Copy os-sso72 to os-sso73

os-sso73/added/import-realm.json

@@ -0,0 +1,4 @@
+[ {
+  "realm" : "##REALM##",
+  "enabled" : true
+} ]

os-sso73/added/index.html

@@ -0,0 +1,6 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+<head>
+     <meta http-equiv="refresh" content="0;url=/auth">
+</head>
+</html>

os-sso73/added/launch/add-sso-admin-user.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+
+function prepareEnv() {
+  unset SSO_ADMIN_USERNAME
+  unset SSO_ADMIN_PASSWORD
+}
+
+function configure() {
+  add_admin_user
+}
+
+function add_admin_user() {
+  if [ -n "$SSO_ADMIN_USERNAME" ] && [ -n "$SSO_ADMIN_PASSWORD" ]; then
+    /opt/eap/bin/add-user-keycloak.sh -r master -u $SSO_ADMIN_USERNAME -p $SSO_ADMIN_PASSWORD
+  fi
+}
+

os-sso73/added/launch/add-sso-realm.sh

@@ -0,0 +1,28 @@
+#!/bin/bash
+
+function prepareEnv() {
+  unset SSO_REALM
+  unset IMPORT_REALM_FILE
+  unset SSO_SERVICE_USERNAME
+  unset SSO_SERVICE_PASSWORD
+}
+
+function configure() {
+  realm_import
+}
+
+function realm_import() {
+  if [ -n "$SSO_REALM" ]; then
+    sed -i "s|##REALM##|${SSO_REALM}|" "${IMPORT_REALM_FILE}"
+
+    if [ -n "$SSO_SERVICE_USERNAME" ]; then
+
+      if [ -n "$SSO_SERVICE_PASSWORD" ]; then
+        $JBOSS_HOME/bin/add-user-keycloak.sh -r $SSO_REALM -u $SSO_SERVICE_USERNAME -p $SSO_SERVICE_PASSWORD --roles realm-management/realm-admin
+      fi
+    fi
+
+    SSO_IMPORT_FILE="$IMPORT_REALM_FILE"
+  fi
+}
+

os-sso73/added/launch/datasource.sh

@@ -0,0 +1,89 @@
+source $JBOSS_HOME/bin/launch/datasource-common.sh
+
+function prepareEnv() {
+  clearDatasourcesEnv
+  clearTxDatasourceEnv
+}
+
+function configure() {
+  NON_XA_DATASOURCE="true"
+  DB_JNDI="java:jboss/datasources/KeycloakDS"
+  DB_POOL="KeycloakDS"
+
+  inject_datasources
+}
+
+function configureEnv() {
+  inject_external_datasources
+}
+
+function inject_datasources() {
+  inject_datasources_common
+
+  inject_default_job_repositories
+}
+
+function generate_datasource() {
+  local pool_name="${1}"
+  local jndi_name="${2}"
+  local username="${3}"
+  local password="${4}"
+  local host="${5}"
+  local port="${6}"
+  local databasename="${7}"
+  local checker="${8}"
+  local sorter="${9}"
+  local driver="${10}"
+  local service_name="${11}"
+  local jta="${12}"
+  local validate="${13}"
+  local url="${14}"
+
+  generate_datasource_common "${1}" "${2}" "${3}" "${4}" "${5}" "${6}" "${7}" "${8}" "${9}" "${10}" "${11}" "${12}" "${13}" "${14}"
+
+  if [ -z "$service_name" ]; then
+    service_name="ExampleDS"
+    pool_name="ExampleDS"
+    if [ -n "$DB_POOL" ]; then
+      pool_name="$DB_POOL"
+    fi
+  fi
+
+  if [ -n "$DEFAULT_JOB_REPOSITORY" -a "$DEFAULT_JOB_REPOSITORY" = "${service_name}" ]; then
+    inject_default_job_repository $pool_name
+    inject_job_repository $pool_name
+  fi
+
+  if [ -z "$DEFAULT_JOB_REPOSITORY" ]; then
+    inject_default_job_repository in-memory
+  fi
+
+}
+
+# $1 - refresh-interval
+function refresh_interval() {
+    echo "refresh-interval=\"$1\""
+}
+
+function inject_default_job_repositories() {
+  defaultjobrepo="     <default-job-repository name=\"in-memory\"/>"
+
+  sed -i "s|<!-- ##DEFAULT_JOB_REPOSITORY## -->|${defaultjobrepo%$'\n'}|g" $CONFIG_FILE
+}
+
+# Arguments:
+# $1 - default job repository name
+function inject_default_job_repository() {
+  defaultjobrepo="     <default-job-repository name=\"${1}\"/>"
+
+  sed -i "s|<!-- ##DEFAULT_JOB_REPOSITORY## -->|${defaultjobrepo%$'\n'}|" $CONFIG_FILE
+}
+
+function inject_job_repository() {
+  jobrepo="     <job-repository name=\"${1}\">\
+      <jdbc data-source=\"${1}\"/>\
+    </job-repository>\
+    <!-- ##JOB_REPOSITORY## -->"
+
+  sed -i "s|<!-- ##JOB_REPOSITORY## -->|${jobrepo%$'\n'}|" $CONFIG_FILE
+}

os-sso73/added/launch/keycloak-server-notruststore.json

@@ -0,0 +1,71 @@
+{
+    "admin": {
+        "realm": "master"
+    },
+
+    "eventsStore": {
+        "provider": "jpa",
+        "jpa": {
+            "exclude-events": [ "REFRESH_TOKEN" ]
+        }
+    },
+
+    "realm": {
+        "provider": "jpa"
+    },
+
+    "user": {
+        "provider": "jpa"
+    },
+
+    "userCache": {
+        "default" : {
+            "enabled": true
+        }    
+    },
+
+    "userSessionPersister": {
+        "provider": "jpa"
+    },
+
+    "timer": {
+        "provider": "basic"
+    },
+
+    "theme": {
+        "staticMaxAge": 2592000,
+        "cacheTemplates": true,
+        "cacheThemes": true,
+        "folder": {
+          "dir": "${jboss.home.dir}/themes"
+        }
+    },
+
+    "scheduled": {
+        "interval": 900
+    },
+
+    "connectionsHttpClient": {
+        "default": {}
+    },
+
+    "connectionsJpa": {
+        "default": {
+            "dataSource": "java:jboss/datasources/KeycloakDS",
+            "databaseSchema": "update"
+        }
+    },
+
+    "realmCache": {
+        "default" : {
+            "enabled": true
+        }
+    },
+
+    "connectionsInfinispan": {
+        "provider": "default",
+        "default": {
+            "cacheContainer" : "java:comp/env/infinispan/Keycloak"
+        }
+    }
+}

os-sso73/added/launch/keycloak-spi.sh

@@ -0,0 +1,23 @@
+#!/bin/bash
+
+function prepareEnv() {
+  unset SSO_TRUSTSTORE
+  unset SSO_TRUSTSTORE_DIR
+  unset SSO_TRUSTSTORE_PASSWORD
+}
+
+function configure() {
+  add_truststore
+}
+
+function add_truststore() {
+
+  if [ -n "$SSO_TRUSTSTORE" ] && [ -n "$SSO_TRUSTSTORE_DIR" ] && [ -n "$SSO_TRUSTSTORE_PASSWORD" ]; then
+
+    local truststore="<spi name=\"truststore\"><provider name=\"file\" enabled=\"true\"><properties><property name=\"file\" value=\"${SSO_TRUSTSTORE_DIR}/${SSO_TRUSTSTORE}\"/><property name=\"password\" value=\"${SSO_TRUSTSTORE_PASSWORD}\"/><property name=\"hostname-verification-policy\" value=\"WILDCARD\"/><property name=\"disabled\" value=\"false\"/></properties></provider></spi>"
+
+    sed -i "s|<!-- ##SSO_TRUSTSTORE## -->|${truststore}|" "${CONFIG_FILE}"
+
+  fi
+}
+

os-sso73/added/launch/openshift-common.sh

@@ -0,0 +1,48 @@
+#!/bin/sh
+# Openshift EAP launch script
+
+if [ "${SCRIPT_DEBUG}" = "true" ] ; then
+    set -x
+    echo "Script debugging is enabled, allowing bash commands and their arguments to be printed as they are executed"
+fi
+
+CONFIG_FILE=$JBOSS_HOME/standalone/configuration/standalone-openshift.xml
+LOGGING_FILE=$JBOSS_HOME/standalone/configuration/logging.properties
+
+#For backward compatibility
+ADMIN_USERNAME=${ADMIN_USERNAME:-${EAP_ADMIN_USERNAME:-$DEFAULT_ADMIN_USERNAME}}
+ADMIN_PASSWORD=${ADMIN_PASSWORD:-$EAP_ADMIN_PASSWORD}
+NODE_NAME=${NODE_NAME:-$EAP_NODE_NAME}
+HTTPS_NAME=${HTTPS_NAME:-$EAP_HTTPS_NAME}
+HTTPS_PASSWORD=${HTTPS_PASSWORD:-$EAP_HTTPS_PASSWORD}
+HTTPS_KEYSTORE_DIR=${HTTPS_KEYSTORE_DIR:-$EAP_HTTPS_KEYSTORE_DIR}
+HTTPS_KEYSTORE=${HTTPS_KEYSTORE:-$EAP_HTTPS_KEYSTORE}
+SECDOMAIN_USERS_PROPERTIES=${SECDOMAIN_USERS_PROPERTIES:-${EAP_SECDOMAIN_USERS_PROPERTIES:-users.properties}}
+SECDOMAIN_ROLES_PROPERTIES=${SECDOMAIN_ROLES_PROPERTIES:-${EAP_SECDOMAIN_ROLES_PROPERTIES:-roles.properties}}
+SECDOMAIN_NAME=${SECDOMAIN_NAME:-$EAP_SECDOMAIN_NAME}
+SECDOMAIN_PASSWORD_STACKING=${SECDOMAIN_PASSWORD_STACKING:-$EAP_SECDOMAIN_PASSWORD_STACKING}
+
+IMPORT_REALM_FILE=$JBOSS_HOME/standalone/configuration/import-realm.json
+
+CONFIGURE_SCRIPTS=(
+  $JBOSS_HOME/bin/launch/configure_extensions.sh
+  $JBOSS_HOME/bin/launch/passwd.sh
+  $JBOSS_HOME/bin/launch/datasource.sh
+  $JBOSS_HOME/bin/launch/resource-adapter.sh
+  $JBOSS_HOME/bin/launch/admin.sh
+  $JBOSS_HOME/bin/launch/ha.sh
+  $JBOSS_HOME/bin/launch/openshift-x509.sh
+  $JBOSS_HOME/bin/launch/jgroups.sh
+  $JBOSS_HOME/bin/launch/https.sh
+  $JBOSS_HOME/bin/launch/json_logging.sh
+  $JBOSS_HOME/bin/launch/security-domains.sh
+  $JBOSS_HOME/bin/launch/jboss_modules_system_pkgs.sh
+  $JBOSS_HOME/bin/launch/deploymentScanner.sh
+  $JBOSS_HOME/bin/launch/ports.sh
+  $JBOSS_HOME/bin/launch/access_log_valve.sh
+  $JBOSS_HOME/bin/launch/add-sso-admin-user.sh
+  $JBOSS_HOME/bin/launch/add-sso-realm.sh
+  $JBOSS_HOME/bin/launch/keycloak-spi.sh
+  $JBOSS_HOME/bin/launch/access_log_valve.sh
+  /opt/run-java/proxy-options
+)