fix mapper instantiation, add comments

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
wistefan · Apr 8, 2024 · 7beca5e · 7beca5e
1 parent a85a2fe
commit 7beca5e
Show file tree

Hide file tree

Showing 9 changed files with 144 additions and 20 deletions.
diff --git a/services/src/main/java/org/keycloak/protocol/oid4vc/issuance/OID4VCIssuerEndpoint.java b/services/src/main/java/org/keycloak/protocol/oid4vc/issuance/OID4VCIssuerEndpoint.java
@@ -288,24 +288,17 @@ private Object getCredential(UserSessionModel userSessionModel, String vcType, F
 
         List<OID4VCClient> clients = getClientsOfType(vcType, format);
 
-        Map<String, OID4VCMapper> mapperMap = session.getAllProviders(OID4VCMapper.class)
-                .stream()
-                .collect(Collectors.toMap(ProviderFactory::getId, mapper -> mapper, (m1, m2) -> m1));
-
         List<OID4VCMapper> protocolMappers = getProtocolMappers(clients)
                 .stream()
                 .map(pm -> {
-                    OID4VCMapper mapperFactory = mapperMap.get(pm.getProtocolMapper());
-                    if (mapperFactory == null) {
-                        LOGGER.warnf("No protocol mapper %s is registered.", pm.getProtocolMapper());
-                        return null;
-                    }
-                    ProtocolMapper protocolMapper = mapperFactory.create(session);
-                    if (protocolMapper instanceof OID4VCMapper oid4VCMapper) {
-                        oid4VCMapper.setMapperModel(pm);
-                        return oid4VCMapper;
+                    if (session.getProvider(ProtocolMapper.class, pm.getProtocolMapper()) instanceof OID4VCMapper mapperFactory) {
+                        ProtocolMapper protocolMapper = mapperFactory.create(session);
+                        if (protocolMapper instanceof OID4VCMapper oid4VCMapper) {
+                            oid4VCMapper.setMapperModel(pm);
+                            return oid4VCMapper;
+                        }
                     }
-                    LOGGER.warnf("The protocol mapper %s is not an instance of OID4VCMapper.", protocolMapper.getId());
+                    LOGGER.warnf("The protocol mapper %s is not an instance of OID4VCMapper.", pm.getId());
                     return null;
                 })
                 .filter(Objects::nonNull)

diff --git a/services/src/main/java/org/keycloak/protocol/oid4vc/model/TxCode.java b/services/src/main/java/org/keycloak/protocol/oid4vc/model/TxCode.java
@@ -1,3 +1,20 @@
+/*
+ * Copyright 2024 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 package org.keycloak.protocol.oid4vc.model;
 
 import com.fasterxml.jackson.annotation.JsonInclude;

diff --git a/services/src/main/java/org/keycloak/protocol/oidc/grants/PreAuthorizedCodeGrantType.java b/services/src/main/java/org/keycloak/protocol/oidc/grants/PreAuthorizedCodeGrantType.java
@@ -1,3 +1,20 @@
+/*
+ * Copyright 2024 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 package org.keycloak.protocol.oidc.grants;
 
 import jakarta.ws.rs.core.Response;

diff --git a/...es/src/main/java/org/keycloak/protocol/oidc/grants/PreAuthorizedCodeGrantTypeFactory.java b/...es/src/main/java/org/keycloak/protocol/oidc/grants/PreAuthorizedCodeGrantTypeFactory.java
@@ -1,3 +1,20 @@
+/*
+ * Copyright 2024 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 package org.keycloak.protocol.oidc.grants;
 
 import org.keycloak.Config;

diff --git a/services/src/main/resources/META-INF/services/org.keycloak.protocol.ProtocolMapper b/services/src/main/resources/META-INF/services/org.keycloak.protocol.ProtocolMapper
@@ -48,9 +48,10 @@ org.keycloak.protocol.oidc.mappers.ClaimsParameterTokenMapper
 org.keycloak.protocol.saml.mappers.UserAttributeNameIdMapper
 org.keycloak.protocol.oidc.mappers.ClaimsParameterWithValueIdTokenMapper
 org.keycloak.protocol.oidc.mappers.NonceBackwardsCompatibleMapper
-org.keycloak.protocol.oid4vc.issuance.mappers.OID4VPSubjectIdMapper
-org.keycloak.protocol.oid4vc.issuance.mappers.OID4VPStaticClaimMapper
-org.keycloak.protocol.oid4vc.issuance.mappers.OID4VPTargetRoleMapper
-org.keycloak.protocol.oid4vc.issuance.mappers.OID4VPUserAttributeMapper
-org.keycloak.protocol.oid4vc.issuance.mappers.OID4VPTypeMapper
+org.keycloak.protocol.oid4vc.issuance.mappers.OID4VCSubjectIdMapper
+org.keycloak.protocol.oid4vc.issuance.mappers.OID4VCStaticClaimMapper
+org.keycloak.protocol.oid4vc.issuance.mappers.OID4VCTargetRoleMapper
+org.keycloak.protocol.oid4vc.issuance.mappers.OID4VCUserAttributeMapper
+org.keycloak.protocol.oid4vc.issuance.mappers.OID4VCTypeMapper
+org.keycloak.protocol.oid4vc.issuance.mappers.OID4VCContextMapper
 org.keycloak.protocol.oidc.mappers.SessionStateMapper
diff --git a/...ices/src/test/java/org/keycloak/protocol/oid4vc/OID4VCClientRegistrationProviderTest.java b/...ices/src/test/java/org/keycloak/protocol/oid4vc/OID4VCClientRegistrationProviderTest.java
@@ -1,3 +1,20 @@
+/*
+ * Copyright 2024 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 package org.keycloak.protocol.oid4vc;
 
 import org.junit.Test;

diff --git a/...uillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/PreAuthorizedGrantTest.java b/...uillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/PreAuthorizedGrantTest.java
@@ -1,3 +1,20 @@
+/*
+ * Copyright 2024 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 package org.keycloak.testsuite.oauth;
 
 import jakarta.ws.rs.core.UriBuilder;

diff --git a/...rc/test/java/org/keycloak/testsuite/oid4vc/issuance/signing/OID4VCIssuerEndpointTest.java b/...rc/test/java/org/keycloak/testsuite/oid4vc/issuance/signing/OID4VCIssuerEndpointTest.java
@@ -1,3 +1,20 @@
+/*
+ * Copyright 2024 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 package org.keycloak.testsuite.oid4vc.issuance.signing;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
@@ -19,6 +36,7 @@
 import org.junit.Test;
 import org.keycloak.OAuth2Constants;
 import org.keycloak.TokenVerifier;
+import org.keycloak.common.VerificationException;
 import org.keycloak.common.crypto.CryptoIntegration;
 import org.keycloak.common.util.MultivaluedHashMap;
 import org.keycloak.common.util.SecretGenerator;
@@ -36,6 +54,7 @@
 import org.keycloak.protocol.oid4vc.model.Format;
 import org.keycloak.protocol.oid4vc.model.PreAuthorizedGrant;
 import org.keycloak.protocol.oid4vc.model.SupportedCredentialConfiguration;
+import org.keycloak.protocol.oid4vc.model.VerifiableCredential;
 import org.keycloak.protocol.oidc.grants.PreAuthorizedCodeGrantTypeFactory;
 import org.keycloak.protocol.oidc.representations.OIDCConfigurationRepresentation;
 import org.keycloak.representations.JsonWebToken;
@@ -48,6 +67,7 @@
 import org.keycloak.util.JsonSerialization;
 
 import java.io.IOException;
+import java.net.URI;
 import java.nio.charset.StandardCharsets;
 import java.util.LinkedList;
 import java.util.List;
@@ -403,6 +423,8 @@ public void testCredentialIssuance() throws Exception {
                         requestOffer(theToken, credentialIssuer.getCredentialEndpoint(), supportedCredential);
                     } catch (IOException e) {
                         fail("Was not able to get the credential.");
+                    } catch (VerificationException e) {
+                        throw new RuntimeException(e);
                     }
                 });
     }
@@ -438,7 +460,7 @@ private String getBasePath(String realm) {
         return suiteContext.getAuthServerInfo().getContextRoot().toString() + "/auth/realms/" + realm + "/protocol/oid4vc/";
     }
 
-    private void requestOffer(String token, String credentialEndpoint, SupportedCredentialConfiguration offeredCredential) throws IOException {
+    private void requestOffer(String token, String credentialEndpoint, SupportedCredentialConfiguration offeredCredential) throws IOException, VerificationException {
         CredentialRequest request = new CredentialRequest();
         request.setFormat(offeredCredential.getFormat());
         request.setCredentialIdentifier(offeredCredential.getId());
@@ -454,6 +476,12 @@ private void requestOffer(String token, String credentialEndpoint, SupportedCred
         CredentialResponse credentialResponse = JsonSerialization.readValue(s, CredentialResponse.class);
 
         assertNotNull("The credential should have been responded.", credentialResponse.getCredential());
+        JsonWebToken jsonWebToken = TokenVerifier.create((String) credentialResponse.getCredential(), JsonWebToken.class).getToken();
+        assertEquals("did:web:test.org", jsonWebToken.getIssuer());
+        VerifiableCredential credential = new ObjectMapper().convertValue(jsonWebToken.getOtherClaims().get("vc"), VerifiableCredential.class);
+        assertEquals(List.of("VerifiableCredential"), credential.getType());
+        assertEquals(URI.create("did:web:test.org"), credential.getIssuer());
+        assertEquals("john@email.cz", credential.getCredentialSubject().getClaims().get("email"));
     }
 
     @Override

diff --git a/...ava/org/keycloak/testsuite/oid4vc/issuance/signing/OID4VCIssuerWellKnownProviderTest.java b/...ava/org/keycloak/testsuite/oid4vc/issuance/signing/OID4VCIssuerWellKnownProviderTest.java
@@ -1,3 +1,20 @@
+/*
+ * Copyright 2024 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 package org.keycloak.testsuite.oid4vc.issuance.signing;
 
 import org.junit.Test;