From 6e86c7ffebe03df994aa9532b5ccaa117102e41e Mon Sep 17 00:00:00 2001
From: Andreas Knuth <andreas.knuth@gmail.com>
Date: Tue, 17 Sep 2024 19:09:08 +0200
Subject: [PATCH] initial commit

---
 .gitignore                                    |  1 +
 pom.xml                                       | 89 +++++++++++++++++++
 .../keycloak/RedirectUriAuthenticator.java    | 81 +++++++++++++++++
 .../RedirectUriAuthenticatorFactory.java      | 81 +++++++++++++++++
 ...ycloak.authentication.AuthenticatorFactory |  1 +
 5 files changed, 253 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 pom.xml
 create mode 100644 src/main/java/com/example/keycloak/RedirectUriAuthenticator.java
 create mode 100644 src/main/java/com/example/keycloak/RedirectUriAuthenticatorFactory.java
 create mode 100644 src/main/resources/META-INF/services/org.keycloak.authentication.AuthenticatorFactory

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..1de5659
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+target
\ No newline at end of file
diff --git a/pom.xml b/pom.xml
new file mode 100644
index 0000000..19bc4de
--- /dev/null
+++ b/pom.xml
@@ -0,0 +1,89 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" 
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 
+                             http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <groupId>com.example.keycloak</groupId>
+    <artifactId>redirect-uri-authenticator</artifactId>
+    <version>1.0.0</version>
+    <packaging>jar</packaging>
+
+    <name>Redirect URI Authenticator</name>
+    <description>Keycloak Authenticator zur Speicherung der redirectUri</description>
+
+    <properties>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+        <keycloak.version>23.0.7</keycloak.version>
+        <maven.compiler.source>17</maven.compiler.source>
+        <maven.compiler.target>17</maven.compiler.target>
+    </properties>
+
+    <dependencies>
+        <!-- Keycloak Server SPI -->
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-server-spi</artifactId>
+            <version>${keycloak.version}</version>
+        </dependency>
+        <!-- Keycloak Server SPI Private -->
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-server-spi-private</artifactId>
+            <version>${keycloak.version}</version>
+        </dependency>
+        <!-- Keycloak Core (not always necessary, but kann helfen) -->
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-core</artifactId>
+            <version>${keycloak.version}</version>
+        </dependency>
+    <dependency>
+      <groupId>org.keycloak</groupId>
+      <artifactId>keycloak-services</artifactId>
+      <version>${keycloak.version}</version>
+    </dependency>        
+        <!-- Jakarta WS RS API -->
+        <dependency>
+            <groupId>jakarta.ws.rs</groupId>
+            <artifactId>jakarta.ws.rs-api</artifactId>
+            <version>3.1.0</version>
+        </dependency>
+        <!-- Optional: Lombok für einfachere Getter/Setter -->
+        <!-- <dependency>
+            <groupId>org.projectlombok</groupId>
+            <artifactId>lombok</artifactId>
+            <version>1.18.26</version>
+            <scope>provided</scope>
+        </dependency> -->
+    </dependencies>
+
+    <build>
+        <plugins>
+            <!-- Maven Compiler Plugin -->
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <version>3.10.1</version>
+                <configuration>
+                    <source>${maven.compiler.source}</source>
+                    <target>${maven.compiler.target}</target>
+                </configuration>
+            </plugin>
+            <!-- Maven JAR Plugin -->
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-jar-plugin</artifactId>
+                <version>3.2.2</version>
+                <configuration>
+                    <archive>
+                        <manifest>
+                            <addDefaultImplementationEntries>true</addDefaultImplementationEntries>
+                        </manifest>
+                    </archive>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+</project>
diff --git a/src/main/java/com/example/keycloak/RedirectUriAuthenticator.java b/src/main/java/com/example/keycloak/RedirectUriAuthenticator.java
new file mode 100644
index 0000000..51560b7
--- /dev/null
+++ b/src/main/java/com/example/keycloak/RedirectUriAuthenticator.java
@@ -0,0 +1,81 @@
+package com.example.keycloak;
+
+import org.keycloak.authentication.AuthenticationFlowContext;
+import org.keycloak.authentication.Authenticator;
+import org.keycloak.authentication.AuthenticationFlowError;
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.RealmModel;
+import org.keycloak.models.UserModel;
+import jakarta.ws.rs.core.MultivaluedMap;
+import org.jboss.logging.Logger;
+
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.util.Arrays;
+
+public class RedirectUriAuthenticator implements Authenticator {
+
+    private static final Logger logger = Logger.getLogger(RedirectUriAuthenticator.class);
+
+    @Override
+    public void authenticate(AuthenticationFlowContext context) {
+        logger.info("RedirectUriAuthenticator: authenticate() called");
+
+        // Extrahiere 'redirect_uri' aus den Query-Parametern
+        String redirectUri = context.getAuthenticationSession().getClientNotes().get("redirect_uri");
+        logger.infof("RedirectUriAuthenticator: Received redirect_uri: %s", redirectUri);
+
+        if (redirectUri != null) {
+            String priceID = extractLastPartOfUrl(redirectUri);
+            if (priceID.length()>0){
+            	UserModel user = context.getUser();
+                user.setAttribute("priceID", Arrays.asList(priceID));
+                logger.infof("RedirectUriAuthenticator: Set priceID attribute for user %s", user.getUsername());
+            }
+        } else {
+            logger.info("RedirectUriAuthenticator: No redirect_uri provided");
+        }
+
+        context.success();
+    }
+    
+    public String extractLastPartOfUrl(String url) {
+        if (url == null || url.isEmpty()) {
+            return "";
+        }
+        
+        int lastSlashIndex = url.lastIndexOf('/');
+        if (lastSlashIndex == -1 || lastSlashIndex == url.length() - 1) {
+            return url;
+        }
+        
+        return url.substring(lastSlashIndex + 1);
+    }
+
+    @Override
+    public void action(AuthenticationFlowContext context) {
+        logger.info("RedirectUriAuthenticator: action() called");
+    }
+
+    @Override
+    public boolean requiresUser() {
+        return true;
+    }
+
+    @Override
+    public boolean configuredFor(org.keycloak.models.KeycloakSession session, 
+                                 org.keycloak.models.RealmModel realm, 
+                                 UserModel user) {
+        return true;
+    }
+
+    @Override
+    public void close() {
+        logger.info("RedirectUriAuthenticator: close() called");
+    }
+
+	@Override
+	public void setRequiredActions(KeycloakSession session, RealmModel realm, UserModel user) {
+		logger.info("RedirectUriAuthenticator: setRequiredActions() called");
+	}
+}
diff --git a/src/main/java/com/example/keycloak/RedirectUriAuthenticatorFactory.java b/src/main/java/com/example/keycloak/RedirectUriAuthenticatorFactory.java
new file mode 100644
index 0000000..896bf97
--- /dev/null
+++ b/src/main/java/com/example/keycloak/RedirectUriAuthenticatorFactory.java
@@ -0,0 +1,81 @@
+package com.example.keycloak;
+
+import java.util.Collections;
+import java.util.List;
+import org.jboss.logging.Logger;
+
+import org.keycloak.authentication.Authenticator;
+import org.keycloak.authentication.AuthenticatorFactory;
+import org.keycloak.authentication.ConfigurableAuthenticatorFactory;
+import org.keycloak.models.AuthenticationExecutionModel.Requirement;
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.KeycloakSessionFactory;
+import org.keycloak.provider.ProviderConfigProperty;
+
+public class RedirectUriAuthenticatorFactory implements AuthenticatorFactory, ConfigurableAuthenticatorFactory {
+    
+    private static final Logger logger = Logger.getLogger(RedirectUriAuthenticatorFactory.class);
+    public static final String PROVIDER_ID = "redirect-uri-authenticator";
+
+    @Override
+    public Authenticator create(KeycloakSession session) {
+        logger.info("RedirectUriAuthenticatorFactory: create() called");
+        return new RedirectUriAuthenticator();
+    }
+
+    @Override
+    public void init(org.keycloak.Config.Scope config) {
+        logger.info("RedirectUriAuthenticatorFactory: init() called");
+    }
+
+    @Override
+    public void postInit(KeycloakSessionFactory factory) {
+        logger.info("RedirectUriAuthenticatorFactory: postInit() called");
+    }
+
+    @Override
+    public void close() {
+        logger.info("RedirectUriAuthenticatorFactory: close() called");
+    }
+
+    @Override
+    public String getId() {
+        return PROVIDER_ID;
+    }
+
+    @Override
+    public String getDisplayType() {
+        return "Redirect URI Authenticator";
+    }
+
+    @Override
+    public String getReferenceCategory() {
+        return null; // Optional: Implementieren Sie dies bei Bedarf
+    }
+
+    @Override
+    public boolean isConfigurable() {
+        return false;
+    }
+
+
+    @Override
+    public boolean isUserSetupAllowed() {
+        return false;
+    }
+
+    @Override
+    public List<ProviderConfigProperty> getConfigProperties() {
+        return Collections.emptyList();
+    }
+
+	@Override
+	public String getHelpText() {
+		return "Redirect URI Authenticator";
+	}
+
+	@Override
+	public Requirement[] getRequirementChoices() {
+		return new Requirement[] { Requirement.REQUIRED };
+	}
+}
diff --git a/src/main/resources/META-INF/services/org.keycloak.authentication.AuthenticatorFactory b/src/main/resources/META-INF/services/org.keycloak.authentication.AuthenticatorFactory
new file mode 100644
index 0000000..08ce191
--- /dev/null
+++ b/src/main/resources/META-INF/services/org.keycloak.authentication.AuthenticatorFactory
@@ -0,0 +1 @@
+com.example.keycloak.RedirectUriAuthenticatorFactory
\ No newline at end of file