Remove dependency on keycloak-server-spi-private from keycloak-model-… #43627
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…storage closes keycloak#43626 Signed-off-by: mposolda <[email protected]>
Yes, I also don't expect this to be a problem. I think we are not expecting people to implement their own instances of things like IMO adding new method is fine, but updating/removing signature of existing methods is problematic as people may already invoke existing methods from their providers. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
…storage
closes #43626
The aim is to remove dependency on
keycloak-server-spi-privatefrom thekeycloak-model-storagemodule, so that people don't need to usekeycloak-server-spi-privatefrom their own user-storage extensions.If the approach is OK, I can add also a note to the release-notes or upgrading-guide regarding this change.
Details of the PR
Moved
UserModelDefaultMethodsto thekeycloak-server-spi. AlsoExecutorProviderand it's factory. Those are simple utility class and I don't see issues with moving.Moved
UserCredentialManagerfromkeycloak-model-storagetokeycloak-server-spi-private. This class is referenced fromAbstractUserAdapterFederatedStorage, which is referenced from our docs and is supposed to be used in Keycloak user extensions. To remove the reference from the class, I've added new methodgetUserCredentialManagertoKeycloakSession.I am not so happy with adding new method on
KeycloakSession, but not sure about better approach? Some alternative approaches, which may not require any changes onKeycloakSessionare:Add some utility method (for example to
UserStorageUtil), which will use reflection to referenceUserCredentialManager. TheAbstractUserAdapterFederatedStoragecan call then this utility method.Convert
SubjectCredentialManagerto be theProviderand create some provider factory and SPI for it. ThenAbstractUserAdapterFederatedStoragecould use something likereturn session.getProvider(SubjectCredentialManager.class);.Keep
UserCredentialManagerin thekeycloak-model-storage. This would require some more dependencies to be declared inkeycloak-model-storage(likeopentelemetryand it's dependencies) and much more changes (EG. movingDatastoreProvidertokeycloak-model-storageetc).Any better alternative?
Another side-effect of moving
UserCredentialManageris thatkeycloak-model-storageis now dependency ofkeycloak-server-spi-private(asUserCredentialManagerhas some more references on some classes fromkeycloak-model-storage). I don't see any issue with that one.