keycloak 24 support due to CookieHelper being deprecated

Author: WickedSilver

Dockerfile

@@ -1,4 +1,4 @@
-FROM quay.io/keycloak/keycloak:22.0.3
+FROM quay.io/keycloak/keycloak:24.0.3
 
 #COPY target/lib/*.jar ./providers/
 COPY spi/target/keycloak-spi-trusted-device-*-SNAPSHOT.jar /opt/keycloak/providers/keycloak-spi-trusted-device.jar

pom.xml

@@ -19,7 +19,7 @@
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     <maven.compiler.source>17</maven.compiler.source>
     <maven.compiler.target>17</maven.compiler.target>
-    <keycloak.version>22.0.3</keycloak.version>
+    <keycloak.version>24.0.3</keycloak.version>
     <lombok.version>1.18.30</lombok.version>
     <reproducible-build-maven-plugin.version>0.16</reproducible-build-maven-plugin.version>
     <maven-compiler-plugin.version>3.11.0</maven-compiler-plugin.version>

spi/src/main/java/nl/wouterh/keycloak/trusteddevice/util/TrustedDeviceToken.java

@@ -1,7 +1,9 @@
 package nl.wouterh.keycloak.trusteddevice.util;
 
+import jakarta.ws.rs.core.NewCookie;
 import jakarta.ws.rs.core.UriBuilder;
-import java.util.Set;
+import jakarta.ws.rs.core.NewCookie.SameSite;
+import jakarta.ws.rs.core.Cookie;
 import lombok.Getter;
 import lombok.NoArgsConstructor;
 import lombok.Setter;
@@ -10,14 +12,12 @@
 import nl.wouterh.keycloak.trusteddevice.credential.TrustedDeviceCredentialProviderFactory;
 import org.keycloak.TokenCategory;
 import org.keycloak.common.ClientConnection;
-import org.keycloak.common.util.ServerCookie;
 import org.keycloak.common.util.Time;
 import org.keycloak.credential.CredentialProvider;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.RealmModel;
 import org.keycloak.models.UserModel;
 import org.keycloak.representations.JsonWebToken;
-import org.keycloak.services.util.CookieHelper;
 
 @Getter
 @Setter
@@ -38,34 +38,31 @@ private static void addCookie(KeycloakSession session, RealmModel realm, String
 
     ClientConnection connection = session.getContext().getConnection();
     boolean secure = realm.getSslRequired().isRequired(connection);
-
-    ServerCookie.SameSiteAttributeValue sameSiteValue =
-        secure ? ServerCookie.SameSiteAttributeValue.NONE : null;
-    CookieHelper.addCookie(
-        COOKIE_NAME,
-        value,
-        path,
-        null,
-        null,
-        maxAge,
-        secure,
-        true,
-        sameSiteValue,
-        session
-    );
+    SameSite sameSiteValue = secure ? SameSite.NONE : null;
+    NewCookie newCookie = new NewCookie.Builder(COOKIE_NAME)
+      .maxAge(maxAge)
+      .value(value)
+      .path(path)
+      .secure(secure)
+      .sameSite(sameSiteValue)
+      .build();
+
+    session.getContext().getHttpResponse().setCookieIfAbsent(newCookie);
   }
 
   public static TrustedDeviceToken getCookie(KeycloakSession session) {
-    Set<String> cookieValues = CookieHelper.getCookieValue(session, COOKIE_NAME);
+    Cookie cookie = session.getContext().getRequestHeaders().getCookies().get(COOKIE_NAME);
     long time = Time.currentTime();
 
-    for (String cookieValue : cookieValues) {
-      TrustedDeviceToken decoded = session.tokens().decode(cookieValue, TrustedDeviceToken.class);
-      if (decoded != null && (decoded.getExp() == null || decoded.getExp() > time)) {
-        return decoded;
-      }
+    if (cookie == null) {
+      return null;
     }
-
+    
+    TrustedDeviceToken decoded = session.tokens().decode(cookie.getValue(), TrustedDeviceToken.class);
+    if (decoded != null && (decoded.getExp() == null || decoded.getExp() > time)) {
+      return decoded;
+    }
+    
     return null;
   }