Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

✨ Use HTTP API for userli user lookup #22

Merged
merged 7 commits into from
May 20, 2024
Merged

✨ Use HTTP API for userli user lookup #22

merged 7 commits into from
May 20, 2024

Conversation

doobry-systemli
Copy link
Contributor

This requires systemli/userli#595

@doobry-systemli doobry-systemli added the enhancement New feature or request label Apr 18, 2024
@doobry-systemli doobry-systemli requested a review from y3n4 April 18, 2024 13:30
@doobry-systemli doobry-systemli marked this pull request as ready for review April 21, 2024 16:31
0x46616c6b
0x46616c6b requested changes Apr 29, 2024
View reviewed changes
pom.xml Outdated
@@ -24,12 +24,36 @@
<version>${version.keycloak}</version>
<scope>provided</scope>
</dependency>
<dependency>
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These dependencies are not needed. Also, the Jakarta Sodium dependencies can be safely removed.

pom.xml Outdated
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<version>1.18.32</version>
<scope>provided</scope>
</dependency>
<dependency>
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This can also be removed as we need the logging only for development purposes.

src/main/java/org/systemli/keycloak/Constants.java Outdated
Comment on lines 7 to 9
public String REALM_DOMAIN = "userliRealmDomain";
public String BASE_URL = "userliBaseUrl";
public String KEYCLOAK_API_TOKEN = "userliKeycloakToken";
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
public String REALM_DOMAIN = "userliRealmDomain";
public String BASE_URL = "userliBaseUrl";
public String KEYCLOAK_API_TOKEN = "userliKeycloakToken";
public final String REALM_DOMAIN = "userliRealmDomain";
public final String BASE_URL = "userliBaseUrl";
public final String KEYCLOAK_API_TOKEN = "userliKeycloakToken";

Constants should be final to ensure they cannot be modified.

src/main/java/org/systemli/keycloak/UserliUserClient.java Outdated
@@ -0,0 +1,34 @@
package org.systemli.keycloak;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This interface only makes sense when we would expose an API in Keycloak, which we don't do. So this makes no sense here.

src/main/java/org/systemli/keycloak/UserliUserClientSimpleHttp.java Outdated
.auth(keycloakApiToken)
.asResponse();
if (response.getStatus() == 404) {
throw new WebApplicationException(response.getStatus());
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This exception is the only reason why we still need the Jakarta package. So I would recommend creating an exception on our own.

src/main/java/org/systemli/keycloak/UserliUserClientSimpleHttp.java Outdated
@Override
@SneakyThrows
public Boolean validate(String email, String password) {
log.warn("UserliUserClientSimpleHttp validate: User with email '{}' and password '{}' tries to login", email, password);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
log.warn("UserliUserClientSimpleHttp validate: User with email '{}' and password '{}' tries to login", email, password);

Security! :-)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Haha ouch, this was a debugging leftover 🙈

src/main/java/org/systemli/keycloak/UserliUserStorageProviderFactory.java Outdated
return ProviderConfigurationBuilder.create()
.property(Constants.REALM_DOMAIN, "Realm domain", "Limit users to this domain", ProviderConfigProperty.STRING_TYPE, "", null)
.property(Constants.BASE_URL, "Base URL", "Base URL of the API", ProviderConfigProperty.STRING_TYPE, "", null)
.property(Constants.KEYCLOAK_API_TOKEN, "Keycloak API token", "Token for the userli keycloak API", ProviderConfigProperty.STRING_TYPE, "", null)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
.property(Constants.KEYCLOAK_API_TOKEN, "Keycloak API token", "Token for the userli keycloak API", ProviderConfigProperty.STRING_TYPE, "", null)
.property(Constants.API_TOKEN, "API token", "Token for the userli keycloak API", ProviderConfigProperty.STRING_TYPE, "", null)

Would call that only API token.

@0x46616c6b 0x46616c6b changed the title feat: Use HTTP API for userli user lookup ✨ Use HTTP API for userli user lookup May 6, 2024
@doobry-systemli doobry-systemli merged commit d6c985e into main May 20, 2024
2 checks passed
@doobry-systemli doobry-systemli deleted the feat/userli_api branch May 20, 2024 14:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@0x46616c6b 0x46616c6b 0x46616c6b approved these changes

@y3n4 y3n4 Awaiting requested review from y3n4

Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@doobry-systemli @0x46616c6b