mirror of
https://github.com/keycloak/keycloak.git
synced 2026-01-25 16:42:34 +00:00
KEYCLOAK-644 Searching by email from LDAP doesn't work
This commit is contained in:
@@ -140,31 +140,10 @@ public class LDAPFederationProvider implements UserFederationProvider {
|
||||
|
||||
@Override
|
||||
public List<UserModel> searchByAttributes(Map<String, String> attributes, RealmModel realm, int maxResults) {
|
||||
IdentityManager identityManager = getIdentityManager();
|
||||
List<UserModel> searchResults =new LinkedList<UserModel>();
|
||||
try {
|
||||
Map<String, User> results = new HashMap<String, User>();
|
||||
if (attributes.containsKey(USERNAME)) {
|
||||
User user = BasicModel.getUser(identityManager, attributes.get(USERNAME));
|
||||
if (user != null) results.put(user.getLoginName(), user);
|
||||
} else if (attributes.containsKey(EMAIL)) {
|
||||
User user = queryByEmail(identityManager, attributes.get(EMAIL));
|
||||
if (user != null) results.put(user.getLoginName(), user);
|
||||
} else if (attributes.containsKey(FIRST_NAME) || attributes.containsKey(LAST_NAME)) {
|
||||
IdentityQuery<User> query = identityManager.createIdentityQuery(User.class);
|
||||
if (attributes.containsKey(FIRST_NAME)) {
|
||||
query.setParameter(User.FIRST_NAME, attributes.get(FIRST_NAME));
|
||||
}
|
||||
if (attributes.containsKey(LAST_NAME)) {
|
||||
query.setParameter(User.LAST_NAME, attributes.get(LAST_NAME));
|
||||
}
|
||||
query.setLimit(maxResults);
|
||||
List<User> agents = query.getResultList();
|
||||
for (User user : agents) {
|
||||
results.put(user.getLoginName(), user);
|
||||
}
|
||||
}
|
||||
for (User user : results.values()) {
|
||||
Map<String, User> plUsers = searchPicketlink(attributes, maxResults);
|
||||
for (User user : plUsers.values()) {
|
||||
if (session.userStorage().getUserByUsername(user.getLoginName(), realm) == null) {
|
||||
UserModel imported = importUserFromPicketlink(realm, user);
|
||||
searchResults.add(imported);
|
||||
@@ -176,6 +155,43 @@ public class LDAPFederationProvider implements UserFederationProvider {
|
||||
return searchResults;
|
||||
}
|
||||
|
||||
protected Map<String, User> searchPicketlink(Map<String, String> attributes, int maxResults) {
|
||||
IdentityManager identityManager = getIdentityManager();
|
||||
Map<String, User> results = new HashMap<String, User>();
|
||||
if (attributes.containsKey(USERNAME)) {
|
||||
User user = BasicModel.getUser(identityManager, attributes.get(USERNAME));
|
||||
if (user != null) {
|
||||
results.put(user.getLoginName(), user);
|
||||
return results;
|
||||
}
|
||||
}
|
||||
|
||||
if (attributes.containsKey(EMAIL)) {
|
||||
User user = queryByEmail(identityManager, attributes.get(EMAIL));
|
||||
if (user != null) {
|
||||
results.put(user.getLoginName(), user);
|
||||
return results;
|
||||
}
|
||||
}
|
||||
|
||||
if (attributes.containsKey(FIRST_NAME) || attributes.containsKey(LAST_NAME)) {
|
||||
IdentityQuery<User> query = identityManager.createIdentityQuery(User.class);
|
||||
if (attributes.containsKey(FIRST_NAME)) {
|
||||
query.setParameter(User.FIRST_NAME, attributes.get(FIRST_NAME));
|
||||
}
|
||||
if (attributes.containsKey(LAST_NAME)) {
|
||||
query.setParameter(User.LAST_NAME, attributes.get(LAST_NAME));
|
||||
}
|
||||
query.setLimit(maxResults);
|
||||
List<User> agents = query.getResultList();
|
||||
for (User user : agents) {
|
||||
results.put(user.getLoginName(), user);
|
||||
}
|
||||
}
|
||||
|
||||
return results;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isValid(UserModel local) {
|
||||
try {
|
||||
|
||||
@@ -236,23 +236,6 @@ public class FederationProvidersIntegrationTest {
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testRemoveFederatedUser() {
|
||||
KeycloakSession session = keycloakRule.startSession();
|
||||
try {
|
||||
RealmModel appRealm = session.realms().getRealmByName("test");
|
||||
UserModel user = session.users().getUserByUsername("registerUserSuccess2", appRealm);
|
||||
Assert.assertNotNull(user);
|
||||
Assert.assertNotNull(user.getFederationLink());
|
||||
Assert.assertEquals(user.getFederationLink(), ldapModel.getId());
|
||||
|
||||
Assert.assertTrue(session.users().removeUser(appRealm, user));
|
||||
Assert.assertNull(session.users().getUserByUsername("registerUserSuccess2", appRealm));
|
||||
} finally {
|
||||
keycloakRule.stopSession(session, true);
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testReadonly() {
|
||||
KeycloakSession session = keycloakRule.startSession();
|
||||
@@ -307,6 +290,60 @@ public class FederationProvidersIntegrationTest {
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testRemoveFederatedUser() {
|
||||
KeycloakSession session = keycloakRule.startSession();
|
||||
try {
|
||||
RealmModel appRealm = session.realms().getRealmByName("test");
|
||||
UserModel user = session.users().getUserByUsername("registerUserSuccess2", appRealm);
|
||||
Assert.assertNotNull(user);
|
||||
Assert.assertNotNull(user.getFederationLink());
|
||||
Assert.assertEquals(user.getFederationLink(), ldapModel.getId());
|
||||
|
||||
Assert.assertTrue(session.users().removeUser(appRealm, user));
|
||||
Assert.assertNull(session.users().getUserByUsername("registerUserSuccess2", appRealm));
|
||||
} finally {
|
||||
keycloakRule.stopSession(session, true);
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSearch() {
|
||||
KeycloakSession session = keycloakRule.startSession();
|
||||
PartitionManager partitionManager = getPartitionManager(session, ldapModel);
|
||||
try {
|
||||
RealmModel appRealm = session.realms().getRealmByName("test");
|
||||
LDAPUtils.addUser(partitionManager, "username1", "John1", "Doel1", "user1@email.org");
|
||||
LDAPUtils.addUser(partitionManager, "username2", "John2", "Doel2", "user2@email.org");
|
||||
LDAPUtils.addUser(partitionManager, "username3", "John3", "Doel3", "user3@email.org");
|
||||
LDAPUtils.addUser(partitionManager, "username4", "John4", "Doel4", "user4@email.org");
|
||||
|
||||
// Users are not at local store at this moment
|
||||
Assert.assertNull(session.userStorage().getUserByUsername("username1", appRealm));
|
||||
Assert.assertNull(session.userStorage().getUserByUsername("username2", appRealm));
|
||||
Assert.assertNull(session.userStorage().getUserByUsername("username3", appRealm));
|
||||
Assert.assertNull(session.userStorage().getUserByUsername("username4", appRealm));
|
||||
|
||||
// search by username
|
||||
session.users().searchForUser("username1", appRealm);
|
||||
SyncProvidersTest.assertUserImported(session.userStorage(), appRealm, "username1", "John1", "Doel1", "user1@email.org");
|
||||
|
||||
// search by email
|
||||
session.users().searchForUser("user2@email.org", appRealm);
|
||||
SyncProvidersTest.assertUserImported(session.userStorage(), appRealm, "username2", "John2", "Doel2", "user2@email.org");
|
||||
|
||||
// search by lastName
|
||||
session.users().searchForUser("Doel3", appRealm);
|
||||
SyncProvidersTest.assertUserImported(session.userStorage(), appRealm, "username3", "John3", "Doel3", "user3@email.org");
|
||||
|
||||
// search by firstName + lastName
|
||||
session.users().searchForUser("John4 Doel4", appRealm);
|
||||
SyncProvidersTest.assertUserImported(session.userStorage(), appRealm, "username4", "John4", "Doel4", "user4@email.org");
|
||||
} finally {
|
||||
keycloakRule.stopSession(session, true);
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testUnsynced() {
|
||||
KeycloakSession session = keycloakRule.startSession();
|
||||
|
||||
@@ -185,7 +185,7 @@ public class SyncProvidersTest {
|
||||
}
|
||||
}
|
||||
|
||||
private void assertUserImported(UserProvider userProvider, RealmModel realm, String username, String expectedFirstName, String expectedLastName, String expectedEmail) {
|
||||
public static void assertUserImported(UserProvider userProvider, RealmModel realm, String username, String expectedFirstName, String expectedLastName, String expectedEmail) {
|
||||
UserModel user = userProvider.getUserByUsername(username, realm);
|
||||
Assert.assertNotNull(user);
|
||||
Assert.assertEquals(expectedFirstName, user.getFirstName());
|
||||
|
||||
Reference in New Issue
Block a user