feat: support user migration from Keycloak using syncer (#645)

* feat: support user migration from Keycloak using syncer

Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>

* feat: add more Keycloak columns

Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>

* fix: requested changes

Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>

object/syncer_user.go

@@ -25,6 +25,11 @@ import (
 
 type OriginalUser = User
 
+type Credential struct {
+	Value string `json:"value"`
+	Salt  string `json:"salt"`
+}
+
 func (syncer *Syncer) getOriginalUsers() ([]*OriginalUser, error) {
 	sql := fmt.Sprintf("select * from %s", syncer.getTable())
 	results, err := syncer.Adapter.Engine.QueryString(sql)

object/syncer_util.go

@@ -15,9 +15,11 @@
 package object
 
 import (
+	"encoding/json"
 	"fmt"
 	"strconv"
 	"strings"
+	"time"
 
 	"github.com/casdoor/casdoor/util"
 )
@@ -99,12 +101,18 @@ func (syncer *Syncer) setUserByKeyValue(user *User, key string, value string) {
 		user.PasswordSalt = value
 	case "DisplayName":
 		user.DisplayName = value
+	case "FirstName":
+		user.FirstName = value
+	case "LastName":
+		user.LastName = value
 	case "Avatar":
 		user.Avatar = syncer.getPartialAvatarUrl(value)
 	case "PermanentAvatar":
 		user.PermanentAvatar = value
 	case "Email":
 		user.Email = value
+	case "EmailVerified":
+		user.EmailVerified = util.ParseBool(value)
 	case "Phone":
 		user.Phone = value
 	case "Location":
@@ -167,6 +175,32 @@ func (syncer *Syncer) getOriginalUsersFromMap(results []map[string]string) []*Or
 		for _, tableColumn := range syncer.TableColumns {
 			syncer.setUserByKeyValue(originalUser, tableColumn.CasdoorName, result[tableColumn.Name])
 		}
+
+		if syncer.Type == "Keycloak" {
+			// query and set password and password salt from credential table
+			sql := fmt.Sprintf("select * from credential where type = 'password' and user_id = '%s'", originalUser.Id)
+			credentialResult, _ := syncer.Adapter.Engine.QueryString(sql)
+			if len(credentialResult) > 0 {
+				credential := Credential{}
+				_ = json.Unmarshal([]byte(credentialResult[0]["SECRET_DATA"]), &credential)
+				originalUser.Password = credential.Value
+				originalUser.PasswordSalt = credential.Salt
+			}
+			// query and set signup application from user group table
+			sql = fmt.Sprintf("select name from keycloak_group where id = " +
+				"(select group_id as gid from user_group_membership where user_id = '%s')", originalUser.Id)
+			groupResult, _ := syncer.Adapter.Engine.QueryString(sql)
+			if len(groupResult) > 0 {
+				originalUser.SignupApplication = groupResult[0]["name"]
+			}
+			// create time
+			i, _ := strconv.ParseInt(originalUser.CreatedTime, 10, 64)
+			tm := time.Unix(i/int64(1000), 0)
+			originalUser.CreatedTime = tm.Format("2006-01-02T15:04:05+08:00")
+			// enable
+			originalUser.IsForbidden = !(result["ENABLED"] == "\x01")
+		}
+
 		users = append(users, originalUser)
 	}
 	return users

object/user.go

@@ -39,6 +39,7 @@ type User struct {
 	Avatar            string   `xorm:"varchar(500)" json:"avatar"`
 	PermanentAvatar   string   `xorm:"varchar(500)" json:"permanentAvatar"`
 	Email             string   `xorm:"varchar(100) index" json:"email"`
+	EmailVerified     bool     `json:"emailVerified"`
 	Phone             string   `xorm:"varchar(100) index" json:"phone"`
 	Location          string   `xorm:"varchar(100)" json:"location"`
 	Address           []string `json:"address"`