Merge branch 'release/0.4.0'

# Conflicts: # build.gradle
Smartling · Jul 29, 2015 · e83be0d · e83be0d
2 parents 471345f + 5bc3b6f
commit e83be0d
Show file tree

Hide file tree

Showing 7 changed files with 266 additions and 23 deletions.
diff --git a/README.md b/README.md
@@ -18,25 +18,15 @@ principal to be loaded from a Spring Security user detail service.
 <dependency>
 	<groupId>com.smartling.keycloak.extras</groupId>
 	<artifactId>keycloak-spring-security-auth</artifactId>
-	<version>0.3.0-SNAPSHOT</version>
+	<version>${version}</version>
 </dependency>
 ```
 
 ## Using Smartling Keycloak Extras
 
-Until the extracts are included in JCenter, add the Smrartling OSS [release repository][repo]
-to your build:
-
-```
-<repositories>
-	<repository>
-		<id>smartling-oss-release</id>
-		<url>https://dl.bintray.com/smartling/release</url>
-		<releases><enabled>true</enabled></releases>
-		<snapshots><enabled>false</enabled></snapshots>
-	</repository>
-</repositories>
-```
+Smartling Keycloak Extras are now distributed via [JCenter]. Simply add JCenter as repository in your build.
+to your build.
 
+[jcenter]: https://bintray.com/bintray/jcenter
 [keycloak]: http://keycloak.org
 [repo]: https://dl.bintray.com/smartling/release
diff --git a/build.gradle b/build.gradle
@@ -29,7 +29,7 @@ buildscript {
 
 group = 'com.smartling.keycloak.extras'
 description = 'Smartling Keycloak Extras'
-version = '0.3.1' + (project.hasProperty('release') && project.ext.release ? '-RELEASE' : '-SNAPSHOT')
+version = '0.4.0' + (project.hasProperty('release') && project.ext.release ? '-RELEASE' : '-SNAPSHOT')
 
 ext {
     springVersion = '3.2.6.RELEASE'

diff --git a/...ers/springsecurity/authentication/DirectAccessGrantUserDetailsAuthenticationProvider.java b/...ers/springsecurity/authentication/DirectAccessGrantUserDetailsAuthenticationProvider.java
@@ -37,14 +37,13 @@
  *     The supplied {@link UserDetailsService} is consulted using the Keycloak
  *     access token's principal attribute as the username.
  * </p>
- * <p>
- *     The original Keycloak principal is available from the {@link KeycloakAuthenticationToken}:
+ *
+ * The original Keycloak principal is available from the {@link KeycloakAuthenticationToken}:
  *     <pre>
  *          KeycloakAuthenticationToken token = (KeycloakAuthenticationToken) SecurityContextHolder.getContext().getAuthentication());
  *          KeycloakAccount account = token.getAccount();
  *          Principal = account.getPrincipal();
  *     </pre>
- * </p>
  *
  * @author <a href="mailto:[email protected]">Scott Rossillo</a>
  *

diff --git a/...oak/adapters/springsecurity/authentication/KeycloakUserDetailsAuthenticationProvider.java b/...oak/adapters/springsecurity/authentication/KeycloakUserDetailsAuthenticationProvider.java
@@ -36,14 +36,13 @@
  * The supplied {@link UserDetailsService user details service} is consulted using the Keycloak
  * access token's email as the username.
  * </p>
- * <p>
- *     The original Keycloak principal is available from the {@link KeycloakAuthenticationToken}:
+ *
+ * The original Keycloak principal is available from the {@link KeycloakAuthenticationToken}:
  *     <pre>
  *          KeycloakAuthenticationToken token = (KeycloakAuthenticationToken) SecurityContextHolder.getContext().getAuthentication());
  *          KeycloakAccount account = token.getAccount();
  *          Principal = account.getPrincipal();
  *     </pre>
- * </p>
  *
  * @author <a href="mailto:[email protected]">Scott Rossillo</a>
  *

diff --git a/...rc/main/java/org/keycloak/adapters/springsecurity/support/KeycloakSpringAdapterUtils.java b/...rc/main/java/org/keycloak/adapters/springsecurity/support/KeycloakSpringAdapterUtils.java
@@ -32,7 +32,6 @@
 import org.keycloak.representations.IDToken;
 import org.springframework.http.converter.HttpMessageConverter;
 import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
-import org.springframework.http.converter.json.MappingJacksonHttpMessageConverter;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
 import org.springframework.util.Assert;

diff --git a/...java/org/keycloak/adapters/springsecurity/support/MappingJacksonHttpMessageConverter.java b/...java/org/keycloak/adapters/springsecurity/support/MappingJacksonHttpMessageConverter.java
@@ -0,0 +1,256 @@
+/*
+ * Copyright 2002-2013 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.adapters.springsecurity.support;
+
+import java.io.IOException;
+import java.lang.reflect.Type;
+import java.nio.charset.Charset;
+
+import org.codehaus.jackson.JsonEncoding;
+import org.codehaus.jackson.JsonGenerator;
+import org.codehaus.jackson.JsonProcessingException;
+import org.codehaus.jackson.map.ObjectMapper;
+import org.codehaus.jackson.map.SerializationConfig;
+import org.codehaus.jackson.type.JavaType;
+
+import org.springframework.http.HttpInputMessage;
+import org.springframework.http.HttpOutputMessage;
+import org.springframework.http.MediaType;
+import org.springframework.http.converter.AbstractHttpMessageConverter;
+import org.springframework.http.converter.GenericHttpMessageConverter;
+import org.springframework.http.converter.HttpMessageNotReadableException;
+import org.springframework.http.converter.HttpMessageNotWritableException;
+import org.springframework.util.Assert;
+
+/**
+ * Implementation of {@link org.springframework.http.converter.HttpMessageConverter HttpMessageConverter} that
+ * can read and write JSON using <a href="http://jackson.codehaus.org/">Jackson 1.x's</a> {@link ObjectMapper}.
+ *
+ * <p>This converter can be used to bind to typed beans, or untyped {@link java.util.HashMap HashMap} instances.
+ *
+ * <p>By default, this converter supports {@code application/json}. This can be overridden by setting the
+ * {@link #setSupportedMediaTypes supportedMediaTypes} property.
+ *
+ * <p><b>NOTE:</b> Requires Jackson 1.8 or higher, as of Spring 4.0.
+ * At the same time, we strongly recommend a migration to Jackson 2.x!
+ *
+ * @author Arjen Poutsma
+ * @author Juergen Hoeller
+ * @since 3.0
+ * @deprecated Please migrate to {@link MappingJackson2HttpMessageConverter} for Jackson 2.x.
+ */
+@Deprecated
+public class MappingJacksonHttpMessageConverter extends AbstractHttpMessageConverter<Object>
+        implements GenericHttpMessageConverter<Object> {
+
+    public static final Charset DEFAULT_CHARSET = Charset.forName("UTF-8");
+
+
+    private ObjectMapper objectMapper = new ObjectMapper();
+
+    private String jsonPrefix;
+
+    private Boolean prettyPrint;
+
+
+    /**
+     * Construct a new {@code MappingJacksonHttpMessageConverter}.
+     */
+    public MappingJacksonHttpMessageConverter() {
+        super(new MediaType("application", "json", DEFAULT_CHARSET),
+                new MediaType("application", "*+json", DEFAULT_CHARSET));
+    }
+
+
+    /**
+     * Set the {@code ObjectMapper} for this view.
+     * If not set, a default {@link ObjectMapper#ObjectMapper() ObjectMapper} is used.
+     * <p>Setting a custom-configured {@code ObjectMapper} is one way to take further control of the JSON
+     * serialization process. For example, an extended {@link org.codehaus.jackson.map.SerializerFactory}
+     * can be configured that provides custom serializers for specific types. The other option for refining
+     * the serialization process is to use Jackson's provided annotations on the types to be serialized,
+     * in which case a custom-configured ObjectMapper is unnecessary.
+     */
+    public void setObjectMapper(ObjectMapper objectMapper) {
+        Assert.notNull(objectMapper, "ObjectMapper must not be null");
+        this.objectMapper = objectMapper;
+        configurePrettyPrint();
+    }
+
+    /**
+     * Return the underlying {@code ObjectMapper} for this view.
+     */
+    public ObjectMapper getObjectMapper() {
+        return this.objectMapper;
+    }
+
+    /**
+     * Specify a custom prefix to use for this view's JSON output.
+     * Default is none.
+     * @see #setPrefixJson
+     */
+    public void setJsonPrefix(String jsonPrefix) {
+        this.jsonPrefix = jsonPrefix;
+    }
+
+    /**
+     * Indicate whether the JSON output by this view should be prefixed with "{} &&". Default is false.
+     * <p>Prefixing the JSON string in this manner is used to help prevent JSON Hijacking.
+     * The prefix renders the string syntactically invalid as a script so that it cannot be hijacked.
+     * This prefix does not affect the evaluation of JSON, but if JSON validation is performed on the
+     * string, the prefix would need to be ignored.
+     * @see #setJsonPrefix
+     */
+    public void setPrefixJson(boolean prefixJson) {
+        this.jsonPrefix = (prefixJson ? "{} && " : null);
+    }
+
+    /**
+     * Whether to use the {@link org.codehaus.jackson.util.DefaultPrettyPrinter} when writing JSON.
+     * This is a shortcut for setting up an {@code ObjectMapper} as follows:
+     * <pre class="code">
+     * ObjectMapper mapper = new ObjectMapper();
+     * mapper.configure(SerializationConfig.Feature.INDENT_OUTPUT, true);
+     * converter.setObjectMapper(mapper);
+     * </pre>
+     * <p>The default value is {@code false}.
+     */
+    public void setPrettyPrint(boolean prettyPrint) {
+        this.prettyPrint = prettyPrint;
+        configurePrettyPrint();
+    }
+
+    private void configurePrettyPrint() {
+        if (this.prettyPrint != null) {
+            this.objectMapper.configure(SerializationConfig.Feature.INDENT_OUTPUT, this.prettyPrint);
+        }
+    }
+
+
+    @Override
+    public boolean canRead(Class<?> clazz, MediaType mediaType) {
+        return canRead(clazz, null, mediaType);
+    }
+
+    @Override
+    public boolean canRead(Type type, Class<?> contextClass, MediaType mediaType) {
+        JavaType javaType = getJavaType(type, contextClass);
+        return (this.objectMapper.canDeserialize(javaType) && canRead(mediaType));
+    }
+
+    @Override
+    public boolean canWrite(Class<?> clazz, MediaType mediaType) {
+        return (this.objectMapper.canSerialize(clazz) && canWrite(mediaType));
+    }
+
+    @Override
+    protected boolean supports(Class<?> clazz) {
+        // should not be called, since we override canRead/Write instead
+        throw new UnsupportedOperationException();
+    }
+
+    @Override
+    protected Object readInternal(Class<?> clazz, HttpInputMessage inputMessage)
+            throws IOException, HttpMessageNotReadableException {
+
+        JavaType javaType = getJavaType(clazz, null);
+        return readJavaType(javaType, inputMessage);
+    }
+
+    @Override
+    public Object read(Type type, Class<?> contextClass, HttpInputMessage inputMessage)
+            throws IOException, HttpMessageNotReadableException {
+
+        JavaType javaType = getJavaType(type, contextClass);
+        return readJavaType(javaType, inputMessage);
+    }
+
+    private Object readJavaType(JavaType javaType, HttpInputMessage inputMessage) {
+        try {
+            return this.objectMapper.readValue(inputMessage.getBody(), javaType);
+        }
+        catch (IOException ex) {
+            throw new HttpMessageNotReadableException("Could not read JSON: " + ex.getMessage(), ex);
+        }
+    }
+
+    @Override
+    protected void writeInternal(Object object, HttpOutputMessage outputMessage)
+            throws IOException, HttpMessageNotWritableException {
+
+        JsonEncoding encoding = getJsonEncoding(outputMessage.getHeaders().getContentType());
+        JsonGenerator jsonGenerator =
+                this.objectMapper.getJsonFactory().createJsonGenerator(outputMessage.getBody(), encoding);
+
+        // A workaround for JsonGenerators not applying serialization features
+        // https://github.com/FasterXML/jackson-databind/issues/12
+        if (this.objectMapper.getSerializationConfig().isEnabled(SerializationConfig.Feature.INDENT_OUTPUT)) {
+            jsonGenerator.useDefaultPrettyPrinter();
+        }
+
+        try {
+            if (this.jsonPrefix != null) {
+                jsonGenerator.writeRaw(this.jsonPrefix);
+            }
+            this.objectMapper.writeValue(jsonGenerator, object);
+        }
+        catch (JsonProcessingException ex) {
+            throw new HttpMessageNotWritableException("Could not write JSON: " + ex.getMessage(), ex);
+        }
+    }
+
+    /**
+     * Return the Jackson {@link JavaType} for the specified type and context class.
+     * <p>The default implementation returns {@code typeFactory.constructType(type, contextClass)},
+     * but this can be overridden in subclasses, to allow for custom generic collection handling.
+     * For instance:
+     * <pre class="code">
+     * protected JavaType getJavaType(Type type) {
+     *   if (type instanceof Class && List.class.isAssignableFrom((Class)type)) {
+     *     return TypeFactory.collectionType(ArrayList.class, MyBean.class);
+     *   } else {
+     *     return super.getJavaType(type);
+     *   }
+     * }
+     * </pre>
+     * @param type the type to return the java type for
+     * @param contextClass a context class for the target type, for example a class
+     * in which the target type appears in a method signature, can be {@code null}
+     * @return the java type
+     */
+    protected JavaType getJavaType(Type type, Class<?> contextClass) {
+        return this.objectMapper.getTypeFactory().constructType(type, contextClass);
+    }
+
+    /**
+     * Determine the JSON encoding to use for the given content type.
+     * @param contentType the media type as requested by the caller
+     * @return the JSON encoding to use (never {@code null})
+     */
+    protected JsonEncoding getJsonEncoding(MediaType contentType) {
+        if (contentType != null && contentType.getCharSet() != null) {
+            Charset charset = contentType.getCharSet();
+            for (JsonEncoding encoding : JsonEncoding.values()) {
+                if (charset.name().equals(encoding.getJavaName())) {
+                    return encoding;
+                }
+            }
+        }
+        return JsonEncoding.UTF8;
+    }
+
+}
diff --git a/...va/org/keycloak/adapters/springsecurity/service/KeycloakDirectAccessGrantServiceTest.java b/...va/org/keycloak/adapters/springsecurity/service/KeycloakDirectAccessGrantServiceTest.java
@@ -21,10 +21,10 @@
 import org.junit.runner.RunWith;
 import org.keycloak.adapters.RefreshableKeycloakSecurityContext;
 import org.keycloak.adapters.springsecurity.config.AppConfig;
+import org.keycloak.adapters.springsecurity.support.MappingJacksonHttpMessageConverter;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.converter.HttpMessageConverter;
 import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
-import org.springframework.http.converter.json.MappingJacksonHttpMessageConverter;
 import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;