move configuration to db

analizers/findbugs-exclude.xml

@@ -68,4 +68,8 @@
     <Bug pattern="WEAK_MESSAGE_DIGEST_SHA1"/>
     <Class name="ua.zaskarius.keycloak.plugins.radius.radius.handlers.protocols.mschapv2.MSCHAPV2AuthenticatorUtils"/>
   </Match>
+  <Match>
+    <Bug pattern="CFS_CONFUSING_FUNCTION_SEMANTICS"/>
+    <Class name="ua.zaskarius.keycloak.plugins.radius.configuration.RadiusConfigJPA"/>
+  </Match>
 </FindBugsFilter>

keycloak-plugins/pom.xml

@@ -445,6 +445,7 @@
                         <exclude>**/client/*</exclude>
                         <exclude>**/Abstract**</exclude>
                         <exclude>**/MSCHAPHelper**</exclude>
+                        <exclude>**/KeycloakStaticHelper**</exclude>
                     </excludes>
                 </configuration>
                 <executions>

keycloak-plugins/radius-plugin/dependency-reduced-pom.xml

@@ -1,12 +1,12 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
   <parent>
-    <artifactId>keycloak-plugins</artifactId>
-    <groupId>smarthome.sso</groupId>
+    <artifactId>plugins</artifactId>
+    <groupId>ua.in.zaskarius.keycloak</groupId>
     <version>1.0-SNAPSHOT</version>
   </parent>
   <modelVersion>4.0.0</modelVersion>
-  <artifactId>mikrotik-plugin</artifactId>
+  <artifactId>radius-plugin</artifactId>
   <dependencies>
     <dependency>
       <groupId>org.bouncycastle</groupId>

keycloak-plugins/radius-plugin/git.properties

@@ -1,13 +1,13 @@
 #Generated by Git-Commit-Id-Plugin
-#Fri Jan 10 10:11:57 EET 2020
+#Fri Jan 10 20:08:19 EET 2020
 git.build.version=1.0-SNAPSHOT
-git.commit.id.abbrev=583a377
+git.commit.id.abbrev=4ad41fd
 git.branch=master
 git.build.host=Vasyls-MacBook-Pro-8066.local
-git.commit.id.describe-short=583a377-dirty
-git.commit.id.describe=583a377-dirty
-git.commit.id=583a37772b1ddd2640a94adfc6bb1b0ec1ba5d53
-git.commit.time=10.01.2020 @ 07\:43\:16 UTC
-git.build.time=10.01.2020 @ 08\:11\:57 UTC
+git.commit.id.describe-short=4ad41fd-dirty
+git.commit.id.describe=4ad41fd-dirty
+git.commit.id=4ad41fdf6f0f0b29d2ef900555605543625ee68f
+git.commit.time=10.01.2020 @ 09\:47\:27 UTC
+git.build.time=10.01.2020 @ 18\:08\:19 UTC
 git.build.user.name=vzakharchenko
-git.commit.message.full=Initial commit
+git.commit.message.full=include coveralls report

keycloak-plugins/radius-plugin/src/main/java/ua/zaskarius/keycloak/plugins/radius/RadiusHelper.java

@@ -1,16 +1,16 @@
 package ua.zaskarius.keycloak.plugins.radius;
 
+import org.keycloak.credential.CredentialModel;
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.RealmModel;
+import org.keycloak.models.RoleModel;
+import org.keycloak.models.UserModel;
 import ua.zaskarius.keycloak.plugins.radius.configuration.IRadiusConfiguration;
 import ua.zaskarius.keycloak.plugins.radius.configuration.RadiusConfigHelper;
 import ua.zaskarius.keycloak.plugins.radius.models.RadiusCommonSettings;
 import ua.zaskarius.keycloak.plugins.radius.password.RadiusCredentialModel;
 import ua.zaskarius.keycloak.plugins.radius.providers.IRadiusConnectionProvider;
 import ua.zaskarius.keycloak.plugins.radius.radius.provider.RadiusRadiusProvider;
-import org.keycloak.credential.CredentialModel;
-import org.keycloak.models.KeycloakSession;
-import org.keycloak.models.RealmModel;
-import org.keycloak.models.RoleModel;
-import org.keycloak.models.UserModel;
 
 import java.security.SecureRandom;
 import java.util.List;
@@ -52,7 +52,7 @@ public static boolean hasPasswordReadPermission(
             UserModel userModel
     ) {
         RoleModel role = realm
-                .getRole(RadiusRadiusProvider.READ_MIKROTIK_PASSWORD);
+                .getRole(RadiusRadiusProvider.READ_RADIUS_PASSWORD);
         return role != null &&
                 userModel.isEnabled()
                 && userModel
@@ -67,7 +67,7 @@ public static String getPassword(
         if (!hasPasswordReadPermission(realm, userModel)) {
             throw new IllegalStateException(userModel.getUsername() +
                     " does not have role " +
-                    RadiusRadiusProvider.READ_MIKROTIK_PASSWORD);
+                    RadiusRadiusProvider.READ_RADIUS_PASSWORD);
         }
         String currentPassword = getCurrentPassword(keycloakSession, realm, userModel);
         if (currentPassword == null) {

keycloak-plugins/radius-plugin/src/main/java/ua/zaskarius/keycloak/plugins/radius/configuration/ConfigurationEndpointFactory.java

@@ -0,0 +1,37 @@
+package ua.zaskarius.keycloak.plugins.radius.configuration;
+
+import org.keycloak.Config;
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.KeycloakSessionFactory;
+import org.keycloak.services.resource.RealmResourceProvider;
+import org.keycloak.services.resource.RealmResourceProviderFactory;
+
+public class ConfigurationEndpointFactory implements RealmResourceProviderFactory {
+
+    public static final String RADIUS_CONFIGURATION_ENDPOINT = "Radius-configuration-endpoint";
+
+    @Override
+    public RealmResourceProvider create(KeycloakSession session) {
+        return new ConfigurationProvider(session);
+    }
+
+    @Override
+    public void init(Config.Scope config) {
+
+    }
+
+    @Override
+    public void postInit(KeycloakSessionFactory factory) {
+
+    }
+
+    @Override
+    public void close() {
+
+    }
+
+    @Override
+    public String getId() {
+        return RADIUS_CONFIGURATION_ENDPOINT;
+    }
+}

keycloak-plugins/radius-plugin/src/main/java/ua/zaskarius/keycloak/plugins/radius/configuration/ConfigurationProvider.java

@@ -0,0 +1,23 @@
+package ua.zaskarius.keycloak.plugins.radius.configuration;
+
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.services.resource.RealmResourceProvider;
+
+public class ConfigurationProvider implements RealmResourceProvider {
+
+    private final KeycloakSession session;
+
+    public ConfigurationProvider(KeycloakSession session) {
+        this.session = session;
+    }
+
+    @Override
+    public Object getResource() {
+        return new ConfigurationResourceImpl(session);
+    }
+
+    @Override
+    public void close() {
+
+    }
+}

keycloak-plugins/radius-plugin/src/main/java/ua/zaskarius/keycloak/plugins/radius/configuration/ConfigurationResource.java

@@ -0,0 +1,23 @@
+package ua.zaskarius.keycloak.plugins.radius.configuration;
+
+import org.jboss.resteasy.annotations.cache.NoCache;
+import ua.zaskarius.keycloak.plugins.radius.models.ConfigurationRepresentation;
+
+import javax.ws.rs.*;
+import javax.ws.rs.core.MediaType;
+
+public interface ConfigurationResource {
+
+    @POST
+    @Path("admin/config/save")
+    @NoCache
+    @Produces(MediaType.APPLICATION_JSON)
+    @Consumes(MediaType.APPLICATION_JSON)
+    ConfigurationRepresentation saveConfig(ConfigurationRepresentation configuration);
+
+    @GET
+    @Path("admin/config/get")
+    @NoCache
+    @Produces(MediaType.APPLICATION_JSON)
+    ConfigurationRepresentation getConfig();
+}

keycloak-plugins/radius-plugin/src/main/java/ua/zaskarius/keycloak/plugins/radius/configuration/ConfigurationResourceImpl.java

@@ -0,0 +1,76 @@
+package ua.zaskarius.keycloak.plugins.radius.configuration;
+
+import com.google.common.annotations.VisibleForTesting;
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.services.ForbiddenException;
+import org.keycloak.services.managers.AuthenticationManager;
+import ua.zaskarius.keycloak.plugins.radius.models.ConfigurationRepresentation;
+import ua.zaskarius.keycloak.plugins.radius.models.RadiusConfigModel;
+import ua.zaskarius.keycloak.plugins.radius.transaction.KeycloakRadiusUtils;
+
+public class ConfigurationResourceImpl implements ConfigurationResource {
+
+    private IRadiusConfigJPA radiusConfigJPA;
+
+    private AuthenticationManager.AuthResult auth;
+
+
+    public ConfigurationResourceImpl(KeycloakSession session) {
+        this.radiusConfigJPA = new RadiusConfigJPA(session);
+        this.auth = KeycloakRadiusUtils
+                .getKeycloakHelper()
+                .getAuthResult(session);
+        if (auth == null || auth.getUser() == null) {
+            throw new ForbiddenException();
+        }
+    }
+
+    @Override
+    public ConfigurationRepresentation saveConfig(ConfigurationRepresentation configuration) {
+        return transform(radiusConfigJPA
+                .saveConfig(transform(configuration), auth.getUser()));
+    }
+
+    @Override
+    public ConfigurationRepresentation getConfig() {
+        RadiusConfigModel config = radiusConfigJPA.getConfig();
+
+        if (config == null) {
+            ConfigurationRepresentation configurationRepresentation =
+                    new ConfigurationRepresentation();
+            configurationRepresentation.setAccountPort(1813);
+            configurationRepresentation.setAuthPort(1812);
+            configurationRepresentation.setRadiusShared(null);
+            configurationRepresentation.setStart(true);
+            return saveConfig(configurationRepresentation);
+        }
+        return transform(config);
+    }
+
+    public ConfigurationRepresentation transform(RadiusConfigModel configModel) {
+        ConfigurationRepresentation configurationRepresentation =
+                new ConfigurationRepresentation();
+        configurationRepresentation.setId(configModel.getId());
+        configurationRepresentation.setAccountPort(configModel.getAccountPort());
+        configurationRepresentation.setAuthPort(configModel.getAuthPort());
+        configurationRepresentation.setRadiusShared(configModel.getRadiusShared());
+        configurationRepresentation.setStart(configModel.isStart());
+        return configurationRepresentation;
+    }
+
+    public RadiusConfigModel transform(ConfigurationRepresentation configurationRepresentation) {
+        RadiusConfigModel configModel =
+                new RadiusConfigModel();
+        configModel.setId(configurationRepresentation.getId());
+        configModel.setAccountPort(configurationRepresentation.getAccountPort());
+        configModel.setAuthPort(configurationRepresentation.getAuthPort());
+        configModel.setRadiusShared(configurationRepresentation.getRadiusShared());
+        configModel.setStart(configurationRepresentation.isStart());
+        return configModel;
+    }
+
+    @VisibleForTesting
+    void setRadiusConfigJPA(IRadiusConfigJPA radiusConfigJPA) {
+        this.radiusConfigJPA = radiusConfigJPA;
+    }
+}

keycloak-plugins/radius-plugin/src/main/java/ua/zaskarius/keycloak/plugins/radius/configuration/DBRadiusConfiguration.java

@@ -0,0 +1,50 @@
+package ua.zaskarius.keycloak.plugins.radius.configuration;
+
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.RealmModel;
+import ua.zaskarius.keycloak.plugins.radius.models.RadiusCommonSettings;
+import ua.zaskarius.keycloak.plugins.radius.models.RadiusConfigModel;
+import ua.zaskarius.keycloak.plugins.radius.models.RadiusServerSettings;
+
+public class DBRadiusConfiguration implements IRadiusConfiguration {
+
+    protected DBRadiusConfiguration() {
+    }
+
+    @Override
+    public RadiusServerSettings getRadiusSettings(KeycloakSession session) {
+        RadiusConfigJPA radiusConfigJPA = new RadiusConfigJPA(session);
+        RadiusConfigModel config = radiusConfigJPA.getConfig();
+        RadiusServerSettings radiusServerSettings = new RadiusServerSettings();
+        radiusServerSettings.setSecret(config.getRadiusShared());
+        radiusServerSettings.setAccountPort(config.getAccountPort());
+        radiusServerSettings.setAccountPort(config.getAccountPort());
+        radiusServerSettings.setUseRadius(config.isStart());
+        return radiusServerSettings;
+    }
+
+    @Override
+    public RadiusCommonSettings getCommonSettings(RealmModel realmModel) {
+        return null;
+    }
+
+    @Override
+    public RadiusServerSettings getRadiusSettings(RealmModel realmModel) {
+        return null;
+    }
+
+    @Override
+    public boolean isUsedRadius(RealmModel realmModel) {
+        return true;
+    }
+
+    @Override
+    public boolean isUsedRadius(KeycloakSession session) {
+        return getRadiusSettings(session).isUseRadius();
+    }
+
+    @Override
+    public boolean init(RealmModel realmModel) {
+        return false;
+    }
+}

keycloak-plugins/radius-plugin/src/main/java/ua/zaskarius/keycloak/plugins/radius/configuration/FlowRadiusConfiguration.java

@@ -1,13 +1,10 @@
 package ua.zaskarius.keycloak.plugins.radius.configuration;
 
 
+import org.keycloak.models.*;
 import ua.zaskarius.keycloak.plugins.radius.models.RadiusCommonSettings;
 import ua.zaskarius.keycloak.plugins.radius.models.RadiusServerSettings;
 import ua.zaskarius.keycloak.plugins.radius.radius.provider.RadiusRadiusProviderFactory;
-import org.keycloak.models.AuthenticationExecutionModel;
-import org.keycloak.models.AuthenticationFlowModel;
-import org.keycloak.models.AuthenticatorConfigModel;
-import org.keycloak.models.RealmModel;
 
 import java.util.*;
 
@@ -64,10 +61,15 @@ protected Map<String, String> getConfig(RealmModel realmModel,
         return config;
     }
 
+    @Override
+    public RadiusServerSettings getRadiusSettings(KeycloakSession session) {
+       return null;
+    }
+
     @Override
     public RadiusCommonSettings getCommonSettings(RealmModel realm) {
         Map<String, String> config = getConfig(realm,
-                MIKROTIK_SETTINGS, RadiusCommonSettingFactory.RADIUS_PROVIDER_SETTINGS);
+                RADIUS_SETTINGS, RadiusCommonSettingFactory.RADIUS_PROVIDER_SETTINGS);
 
         RadiusCommonSettings mikrotikSetting = new RadiusCommonSettings();
         String provider = config.get(RadiusCommonSettingFactory.RADIUS_PROVIDERS);
@@ -93,7 +95,7 @@ public RadiusCommonSettings getCommonSettings(RealmModel realm) {
     @Override
     public RadiusServerSettings getRadiusSettings(RealmModel realm) {
         Map<String, String> config = getConfig(realm,
-                MIKROTIK_SETTINGS, RadiusSettingFactory.RADIUS_SETTINGS);
+                RADIUS_SETTINGS, RadiusSettingFactory.RADIUS_SETTINGS);
         RadiusServerSettings radiusServerSettings = new RadiusServerSettings();
         radiusServerSettings.setSecret(config.get(RadiusSettingFactory.RADIUS_SERVER_SECRET));
         radiusServerSettings.setUrl(Arrays.asList(Objects.toString(config
@@ -108,6 +110,11 @@ public boolean isUsedRadius(RealmModel realmModel) {
         return commonSettings.isUseRadius();
     }
 
+    @Override
+    public boolean isUsedRadius(KeycloakSession session) {
+        return true;
+    }
+
     public List<String> getExecutions() {
         return Arrays.asList(RadiusCommonSettingFactory.RADIUS_PROVIDER_SETTINGS,
                 RadiusSettingFactory.RADIUS_SETTINGS);
@@ -116,7 +123,7 @@ public List<String> getExecutions() {
     @Override
     public boolean init(RealmModel realmModel) {
         boolean changed = false;
-        AuthenticationFlowModel flow = getFlow(realmModel, MIKROTIK_SETTINGS);
+        AuthenticationFlowModel flow = getFlow(realmModel, RADIUS_SETTINGS);
         if (flow == null) {
             changed = true;
             AuthenticationFlowModel authenticationFlowModel = new AuthenticationFlowModel();
@@ -128,7 +135,7 @@ public boolean init(RealmModel realmModel) {
                     .addAuthenticationFlow(authenticationFlowModel);
 
             flow = new AuthenticationFlowModel();
-            flow.setAlias(MIKROTIK_SETTINGS);
+            flow.setAlias(RADIUS_SETTINGS);
             flow.setDescription("Radius Server Configuration");
             flow.setProviderId("form-flow");
             flow.setTopLevel(false);

keycloak-plugins/radius-plugin/src/main/java/ua/zaskarius/keycloak/plugins/radius/configuration/IRadiusConfigJPA.java

@@ -0,0 +1,10 @@
+package ua.zaskarius.keycloak.plugins.radius.configuration;
+
+import org.keycloak.models.UserModel;
+import ua.zaskarius.keycloak.plugins.radius.models.RadiusConfigModel;
+
+public interface IRadiusConfigJPA {
+    RadiusConfigModel getConfig();
+
+    RadiusConfigModel saveConfig(RadiusConfigModel configModel, UserModel userModel);
+}