External-Mirrors/keycloak
2
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-10 15:32:05 -03:30
Code Issues Packages Projects Releases Wiki Activity

fix: ensure the https truststore type transforms correctly (#37971) (#38022)

Browse Source 
closes: #37944

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
(cherry picked from commit 47a750dd05fe96ab4af11e4acdeb32aeff26d37f)
This commit is contained in:
Steven Hawkins 2025-03-11 13:07:01 -04:00 committed by GitHub
parent 8f37774f5a
commit d573b407b7
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/configuration/mappers/HttpPropertyMappers.java
View File

@ -28,7 +28,7 @@ public final class HttpPropertyMappers {
private static final String QUARKUS_HTTPS_CERT_KEY_FILES = "quarkus.http.ssl.certificate.key-files";
private static final String QUARKUS_HTTPS_KEY_STORE_FILE = "quarkus.http.ssl.certificate.key-store-file";
private static final String QUARKUS_HTTPS_TRUST_STORE_FILE = "quarkus.http.ssl.certificate.trust-store-file";
private static final String QUARKUS_HTTPS_TRUST_STORE_FILE_TYPE = "quarkus.http.ssl.certificate.trust-store-file-type";
public static final String QUARKUS_HTTPS_TRUST_STORE_FILE_TYPE = "quarkus.http.ssl.certificate.trust-store-file-type";
private static final String QUARKUS_HTTPS_KEY_STORE_FILE_TYPE = "quarkus.http.ssl.certificate.key-store-file-type";
private HttpPropertyMappers(){}
@ -115,7 +115,6 @@ public final class HttpPropertyMappers {
fromOption(HttpOptions.HTTPS_TRUST_STORE_TYPE)
.mapFrom(SecurityOptions.FIPS_MODE, HttpPropertyMappers::resolveKeyStoreType)
.to(QUARKUS_HTTPS_TRUST_STORE_FILE_TYPE)
.transformer(HttpPropertyMappers::resolveKeyStoreType)
.paramLabel("type")
.build(),
fromOption(HttpOptions.HTTP_MAX_QUEUED_REQUESTS)

11
quarkus/runtime/src/test/java/org/keycloak/quarkus/runtime/configuration/test/ConfigurationTest.java
View File

@ -46,7 +46,7 @@ import org.junit.Test;
import org.keycloak.Config;
import org.keycloak.config.CachingOptions;
import org.keycloak.quarkus.runtime.configuration.ConfigArgsConfigSource;
import org.keycloak.quarkus.runtime.configuration.mappers.HttpPropertyMappers;
import org.keycloak.quarkus.runtime.Environment;
import org.keycloak.quarkus.runtime.vault.FilesKeystoreVaultProviderFactory;
import org.keycloak.quarkus.runtime.vault.FilesPlainTextVaultProviderFactory;
@ -513,6 +513,15 @@ public class ConfigurationTest extends AbstractConfigurationTest {
assertEquals(expected, createConfig().getConfigValue("quarkus.http.ssl.certificate.files").getValue());
}
@Test
public void testHttpTrustStoreType() {
ConfigArgsConfigSource.setCliArgs("--fips-mode=strict");
assertEquals("BCFKS", createConfig().getConfigValue(HttpPropertyMappers.QUARKUS_HTTPS_TRUST_STORE_FILE_TYPE).getValue());
ConfigArgsConfigSource.setCliArgs("--https-trust-store-type=jks");
assertEquals("jks", createConfig().getConfigValue(HttpPropertyMappers.QUARKUS_HTTPS_TRUST_STORE_FILE_TYPE).getValue());
}
@Test
public void testCacheMaxCount() {
int maxCount = 500;