Merge pull request #11500 from IQSS/679-spi-multidatasource-setup

Parametrized datasource in Keycloak SPI

Author: ofahimIQSS

conf/keycloak/builtin-users-spi/src/main/java/edu/harvard/iq/keycloak/auth/spi/providers/DataverseUserStorageProvider.java

@@ -31,7 +31,10 @@ public class DataverseUserStorageProvider implements
     public DataverseUserStorageProvider(KeycloakSession session, ComponentModel model) {
         this.session = session;
         this.model = model;
-        this.dataverseUserService = new DataverseUserService(session);
+
+        String datasource = model.getConfig().getFirst("datasource");
+        logger.debugf("Using datasource: %s", datasource);
+        this.dataverseUserService = new DataverseUserService(session, datasource);
     }
 
     @Override

conf/keycloak/builtin-users-spi/src/main/java/edu/harvard/iq/keycloak/auth/spi/providers/DataverseUserStorageProviderFactory.java

@@ -3,8 +3,12 @@
 import org.jboss.logging.Logger;
 import org.keycloak.component.ComponentModel;
 import org.keycloak.models.KeycloakSession;
+import org.keycloak.provider.ProviderConfigProperty;
 import org.keycloak.storage.UserStorageProviderFactory;
 
+import java.util.ArrayList;
+import java.util.List;
+
 public class DataverseUserStorageProviderFactory implements UserStorageProviderFactory<DataverseUserStorageProvider> {
 
     public static final String PROVIDER_ID = "dv-builtin-users-authenticator";
@@ -30,4 +34,19 @@ public String getHelpText() {
     public void close() {
         logger.debug("<<<<<< Closing factory");
     }
+
+    @Override
+    public List<ProviderConfigProperty> getConfigProperties() {
+        List<ProviderConfigProperty> configProperties = new ArrayList<>();
+
+        ProviderConfigProperty mySetting = new ProviderConfigProperty();
+        mySetting.setName("datasource");
+        mySetting.setLabel("Datasource");
+        mySetting.setHelpText("This specifies the target datasource used by the SPI.");
+        mySetting.setType(ProviderConfigProperty.STRING_TYPE);
+
+        configProperties.add(mySetting);
+
+        return configProperties;
+    }
 }

conf/keycloak/builtin-users-spi/src/main/java/edu/harvard/iq/keycloak/auth/spi/services/DataverseUserService.java

@@ -17,8 +17,8 @@ public class DataverseUserService {
 
     private final EntityManager em;
 
-    public DataverseUserService(KeycloakSession session) {
-        this.em = session.getProvider(JpaConnectionProvider.class, "user-store").getEntityManager();
+    public DataverseUserService(KeycloakSession session, String datasource) {
+        this.em = session.getProvider(JpaConnectionProvider.class, datasource).getEntityManager();
     }
 
     public DataverseUser getUserById(String id) {

conf/keycloak/builtin-users-spi/src/main/resources/META-INF/persistence.xml

@@ -13,11 +13,26 @@
             <!-- JDBC connection settings -->
             <property name="hibernate.connection.datasource" value="user-store"/>
 
-            <!-- Database connection properties for PostgreSQL -->
-            <property name="hibernate.connection.driver_class" value="org.postgresql.Driver"/>
-            <property name="hibernate.connection.url" value="jdbc:postgresql://postgres:5432/dataverse"/>
-            <property name="hibernate.connection.username" value="${DATAVERSE_DB_USER}"/>
-            <property name="hibernate.connection.password" value="secret"/>
+            <!-- Transaction management settings -->
+            <property name="jakarta.persistence.transactionType" value="JTA"/>
+
+            <!-- Automatically update database schema -->
+            <property name="hibernate.hbm2ddl.auto" value="none"/>
+
+            <!-- Disable SQL logging -->
+            <property name="hibernate.show_sql" value="false"/>
+        </properties>
+    </persistence-unit>
+
+    <persistence-unit name="user-store-qa" transaction-type="JTA">
+        <class>edu.harvard.iq.keycloak.auth.spi.models.DataverseBuiltinUser</class>
+        <class>edu.harvard.iq.keycloak.auth.spi.models.DataverseAuthenticatedUser</class>
+        <properties>
+            <!-- Set the Hibernate dialect for PostgreSQL -->
+            <property name="hibernate.dialect" value="org.hibernate.dialect.PostgreSQLDialect"/>
+
+            <!-- JDBC connection settings -->
+            <property name="hibernate.connection.datasource" value="user-store-qa"/>
 
             <!-- Transaction management settings -->
             <property name="jakarta.persistence.transactionType" value="JTA"/>

conf/keycloak/builtin-users-spi/src/test/java/edu/harvard/iq/keycloak/auth/spi/services/DataverseUserServiceTest.java

@@ -18,6 +18,8 @@
 
 class DataverseUserServiceTest {
 
+    private static final String TEST_USER_STORE = "user-store";
+
     private EntityManager entityManagerMock;
     private DataverseUserService sut;
 
@@ -27,10 +29,10 @@ void setUp() {
         KeycloakSession sessionMock = mock(KeycloakSession.class);
 
         JpaConnectionProvider jpaConnectionProviderMock = mock(JpaConnectionProvider.class);
-        when(sessionMock.getProvider(JpaConnectionProvider.class, "user-store")).thenReturn(jpaConnectionProviderMock);
+        when(sessionMock.getProvider(JpaConnectionProvider.class, TEST_USER_STORE)).thenReturn(jpaConnectionProviderMock);
         when(jpaConnectionProviderMock.getEntityManager()).thenReturn(entityManagerMock);
 
-        sut = new DataverseUserService(sessionMock);
+        sut = new DataverseUserService(sessionMock, TEST_USER_STORE);
     }
 
     @Test

conf/keycloak/setup-spi.sh

@@ -35,7 +35,10 @@ curl -X POST "http://keycloak:8090/admin/realms/test/components" \
     "name": "Dataverse built-in users authentication",
     "providerId": "dv-builtin-users-authenticator",
     "providerType": "org.keycloak.storage.UserStorageProvider",
-    "parentId": null
+    "parentId": null,
+    "config": {
+      "datasource": ["user-store"]
+    }
   }'
 
 echo "Keycloak SPI configured in realm."