chore(keycloak-integration): refactoring (#6375)

* feat(keycloak-integration): added maven parent pom for subprojects

* feat(keycloak-integration): added janssen authenticator pom

* feat(keycloak-integration): added maven assembly xml for authenticator dependencies

* feat(keycloak-integration): added spi factory discovery meta for keycloak
* added authenticator spi factory discovery meta for keycloak
* added rest service spi factory discovery meta for keycloak

* feat(keycloak-integration): added authenticator message mapping file

* feat(keycloak-integration): added authenticator image resources

* feat(keycloak-integration): added page templates for authenticator

* feat(keycloak-integration): added authenticator core coded
* added authenticator code
* added authenticator factory code
* added authenticator config properties code

* feat(keycloak-integration): added missing file containing session attribute definitions

* feat(keycloak-integration): added nimbus based minimalist oidc client code

* chore(keycloak-integration): minor change to the authenticator factory

* feat(keycloak-integration): added authn completion rest service

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* feat(keycloak-integration): fix authn return url from janssen

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* feat(keycloak-integration): added installation documentation

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* chore(keycloak-integration): renamed project and plugin internal names

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* chore(keycloak-integration): minor update to documentation to reflect project name change

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* chore(keycloak-integration): renamed the keycloak integration source directory

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* feat(keycloak-integration): added skeleton code for task scheduler

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* chore(keycloak-integration): moved kc storage spi into jans-keycloak-integration

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* chore(keycloak-integration): removed storage-api as it was moved to jans-keycloak-integration

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* chore(keycloak-integration): removed test case from storage-spi

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* chore(keycloak-integration): housekeeping
* moved of storage-spi to jans-keycloak-integration
* integrated storage-spi dependencies into kc integration parent pom
* ensure all kc integration projects build

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* chore(keycloak-integration): storage spi refactoring
* added plugin configuration file getting configuration from keycloak

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* chore(keycloak-integration): storage spi refactoring
* removed old config loader class
* removed all references to said class and replaced with new config loader

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* chore(keycloak-integration): authenticator refactoring
* normalized provider id for the authenticator spi
* normalized provider id for the authenticator rest service spi

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* chore(keycloak-integration): keycloak storage spi refactoring
* began swapping log4j for jboss logger to reduce external deps
* normalized the storage spi provider id

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* chore(keycloak-integration): refactoring
* fix startup issues with the storage spi
* removed references to slf4j to use jboss logging to align with keycloak

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* chore(keycloak-integration): refactoring keycloak components
* normalized keycloak integration parent bom with name kc-jans-parent

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* chore(keycloak-integration): refactoring
* made adjustments to the PluginConfiguration keys
* keycloak configuration file to setup

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* chore(keycloak-integration): refactoring
* changed the kc-jans prefix for project artifacts to jans-kc

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

---------

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
Signed-off-by: Mustafa Baser <mbaser@mail.com>

jans-keycloak-integration/authenticator/installation.md

@@ -0,0 +1,62 @@
+## Keycloak Installation configuration for use with Janssen Auth
+
+### 1- Brief 
+
+   This guide contains instructions on how to install keycloak for use with keycloak 
+and run it in a production setting alongside Janssen.
+
+
+### 2- Keycloak and Plugins Installation
+
+  We will be using the quarkus distribution of keycloak which can be found 
+[here](https://github.com/keycloak/keycloak/releases/download/22.0.3/keycloak-22.0.3.zip).
+directory.
+After downloading the binaries , it's suggested to unzip it in the `/opt/keycloak` directory.
+
+#### 2.1 - Keycloak Authentication Plugin Installation
+
+Installing the authentication plugin is straightforward.
+It resides at the url
+https://jenkins.jans.io/maven/io/jans/jans-authenticator/<version>/
+Binaries of interest  have to be copied to the
+`/opt/keycloak/providers/` directory. They are:
+- `kc-jans-authn-plugin-<version>.jar`
+- `kc-jans-authn-plugin-<version>-deps.zip`. It's contents have to 
+be unzipped into the directory. These are the plugin's dependencies.
+
+No further action is needed after copying these files.
+
+
+### 3 - Running Keycloak
+
+  The following assumptions will be made
+- Keycloak has been installed under the directory `/opt/keycloak/`
+- The Janssen Server's hostname is `janssen-with-kc.local`
+- Keycloak will run behind a reverse proxy/ load balancer (e.g. apache )
+  and will be listening only on the local interface on port 8092
+
+From the terminal, run the following command 
+```
+/opt/keycloak/bin/kc.sh --log "console,file" --http-host=127.0.0.1 --http-port=8092 \
+--hostname-url=https://janssen-with-kc.local --spi-connections-http-client-default-disable-trust-manager=true \
+--proxy edge
+```
+
+#### 3.1 - Database Setup
+  By default , in a non-production environment , keycloak relies on the embedded H2 database for operation.
+In a production setting, a more appropriate database needs to be deployed. 
+You can find a list of supported databases [here](https://www.keycloak.org/server/db).
+Additional database configuration will need to be done.
+
+
+
+#### 3.2 - Reverse Proxy 
+As keycloak will run behind a proxy, there are a couple paths that need to be exposed (or not), with the full list
+found [here](https://www.keycloak.org/server/reverseproxy).
+
+
+### 5 - Configuration changes in Keycloak and Janssen-Auth
+TBD
+
+### 6 - Clustering 
+TBD

jans-keycloak-integration/authenticator/pom.xml

@@ -1,14 +1,15 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
 
   <modelVersion>4.0.0</modelVersion>
   <groupId>io.jans</groupId>
-  <artifactId>jans-authenticator</artifactId>
-  <name>jans-authenticator</name>
+  <artifactId>kc-jans-authn-plugin</artifactId>
+  <name>kc-jans-authn-plugin</name>
   <packaging>jar</packaging>
 
   <parent>
     <groupId>io.jans</groupId>
-    <artifactId>jans-keycloak-integration-parent</artifactId>
+    <artifactId>jans-kc-parent</artifactId>
     <version>1.0.20-SNAPSHOT</version>
   </parent>
 
@@ -55,48 +56,23 @@
      <plugin>
       <groupId>org.apache.maven.plugins</groupId>
       <artifactId>maven-dependency-plugin</artifactId>
-      <version>${maven-deps-plugin.version}</version>
-      <executions>
-        <execution>
-            <id>copy</id>
-            <phase>package</phase>
-            <goals>
-              <goal>copy-dependencies</goal>
-            </goals>
-            <configuration>
-                <outputDirectory>${project.build.directory}/deps</outputDirectory>
-                <includeScope>runtime</includeScope>
-                <excludeTransitive>false</excludeTransitive>
-            </configuration>
-        </execution>
-      </executions>
      </plugin>
      <!-- end maven deps plugin -->
 
      <!-- maven assembly plugin -->
-
      <plugin>
         <groupId>org.apache.maven.plugins</groupId>
         <artifactId>maven-assembly-plugin</artifactId>
-        <version>${maven-assembly-plugin.version}</version>
-        <configuration>
-            <descriptors>
-                <descriptor>src/assembly/dependencies.xml</descriptor>
-            </descriptors>
-            <finalName>${project.artifactId}-${project.version}</finalName>
-        </configuration>
-        <executions>
-            <execution>
-                <id>zip-dependencies</id>
-                <phase>package</phase>
-                <goals>
-                    <goal>single</goal>
-                </goals>
-            </execution>
-        </executions>
      </plugin>
-
      <!-- end maven assembly plugin -->
+
+     <!-- maven compiler plugin -->
+     <plugin>
+       <groupId>org.apache.maven.plugins</groupId>
+       <artifactId>maven-compiler-plugin</artifactId>
+     </plugin>
+     <!-- end maven compiler plugin -->
+
     </plugins>
   </build>
 </project>

jans-keycloak-integration/authenticator/src/main/java/io/jans/kc/spi/ProviderIDs.java

@@ -0,0 +1,6 @@
+package io.jans.kc.spi;
+
+public class ProviderIDs {
+    public static final String JANS_AUTHENTICATOR_PROVIDER = "kc-jans-authn";
+    public static final String JANS_AUTH_RESPONSE_REST_PROVIDER = "kc-jans-authn-rest-bridge";
+}

jans-keycloak-integration/authenticator/src/main/java/io/jans/kc/spi/auth/JansAuthenticator.java

@@ -27,6 +27,7 @@
 import org.keycloak.models.UserModel;
 import org.keycloak.models.utils.KeycloakModelUtils;
 
+import io.jans.kc.spi.ProviderIDs;
 import io.jans.kc.spi.auth.oidc.OIDCAuthRequest;
 import io.jans.kc.spi.auth.oidc.OIDCMetaError;
 import io.jans.kc.spi.auth.oidc.OIDCService;
@@ -52,7 +53,7 @@ public class JansAuthenticator implements Authenticator {
     private static final String JANS_LOGIN_URL_ATTRIBUTE = "jansLoginUrl";
     private static final String OPENID_AUTH_PARAMS_ATTRIBUTE = "openIdAuthParams";
 
-    private static final String URI_PATH_TO_REST_SERVICE = "/realms/{0}/jans-auth-bridge/auth-complete";
+    private static final String URI_PATH_TO_REST_SERVICE = "/realms/{0}/{1}/auth-complete";
 
 
     private OIDCService oidcService;
@@ -187,6 +188,12 @@ public void close() {
     private Configuration extractAndValidateConfiguration(AuthenticationFlowContext  context) {
 
         Configuration config = pluginConfigurationFromContext(context);
+
+        if(config == null) {
+            log.debugv("Plugin probably not configured. Check the Janssen Auth plugin in the authentication flow");
+            return null;
+        }
+
         ValidationResult validationresult = config.validate();
         if(validationresult.hasErrors()) {
             for(String err : validationresult.getErrors()) {
@@ -201,7 +208,7 @@ private URI createRedirectUri(AuthenticationFlowContext context) {
 
         URI serverUri = context.getSession().getContext().getUri().getBaseUri();
         String realmname = context.getRealm().getName();
-        String rest_svc_uri = MessageFormat.format(URI_PATH_TO_REST_SERVICE,realmname);
+        String rest_svc_uri = MessageFormat.format(URI_PATH_TO_REST_SERVICE,realmname,ProviderIDs.JANS_AUTH_RESPONSE_REST_PROVIDER);
         return serverUri.resolve(rest_svc_uri);
     }
 

jans-keycloak-integration/authenticator/src/main/java/io/jans/kc/spi/auth/JansAuthenticatorFactory.java

@@ -15,6 +15,7 @@
 
 import org.keycloak.provider.ProviderConfigProperty;
 
+import io.jans.kc.spi.ProviderIDs;
 import io.jans.kc.spi.auth.oidc.OIDCMetaCache;
 import io.jans.kc.spi.auth.oidc.OIDCService;
 import io.jans.kc.spi.auth.oidc.impl.HashBasedOIDCMetaCache;
@@ -23,7 +24,8 @@
 
 public class JansAuthenticatorFactory implements AuthenticatorFactory {
 
-    private static final String PROVIDER_ID = "janssen-auth";
+    private static final String PROVIDER_ID = ProviderIDs.JANS_AUTHENTICATOR_PROVIDER;
+
     private static final String DISPLAY_TYPE = "Janssen Authenticator";
     private static final String REFERENCE_CATEGORY = "Janssen Authenticator";
     private static final String HELP_TEXT= "Janssen authenticator for Keycloak";

jans-keycloak-integration/authenticator/src/main/java/io/jans/kc/spi/rest/JansAuthResponseResourceProviderFactory.java

@@ -7,9 +7,11 @@
 import org.keycloak.services.resource.RealmResourceProvider;
 import org.keycloak.services.resource.RealmResourceProviderFactory;
 
+import io.jans.kc.spi.ProviderIDs;
+
 public class JansAuthResponseResourceProviderFactory implements RealmResourceProviderFactory {
 
-    private static final String ID = "janssen-auth-response-bridge";
+    private static final String ID = ProviderIDs.JANS_AUTH_RESPONSE_REST_PROVIDER;
 
     @Override
     public String getId() {