fix vkid for 24.0.1

pom.xml

@@ -56,7 +56,7 @@
         <version.checkstyle.plugin>3.0.0</version.checkstyle.plugin>
         <version.surefire.plugin>2.22.0</version.surefire.plugin>
 
-        <version.keycloak>25.0.2</version.keycloak>
+        <version.keycloak>24.0.1</version.keycloak>
     </properties>
 
     <scm>

src/main/java/ru/playa/keycloak/modules/AbstractRussianEndpoint.java

@@ -1,11 +1,11 @@
 package ru.playa.keycloak.modules;
 
 import jakarta.ws.rs.GET;
-import jakarta.ws.rs.Path;
 import jakarta.ws.rs.QueryParam;
 import jakarta.ws.rs.WebApplicationException;
 import jakarta.ws.rs.core.Response;
 import org.jboss.logging.Logger;
+import org.keycloak.OAuth2Constants;
 import org.keycloak.OAuthErrorException;
 import org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider;
 import org.keycloak.broker.oidc.OAuth2IdentityProviderConfig;
@@ -18,7 +18,6 @@
 import org.keycloak.events.EventBuilder;
 import org.keycloak.events.EventType;
 import org.keycloak.models.ClientModel;
-import org.keycloak.models.Constants;
 import org.keycloak.models.KeycloakContext;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.RealmModel;
@@ -28,16 +27,11 @@
 import org.keycloak.services.messages.Messages;
 import org.keycloak.sessions.AuthenticationSessionModel;
 
-import static org.keycloak.OAuth2Constants.CODE_VERIFIER;
-import static org.keycloak.OAuth2Constants.ERROR;
-import static org.keycloak.OAuth2Constants.ERROR_DESCRIPTION;
-import static org.keycloak.OAuth2Constants.STATE;
 import static org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.ACCESS_DENIED;
 import static org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.OAUTH2_GRANT_TYPE_AUTHORIZATION_CODE;
 import static org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.OAUTH2_PARAMETER_CODE;
 import static org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.OAUTH2_PARAMETER_GRANT_TYPE;
 import static org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.OAUTH2_PARAMETER_REDIRECT_URI;
-import static org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.OAUTH2_PARAMETER_STATE;
 
 /**
  * Переопределенный класс {@code AbstractOAuth2IdentityProvider#Endpoint}.
@@ -101,16 +95,13 @@ public AbstractRussianEndpoint(
      * @param state             Код.
      * @param authorizationCode Код авторизации
      * @param error             Код ошибки.
-     * @param errorDescription  Описание ошибки
      * @return Response.
      */
     @GET
-    @Path("")
     public Response authResponse(
-        @QueryParam(OAUTH2_PARAMETER_STATE) final String state,
-        @QueryParam(OAUTH2_PARAMETER_CODE) final String authorizationCode,
-        @QueryParam(ERROR) final String error,
-        @QueryParam(ERROR_DESCRIPTION) final String errorDescription
+        @QueryParam(AbstractOAuth2IdentityProvider.OAUTH2_PARAMETER_STATE) final String state,
+        @QueryParam(AbstractOAuth2IdentityProvider.OAUTH2_PARAMETER_CODE) final String authorizationCode,
+        @QueryParam(OAuth2Constants.ERROR) final String error
     ) {
         OAuth2IdentityProviderConfig providerConfig = provider.getConfig();
 
@@ -130,10 +121,6 @@ public Response authResponse(
                 } else if (error.equals(OAuthErrorException.LOGIN_REQUIRED) || error.equals(
                     OAuthErrorException.INTERACTION_REQUIRED)) {
                     return callback.error(error);
-                } else if (error.equals(
-                    OAuthErrorException.TEMPORARILY_UNAVAILABLE) && Constants.AUTHENTICATION_EXPIRED_MESSAGE.equals(
-                    errorDescription)) {
-                    return callback.retryLogin(this.provider, authSession);
                 } else {
                     return callback.error(Messages.IDENTITY_PROVIDER_UNEXPECTED_ERROR);
                 }
@@ -172,6 +159,7 @@ public Response authResponse(
                 }
             }
 
+            federatedIdentity.setIdpConfig(providerConfig);
             federatedIdentity.setIdp(provider);
             federatedIdentity.setAuthenticationSession(authSession);
 
@@ -214,6 +202,7 @@ private void logErroneousRedirectUrlError(
     private Response errorIdentityProviderLogin(final String message) {
         event.event(EventType.IDENTITY_PROVIDER_LOGIN);
         event.error(Errors.IDENTITY_PROVIDER_LOGIN_FAILURE);
+
         return ErrorPage.error(session, null, Response.Status.BAD_GATEWAY, message);
     }
 
@@ -241,7 +230,7 @@ public SimpleHttp generateTokenRequest(final String authorizationCode) {
         if (providerConfig.isPkceEnabled()) {
 
             // reconstruct the original code verifier that was used to generate the code challenge from the HttpRequest.
-            String stateParam = session.getContext().getUri().getQueryParameters().getFirst(STATE);
+            String stateParam = session.getContext().getUri().getQueryParameters().getFirst(OAuth2Constants.STATE);
             if (stateParam == null) {
                 LOGGER.warn("Cannot lookup PKCE code_verifier: state param is missing.");
                 return tokenRequest;
@@ -272,7 +261,7 @@ public SimpleHttp generateTokenRequest(final String authorizationCode) {
                 return tokenRequest;
             }
 
-            tokenRequest.param(CODE_VERIFIER, brokerCodeChallenge);
+            tokenRequest.param(OAuth2Constants.CODE_VERIFIER, brokerCodeChallenge);
         }
 
         return provider.authenticateTokenRequest(tokenRequest);

src/main/java/ru/playa/keycloak/modules/mailru/MailRuIdentityProvider.java

@@ -85,7 +85,7 @@ protected SimpleHttp buildUserInfoRequest(final String subjectToken, final Strin
     protected BrokeredIdentityContext extractIdentityFromProfile(final EventBuilder event, final JsonNode profile) {
         logger.info("profile: " + profile.toString());
 
-        BrokeredIdentityContext user = new BrokeredIdentityContext(getJsonProperty(profile, "email"), getConfig());
+        BrokeredIdentityContext user = new BrokeredIdentityContext(getJsonProperty(profile, "email"));
 
         String email = getJsonProperty(profile, "email");
 
@@ -101,6 +101,7 @@ protected BrokeredIdentityContext extractIdentityFromProfile(final EventBuilder
         user.setLastName(getJsonProperty(profile, "last_name"));
 
         user.setIdp(this);
+        user.setIdpConfig(getConfig());
 
         AbstractJsonUserAttributeMapper.storeUserProfileForMapper(user, profile, getConfig().getAlias());
 

src/main/java/ru/playa/keycloak/modules/ok/OKIdentityProvider.java

@@ -78,7 +78,7 @@ protected SimpleHttp buildUserInfoRequest(final String subjectToken, final Strin
     protected BrokeredIdentityContext extractIdentityFromProfile(final EventBuilder event, final JsonNode profile) {
         logger.info("profile: " + profile.toString());
 
-        BrokeredIdentityContext user = new BrokeredIdentityContext(getJsonProperty(profile, "uid"), getConfig());
+        BrokeredIdentityContext user = new BrokeredIdentityContext(getJsonProperty(profile, "uid"));
 
         String email = getJsonProperty(profile, "email");
         if (getConfig().isEmailRequired() && Utils.isNullOrEmpty(email)) {
@@ -102,6 +102,7 @@ protected BrokeredIdentityContext extractIdentityFromProfile(final EventBuilder
         user.setLastName(getJsonProperty(profile, "last_name"));
 
         user.setIdp(this);
+        user.setIdpConfig(getConfig());
 
         AbstractJsonUserAttributeMapper.storeUserProfileForMapper(user, profile, getConfig().getAlias());
 

src/main/java/ru/playa/keycloak/modules/vk/VKIdentityProvider.java

@@ -12,7 +12,6 @@
 import ru.playa.keycloak.modules.Utils;
 
 import java.io.IOException;
-import java.util.Objects;
 import java.util.Optional;
 
 /**
@@ -86,16 +85,14 @@ protected BrokeredIdentityContext extractIdentityFromProfile(final EventBuilder
 
         logger.infof("ExtractIdentityFromProfile. Context %s", context);
 
-        BrokeredIdentityContext user = new BrokeredIdentityContext(
-            Objects.requireNonNull(Utils.asText(context, "id")),
-            getConfig()
-        );
+        BrokeredIdentityContext user = new BrokeredIdentityContext(Utils.asText(context, "id"));
 
         user.setUsername(Utils.asText(context, "screen_name"));
         user.setFirstName(Utils.asText(context, "first_name"));
         user.setLastName(Utils.asText(context, "last_name"));
 
         user.setIdp(this);
+        user.setIdpConfig(getConfig());
 
         AbstractJsonUserAttributeMapper.storeUserProfileForMapper(user, context, getConfig().getAlias());
 

src/main/java/ru/playa/keycloak/modules/vkid/VKIDEndpoint.java

@@ -15,7 +15,6 @@
 import ru.playa.keycloak.modules.InfinispanUtils;
 
 import static org.keycloak.OAuth2Constants.ERROR;
-import static org.keycloak.OAuth2Constants.ERROR_DESCRIPTION;
 import static org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.OAUTH2_GRANT_TYPE_AUTHORIZATION_CODE;
 import static org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.OAUTH2_PARAMETER_CLIENT_ID;
 import static org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.OAUTH2_PARAMETER_CODE;
@@ -76,12 +75,11 @@ public VKIDEndpoint(
     public Response authResponse(
         @QueryParam(OAUTH2_PARAMETER_STATE) final String state,
         @QueryParam(OAUTH2_PARAMETER_CODE) final String authorizationCode,
-        @QueryParam(ERROR) final String error,
-        @QueryParam(ERROR_DESCRIPTION) final String errorDescription
+        @QueryParam(ERROR) final String error
     ) {
         String oldState = InfinispanUtils.get(state);
 
-        return super.authResponse(oldState, authorizationCode, error, errorDescription);
+        return super.authResponse(oldState, authorizationCode, error);
     }
 
     @Override

src/main/java/ru/playa/keycloak/modules/vkid/VKIDIdentityProvider.java

@@ -16,7 +16,6 @@
 import ru.playa.keycloak.modules.Utils;
 
 import java.io.IOException;
-import java.util.Objects;
 import java.util.UUID;
 
 /**
@@ -136,15 +135,13 @@ protected BrokeredIdentityContext extractIdentityFromProfile(final JsonNode node
     @Override
     protected BrokeredIdentityContext extractIdentityFromProfile(final EventBuilder event, final JsonNode node) {
         JsonNode context = Utils.asJsonNode(node, "user");
-        BrokeredIdentityContext user = new BrokeredIdentityContext(
-                Objects.requireNonNull(Utils.asText(context, "user_id")),
-                getConfig()
-        );
+        BrokeredIdentityContext user = new BrokeredIdentityContext(Utils.asText(context, "user_id"));
 
         user.setFirstName(Utils.asText(context, "first_name"));
         user.setLastName(Utils.asText(context, "last_name"));
 
         user.setIdp(this);
+        user.setIdpConfig(getConfig());
 
         AbstractJsonUserAttributeMapper.storeUserProfileForMapper(user, context, getConfig().getAlias());
 

src/main/java/ru/playa/keycloak/modules/yandex/YandexIdentityProvider.java

@@ -74,7 +74,7 @@ protected SimpleHttp buildUserInfoRequest(final String subjectToken, final Strin
 
     @Override
     protected BrokeredIdentityContext extractIdentityFromProfile(final EventBuilder event, final JsonNode node) {
-        BrokeredIdentityContext user = new BrokeredIdentityContext(getJsonProperty(node, "id"), getConfig());
+        BrokeredIdentityContext user = new BrokeredIdentityContext(getJsonProperty(node, "id"));
 
         String email = getJsonProperty(node, "default_email");
         if (Utils.isNullOrEmpty(email)) {
@@ -95,6 +95,7 @@ protected BrokeredIdentityContext extractIdentityFromProfile(final EventBuilder
         user.setFirstName(getJsonProperty(node, "first_name"));
 
         user.setIdp(this);
+        user.setIdpConfig(getConfig());
 
         AbstractJsonUserAttributeMapper.storeUserProfileForMapper(user, node, getConfig().getAlias());