%s:%d", KEYCLOAK_CONTAINER.getContainerIpAddress(), KEYCLOAK_CONTAINER.getMappedPort(8080)
             ));
 
-            if (isLegacyDistribution) {
-                System.setProperty("keycloak.url", System.getProperty("keycloak.baseUrl") + "/auth/");
-            } else {
-                System.setProperty("keycloak.url", System.getProperty("keycloak.baseUrl"));
-            }
+            System.setProperty("keycloak.url", System.getProperty("keycloak.baseUrl"));
         }
     }
 }

src/test/java/de/adorsys/keycloak/config/service/ImportAuthenticationFlowsIT.java

@@ -24,7 +24,6 @@
 import de.adorsys.keycloak.config.exception.ImportProcessingException;
 import de.adorsys.keycloak.config.exception.InvalidImportException;
 import de.adorsys.keycloak.config.model.RealmImport;
-import de.adorsys.keycloak.config.util.VersionUtil;
 import org.junit.jupiter.api.Order;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.condition.DisabledIfSystemProperty;
@@ -837,11 +836,7 @@ void shouldUpdateSubBuiltinFLow() throws IOException {
         RealmRepresentation realm = keycloakProvider.getInstance().realm(REALM_NAME).partialExport(true, true);
 
         AuthenticationFlowRepresentation flow = getAuthenticationFlow(realm, "registration form");
-        if (VersionUtil.ge(KEYCLOAK_VERSION, "11")) {
-            assertThat(flow.getDescription(), is("updated registration form"));
-        } else {
-            assertThat(flow.getDescription(), is("registration form"));
-        }
+        assertThat(flow.getDescription(), is("updated registration form"));
         assertThat(flow.isBuiltIn(), is(true));
         assertThat(flow.isTopLevel(), is(false));
 

src/test/java/de/adorsys/keycloak/config/service/ImportClientsIT.java

@@ -273,13 +273,7 @@ void shouldUpdateRealmAddProtocolMapper() throws IOException {
         assertThat(createdClient.getClientAuthenticatorType(), is("client-secret"));
         assertThat(createdClient.getRedirectUris(), is(containsInAnyOrder("https://moped-client.org/redirect")));
         assertThat(createdClient.getWebOrigins(), is(containsInAnyOrder("https://moped-client.org/webOrigin")));
-
-        // client secret on this place is always null for keycloak versions lower than 19...
-        if (VersionUtil.ge(KEYCLOAK_VERSION, "19")) {
-            assertThat(createdClient.getSecret(), is("changed-special-client-secret"));
-        } else {
-            assertThat(createdClient.getSecret(), is(nullValue()));
-        }
+        assertThat(createdClient.getSecret(), is("changed-special-client-secret"));
 
         // ... and has to be retrieved separately
         String clientSecret2 = getClientSecret(REALM_NAME, createdClient.getId());
@@ -450,18 +444,6 @@ void shouldUpdateRealmIgnoreProtocolMapper() throws IOException {
         assertThat(protocolMapper2.getConfig().get("access.token.claim"), is("false"));
     }
 
-    @Test
-    @Order(7)
-    void shouldNotUpdateRealmUpdateScopeMappingsWithError() throws IOException {
-        RealmImport foundImport = getFirstImport("07_update_realm__try-to-update_protocol-mapper.json");
-
-        if (VersionUtil.lt(KEYCLOAK_VERSION, "11")) {
-            ImportProcessingException thrown = assertThrows(ImportProcessingException.class, () -> realmImportService.doImport(foundImport));
-
-            assertThat(thrown.getMessage(), matchesPattern(".*Cannot update protocolMapper 'BranchCodeMapper' for client '.*' in realm 'realmWithClients': .*"));
-        }
-    }
-
     @Test
     @Order(8)
     void shouldUpdateRealmDeleteProtocolMapper() throws IOException {

src/test/java/de/adorsys/keycloak/config/service/ImportIdentityProvidersIT.java

@@ -21,7 +21,6 @@
 package de.adorsys.keycloak.config.service;
 
 import de.adorsys.keycloak.config.AbstractImportIT;
-import de.adorsys.keycloak.config.util.VersionUtil;
 import org.junit.jupiter.api.Order;
 import org.junit.jupiter.api.Test;
 import org.keycloak.representations.idm.*;
@@ -581,11 +580,7 @@ void shouldUpdateOidcIdentityProviderWithDeleteAllMappers() throws IOException {
         assertThat(updatedIdentityProviderConfig.get("useJwksUrl"), is("true"));
 
         List<IdentityProviderMapperRepresentation> identityProviderMappers = createdRealm.getIdentityProviderMappers();
-        if (VersionUtil.ge(KEYCLOAK_VERSION, "12")) {
-            assertThat(identityProviderMappers, empty());
-        } else {
-            assertThat(identityProviderMappers, nullValue());
-        }
+        assertThat(identityProviderMappers, empty());
     }
 
     @Test
@@ -599,11 +594,7 @@ void shouldDeleteOidcIdentityProvider() throws IOException {
         assertThat(createdRealm.isEnabled(), is(true));
 
         List<IdentityProviderRepresentation> identityProviders = createdRealm.getIdentityProviders();
-        if (VersionUtil.ge(KEYCLOAK_VERSION, "12")) {
-            assertThat(identityProviders, empty());
-        } else {
-            assertThat(identityProviders, nullValue());
-        }
+        assertThat(identityProviders, empty());
     }
 
     @Test

src/test/java/de/adorsys/keycloak/config/service/ImportRolesIT.java

@@ -24,7 +24,6 @@
 import de.adorsys.keycloak.config.exception.ImportProcessingException;
 import de.adorsys.keycloak.config.exception.KeycloakRepositoryException;
 import de.adorsys.keycloak.config.model.RealmImport;
-import de.adorsys.keycloak.config.util.VersionUtil;
 import org.junit.jupiter.api.Nested;
 import org.junit.jupiter.api.Order;
 import org.junit.jupiter.api.Test;
@@ -231,10 +230,7 @@ void shouldAddUserWithRealmRole() throws IOException {
         );
 
         assertThat(userRealmLevelRoles, hasItem("my_realm_role"));
-
-        if (VersionUtil.ge(KEYCLOAK_VERSION, "13")) {
-            assertThat(userRealmLevelRoles, hasItem("default-roles-" + REALM_NAME.toLowerCase()));
-        }
+        assertThat(userRealmLevelRoles, hasItem("default-roles-" + REALM_NAME.toLowerCase()));
     }
 
     @Test