Skip to content

Commit

Permalink
Allow overriding default properties used to save user metadata to rep…
Browse files Browse the repository at this point in the history 
…ository.
  • Loading branch information
@ledsoft
ledsoft committed Oct 19, 2023
1 parent 251f569 commit b111a7e
Show file tree
Hide file tree
Showing 11 changed files with 196 additions and 111 deletions.
28 changes: 16 additions & 12 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,18 +57,22 @@ In a containerized environment, you can use the Docker image which includes Keyc

The following configuration parameters can (and in some cases must) be provided as environmental variables

| Parameter | Required | Default value | Description |
|---------------------------|----------|--------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `COMPONENTS` | no | - | Base64 encoded configuration of DB_SERVER_REPOSITORY_ID, DB_SERVER_URL and REALM_ID through common assembly line configuration. |
| `REALM_ID` | yes | - | Identifier of the realm for which events should be processed. |
| `DB_SERVER_URL` | yes | - | URL of the GraphDB server on which user accounts corresponding to keycloak accounts need to be created. |
| `DB_SERVER_REPOSITORY_ID` | yes | - | Identifier of the repository into which basic user metadata should be replicated by this SPI. Repository URL will be resolved based on GraphDB server URL and this id. |
| `REPOSITORY_USERNAME` | no | - | Username to authenticate with when replicating user metadata into the triple store repository and into the GraphDB user database. |
| `REPOSITORY_PASSWORD` | no | - | Password to authenticate with when replicating user metadata into the triple store repository and into the GraphDB user database. |
| `DB_SERVER_CONTEXT` | no | - | Identifier of named graph into which user account metadata will be saved. |
| `NAMESPACE` | no | `http://onto.fel.cvut.cz/ontologies/uzivatel/` | Namespace for generating user identifiers. |
| `ADD_ACCOUNTS` | no | `true` | Allows disabling replication of user accounts to GraphDB's user database for deployments where such a functionality is not required. |
| `USER_TYPE` | no | `http://onto.fel.cvut.cz/ontologies/slovník/agendový/popis-dat/pojem/uživatel` | Type to assign the generated user instance in the repository. |
| Parameter | Required | Default value | Description |
|------------------------------|----------|--------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `COMPONENTS` | no | - | Base64 encoded configuration of DB_SERVER_REPOSITORY_ID, DB_SERVER_URL and REALM_ID through common assembly line configuration. |
| `REALM_ID` | yes | - | Identifier of the realm for which events should be processed. |
| `DB_SERVER_URL` | yes | - | URL of the GraphDB server on which user accounts corresponding to keycloak accounts need to be created. |
| `DB_SERVER_REPOSITORY_ID` | yes | - | Identifier of the repository into which basic user metadata should be replicated by this SPI. Repository URL will be resolved based on GraphDB server URL and this id. |
| `REPOSITORY_USERNAME` | no | - | Username to authenticate with when replicating user metadata into the triple store repository and into the GraphDB user database. |
| `REPOSITORY_PASSWORD` | no | - | Password to authenticate with when replicating user metadata into the triple store repository and into the GraphDB user database. |
| `DB_SERVER_CONTEXT` | no | - | Identifier of named graph into which user account metadata will be saved. |
| `NAMESPACE` | no | `http://onto.fel.cvut.cz/ontologies/uzivatel/` | Namespace for generating user identifiers. |
| `ADD_ACCOUNTS` | no | `true` | Allows disabling replication of user accounts to GraphDB's user database for deployments where such a functionality is not required. |
| `VOCABULARY_USER_TYPE` | no | `http://onto.fel.cvut.cz/ontologies/slovník/agendový/popis-dat/pojem/uživatel` | Type to assign the generated user instance in the repository. |
| `VOCABULARY_USER_FIRST_NAME` | no | `http://onto.fel.cvut.cz/ontologies/slovník/agendový/popis-dat/pojem/má-křestní-jméno` | Property used to represent the first name of the generated user instance in the repository. |
| `VOCABULARY_USER_LAST_NAME` | no | `http://onto.fel.cvut.cz/ontologies/slovník/agendový/popis-dat/pojem/má-příjmení` | Property used to represent the last name of the generated user instance in the repository. |
| `VOCABULARY_USER_USERNAME` | no | `http://onto.fel.cvut.cz/ontologies/slovník/agendový/popis-dat/pojem/má-uživatelské-jméno` | Property used to represent the username of the generated user instance in the repository. |
| `VOCABULARY_USER_EMAIL` | no | - | Property used to represent the email of the generated user instance in the repository. If not specified, the email is not replicated into the repository. |

Note that the GraphDB user (identifier by `REPOSITORY_USERNAME` and `REPOSITORY_PASSWORD`) has to be an admin,
so that it can add new users into the user database (if this feature is enabled).
Expand Down
10 changes: 1 addition & 9 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,6 @@
<packaging>jar</packaging>

<properties>
<java.version>17</java.version>
<maven.compiler.source>${java.version}</maven.compiler.source>
<maven.compiler.target>${java.version}</maven.compiler.target>
<rdf4j.version>4.3.4</rdf4j.version>
<snakeyaml.version>2.0</snakeyaml.version>
<junit.version>5.9.2</junit.version>
Expand Down Expand Up @@ -85,17 +82,12 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.8.1</version>
<configuration>
<source>${java.version}</source>
<target>${java.version}</target>
</configuration>
</plugin>
<plugin>
<!-- Generate entity classes from OWL integrity constraints -->
<groupId>cz.cvut.kbss.jopa</groupId>
<artifactId>jopa-maven-plugin</artifactId>
<version>1.1.2</version>
<version>1.1.3</version>
<configuration>
<package>cz.cvut.kbss.keycloak.provider</package>
<output-directory>${project.basedir}/src/main/generated-sources</output-directory>
Expand Down
29 changes: 26 additions & 3 deletions src/main/java/cz/cvut/kbss/keycloak/provider/Configuration.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,9 @@
import java.util.Base64;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;

import cz.cvut.kbss.keycloak.provider.model.Vocabulary;
import org.keycloak.Config;
import org.yaml.snakeyaml.Yaml;

Expand All @@ -19,6 +22,8 @@ public class Configuration {

private final String graphDBServerUrl;

private final Vocabulary vocabulary;

private final boolean addAccounts;

Configuration(Config.Scope scope) {
Expand Down Expand Up @@ -49,7 +54,7 @@ public class Configuration {
this.addAccounts = getBooleanProperty("ADD_ACCOUNTS", true);
KodiUserAccount.setNamespace(getProperty("NAMESPACE"));
KodiUserAccount.setContext(getProperty("DB_SERVER_CONTEXT"));
KodiUserAccount.setType(getProperty("USER_TYPE"));
this.vocabulary = initVocabulary();
}

private static boolean isNullOrEmpty(final String nullOrEmpty) {
Expand All @@ -60,14 +65,28 @@ private static String getProperty(String key) {
return System.getenv(key);
}

private static Optional<String> getOptionalProperty(String key) {
return Optional.ofNullable(System.getenv(key));
}

private static Map<String, Object> parseComponents(String components) {
final String componentsDecoded = new String(Base64.getDecoder().decode(components));
return new Yaml().load(componentsDecoded);
}

private static boolean getBooleanProperty(String key, boolean defaultValue) {
final String value = getProperty(key);
return isNullOrEmpty(value) ? defaultValue : Boolean.parseBoolean(value);
final Optional<String> value = getOptionalProperty(key);
return value.map(Boolean::parseBoolean).orElse(defaultValue);
}

private static Vocabulary initVocabulary() {
final Vocabulary vocabulary = new Vocabulary();
getOptionalProperty("VOCABULARY_USER_TYPE").ifPresent(vocabulary::setType);
getOptionalProperty("VOCABULARY_USER_FIRST_NAME").ifPresent(vocabulary::setFirstName);
getOptionalProperty("VOCABULARY_USER_LAST_NAME").ifPresent(vocabulary::setLastName);
getOptionalProperty("VOCABULARY_USER_USERNAME").ifPresent(vocabulary::setUsername);
getOptionalProperty("VOCABULARY_USER_EMAIL").ifPresent(vocabulary::setEmail);
return vocabulary;
}

public String getRealmId() {
Expand All @@ -93,4 +112,8 @@ public String getGraphDBServerUrl() {
public boolean shouldAddAccounts() {
return addAccounts;
}

public Vocabulary getVocabulary() {
return vocabulary;
}
}
2 changes: 2 additions & 0 deletions src/main/java/cz/cvut/kbss/keycloak/provider/DataReplicationProvider.java
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
package cz.cvut.kbss.keycloak.provider;

import cz.cvut.kbss.keycloak.provider.dao.GraphDBUserDao;
import cz.cvut.kbss.keycloak.provider.dao.UserAccountDao;
import cz.cvut.kbss.keycloak.provider.model.KodiUserAccount;
import org.keycloak.events.Event;
import org.keycloak.events.EventListenerProvider;
Expand Down
4 changes: 3 additions & 1 deletion src/main/java/cz/cvut/kbss/keycloak/provider/DataReplicationProviderFactory.java
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
package cz.cvut.kbss.keycloak.provider;

import cz.cvut.kbss.keycloak.provider.dao.GraphDBUserDao;
import cz.cvut.kbss.keycloak.provider.dao.UserAccountDao;
import org.eclipse.rdf4j.repository.Repository;
import org.keycloak.Config;
import org.keycloak.events.EventListenerProvider;
Expand All @@ -26,7 +28,7 @@ public EventListenerProvider create(KeycloakSession keycloakSession) {
}
return new DataReplicationProvider(
new KeycloakAdapter(keycloakSession.users(), keycloakSession.realms(), configuration),
new UserAccountDao(repository.getConnection()),
new UserAccountDao(repository.getConnection(), configuration.getVocabulary()),
new GraphDBUserDao(configuration));
}

Expand Down
69 changes: 0 additions & 69 deletions src/main/java/cz/cvut/kbss/keycloak/provider/UserAccountDao.java
View file

This file was deleted.

3 changes: 2 additions & 1 deletion ...bss/keycloak/provider/GraphDBUserDao.java → ...keycloak/provider/dao/GraphDBUserDao.java
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package cz.cvut.kbss.keycloak.provider;
package cz.cvut.kbss.keycloak.provider.dao;

import com.fasterxml.jackson.databind.ObjectMapper;
import cz.cvut.kbss.keycloak.provider.Configuration;
import cz.cvut.kbss.keycloak.provider.exception.GraphDBConnectionException;
import cz.cvut.kbss.keycloak.provider.model.GraphDBUserDto;
import cz.cvut.kbss.keycloak.provider.model.KodiUserAccount;
Expand Down
Loading

0 comments on commit b111a7e

Please sign in to comment.