Correction of argon2variant to string and order of plugin loading for…

README.md

@@ -2,15 +2,14 @@
 This project introduces Argon2 Password Hashing for Keycloak, there are 2 versions:
 * V1.x, which uses `de.mkammerer.argon2` as the library, more can be found on the [GitHub Project](https://github.com/phxql/argon2-jvm). (Compatible with Keycloak V8.x and above)
 * V2.x, which inherits Keycloak's [BouncyCastle V1.62](https://www.bouncycastle.org/releasenotes.html#1.61) with native support for Argon2 (Compatible with Keycloak V10.x and above only)
-
-V1.x is packaged as an EAR due to external dependencies. I will no longer maintain this version. Choose this one if you don't Keycloak V10.x or above.
-
-V2.x is packaged as a JAR since it uses Keycloak's provided libraries. This will be the **actively maintained** version for now.
-
-Both are deployed using [Keycloak Deployer](https://www.keycloak.org/docs/latest/server_development/index.html#using-the-keycloak-deployer).
+  V1.x is packaged as an EAR due to external dependencies. I will no longer maintain this version. Choose this one if you don't have Keycloak V10.x or above.
+  V2.x is packaged as a JAR since it uses Keycloak's provided libraries. This will be the **actively maintained** version for now.
+  Both are deployed using [Keycloak Deployer](https://www.keycloak.org/docs/latest/server_development/index.html#using-the-keycloak-deployer).
+  Starting from Keycloak version 25, the plugin is now functional.
 
 # Build
 Build the project using:
+
 ```
 mvn clean package;
 ```
@@ -28,10 +27,9 @@ Simply hot-deploy the module:
 cp target/argon2-password-hash-provider-*.jar /opt/keycloak/standalone/deployments/argon2-password-hash-provider.jar;
 ```
 
-# Keycloak configuration
+# Keycloak Configuration
 Finally, in the Keycloak realm of your choosing, activate the Argon2 password hashing via:
 `Authentication > Password Policy` and then selecting the policy `Hashing Algorithm` and name it: `argon2`.
-
 Further tuning can be done by the other Policy Providers:
 * `Argon2 Version` --> you can choose which Argon2 version to use, either: `10` or `13` (default: 13)
 * `Argon2 Variant` --> you can choose which Argon2 variant to use, either: `ARGON2i`, `ARGON2d` or `ARGON2id` (default: ARGON2id)
@@ -40,7 +38,5 @@ Further tuning can be done by the other Policy Providers:
 * `Argon2 Parallelism` --> tune the number of threads and memory lanes  (default: 1)
 * `Argon2 Salt Length` --> tune the length of the salt (default: 16)
 * `Argon2 Hash Length` --> tune the length of the hash (default: 32)
-
 > I have deprecated use of the `Argon2 Max Time` provider, as I believe it offers no real value. If you still have a use-case for this, let me know.
-
-For parameter optimization, check the [Argon2 whitepaper recommendations](https://github.com/P-H-C/phc-winner-argon2/blob/master/argon2-specs.pdf#section.9).
+For parameter optimization, check the [Argon2 whitepaper recommendations](https://github.com/P-H-C/phc-winner-argon2/blob/master/argon2-specs.pdf#section.9).

pom.xml

@@ -12,7 +12,7 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <maven.compiler.source>1.8</maven.compiler.source>
         <maven.compiler.target>1.8</maven.compiler.target>
-        <keycloak.version>10.0.2</keycloak.version>
+        <keycloak.version>25.0.0</keycloak.version>
         <junit.version>4.13.1</junit.version>
     </properties>
 
@@ -61,6 +61,11 @@
             <version>${keycloak.version}</version>
             <scope>provided</scope>
         </dependency>
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-crypto-default</artifactId>
+            <version>${keycloak.version}</version>
+        </dependency>
         <dependency>
             <groupId>junit</groupId>
             <artifactId>junit</artifactId>

src/main/java/be/cronos/keycloak/credential/hash/Argon2PasswordHashProviderFactory.java

@@ -36,4 +36,9 @@ public String getId() {
     public void close() {
         // noop
     }
+
+    @Override
+    public int order(){
+        return 400;
+    }
 }

src/main/java/be/cronos/keycloak/policy/Argon2GenericPolicyProviderFactory.java

@@ -63,4 +63,9 @@ public boolean isMultiplSupported() {
     public void close() {
         // noop
     }
+
+    @Override
+    public int order(){
+        return 400;
+    }
 }

src/main/java/be/cronos/keycloak/policy/Argon2VariantPasswordPolicyProviderFactory.java

@@ -2,11 +2,10 @@
 
 import be.cronos.keycloak.enums.Argon2Variant;
 import org.keycloak.policy.PasswordPolicyConfigException;
+import org.keycloak.policy.PasswordPolicyProvider;
 
-/**
- * @author <a href="mailto:[email protected]">Dries Eestermans</a>
- */
 public class Argon2VariantPasswordPolicyProviderFactory extends Argon2GenericPolicyProviderFactory {
+
     public static final String ID = "argon2Variant";
     public static final String DEFAULT_ARGON2_VARIANT = Argon2Variant.ARGON2ID.getArgon2VariantStringRepr();
 
@@ -18,18 +17,24 @@ public String getId() {
     @Override
     public Object parseConfig(String value) {
         Argon2Variant argon2Variant = Argon2Variant.parseVariant(value);
-        if (argon2Variant == null) throw new PasswordPolicyConfigException("Invalid Argon2 variant, valid choices are: ARGON2i, ARGON2id or ARGON2d.");
-        return argon2Variant.getArgon2VariantStringRepr();
+        if (argon2Variant == null) {
+            throw new PasswordPolicyConfigException("Invalid Argon2 variant, valid choices are: ARGON2i, ARGON2id or ARGON2d.");
+        }
+        return argon2Variant;
     }
 
     @Override
     public String getDisplayName() {
         return "Argon2 Variant";
     }
-
     @Override
     public String getDefaultConfigValue() {
-        return String.valueOf(DEFAULT_ARGON2_VARIANT);
+        return String.format(DEFAULT_ARGON2_VARIANT);
+    }
+
+    @Override
+    public String getConfigType() {
+        return PasswordPolicyProvider.STRING_CONFIG_TYPE;
     }
 
-}
+}