chore(keycloak-admin-client-adapter): add verify link method

openknowledge · May 17, 2021 · ac469a5 · ac469a5
1 parent b484660
commit ac469a5
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 26 deletions.
diff --git a/pom.xml b/pom.xml
@@ -6,7 +6,7 @@
   <modelVersion>4.0.0</modelVersion>
   <groupId>de.openknowledge.authentication</groupId>
   <artifactId>keycloak-admin-client-adapter</artifactId>
-  <version>1.5.4</version>
+  <version>1.5.5</version>
   <packaging>jar</packaging>
 
   <name>Keycloak Admin Client Adapter</name>

diff --git a/...java/de/openknowledge/authentication/domain/registration/KeycloakRegistrationService.java b/...java/de/openknowledge/authentication/domain/registration/KeycloakRegistrationService.java
@@ -83,36 +83,26 @@ public UserAccount register(UserAccount userAccount) throws RegistrationFailedEx
       throw new RegistrationFailedException(userAccount.getUsername().getValue());
     }
 
-    // create new user
-    UserAccount newUserAccount;
     try {
-      EmailVerifiedMode emailVerifiedMode = getEmailVerifiedMode();
-      newUserAccount = keycloakUserService.createUser(userAccount, emailVerifiedMode);
+      // create new user
+      UserAccount newUserAccount = keycloakUserService.createUser(userAccount, getEmailVerifiedMode());
+
+      // if the clientId as realm role is required to access client
+      if (isRoleRequired()) {
+        // client id as role to access client (because: required role extension)
+        ClientId clientId = ClientId.fromValue(serviceConfiguration.getClientId());
+        keycloakUserService.joinRoles(newUserAccount.getIdentifier(), RoleType.REALM, RoleName.fromValue(clientId.getValue().toUpperCase()));
+      }
+
+      return newUserAccount;
     } catch (UserCreationFailedException e) {
       throw new RegistrationFailedException(e);
     }
-
-    // if the clientId as realm role is required to access client
-    if (isRoleRequired()) {
-      // client id as role to access client (because: required role extension)
-      ClientId clientId = ClientId.fromValue(serviceConfiguration.getClientId());
-      keycloakUserService.joinRoles(newUserAccount.getIdentifier(), RoleType.REALM, RoleName.fromValue(clientId.getValue().toUpperCase()));
-    }
-
-    return userAccount;
   }
 
   public UserIdentifier verifyEmailAddress(VerificationLink link, Issuer issuer) throws InvalidTokenException {
-    // convert verificationLink to token
-    Token token = keycloakTokenService.decode(link);
-
-    // validate token and create detailed error message if invalid
-    if (!token.isValid(issuer)) {
-      throw new InvalidTokenException(token, issuer);
-    }
-
-    // convert to customerNumber and load account
-    UserIdentifier userIdentifier = token.asUserIdentifier();
+    // convert to user identifier and load account
+    UserIdentifier userIdentifier = verify(link, issuer);
 
     // load user and set email verified
     UserAccount userAccount = keycloakUserService.getUser(userIdentifier);
@@ -124,6 +114,18 @@ public UserIdentifier verifyEmailAddress(VerificationLink link, Issuer issuer) t
     return userIdentifier;
   }
 
+  public UserIdentifier verify(VerificationLink link, Issuer issuer) throws InvalidTokenException {
+    // convert verificationLink to token
+    Token token = keycloakTokenService.decode(link);
+
+    // validate token and create detailed error message if invalid
+    if (!token.isValid(issuer)) {
+      throw new InvalidTokenException(token, issuer);
+    }
+
+    return token.asUserIdentifier();
+  }
+
   public VerificationLink createVerificationLink(UserAccount userAccount, Issuer issuer) {
     Integer tokenLifeTime = Integer.parseInt(registrationServiceConfiguration.getTokenLifeTime());
     TimeUnit timeUnit = TimeUnit.valueOf(registrationServiceConfiguration.getTimeUnit());

diff --git a/src/test/java/de/openknowledge/authentication/domain/KeycloakAdminTester.java b/src/test/java/de/openknowledge/authentication/domain/KeycloakAdminTester.java
@@ -38,8 +38,8 @@ public class KeycloakAdminTester {
 
   private static final Issuer ISSUER = Issuer.fromValue("keycloakAdmin");
 
-  private static final KeycloakServiceConfiguration SERVICE_CONFIG =
-      new KeycloakServiceConfiguration("harbor", "react-loyalty");
+  private static final KeycloakServiceConfiguration SERVICE_CONFIG = 
+      new KeycloakServiceConfiguration("realmName", "react-client");
   private static final KeycloakAdapterConfiguration ADAPTER_CONFIG =
       new KeycloakAdapterConfiguration("http://localhost:8000/auth",
       "master",