On 6/13/16 4:19 AM, Stian Thorgersen wrote:
I've never been a fan of how creating user feds outside of the
session
was done. It's a completely broken concept and has several flaws:
a) KeycloakSession doesn't manage instances - we have issues with both
multiple instances being created as well as instances not being closed.
b) The code that requires an instance needs to know how to create one
c) No way to create a custom way to configure/setup - the model
approach may work for some, but what if a custom provider wants to
store config differently
With that in mind this needs to be fix and not monkey patched.
When requesting an instance of a user federation it should be:
session.getProvider(UserFederationProvider.class, String instanceId)
That's it. It would then be up to the factory of figuring out how
to
instantiate it, not the calling code.
A user fed provider is often a generic thing that can be configured
multiple times for multiple different stores (i.e. LDAP). So, the model
is a must. We don't want people configuring fed providers within
keycloak-server.json
Model will be used by most (all) providers so it needs to be a parameter
for creation. This generic getProvider() method on KeycloakSession just
doesn't fit for most situations. Most mappers fall into this category
too. I have thought about defining a generic ConfigurationModel and
datastore that would be used by everything (mappers, fed providers, etc.)