Delete bug fix

README.md

@@ -18,6 +18,7 @@ ou avec une installation locale de keycloak:
 mvn clean install wildfly:deploy
 ```
 
+:warning: Il y avait un problème avec la version `4.8.0.Final` de keycloak, cette dernière n'est pas compatible avec cette extension (la version 4.8.1.Final l'est)
 ---
 
 # keycloak-franceconnect
@@ -39,3 +40,6 @@ or with a local install :
 ```
 mvn clean install wildfly:deploy
 ```
+
+:warning: There was a problem with keycloak version `4.8.0.Final`, please use `4.8.1.Final`
+

src/main/java/fr/insee/keycloak/FranceConnectIdentityProvider.java

@@ -1,31 +1,18 @@
 package fr.insee.keycloak;
 
-import java.io.IOException;
-import javax.ws.rs.core.HttpHeaders;
-import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.UriBuilder;
 import javax.ws.rs.core.UriInfo;
 import org.keycloak.broker.oidc.OIDCIdentityProvider;
 import org.keycloak.broker.oidc.OIDCIdentityProviderConfig;
-import org.keycloak.broker.oidc.mappers.AbstractJsonUserAttributeMapper;
-import org.keycloak.broker.provider.BrokeredIdentityContext;
-import org.keycloak.broker.provider.IdentityBrokerException;
-import org.keycloak.broker.provider.util.SimpleHttp;
 import org.keycloak.broker.social.SocialIdentityProvider;
 import org.keycloak.jose.jws.JWSInput;
-import org.keycloak.jose.jws.JWSInputException;
 import org.keycloak.jose.jws.crypto.HMACProvider;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.RealmModel;
 import org.keycloak.models.UserSessionModel;
-import org.keycloak.representations.AccessTokenResponse;
-import org.keycloak.representations.IDToken;
-import org.keycloak.representations.JsonWebToken;
 import org.keycloak.services.resources.IdentityBrokerService;
 import org.keycloak.services.resources.RealmsResource;
-import org.keycloak.util.JsonSerialization;
-import com.fasterxml.jackson.databind.JsonNode;
 
 public class FranceConnectIdentityProvider extends OIDCIdentityProvider
     implements SocialIdentityProvider<OIDCIdentityProviderConfig> {
@@ -86,113 +73,6 @@ protected boolean verify(JWSInput jws) {
     return HMACProvider.verify(jws, getConfig().getClientSecret().getBytes());
   }
 
-
-  @Override
-  public void preprocessFederatedIdentity(KeycloakSession session, RealmModel realm,
-      BrokeredIdentityContext context) {
-    super.preprocessFederatedIdentity(session, realm, context);
-
-  }
-
-
-  private SimpleHttp.Response executeRequest(String url, SimpleHttp request) throws IOException {
-    SimpleHttp.Response response = request.asResponse();
-    if (response.getStatus() != 200) {
-      String msg = "failed to invoke url [" + url + "]";
-      try {
-        String tmp = response.asString();
-        if (tmp != null)
-          msg = tmp;
-
-      } catch (IOException e) {
-
-      }
-      throw new IdentityBrokerException("Failed to invoke url [" + url + "]: " + msg);
-    }
-    return response;
-  }
-
-
-  @Override
-  protected BrokeredIdentityContext extractIdentity(AccessTokenResponse tokenResponse,
-      String accessToken, JsonWebToken idToken) throws IOException {
-    String id = idToken.getSubject();
-    BrokeredIdentityContext identity = new BrokeredIdentityContext(id);
-    String name = (String) idToken.getOtherClaims().get(IDToken.NAME);
-    String preferredUsername =
-        (String) idToken.getOtherClaims().get(getusernameClaimNameForIdToken());
-    String email = (String) idToken.getOtherClaims().get(IDToken.EMAIL);
-
-    if (!getConfig().isDisableUserInfoService()) {
-      String userInfoUrl = getUserInfoUrl();
-      if (userInfoUrl != null && !userInfoUrl.isEmpty()
-          && (id == null || name == null || preferredUsername == null || email == null)) {
-
-        if (accessToken != null) {
-          SimpleHttp.Response response = executeRequest(userInfoUrl, SimpleHttp
-              .doGet(userInfoUrl, session).header("Authorization", "Bearer " + accessToken));
-          String contentType = response.getFirstHeader(HttpHeaders.CONTENT_TYPE);
-          JsonNode userInfo;
-
-          if (MediaType.APPLICATION_JSON_TYPE.isCompatible(MediaType.valueOf(contentType))) {
-            userInfo = response.asJson();
-          } else if ("application/jwt".equals(contentType)) {
-            JWSInput jwsInput;
-
-            try {
-              jwsInput = new JWSInput(response.asString());
-            } catch (JWSInputException cause) {
-              throw new RuntimeException("Failed to parse JWT userinfo response", cause);
-            }
-
-            if (verify(jwsInput)) {
-              userInfo = JsonSerialization.readValue(jwsInput.getContent(), JsonNode.class);
-            } else {
-              throw new RuntimeException(
-                  "Failed to verify signature of userinfo response from [" + userInfoUrl + "].");
-            }
-          } else {
-            throw new RuntimeException("Unsupported content-type [" + contentType
-                + "] in response from [" + userInfoUrl + "].");
-          }
-
-          id = getJsonProperty(userInfo, "sub");
-          name = getJsonProperty(userInfo, "name");
-          preferredUsername = getUsernameFromUserInfo(userInfo);
-          email = getJsonProperty(userInfo, "email");
-          AbstractJsonUserAttributeMapper.storeUserProfileForMapper(identity, userInfo,
-              getConfig().getAlias());
-        }
-      }
-    }
-    identity.getContextData().put(VALIDATED_ID_TOKEN, idToken);
-
-    identity.setId(id);
-    identity.setName(name);
-    identity.setEmail(email);
-
-    identity.setBrokerUserId(getConfig().getAlias() + "." + id);
-
-    if (preferredUsername == null) {
-      preferredUsername = email;
-    }
-
-    if (preferredUsername == null) {
-      preferredUsername = id;
-    }
-
-    identity.setUsername(preferredUsername);
-    if (tokenResponse != null && tokenResponse.getSessionState() != null) {
-      identity.setBrokerSessionId(getConfig().getAlias() + "." + tokenResponse.getSessionState());
-    }
-    if (tokenResponse != null)
-      identity.getContextData().put(FEDERATED_ACCESS_TOKEN_RESPONSE, tokenResponse);
-    if (tokenResponse != null)
-      processAccessTokenResponse(identity, tokenResponse);
-    return identity;
-  }
-
-
   public String getAuthorizationUrl() {
     return authorizationUrl;
   }