Remove deprecated kcinit from keycloak

Closes keycloak#9106

adapters/oidc/pom.xml

@@ -34,7 +34,6 @@
         <module>adapter-core</module>
         <module>installed</module>
         <module>fuse7</module>
-        <module>kcinit</module>
         <module>jaxrs-oauth-client</module>
         <module>jetty</module>
         <module>js</module>

integration/client-cli/admin-cli/src/main/bin/kcadm.sh

@@ -22,12 +22,5 @@ fi
 DIRNAME=`dirname "$RESOLVED_NAME"`
 
 
-# Uncomment out these lines if you are integrating with `kcinit`
-#if [ "$1" = "config" ]; then
-#    java $KC_OPTS -cp $DIRNAME/client/keycloak-admin-cli-${project.version}.jar org.keycloak.client.admin.cli.KcAdmMain "$@"
-#else
-#    java $KC_OPTS -cp $DIRNAME/client/keycloak-admin-cli-${project.version}.jar org.keycloak.client.admin.cli.KcAdmMain "$@" --noconfig --token $(kcinit token admin-cli) --server $(kcinit show server)
-#fi
-# Remove the next line if you have enabled kcinit
 java $KC_OPTS -cp $DIRNAME/client/keycloak-admin-cli-${project.version}.jar org.keycloak.client.admin.cli.KcAdmMain "$@"
 

pom.xml

@@ -1646,17 +1646,6 @@
                 <version>${project.version}</version>
                 <type>zip</type>
             </dependency>
-            <dependency>
-                <groupId>org.keycloak</groupId>
-                <artifactId>kcinit</artifactId>
-                <version>${project.version}</version>
-            </dependency>
-            <dependency>
-                <groupId>org.keycloak</groupId>
-                <artifactId>kcinit-dist</artifactId>
-                <version>${project.version}</version>
-                <type>zip</type>
-            </dependency>
             <!-- webauthn support -->
             <dependency>
                 <groupId>com.webauthn4j</groupId>

services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java

@@ -124,11 +124,6 @@ public static UriBuilder registrationsUrl(UriBuilder baseUriBuilder) {
         return uriBuilder.path(OIDCLoginProtocolService.class, "registrations");
     }
 
-    public static UriBuilder delegatedUrl(UriInfo uriInfo) {
-        UriBuilder uriBuilder = tokenServiceBaseUrl(uriInfo);
-        return uriBuilder.path(OIDCLoginProtocolService.class, "kcinitBrowserLoginComplete");
-    }
-
     public static UriBuilder tokenUrl(UriBuilder baseUriBuilder) {
         UriBuilder uriBuilder = tokenServiceBaseUrl(baseUriBuilder);
         return uriBuilder.path(OIDCLoginProtocolService.class, "token");
@@ -289,33 +284,6 @@ public Response installedAppUrnCallback(final @QueryParam("code") String code, f
         }
     }
 
-    /**
-     * For KeycloakInstalled and kcinit login where command line login is delegated to a browser.
-     * This clears login cookies and outputs login success or failure messages.
-     *
-     * @param error
-     * @return
-     */
-    @GET
-    @Path("delegated")
-    public Response kcinitBrowserLoginComplete(@QueryParam("error") boolean error) {
-        AuthenticationManager.expireIdentityCookie(realm, session.getContext().getUri(), clientConnection);
-        AuthenticationManager.expireRememberMeCookie(realm, session.getContext().getUri(), clientConnection);
-        if (error) {
-            LoginFormsProvider forms = session.getProvider(LoginFormsProvider.class);
-            return forms
-                    .setAttribute("messageHeader", forms.getMessage(Messages.DELEGATION_FAILED_HEADER))
-                    .setAttribute(Constants.SKIP_LINK, true).setError(Messages.DELEGATION_FAILED).createInfoPage();
-
-        } else {
-            LoginFormsProvider forms = session.getProvider(LoginFormsProvider.class);
-            return forms
-                    .setAttribute("messageHeader", forms.getMessage(Messages.DELEGATION_COMPLETE_HEADER))
-                    .setAttribute(Constants.SKIP_LINK, true)
-                    .setSuccess(Messages.DELEGATION_COMPLETE).createInfoPage();
-        }
-    }
-
     @Path("ext/{extension}")
     public Object resolveExtension(@PathParam("extension") String extension) {
         OIDCExtProvider provider = session.getProvider(OIDCExtProvider.class, extension);

testsuite/integration-arquillian/tests/base/pom.xml

@@ -288,43 +288,6 @@
                     </execution>
                 </executions>
             </plugin>
-            <plugin>
-                <groupId>com.igormaznitsa</groupId>
-                <artifactId>mvn-golang-wrapper</artifactId>
-                <version>2.3.4</version>
-                <extensions>true</extensions>
-                <configuration>
-                    <goVersion>1.9.2</goVersion>
-                    <useMavenProxy>true</useMavenProxy>
-                </configuration>
-                <executions>
-                    <execution>
-                        <id>get-mousetrap</id>
-                        <goals>
-                            <goal>get</goal>
-                        </goals>
-                        <configuration>
-                            <packages>
-                                <package>github.com/inconshreveable/mousetrap</package>
-                            </packages>
-                            <goPath>${project.build.directory}/gopath</goPath>
-                        </configuration>
-                    </execution>
-                    <execution>
-                        <id>get-kcinit</id>
-                        <goals>
-                            <goal>get</goal>
-                        </goals>
-                        <configuration>
-                            <packages>
-                                <package>github.com/keycloak/kcinit</package>
-                            </packages>
-                            <goPath>${project.build.directory}/gopath</goPath>
-                            <tag>0.5</tag>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
             <plugin>
                 <groupId>io.fabric8</groupId>
                 <artifactId>docker-maven-plugin</artifactId>

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/FineGrainAdminUnitTest.java

@@ -1298,12 +1298,12 @@ public void testClientsSearchAfterFirstPage() {
     private String checkTokenExchange(boolean shouldPass) throws Exception {
         testingClient.server().run(FineGrainAdminUnitTest::setupTokenExchange);
         oauth.realm("master");
-        oauth.clientId("kcinit");
+        oauth.clientId("tokenexclient");
         String exchanged = null;
         String token = oauth.doGrantAccessTokenRequest("password", "admin", "admin").getAccessToken();
         Assert.assertNotNull(token);
         try {
-            exchanged = oauth.doTokenExchange("master", token, "admin-cli", "kcinit", "password").getAccessToken();
+            exchanged = oauth.doTokenExchange("master", token, "admin-cli", "tokenexclient", "password").getAccessToken();
         } catch (AssertionError e) {
             log.info("Error message is expected from oauth: " + e.getMessage());
         }
@@ -1316,25 +1316,25 @@ private String checkTokenExchange(boolean shouldPass) throws Exception {
 
     private static void setupTokenExchange(KeycloakSession session) {
         RealmModel realm = session.realms().getRealmByName("master");
-        ClientModel client = session.clients().getClientByClientId(realm, "kcinit");
+        ClientModel client = session.clients().getClientByClientId(realm, "tokenexclient");
         if (client != null) {
             return;
         }
 
-        ClientModel kcinit = realm.addClient("kcinit");
-        kcinit.setEnabled(true);
-        kcinit.addRedirectUri("http://localhost:*");
-        kcinit.setPublicClient(false);
-        kcinit.setSecret("password");
-        kcinit.setDirectAccessGrantsEnabled(true);
+        ClientModel tokenexclient = realm.addClient("tokenexclient");
+        tokenexclient.setEnabled(true);
+        tokenexclient.addRedirectUri("http://localhost:*");
+        tokenexclient.setPublicClient(false);
+        tokenexclient.setSecret("password");
+        tokenexclient.setDirectAccessGrantsEnabled(true);
 
         // permission for client to client exchange to "target" client
         ClientModel adminCli = realm.getClientByClientId(ConfigUtil.DEFAULT_CLIENT);
         AdminPermissionManagement management = AdminPermissions.management(session, realm);
         management.clients().setPermissionsEnabled(adminCli, true);
         ClientPolicyRepresentation clientRep = new ClientPolicyRepresentation();
         clientRep.setName("to");
-        clientRep.addClient(kcinit.getId());
+        clientRep.addClient(tokenexclient.getId());
         ResourceServer server = management.realmResourceServer();
         Policy clientPolicy = management.authz().getStoreFactory().getPolicyStore().create(clientRep, server);
         management.clients().exchangeToPermission(adminCli).addAssociatedPolicy(clientPolicy);