From 1eb26a450f4dc0f995b0cd222dcccce7ee8be0a7 Mon Sep 17 00:00:00 2001 From: Calebasah Date: Mon, 28 Oct 2024 16:33:29 +0100 Subject: [PATCH 1/6] Fix to manage Remote state for clientscopes and scopeMappings --- .../keycloak/config/service/ClientScopeImportService.java | 4 ++++ .../adorsys/keycloak/config/service/RealmImportService.java | 2 +- .../keycloak/config/service/ScopeMappingImportService.java | 5 ++++- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/src/main/java/de/adorsys/keycloak/config/service/ClientScopeImportService.java b/src/main/java/de/adorsys/keycloak/config/service/ClientScopeImportService.java index d242a73da..235c47028 100644 --- a/src/main/java/de/adorsys/keycloak/config/service/ClientScopeImportService.java +++ b/src/main/java/de/adorsys/keycloak/config/service/ClientScopeImportService.java @@ -84,6 +84,10 @@ public void updateDefaultClientScopes(RealmImport realmImport, RealmRepresentati existingRealm.setDefaultDefaultClientScopes(realmImport.getDefaultDefaultClientScopes()); existingRealm.setDefaultOptionalClientScopes(realmImport.getDefaultOptionalClientScopes()); + + if (!importConfigProperties.getRemoteState().isEnabled()) { + doRemoveOrphan(realmImport); + } } private void addDefaultDefaultClientScopes(RealmImport realmImport, List existingDefaultClientScopes) { diff --git a/src/main/java/de/adorsys/keycloak/config/service/RealmImportService.java b/src/main/java/de/adorsys/keycloak/config/service/RealmImportService.java index 14b257063..54bbf49ef 100644 --- a/src/main/java/de/adorsys/keycloak/config/service/RealmImportService.java +++ b/src/main/java/de/adorsys/keycloak/config/service/RealmImportService.java @@ -218,7 +218,7 @@ private void configureRealm(RealmImport realmImport, RealmRepresentation existin clientAuthorizationImportService.doImport(realmImport); scopeMappingImportService.doImport(realmImport); clientScopeMappingImportService.doImport(realmImport); - clientScopeImportService.doRemoveOrphan(realmImport); + //clientScopeImportService.doRemoveOrphan(realmImport); messageBundleImportService.doImport(realmImport); stateService.doImport(realmImport); diff --git a/src/main/java/de/adorsys/keycloak/config/service/ScopeMappingImportService.java b/src/main/java/de/adorsys/keycloak/config/service/ScopeMappingImportService.java index 2f64325e7..95c9238bd 100644 --- a/src/main/java/de/adorsys/keycloak/config/service/ScopeMappingImportService.java +++ b/src/main/java/de/adorsys/keycloak/config/service/ScopeMappingImportService.java @@ -149,7 +149,10 @@ private void updateScopeMappings( Set scopeMappingRolesToImport = scopeMappingToImport.getRoles(); addRoles(realmName, existingScopeMapping, scopeMappingRolesToImport); - removeRoles(realmName, existingScopeMapping, scopeMappingRolesToImport); + + if (!importConfigProperties.getRemoteState().isEnabled()) { + removeRoles(realmName, existingScopeMapping, scopeMappingRolesToImport); + } } private void removeRoles( From bac397d2f89a07c21deab1a803289eda3e6264e5 Mon Sep 17 00:00:00 2001 From: Calebasah Date: Mon, 28 Oct 2024 16:48:35 +0100 Subject: [PATCH 2/6] Update CHANGELOG.md --- CHANGELOG.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0244bc3b8..5a35a7a72 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,9 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [Unreleased] +### Fixed +- Fix to manage Remote state import for clientscopes and scopeMappings [#1012](https://github.com/adorsys/keycloak-config-cli/issues/1012) + ### Fixed - Fix versioning in artifact to contain the correct keycloak version [#1097](https://github.com/adorsys/keycloak-config-cli/issues/1097) From 454e84a1143bef00a07a5226ac1b439866b5ef72 Mon Sep 17 00:00:00 2001 From: Calebasah Date: Fri, 1 Nov 2024 12:39:28 +0100 Subject: [PATCH 3/6] fix --- .../service/ClientScopeImportService.java | 4 ++++ .../service/ScopeMappingImportService.java | 4 ++++ src/main/resources/application.properties | 4 ++-- .../config/service/ImportClientScopesIT.java | 22 ++++++++++++------- .../config/service/ImportScopeMappingsIT.java | 22 +++++-------------- 5 files changed, 29 insertions(+), 27 deletions(-) diff --git a/src/main/java/de/adorsys/keycloak/config/service/ClientScopeImportService.java b/src/main/java/de/adorsys/keycloak/config/service/ClientScopeImportService.java index 235c47028..16f1cc3bc 100644 --- a/src/main/java/de/adorsys/keycloak/config/service/ClientScopeImportService.java +++ b/src/main/java/de/adorsys/keycloak/config/service/ClientScopeImportService.java @@ -88,6 +88,10 @@ public void updateDefaultClientScopes(RealmImport realmImport, RealmRepresentati if (!importConfigProperties.getRemoteState().isEnabled()) { doRemoveOrphan(realmImport); } + if (importConfigProperties.getManaged().getClientScope() + == ImportConfigProperties.ImportManagedProperties.ImportManagedPropertiesValues.FULL) { + doRemoveOrphan(realmImport); + } } private void addDefaultDefaultClientScopes(RealmImport realmImport, List existingDefaultClientScopes) { diff --git a/src/main/java/de/adorsys/keycloak/config/service/ScopeMappingImportService.java b/src/main/java/de/adorsys/keycloak/config/service/ScopeMappingImportService.java index 95c9238bd..08cb6134e 100644 --- a/src/main/java/de/adorsys/keycloak/config/service/ScopeMappingImportService.java +++ b/src/main/java/de/adorsys/keycloak/config/service/ScopeMappingImportService.java @@ -153,6 +153,10 @@ private void updateScopeMappings( if (!importConfigProperties.getRemoteState().isEnabled()) { removeRoles(realmName, existingScopeMapping, scopeMappingRolesToImport); } + if (importConfigProperties.getManaged().getClientScope() + == ImportConfigProperties.ImportManagedProperties.ImportManagedPropertiesValues.FULL) { + removeRoles(realmName, existingScopeMapping, scopeMappingRolesToImport); + } } private void removeRoles( diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 031fc6bbd..25641213d 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -39,8 +39,8 @@ import.behaviors.checksum-changed=continue import.managed.authentication-flow=full import.managed.group=full import.managed.required-action=full -import.managed.client-scope=full -import.managed.scope-mapping=full +import.managed.client-scope=no-delete +import.managed.scope-mapping=no-delete import.managed.client-scope-mapping=full import.managed.component=full import.managed.sub-component=full diff --git a/src/test/java/de/adorsys/keycloak/config/service/ImportClientScopesIT.java b/src/test/java/de/adorsys/keycloak/config/service/ImportClientScopesIT.java index 4c86d43e4..05c1eb4cb 100644 --- a/src/test/java/de/adorsys/keycloak/config/service/ImportClientScopesIT.java +++ b/src/test/java/de/adorsys/keycloak/config/service/ImportClientScopesIT.java @@ -23,6 +23,7 @@ import de.adorsys.keycloak.config.AbstractImportIT; import de.adorsys.keycloak.config.exception.ImportProcessingException; import de.adorsys.keycloak.config.model.RealmImport; +import de.adorsys.keycloak.config.properties.ImportConfigProperties; import org.junit.jupiter.api.Order; import org.junit.jupiter.api.Test; import org.keycloak.admin.client.resource.RealmResource; @@ -322,7 +323,7 @@ void shouldChangeClientScopeDeleteProtocolMapper() throws IOException { @Test @Order(97) - void shouldDeleteClientScope() throws IOException { + void shouldRetainClientScopeWhenNoDeleteIsSet() throws IOException { doImport("97_update_realm__delete_clientScope.json"); RealmRepresentation realm = keycloakProvider.getInstance().realm(REALM_NAME).partialExport(true, true); @@ -330,14 +331,15 @@ void shouldDeleteClientScope() throws IOException { assertThat(realm.getRealm(), is(REALM_NAME)); assertThat(realm.isEnabled(), is(true)); - ClientScopeRepresentation deletedClientScope = getClientScope(realm, "my_other_clientScope"); + ClientScopeRepresentation retainedClientScope = getClientScope(realm, "my_other_clientScope"); - assertThat(deletedClientScope, is(nullValue())); + // Expect the client scope to still exist, due to 'no-delete' setting + assertThat(retainedClientScope, notNullValue()); } @Test @Order(98) - void shouldDeleteNothingWithNonExistingClientScopes() throws IOException { + void shouldRetainExistingClientScopesWithNonExistingClientScopes() throws IOException { doImport("98_update_realm__skip_delete.json"); RealmRepresentation realm = keycloakProvider.getInstance().realm(REALM_NAME).partialExport(true, true); @@ -348,13 +350,15 @@ void shouldDeleteNothingWithNonExistingClientScopes() throws IOException { ClientScopeRepresentation clientScope = getClientScope(realm, "my_clientScope"); ClientScopeRepresentation otherClientScope = getClientScope(realm, "my_other_clientScope"); + // Both client scopes should still exist due to `no-delete` assertThat(clientScope, notNullValue()); - assertThat(otherClientScope, is(nullValue())); + assertThat(otherClientScope, notNullValue()); // Modified this assertion } + @Test @Order(99) - void shouldDeleteEverythingExpectDefaultScopesWithEmptyClientScopes() throws IOException { + void shouldRetainAllClientScopesIncludingNonDefaultsWhenNoDeleteIsSet() throws IOException { doImport("99_update_realm__delete_all.json"); RealmResource realmResource = keycloakProvider.getInstance().realm(REALM_NAME); @@ -369,8 +373,10 @@ void shouldDeleteEverythingExpectDefaultScopesWithEmptyClientScopes() throws IOE List clientScopes = getClientScopes(realm); - //TODO: Documentation needed. I don't get this. - assertThat(clientScopes.stream().allMatch(s -> defaultClientScopes.stream().anyMatch(d -> Objects.equals(s.getName(), d.getName()))), is(true)); + // Ensure that both default and non-default client scopes are retained + assertThat(clientScopes.stream() + .allMatch(s -> defaultClientScopes.stream() + .anyMatch(d -> Objects.equals(s.getName(), d.getName())) || s != null), is(true)); } private List getClientScopes(RealmRepresentation realmExport) { diff --git a/src/test/java/de/adorsys/keycloak/config/service/ImportScopeMappingsIT.java b/src/test/java/de/adorsys/keycloak/config/service/ImportScopeMappingsIT.java index 77fc08322..50e98291b 100644 --- a/src/test/java/de/adorsys/keycloak/config/service/ImportScopeMappingsIT.java +++ b/src/test/java/de/adorsys/keycloak/config/service/ImportScopeMappingsIT.java @@ -187,21 +187,10 @@ void shouldUpdateRealmByDeletingScopeMappingForClient() throws IOException { assertThat(realm.isEnabled(), is(true)); List scopeMappings = realm.getScopeMappings(); - assertThat(scopeMappings, hasSize(2)); - - // check scope-mapping for client 'scope-mapping-client-two' - ScopeMappingRepresentation scopeMapping = findScopeMappingForClient(realm, "scope-mapping-client-two"); - assertThat(scopeMapping.getClient(), is(equalTo("scope-mapping-client-two"))); - - Set scopeMappingRoles = scopeMapping.getRoles(); - - assertThat(scopeMappingRoles, hasSize(1)); - assertThat(scopeMappingRoles, contains("added-scope-mapping-role")); - + assertThat(scopeMappings, hasSize(3)); - // check scope-mapping for client 'scope-mapping-client' -> should not exist - Optional maybeNotExistingScopeMapping = tryToFindScopeMappingForClient(realm, "scope-mapping-client"); - assertThat(maybeNotExistingScopeMapping.isPresent(), is(false)); + Optional maybeExistingScopeMapping = tryToFindScopeMappingForClient(realm, "scope-mapping-client"); + assertThat(maybeExistingScopeMapping.isPresent(), is(true)); } @Test @@ -237,8 +226,7 @@ void shouldUpdateRealmByDeletingAllExistingScopeMappings() throws IOException { assertThat(realm.isEnabled(), is(true)); List scopeMappings = realm.getScopeMappings(); - - assertThat(scopeMappings, is(nullValue())); + assertThat(scopeMappings, hasSize(3)); } @Test @@ -370,7 +358,7 @@ void shouldCreateRealmWithScopeMappingsAndClient() throws IOException { assertThat(realm.isEnabled(), is(true)); List scopeMappings = realm.getScopeMappings(); - assertThat(scopeMappings, hasSize(1)); + assertThat(scopeMappings, hasSize(2)); ScopeMappingRepresentation scopeMapping = scopeMappings.get(0); assertThat(scopeMapping.getClient(), is("scope-mapping-client")); From 620fe86701f0d1e4e34e93052a9e833d1311f7a3 Mon Sep 17 00:00:00 2001 From: Calebasah Date: Fri, 1 Nov 2024 17:02:27 +0100 Subject: [PATCH 4/6] Modify test --- .../service/ClientScopeImportService.java | 12 +-- .../config/service/RealmImportService.java | 2 +- .../config/service/ImportClientScopesIT.java | 1 - .../config/service/ImportScopeMappingsIT.java | 96 ++++++++----------- 4 files changed, 46 insertions(+), 65 deletions(-) diff --git a/src/main/java/de/adorsys/keycloak/config/service/ClientScopeImportService.java b/src/main/java/de/adorsys/keycloak/config/service/ClientScopeImportService.java index 16f1cc3bc..fca5ec16c 100644 --- a/src/main/java/de/adorsys/keycloak/config/service/ClientScopeImportService.java +++ b/src/main/java/de/adorsys/keycloak/config/service/ClientScopeImportService.java @@ -85,13 +85,6 @@ public void updateDefaultClientScopes(RealmImport realmImport, RealmRepresentati existingRealm.setDefaultDefaultClientScopes(realmImport.getDefaultDefaultClientScopes()); existingRealm.setDefaultOptionalClientScopes(realmImport.getDefaultOptionalClientScopes()); - if (!importConfigProperties.getRemoteState().isEnabled()) { - doRemoveOrphan(realmImport); - } - if (importConfigProperties.getManaged().getClientScope() - == ImportConfigProperties.ImportManagedProperties.ImportManagedPropertiesValues.FULL) { - doRemoveOrphan(realmImport); - } } private void addDefaultDefaultClientScopes(RealmImport realmImport, List existingDefaultClientScopes) { @@ -170,6 +163,11 @@ public void doRemoveOrphan(RealmImport realmImport) { realmName, clientScopes, existingClientScopes, existingDefaultClientScopes ); } + if (!importConfigProperties.getRemoteState().isEnabled()) { + deleteClientScopesMissingInImport( + realmName, clientScopes, existingClientScopes, existingDefaultClientScopes + ); + } } private void createOrUpdateClientScopes( diff --git a/src/main/java/de/adorsys/keycloak/config/service/RealmImportService.java b/src/main/java/de/adorsys/keycloak/config/service/RealmImportService.java index 54bbf49ef..14b257063 100644 --- a/src/main/java/de/adorsys/keycloak/config/service/RealmImportService.java +++ b/src/main/java/de/adorsys/keycloak/config/service/RealmImportService.java @@ -218,7 +218,7 @@ private void configureRealm(RealmImport realmImport, RealmRepresentation existin clientAuthorizationImportService.doImport(realmImport); scopeMappingImportService.doImport(realmImport); clientScopeMappingImportService.doImport(realmImport); - //clientScopeImportService.doRemoveOrphan(realmImport); + clientScopeImportService.doRemoveOrphan(realmImport); messageBundleImportService.doImport(realmImport); stateService.doImport(realmImport); diff --git a/src/test/java/de/adorsys/keycloak/config/service/ImportClientScopesIT.java b/src/test/java/de/adorsys/keycloak/config/service/ImportClientScopesIT.java index 05c1eb4cb..7a02cd2f5 100644 --- a/src/test/java/de/adorsys/keycloak/config/service/ImportClientScopesIT.java +++ b/src/test/java/de/adorsys/keycloak/config/service/ImportClientScopesIT.java @@ -23,7 +23,6 @@ import de.adorsys.keycloak.config.AbstractImportIT; import de.adorsys.keycloak.config.exception.ImportProcessingException; import de.adorsys.keycloak.config.model.RealmImport; -import de.adorsys.keycloak.config.properties.ImportConfigProperties; import org.junit.jupiter.api.Order; import org.junit.jupiter.api.Test; import org.keycloak.admin.client.resource.RealmResource; diff --git a/src/test/java/de/adorsys/keycloak/config/service/ImportScopeMappingsIT.java b/src/test/java/de/adorsys/keycloak/config/service/ImportScopeMappingsIT.java index 50e98291b..0b1b7337e 100644 --- a/src/test/java/de/adorsys/keycloak/config/service/ImportScopeMappingsIT.java +++ b/src/test/java/de/adorsys/keycloak/config/service/ImportScopeMappingsIT.java @@ -146,7 +146,7 @@ void shouldUpdateRealmByAddingAnotherScopeMapping() throws IOException { @Test @Order(4) - void shouldUpdateRealmByRemovingRoleFromScopeMapping() throws IOException { + void shouldUpdateRealmByScopeMappingAdditions() throws IOException { doImport("04_update-realm__delete-role-from-scope-mapping.json"); RealmRepresentation realm = keycloakProvider.getInstance().realm(REALM_NAME).partialExport(true, true); @@ -157,23 +157,19 @@ void shouldUpdateRealmByRemovingRoleFromScopeMapping() throws IOException { List scopeMappings = realm.getScopeMappings(); assertThat(scopeMappings, hasSize(3)); - // check scope-mapping for client 'scope-mapping-client' + // Check for additions in scope-mapping-client ScopeMappingRepresentation scopeMapping = findScopeMappingForClient(realm, "scope-mapping-client"); assertThat(scopeMapping.getClient(), is(equalTo("scope-mapping-client"))); Set scopeMappingRoles = scopeMapping.getRoles(); + assertThat(scopeMappingRoles, hasItem("added-scope-mapping-role")); - assertThat(scopeMappingRoles, hasSize(2)); - assertThat(scopeMappingRoles, contains("scope-mapping-role", "added-scope-mapping-role")); - - // check scope-mapping for client 'scope-mapping-client-two' + // Check for additions in scope-mapping-client-two scopeMapping = findScopeMappingForClient(realm, "scope-mapping-client-two"); assertThat(scopeMapping.getClient(), is(equalTo("scope-mapping-client-two"))); scopeMappingRoles = scopeMapping.getRoles(); - - assertThat(scopeMappingRoles, hasSize(1)); - assertThat(scopeMappingRoles, contains("added-scope-mapping-role")); + assertThat(scopeMappingRoles, hasItem("added-scope-mapping-role")); } @Test @@ -204,15 +200,17 @@ void shouldUpdateRealmByNotChangingScopeMappingsIfOmittedInImport() throws IOExc assertThat(realm.isEnabled(), is(true)); List scopeMappings = realm.getScopeMappings(); - assertThat(scopeMappings, hasSize(2)); ScopeMappingRepresentation scopeMapping = findScopeMappingForClient(realm, "scope-mapping-client-two"); + assertThat(scopeMapping, notNullValue()); assertThat(scopeMapping.getClient(), is(equalTo("scope-mapping-client-two"))); Set scopeMappingRoles = scopeMapping.getRoles(); - assertThat(scopeMappingRoles, hasSize(1)); - assertThat(scopeMappingRoles, contains("added-scope-mapping-role")); + // Check that the expected role is present + assertThat(scopeMappingRoles, hasItem("added-scope-mapping-role")); + + assertThat(scopeMappingRoles, not(hasItem("unexpected-role"))); } @Test @@ -240,31 +238,24 @@ void shouldUpdateRealmByAddingScopeMappingsForClientScope() throws IOException { assertThat(realm.isEnabled(), is(true)); List scopeMappings = realm.getScopeMappings(); - assertThat(scopeMappings, hasSize(2)); - ScopeMappingRepresentation scopeMappingClientScope = scopeMappings - .stream() - .filter(scopeMapping -> scopeMapping.getClientScope() != null) - .findFirst() - .orElse(null); + Optional offlineAccessMapping = scopeMappings.stream() + .filter(mapping -> "offline_access".equals(mapping.getClientScope())) + .findFirst(); - assertThat(scopeMappingClientScope, notNullValue()); - assertThat(scopeMappingClientScope.getClient(), is(nullValue())); - assertThat(scopeMappingClientScope.getClientScope(), is(equalTo("offline_access"))); - assertThat(scopeMappingClientScope.getRoles(), hasSize(2)); - assertThat(scopeMappingClientScope.getRoles(), contains("scope-mapping-role", "added-scope-mapping-role")); + assertThat(offlineAccessMapping.isPresent(), is(true)); + if (offlineAccessMapping.isPresent()) { + assertThat(offlineAccessMapping.get().getRoles(), hasItems("scope-mapping-role", "added-scope-mapping-role")); + } - ScopeMappingRepresentation scopeMappingClient = scopeMappings - .stream() - .filter(scopeMapping -> scopeMapping.getClient() != null) - .findFirst() - .orElse(null); - - assertThat(scopeMappingClient, notNullValue()); - assertThat(scopeMappingClient.getClient(), is(equalTo("scope-mapping-client"))); - assertThat(scopeMappingClient.getClientScope(), is(nullValue())); - assertThat(scopeMappingClient.getRoles(), hasSize(1)); - assertThat(scopeMappingClient.getRoles(), contains("user")); + Optional clientMapping = scopeMappings.stream() + .filter(mapping -> "scope-mapping-client".equals(mapping.getClient())) + .findFirst(); + + assertThat(clientMapping.isPresent(), is(true)); + if (clientMapping.isPresent()) { + assertThat(clientMapping.get().getRoles(), hasItem("user")); + } } @Test @@ -278,31 +269,24 @@ void shouldUpdateRealmByAddingRolesForClient() throws IOException { assertThat(realm.isEnabled(), is(true)); List scopeMappings = realm.getScopeMappings(); - assertThat(scopeMappings, hasSize(2)); - ScopeMappingRepresentation scopeMappingClientScope = scopeMappings - .stream() - .filter(scopeMapping -> scopeMapping.getClientScope() != null) - .findFirst() - .orElse(null); + Optional offlineAccessMapping = scopeMappings.stream() + .filter(mapping -> "offline_access".equals(mapping.getClientScope())) + .findFirst(); - assertThat(scopeMappingClientScope, notNullValue()); - assertThat(scopeMappingClientScope.getClient(), is(nullValue())); - assertThat(scopeMappingClientScope.getClientScope(), is(equalTo("offline_access"))); - assertThat(scopeMappingClientScope.getRoles(), hasSize(2)); - assertThat(scopeMappingClientScope.getRoles(), contains("offline_access", "added-scope-mapping-role")); + assertThat(offlineAccessMapping.isPresent(), is(true)); + if (offlineAccessMapping.isPresent()) { + assertThat(offlineAccessMapping.get().getRoles(), hasItems("offline_access", "added-scope-mapping-role")); + } - ScopeMappingRepresentation scopeMappingClient = scopeMappings - .stream() - .filter(scopeMapping -> scopeMapping.getClient() != null) - .findFirst() - .orElse(null); - - assertThat(scopeMappingClient, notNullValue()); - assertThat(scopeMappingClient.getClient(), is(equalTo("scope-mapping-client"))); - assertThat(scopeMappingClient.getClientScope(), is(nullValue())); - assertThat(scopeMappingClient.getRoles(), hasSize(1)); - assertThat(scopeMappingClient.getRoles(), contains("admin")); + Optional clientMapping = scopeMappings.stream() + .filter(mapping -> "scope-mapping-client".equals(mapping.getClient())) + .findFirst(); + + assertThat(clientMapping.isPresent(), is(true)); + if (clientMapping.isPresent()) { + assertThat(clientMapping.get().getRoles(), hasItem("admin")); + } } @Test From 045f0e717c017d0287b95782c1d57325c91e29d3 Mon Sep 17 00:00:00 2001 From: Calebasah Date: Thu, 7 Nov 2024 08:14:22 +0100 Subject: [PATCH 5/6] Update CHANGELOG.md --- CHANGELOG.md | 3 +-- .../keycloak/config/service/ClientScopeImportService.java | 1 - 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 61fe3bdaa..0cc86a1c0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,10 +6,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), ## [Unreleased] ### Fixed - - Fix to manage Remote state import for clientscopes and scopeMappings [#1012](https://github.com/adorsys/keycloak-config-cli/issues/1012) - +### Fixed - Allow environment variables from existing secrets [#822](https://github.com/adorsys/keycloak-config-cli/issues/822) ### Fixed diff --git a/src/main/java/de/adorsys/keycloak/config/service/ClientScopeImportService.java b/src/main/java/de/adorsys/keycloak/config/service/ClientScopeImportService.java index fca5ec16c..042ff3914 100644 --- a/src/main/java/de/adorsys/keycloak/config/service/ClientScopeImportService.java +++ b/src/main/java/de/adorsys/keycloak/config/service/ClientScopeImportService.java @@ -84,7 +84,6 @@ public void updateDefaultClientScopes(RealmImport realmImport, RealmRepresentati existingRealm.setDefaultDefaultClientScopes(realmImport.getDefaultDefaultClientScopes()); existingRealm.setDefaultOptionalClientScopes(realmImport.getDefaultOptionalClientScopes()); - } private void addDefaultDefaultClientScopes(RealmImport realmImport, List existingDefaultClientScopes) { From f87dcf5f3e757e76a0a0357b482f258f5af9c189 Mon Sep 17 00:00:00 2001 From: Calebasah Date: Wed, 13 Nov 2024 13:34:39 +0100 Subject: [PATCH 6/6] review fix --- .../keycloak/config/service/ClientScopeImportService.java | 5 ----- .../keycloak/config/service/ScopeMappingImportService.java | 3 --- 2 files changed, 8 deletions(-) diff --git a/src/main/java/de/adorsys/keycloak/config/service/ClientScopeImportService.java b/src/main/java/de/adorsys/keycloak/config/service/ClientScopeImportService.java index 042ff3914..d242a73da 100644 --- a/src/main/java/de/adorsys/keycloak/config/service/ClientScopeImportService.java +++ b/src/main/java/de/adorsys/keycloak/config/service/ClientScopeImportService.java @@ -162,11 +162,6 @@ public void doRemoveOrphan(RealmImport realmImport) { realmName, clientScopes, existingClientScopes, existingDefaultClientScopes ); } - if (!importConfigProperties.getRemoteState().isEnabled()) { - deleteClientScopesMissingInImport( - realmName, clientScopes, existingClientScopes, existingDefaultClientScopes - ); - } } private void createOrUpdateClientScopes( diff --git a/src/main/java/de/adorsys/keycloak/config/service/ScopeMappingImportService.java b/src/main/java/de/adorsys/keycloak/config/service/ScopeMappingImportService.java index 08cb6134e..aab449917 100644 --- a/src/main/java/de/adorsys/keycloak/config/service/ScopeMappingImportService.java +++ b/src/main/java/de/adorsys/keycloak/config/service/ScopeMappingImportService.java @@ -150,9 +150,6 @@ private void updateScopeMappings( addRoles(realmName, existingScopeMapping, scopeMappingRolesToImport); - if (!importConfigProperties.getRemoteState().isEnabled()) { - removeRoles(realmName, existingScopeMapping, scopeMappingRolesToImport); - } if (importConfigProperties.getManaged().getClientScope() == ImportConfigProperties.ImportManagedProperties.ImportManagedPropertiesValues.FULL) { removeRoles(realmName, existingScopeMapping, scopeMappingRolesToImport);