msavy/changes.diff

## changes.diff
diff --git a/manager/api/rest-impl/pom.xml b/manager/api/rest-impl/pom.xml
index f45c365a7..48b23591d 100644
--- a/manager/api/rest-impl/pom.xml
+++ b/manager/api/rest-impl/pom.xml
@@ -93,6 +93,11 @@
       <groupId>com.fasterxml.jackson.dataformat</groupId>
       <artifactId>jackson-dataformat-xml</artifactId>
     </dependency>
+    <dependency>
+      <groupId>com.fasterxml.jackson.jaxrs</groupId>
+      <artifactId>jackson-jaxrs-json-provider</artifactId>
+      <version>${version.com.fasterxml.jackson}</version>
+    </dependency>
     <dependency>
       <groupId>javax.enterprise</groupId>
       <artifactId>cdi-api</artifactId>
diff --git a/manager/api/security/pom.xml b/manager/api/security/pom.xml
index 4ba21c68a..e3c06cdea 100644
--- a/manager/api/security/pom.xml
+++ b/manager/api/security/pom.xml
@@ -57,10 +57,10 @@
       <artifactId>keycloak-core</artifactId>
       <scope>provided</scope>
     </dependency>
-    <dependency>
-      <groupId>org.keycloak</groupId>
-      <artifactId>keycloak-admin-client</artifactId>
-      <version>${version.org.keycloak}</version>
-    </dependency>
+<!--    <dependency>-->
+<!--      <groupId>org.keycloak</groupId>-->
+<!--      <artifactId>keycloak-admin-client</artifactId>-->
+<!--      <version>${version.org.keycloak}</version>-->
+<!--    </dependency>-->
   </dependencies>
 </project>
diff --git a/manager/api/security/src/main/java/io/apiman/manager/api/security/impl/KeycloakAdminClient.java b/manager/api/security/src/main/java/io/apiman/manager/api/security/impl/KeycloakAdminClient.java
index 8845e6c3d..294346b2b 100644
--- a/manager/api/security/src/main/java/io/apiman/manager/api/security/impl/KeycloakAdminClient.java
+++ b/manager/api/security/src/main/java/io/apiman/manager/api/security/impl/KeycloakAdminClient.java
@@ -1,74 +1,74 @@
-package io.apiman.manager.api.security.impl;
-
-import io.apiman.manager.api.beans.idm.UserDto;
-
-import java.util.List;
-import java.util.Set;
-import java.util.stream.Collectors;
-
-import org.keycloak.adapters.KeycloakDeployment;
-import org.keycloak.admin.client.Keycloak;
-import org.keycloak.representations.idm.UserRepresentation;
-
-/**
- * @author Marc Savy {@literal <marc@blackparrotlabs.io>}
- */
-public class KeycloakAdminClient {
-
-    public static final String APIMAN_CLIENT = "apiman";
-    private final KeycloakDeployment keycloakDeployment;
-
-    public KeycloakAdminClient(KeycloakDeployment keycloakDeployment) {
-        this.keycloakDeployment = keycloakDeployment;
-    }
-
-    /**
-     * Please be careful when using this not to ask for roles that may have a massive number of users.
-     * <p>
-     * If that is required, then a paginated approach may be necessary.
-     * <p>
-     * Ensure that the APIMAN_CLIENT has 'service accounts enabled' set to true. This allows Apiman to speak to Keycloak
-     * using the client name + secret to interact with the Keycloak API.
-     * <p>
-     * Ignores users who are not enabled.
-     *
-     * @param roleName the name of the role.
-     * @return the user IDs of users for a given role.
-     */
-    public List<UserDto> getUsersForRole(String roleName) {
-        Keycloak client = getClient();
-        Set<UserRepresentation> users = client.realm(keycloakDeployment.getRealm())
-                                              .clients().get(APIMAN_CLIENT)
-                                              .roles().get(roleName)
-                                              .getRoleUserMembers();
-        return users.stream()
-                    .filter(UserRepresentation::isEnabled)
-                    // .filter(UserRepresentation::isEmailVerified)
-                    .map(this::toUserBean)
-                    .collect(Collectors.toList());
-    }
-
-    private UserDto toUserBean(UserRepresentation userRepresentation) {
-        return new UserDto()
-             .setId(userRepresentation.getId())
-             .setUsername(userRepresentation.getUsername())
-             .setEmail(userRepresentation.getEmail())
-             .setFullName(userRepresentation.getFirstName() + " " + userRepresentation.getLastName());
-    }
-
-    private Keycloak getClient() {
-        String secret = (String) keycloakDeployment.getResourceCredentials().get("secret");
-
-        if (secret == null) {
-            throw new IllegalArgumentException("No client secret defined in Keycloak config");
-        }
-
-        return Keycloak.getInstance(
-             keycloakDeployment.getAuthServerBaseUrl(),
-             keycloakDeployment.getRealm(),
-             APIMAN_CLIENT, // TODO can I get this from the deployment somehow?
-             secret,
-             APIMAN_CLIENT
-        );
-    }
-}
+// package io.apiman.manager.api.security.impl;
+//
+// import io.apiman.manager.api.beans.idm.UserDto;
+//
+// import java.util.List;
+// import java.util.Set;
+// import java.util.stream.Collectors;
+//
+// import org.keycloak.adapters.KeycloakDeployment;
+// import org.keycloak.admin.client.Keycloak;
+// import org.keycloak.representations.idm.UserRepresentation;
+//
+// /**
+//  * @author Marc Savy {@literal <marc@blackparrotlabs.io>}
+//  */
+// public class KeycloakAdminClient {
+//
+//     public static final String APIMAN_CLIENT = "apiman";
+//     private final KeycloakDeployment keycloakDeployment;
+//
+//     public KeycloakAdminClient(KeycloakDeployment keycloakDeployment) {
+//         this.keycloakDeployment = keycloakDeployment;
+//     }
+//
+//     /**
+//      * Please be careful when using this not to ask for roles that may have a massive number of users.
+//      * <p>
+//      * If that is required, then a paginated approach may be necessary.
+//      * <p>
+//      * Ensure that the APIMAN_CLIENT has 'service accounts enabled' set to true. This allows Apiman to speak to Keycloak
+//      * using the client name + secret to interact with the Keycloak API.
+//      * <p>
+//      * Ignores users who are not enabled.
+//      *
+//      * @param roleName the name of the role.
+//      * @return the user IDs of users for a given role.
+//      */
+//     public List<UserDto> getUsersForRole(String roleName) {
+//         Keycloak client = getClient();
+//         Set<UserRepresentation> users = client.realm(keycloakDeployment.getRealm())
+//                                               .clients().get(APIMAN_CLIENT)
+//                                               .roles().get(roleName)
+//                                               .getRoleUserMembers();
+//         return users.stream()
+//                     .filter(UserRepresentation::isEnabled)
+//                     // .filter(UserRepresentation::isEmailVerified)
+//                     .map(this::toUserBean)
+//                     .collect(Collectors.toList());
+//     }
+//
+//     private UserDto toUserBean(UserRepresentation userRepresentation) {
+//         return new UserDto()
+//              .setId(userRepresentation.getId())
+//              .setUsername(userRepresentation.getUsername())
+//              .setEmail(userRepresentation.getEmail())
+//              .setFullName(userRepresentation.getFirstName() + " " + userRepresentation.getLastName());
+//     }
+//
+//     private Keycloak getClient() {
+//         String secret = (String) keycloakDeployment.getResourceCredentials().get("secret");
+//
+//         if (secret == null) {
+//             throw new IllegalArgumentException("No client secret defined in Keycloak config");
+//         }
+//
+//         return Keycloak.getInstance(
+//              keycloakDeployment.getAuthServerBaseUrl(),
+//              keycloakDeployment.getRealm(),
+//              APIMAN_CLIENT, // TODO can I get this from the deployment somehow?
+//              secret,
+//              APIMAN_CLIENT
+//         );
+//     }
+// }
diff --git a/manager/api/security/src/main/java/io/apiman/manager/api/security/impl/KeycloakSecurityContext.java b/manager/api/security/src/main/java/io/apiman/manager/api/security/impl/KeycloakSecurityContext.java
index 2d6628cef..03393d055 100644
--- a/manager/api/security/src/main/java/io/apiman/manager/api/security/impl/KeycloakSecurityContext.java
+++ b/manager/api/security/src/main/java/io/apiman/manager/api/security/impl/KeycloakSecurityContext.java
@@ -19,6 +19,7 @@ import io.apiman.common.logging.ApimanLoggerFactory;
 import io.apiman.common.logging.IApimanLogger;
 import io.apiman.manager.api.beans.idm.UserDto;

+import java.util.Collections;
 import java.util.List;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
@@ -36,7 +37,7 @@ import org.keycloak.adapters.RefreshableKeycloakSecurityContext;
 @ApplicationScoped @Alternative
 public class KeycloakSecurityContext extends AbstractSecurityContext {
     private static final IApimanLogger LOGGER = ApimanLoggerFactory.getLogger(KeycloakSecurityContext.class);
-    private volatile KeycloakAdminClient keycloakAdminClient;
+    // private volatile KeycloakAdminClient keycloakAdminClient;

     /**
      * Constructor.
@@ -82,9 +83,10 @@ public class KeycloakSecurityContext extends AbstractSecurityContext {

     @Override
     public List<UserDto> getRemoteUsersWithRole(String roleName) {
-        List<UserDto> keycloakUsersWithRole = getKeycloakAdminClient().getUsersForRole(roleName);
-        LOGGER.debug("Keycloak users for role {0} (using same realm as configured): {2}", roleName, keycloakUsersWithRole);
-        return keycloakUsersWithRole;
+        // List<UserDto> keycloakUsersWithRole = getKeycloakAdminClient().getUsersForRole(roleName);
+        // LOGGER.debug("Keycloak users for role {0} (using same realm as configured): {2}", roleName, keycloakUsersWithRole);
+        // return keycloakUsersWithRole;
+        return Collections.emptyList();
     }

     /**
@@ -100,15 +102,15 @@ public class KeycloakSecurityContext extends AbstractSecurityContext {
                      .collect(Collectors.toUnmodifiableList());
     }

-    private KeycloakAdminClient getKeycloakAdminClient() {
-        if (keycloakAdminClient == null) {
-            synchronized (this) {
-                HttpServletRequest request = servletRequest.get();
-                RefreshableKeycloakSecurityContext session = (RefreshableKeycloakSecurityContext) request.getAttribute(org.keycloak.KeycloakSecurityContext.class.getName());
-                keycloakAdminClient = new KeycloakAdminClient(session.getDeployment());
-                return keycloakAdminClient;
-            }
-        }
-        return keycloakAdminClient;
-    }
+    // private KeycloakAdminClient getKeycloakAdminClient() {
+    //     if (keycloakAdminClient == null) {
+    //         synchronized (this) {
+    //             HttpServletRequest request = servletRequest.get();
+    //             RefreshableKeycloakSecurityContext session = (RefreshableKeycloakSecurityContext) request.getAttribute(org.keycloak.KeycloakSecurityContext.class.getName());
+    //             keycloakAdminClient = new KeycloakAdminClient(session.getDeployment());
+    //             return keycloakAdminClient;
+    //         }
+    //     }
+    //     return keycloakAdminClient;
+    // }
 }
	diff --git a/manager/api/rest-impl/pom.xml b/manager/api/rest-impl/pom.xml
	index f45c365a7..48b23591d 100644
	--- a/manager/api/rest-impl/pom.xml
	+++ b/manager/api/rest-impl/pom.xml
	@@ -93,6 +93,11 @@
	<groupId>com.fasterxml.jackson.dataformat</groupId>
	<artifactId>jackson-dataformat-xml</artifactId>
	</dependency>
	+ <dependency>
	+ <groupId>com.fasterxml.jackson.jaxrs</groupId>
	+ <artifactId>jackson-jaxrs-json-provider</artifactId>
	+ <version>${version.com.fasterxml.jackson}</version>
	+ </dependency>
	<dependency>
	<groupId>javax.enterprise</groupId>
	<artifactId>cdi-api</artifactId>
	diff --git a/manager/api/security/pom.xml b/manager/api/security/pom.xml
	index 4ba21c68a..e3c06cdea 100644
	--- a/manager/api/security/pom.xml
	+++ b/manager/api/security/pom.xml
	@@ -57,10 +57,10 @@
	<artifactId>keycloak-core</artifactId>
	<scope>provided</scope>
	</dependency>
	- <dependency>
	- <groupId>org.keycloak</groupId>
	- <artifactId>keycloak-admin-client</artifactId>
	- <version>${version.org.keycloak}</version>
	- </dependency>
	+<!-- <dependency>-->
	+<!-- <groupId>org.keycloak</groupId>-->
	+<!-- <artifactId>keycloak-admin-client</artifactId>-->
	+<!-- <version>${version.org.keycloak}</version>-->
	+<!-- </dependency>-->
	</dependencies>
	</project>
	diff --git a/manager/api/security/src/main/java/io/apiman/manager/api/security/impl/KeycloakAdminClient.java b/manager/api/security/src/main/java/io/apiman/manager/api/security/impl/KeycloakAdminClient.java
	index 8845e6c3d..294346b2b 100644
	--- a/manager/api/security/src/main/java/io/apiman/manager/api/security/impl/KeycloakAdminClient.java
	+++ b/manager/api/security/src/main/java/io/apiman/manager/api/security/impl/KeycloakAdminClient.java
	@@ -1,74 +1,74 @@
	-package io.apiman.manager.api.security.impl;
	-
	-import io.apiman.manager.api.beans.idm.UserDto;
	-
	-import java.util.List;
	-import java.util.Set;
	-import java.util.stream.Collectors;
	-
	-import org.keycloak.adapters.KeycloakDeployment;
	-import org.keycloak.admin.client.Keycloak;
	-import org.keycloak.representations.idm.UserRepresentation;
	-
	-/**
	- * @author Marc Savy {@literal <marc@blackparrotlabs.io>}
	- */
	-public class KeycloakAdminClient {
	-
	- public static final String APIMAN_CLIENT = "apiman";
	- private final KeycloakDeployment keycloakDeployment;
	-
	- public KeycloakAdminClient(KeycloakDeployment keycloakDeployment) {
	- this.keycloakDeployment = keycloakDeployment;
	- }
	-
	- /**
	- * Please be careful when using this not to ask for roles that may have a massive number of users.
	- * <p>
	- * If that is required, then a paginated approach may be necessary.
	- * <p>
	- * Ensure that the APIMAN_CLIENT has 'service accounts enabled' set to true. This allows Apiman to speak to Keycloak
	- * using the client name + secret to interact with the Keycloak API.
	- * <p>
	- * Ignores users who are not enabled.
	- *
	- * @param roleName the name of the role.
	- * @return the user IDs of users for a given role.
	- */
	- public List<UserDto> getUsersForRole(String roleName) {
	- Keycloak client = getClient();
	- Set<UserRepresentation> users = client.realm(keycloakDeployment.getRealm())
	- .clients().get(APIMAN_CLIENT)
	- .roles().get(roleName)
	- .getRoleUserMembers();
	- return users.stream()
	- .filter(UserRepresentation::isEnabled)
	- // .filter(UserRepresentation::isEmailVerified)
	- .map(this::toUserBean)
	- .collect(Collectors.toList());
	- }
	-
	- private UserDto toUserBean(UserRepresentation userRepresentation) {
	- return new UserDto()
	- .setId(userRepresentation.getId())
	- .setUsername(userRepresentation.getUsername())
	- .setEmail(userRepresentation.getEmail())
	- .setFullName(userRepresentation.getFirstName() + " " + userRepresentation.getLastName());
	- }
	-
	- private Keycloak getClient() {
	- String secret = (String) keycloakDeployment.getResourceCredentials().get("secret");
	-
	- if (secret == null) {
	- throw new IllegalArgumentException("No client secret defined in Keycloak config");
	- }
	-
	- return Keycloak.getInstance(
	- keycloakDeployment.getAuthServerBaseUrl(),
	- keycloakDeployment.getRealm(),
	- APIMAN_CLIENT, // TODO can I get this from the deployment somehow?
	- secret,
	- APIMAN_CLIENT
	- );
	- }
	-}
	+// package io.apiman.manager.api.security.impl;
	+//
	+// import io.apiman.manager.api.beans.idm.UserDto;
	+//
	+// import java.util.List;
	+// import java.util.Set;
	+// import java.util.stream.Collectors;
	+//
	+// import org.keycloak.adapters.KeycloakDeployment;
	+// import org.keycloak.admin.client.Keycloak;
	+// import org.keycloak.representations.idm.UserRepresentation;
	+//
	+// /**
	+// * @author Marc Savy {@literal <marc@blackparrotlabs.io>}
	+// */
	+// public class KeycloakAdminClient {
	+//
	+// public static final String APIMAN_CLIENT = "apiman";
	+// private final KeycloakDeployment keycloakDeployment;
	+//
	+// public KeycloakAdminClient(KeycloakDeployment keycloakDeployment) {
	+// this.keycloakDeployment = keycloakDeployment;
	+// }
	+//
	+// /**
	+// * Please be careful when using this not to ask for roles that may have a massive number of users.
	+// * <p>
	+// * If that is required, then a paginated approach may be necessary.
	+// * <p>
	+// * Ensure that the APIMAN_CLIENT has 'service accounts enabled' set to true. This allows Apiman to speak to Keycloak
	+// * using the client name + secret to interact with the Keycloak API.
	+// * <p>
	+// * Ignores users who are not enabled.
	+// *
	+// * @param roleName the name of the role.
	+// * @return the user IDs of users for a given role.
	+// */
	+// public List<UserDto> getUsersForRole(String roleName) {
	+// Keycloak client = getClient();
	+// Set<UserRepresentation> users = client.realm(keycloakDeployment.getRealm())
	+// .clients().get(APIMAN_CLIENT)
	+// .roles().get(roleName)
	+// .getRoleUserMembers();
	+// return users.stream()
	+// .filter(UserRepresentation::isEnabled)
	+// // .filter(UserRepresentation::isEmailVerified)
	+// .map(this::toUserBean)
	+// .collect(Collectors.toList());
	+// }
	+//
	+// private UserDto toUserBean(UserRepresentation userRepresentation) {
	+// return new UserDto()
	+// .setId(userRepresentation.getId())
	+// .setUsername(userRepresentation.getUsername())
	+// .setEmail(userRepresentation.getEmail())
	+// .setFullName(userRepresentation.getFirstName() + " " + userRepresentation.getLastName());
	+// }
	+//
	+// private Keycloak getClient() {
	+// String secret = (String) keycloakDeployment.getResourceCredentials().get("secret");
	+//
	+// if (secret == null) {
	+// throw new IllegalArgumentException("No client secret defined in Keycloak config");
	+// }
	+//
	+// return Keycloak.getInstance(
	+// keycloakDeployment.getAuthServerBaseUrl(),
	+// keycloakDeployment.getRealm(),
	+// APIMAN_CLIENT, // TODO can I get this from the deployment somehow?
	+// secret,
	+// APIMAN_CLIENT
	+// );
	+// }
	+// }
	diff --git a/manager/api/security/src/main/java/io/apiman/manager/api/security/impl/KeycloakSecurityContext.java b/manager/api/security/src/main/java/io/apiman/manager/api/security/impl/KeycloakSecurityContext.java
	index 2d6628cef..03393d055 100644
	--- a/manager/api/security/src/main/java/io/apiman/manager/api/security/impl/KeycloakSecurityContext.java
	+++ b/manager/api/security/src/main/java/io/apiman/manager/api/security/impl/KeycloakSecurityContext.java
	@@ -19,6 +19,7 @@ import io.apiman.common.logging.ApimanLoggerFactory;
	import io.apiman.common.logging.IApimanLogger;
	import io.apiman.manager.api.beans.idm.UserDto;

	+import java.util.Collections;
	import java.util.List;
	import java.util.stream.Collectors;
	import java.util.stream.Stream;
	@@ -36,7 +37,7 @@ import org.keycloak.adapters.RefreshableKeycloakSecurityContext;
	@ApplicationScoped @Alternative
	public class KeycloakSecurityContext extends AbstractSecurityContext {
	private static final IApimanLogger LOGGER = ApimanLoggerFactory.getLogger(KeycloakSecurityContext.class);
	- private volatile KeycloakAdminClient keycloakAdminClient;
	+ // private volatile KeycloakAdminClient keycloakAdminClient;

	/**
	* Constructor.
	@@ -82,9 +83,10 @@ public class KeycloakSecurityContext extends AbstractSecurityContext {

	@Override
	public List<UserDto> getRemoteUsersWithRole(String roleName) {
	- List<UserDto> keycloakUsersWithRole = getKeycloakAdminClient().getUsersForRole(roleName);
	- LOGGER.debug("Keycloak users for role {0} (using same realm as configured): {2}", roleName, keycloakUsersWithRole);
	- return keycloakUsersWithRole;
	+ // List<UserDto> keycloakUsersWithRole = getKeycloakAdminClient().getUsersForRole(roleName);
	+ // LOGGER.debug("Keycloak users for role {0} (using same realm as configured): {2}", roleName, keycloakUsersWithRole);
	+ // return keycloakUsersWithRole;
	+ return Collections.emptyList();
	}

	/**
	@@ -100,15 +102,15 @@ public class KeycloakSecurityContext extends AbstractSecurityContext {
	.collect(Collectors.toUnmodifiableList());
	}

	- private KeycloakAdminClient getKeycloakAdminClient() {
	- if (keycloakAdminClient == null) {
	- synchronized (this) {
	- HttpServletRequest request = servletRequest.get();
	- RefreshableKeycloakSecurityContext session = (RefreshableKeycloakSecurityContext) request.getAttribute(org.keycloak.KeycloakSecurityContext.class.getName());
	- keycloakAdminClient = new KeycloakAdminClient(session.getDeployment());
	- return keycloakAdminClient;
	- }
	- }
	- return keycloakAdminClient;
	- }
	+ // private KeycloakAdminClient getKeycloakAdminClient() {
	+ // if (keycloakAdminClient == null) {
	+ // synchronized (this) {
	+ // HttpServletRequest request = servletRequest.get();
	+ // RefreshableKeycloakSecurityContext session = (RefreshableKeycloakSecurityContext) request.getAttribute(org.keycloak.KeycloakSecurityContext.class.getName());
	+ // keycloakAdminClient = new KeycloakAdminClient(session.getDeployment());
	+ // return keycloakAdminClient;
	+ // }
	+ // }
	+ // return keycloakAdminClient;
	+ // }
	}