Solvro
diff --git a/‎.github/workflows/ci.yaml‎
Lines changed: 50 additions & 0 deletions b/‎.github/workflows/ci.yaml‎
Lines changed: 50 additions & 0 deletions
diff --git a/‎.gitignore‎
Lines changed: 4 additions & 1 deletion b/‎.gitignore‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎Dockerfile‎
Lines changed: 5 additions & 0 deletions b/‎Dockerfile‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎USOS_SETUP_GUIDE.md‎
Lines changed: 164 additions & 0 deletions b/‎USOS_SETUP_GUIDE.md‎
Lines changed: 164 additions & 0 deletions
diff --git a/‎keycloak-usos-provider/checkstyle.xml‎
Lines changed: 104 additions & 0 deletions b/‎keycloak-usos-provider/checkstyle.xml‎
Lines changed: 104 additions & 0 deletions
@@ -19,3 +19,53 @@ jobs:
         run: npm ci
 
       - run: npm run build-keycloak-theme
+
+  java-build-and-test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up JDK 17
+        uses: actions/setup-java@v4
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+
+      - name: Cache Maven packages
+        uses: actions/cache@v4
+        with:
+          path: ~/.m2
+          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+          restore-keys: ${{ runner.os }}-m2
+
+      - name: Build and test USOS provider
+        working-directory: keycloak-usos-provider
+        run: |
+          echo "Building USOS OAuth 1.0a provider..."
+          mvn clean compile
+          echo "Running comprehensive tests..."
+          mvn test
+          echo "Running static analysis..."
+          mvn checkstyle:check
+          mvn spotbugs:check
+          mvn pmd:check
+          echo "Building final JAR..."
+          mvn package
+
+      - name: Upload test results
+        uses: actions/upload-artifact@v4
+        if: always()
+        with:
+          name: java-test-results
+          path: |
+            keycloak-usos-provider/target/surefire-reports/
+            keycloak-usos-provider/target/checkstyle-result.xml
+            keycloak-usos-provider/target/spotbugsXml.xml
+            keycloak-usos-provider/target/pmd.xml
+
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@v4
+        if: always()
+        with:
+          file: keycloak-usos-provider/target/site/jacoco/jacoco.xml
+          flags: java
@@ -56,4 +56,7 @@ jspm_packages
 /build
 /storybook-static
 
-.keycloaklify/*
+.keycloaklify/*
+
+# Maven build artifacts
+keycloak-usos-provider/target/
@@ -5,9 +5,14 @@ COPY . .
 RUN npm ci
 RUN npm run build-keycloak-theme
 
+# Build the custom USOS OAuth 1.0a provider
+WORKDIR /app/keycloak-usos-provider
+RUN mvn clean package
+
 FROM quay.io/keycloak/keycloak:26.1.2
 WORKDIR /opt/keycloak
 COPY --from=build /app/dist_keycloak/keycloak-theme-for-kc-all-other-versions.jar /opt/keycloak/providers/
+COPY --from=build /app/keycloak-usos-provider/target/keycloak-usos-provider-1.0.0.jar /opt/keycloak/providers/
 
 RUN /opt/keycloak/bin/kc.sh build --db=postgres --health-enabled=true --features=docker
 
 
@@ -0,0 +1,164 @@
+# USOS OAuth 1.0a Provider Setup Guide
+
+This guide explains how to configure the custom USOS OAuth 1.0a identity provider in Keycloak.
+
+## Overview
+
+The USOS provider enables students to login using their university USOS accounts via OAuth 1.0a protocol. This custom provider has been integrated into the Keycloak Docker image and supports the full OAuth 1.0a flow required by USOS API.
+
+## Prerequisites
+
+1. Access to a USOS system (e.g., usosweb.example.edu.pl)
+2. USOS OAuth application credentials (consumer key and secret)
+3. Running Keycloak instance with the custom provider
+
+## Configuration Steps
+
+### 1. Register USOS OAuth Application
+
+First, you need to register your application in the USOS system:
+
+1. Contact your USOS administrator or go to the USOS developer portal
+2. Register a new OAuth application
+3. Set the callback URL to: `https://your-keycloak-domain/auth/realms/{realm-name}/broker/usos/endpoint`
+4. Note down the Consumer Key and Consumer Secret
+
+### 2. Configure USOS Identity Provider in Keycloak
+
+1. Login to Keycloak Admin Console
+2. Select your realm
+3. Go to Identity Providers
+4. Click "Add provider..." and select "USOS"
+5. Configure the following settings:
+
+#### Required Configuration:
+
+- **Alias**: `usos` (or any unique identifier)
+- **Display Name**: `USOS` (displayed on login screen)
+- **Consumer Key**: Your USOS OAuth Consumer Key
+- **Consumer Secret**: Your USOS OAuth Consumer Secret
+- **USOS Base URL**: Base URL of your USOS instance (e.g., `https://usosweb.example.edu.pl`)
+
+#### Optional Configuration:
+
+- **First Login Flow**: Choose how new users are handled
+- **Sync Mode**: How user data is synchronized
+- **Store Token**: Whether to store OAuth tokens
+- **Trust Email**: Whether to trust email from USOS
+
+### 3. Advanced Configuration (Optional)
+
+If your USOS installation uses non-standard endpoints, you can override them:
+
+- **Request Token URL**: Custom request token endpoint
+- **Authorization URL**: Custom authorization endpoint
+- **Access Token URL**: Custom access token endpoint
+- **User Info URL**: Custom user info endpoint
+
+### 4. User Attribute Mapping
+
+The provider automatically maps these USOS user attributes:
+
+- `id` → Keycloak username
+- `first_name` → First name
+- `last_name` → Last name
+- `email` → Email address
+- `student_number` → Custom attribute
+- `student_status` → Custom attribute
+- `staff_status` → Custom attribute
+
+You can configure additional attribute mappings in the provider settings.
+
+## Testing the Integration
+
+1. Go to your Keycloak login page
+2. You should see a "USOS" button among social providers
+3. Click the USOS button
+4. You'll be redirected to USOS for authentication
+5. After successful login, you'll be redirected back to Keycloak
+
+## Troubleshooting
+
+### Common Issues:
+
+**"Request token not found in session"**
+
+- Check that your callback URL is correctly configured
+- Ensure cookies are enabled in the browser
+
+**"Failed to retrieve request token"**
+
+- Verify Consumer Key and Consumer Secret
+- Check USOS Base URL is correct
+- Ensure USOS system is accessible from Keycloak
+
+**"Authentication failed"**
+
+- Check Keycloak logs for detailed error messages
+- Verify USOS user info endpoint is responding correctly
+
+### Debug Configuration:
+
+Enable debug logging in Keycloak by adding this to your configuration:
+
+```
+--log-level=DEBUG --log-console-color=true
+```
+
+Look for log entries from `pl.edu.solvro.keycloak.usos` package.
+
+## USOS API Endpoints
+
+The provider uses these standard USOS API endpoints:
+
+- Request Token: `/services/oauth/request_token`
+- Authorization: `/services/oauth/authorize`
+- Access Token: `/services/oauth/access_token`
+- User Info: `/services/users/user?format=json`
+
+## Security Considerations
+
+1. Always use HTTPS in production
+2. Keep Consumer Secret secure
+3. Regularly rotate OAuth credentials
+4. Monitor authentication logs
+5. Set up proper CORS policies
+
+## Example Docker Compose
+
+```yaml
+version: "3.8"
+services:
+  keycloak:
+    build: .
+    environment:
+      - KC_DB=postgres
+      - KC_DB_URL=jdbc:postgresql://postgres:5432/keycloak
+      - KC_DB_USERNAME=keycloak
+      - KC_DB_PASSWORD=password
+      - KC_HOSTNAME=localhost
+      - KEYCLOAK_ADMIN=admin
+      - KEYCLOAK_ADMIN_PASSWORD=admin
+    ports:
+      - "8080:8080"
+    depends_on:
+      - postgres
+
+  postgres:
+    image: postgres:15
+    environment:
+      - POSTGRES_DB=keycloak
+      - POSTGRES_USER=keycloak
+      - POSTGRES_PASSWORD=password
+```
+
+## Support
+
+For issues specific to this USOS provider, please check:
+
+1. Keycloak server logs
+2. USOS system availability
+3. Network connectivity between Keycloak and USOS
+4. OAuth credential validity
+
+For USOS-specific questions, consult your USOS administrator or the USOS API documentation at https://apps.usos.edu.pl/developers/api/
@@ -0,0 +1,104 @@
+<?xml version="1.0"?>
+<!DOCTYPE module PUBLIC
+        "-//Checkstyle//DTD Checkstyle Configuration 1.3//EN"
+        "https://checkstyle.org/dtds/configuration_1_3.dtd">
+
+<module name="Checker">
+    <property name="severity" value="warning"/>
+    <property name="fileExtensions" value="java, properties, xml"/>
+
+    <!-- Checks for whitespace -->
+    <module name="FileTabCharacter">
+        <property name="eachLine" value="true"/>
+    </module>
+
+    <!-- Checks for Size Violations. -->
+    <module name="LineLength">
+        <property name="max" value="120"/>
+    </module>
+
+    <module name="TreeWalker">
+        <!-- Checks for Naming Conventions. -->
+        <module name="ConstantName">
+            <property name="severity" value="ignore"/>
+        </module>
+        <module name="LocalFinalVariableName"/>
+        <module name="LocalVariableName"/>
+        <module name="MemberName"/>
+        <module name="MethodName">
+            <property name="severity" value="ignore"/>
+        </module>
+        <module name="PackageName"/>
+        <module name="ParameterName"/>
+        <module name="StaticVariableName"/>
+        <module name="TypeName"/>
+
+        <!-- Checks for imports -->
+        <module name="AvoidStarImport"/>
+        <module name="IllegalImport"/> <!-- defaults to sun.* packages -->
+        <module name="RedundantImport"/>
+        <module name="UnusedImports"/>
+
+        <!-- Checks for Size Violations. -->
+        <module name="MethodLength">
+            <property name="max" value="100"/>
+        </module>
+        <module name="ParameterNumber">
+            <property name="max" value="8"/>
+        </module>
+
+        <!-- Checks for whitespace -->
+        <module name="EmptyForIteratorPad"/>
+        <module name="GenericWhitespace"/>
+        <module name="MethodParamPad"/>
+        <module name="NoWhitespaceAfter"/>
+        <module name="NoWhitespaceBefore"/>
+        <module name="OperatorWrap"/>
+        <module name="ParenPad"/>
+        <module name="TypecastParenPad"/>
+        <module name="WhitespaceAfter"/>
+        <module name="WhitespaceAround"/>
+
+        <!-- Modifier Checks -->
+        <module name="ModifierOrder"/>
+        <module name="RedundantModifier"/>
+
+        <!-- Checks for blocks. -->
+        <module name="AvoidNestedBlocks"/>
+        <module name="EmptyBlock"/>
+        <module name="LeftCurly"/>
+        <module name="NeedBraces"/>
+        <module name="RightCurly"/>
+
+        <!-- Checks for common coding problems -->
+        <module name="EmptyStatement"/>
+        <module name="EqualsHashCode"/>
+        <module name="HiddenField">
+            <property name="ignoreSetter" value="true"/>
+            <property name="ignoreConstructorParameter" value="true"/>
+        </module>
+        <module name="IllegalInstantiation"/>
+        <module name="InnerAssignment"/>
+        <module name="MissingSwitchDefault"/>
+        <module name="SimplifyBooleanExpression"/>
+        <module name="SimplifyBooleanReturn"/>
+
+        <!-- Checks for class design -->
+        <module name="DesignForExtension">
+            <property name="severity" value="ignore"/>
+        </module>
+        <module name="FinalClass"/>
+        <module name="HideUtilityClassConstructor"/>
+        <module name="InterfaceIsType"/>
+        <module name="VisibilityModifier">
+            <property name="protectedAllowed" value="true"/>
+        </module>
+
+        <!-- Miscellaneous other checks. -->
+        <module name="ArrayTypeStyle"/>
+        <module name="TodoComment">
+            <property name="severity" value="info"/>
+        </module>
+        <module name="UpperEll"/>
+    </module>
+</module>