From fcb5e4fec51b77dbc475dedeb38c9d742f4602b2 Mon Sep 17 00:00:00 2001
From: nitinks-ee <nitin.ks@everest.engineering>
Date: Mon, 15 Nov 2021 11:52:08 +0530
Subject: [PATCH] Resolving PR comments

---
 .env                                          |   3 ++
 .gitignore                                    |   1 -
 README.md                                     |  19 +++-----
 build.gradle                                  |   2 -
 docker-compose.yml                            |   4 +-
 .../imports}/realm-export.json                |   0
 .../themes}/custom/login/cli_splash.ftl       |   0
 .../themes}/custom/login/code.ftl             |   0
 .../custom/login/delete-account-confirm.ftl   |   0
 .../themes}/custom/login/error.ftl            |   0
 .../custom/login/idp-review-user-profile.ftl  |   0
 .../themes}/custom/login/info.ftl             |   0
 .../custom/login/login-config-totp-text.ftl   |   0
 .../custom/login/login-config-totp.ftl        |   0
 .../custom/login/login-idp-link-confirm.ftl   |   0
 .../custom/login/login-idp-link-email.ftl     |   0
 .../custom/login/login-oauth-grant.ftl        |   0
 .../login-oauth2-device-verify-user-code.ftl  |   0
 .../themes}/custom/login/login-otp.ftl        |   0
 .../custom/login/login-page-expired.ftl       |   0
 .../themes}/custom/login/login-password.ftl   |   0
 .../custom/login/login-reset-password.ftl     |   0
 .../custom/login/login-update-password.ftl    |   0
 .../custom/login/login-update-profile.ftl     |   0
 .../themes}/custom/login/login-username.ftl   |   0
 .../login/login-verify-email-code-text.ftl    |   0
 .../custom/login/login-verify-email.ftl       |   0
 .../themes}/custom/login/login-x509-info.ftl  |   0
 .../themes}/custom/login/login.ftl            |   0
 .../login/messages/messages_ca.properties     |   0
 .../login/messages/messages_cs.properties     |   0
 .../login/messages/messages_da.properties     |   0
 .../login/messages/messages_de.properties     |   0
 .../login/messages/messages_en.properties     |   0
 .../login/messages/messages_es.properties     |   0
 .../login/messages/messages_fr.properties     |   0
 .../login/messages/messages_hu.properties     |   0
 .../login/messages/messages_it.properties     |   0
 .../login/messages/messages_ja.properties     |   0
 .../login/messages/messages_lt.properties     |   0
 .../login/messages/messages_nl.properties     |   0
 .../login/messages/messages_no.properties     |   0
 .../login/messages/messages_pl.properties     |   0
 .../login/messages/messages_pt_BR.properties  |   0
 .../login/messages/messages_ru.properties     |   0
 .../login/messages/messages_sk.properties     |   0
 .../login/messages/messages_sv.properties     |   0
 .../login/messages/messages_tr.properties     |   0
 .../login/messages/messages_zh_CN.properties  |   0
 .../custom/login/register-user-profile.ftl    |   0
 .../themes}/custom/login/register.ftl         |   0
 .../custom/login/resources/css/login.css      |   0
 .../custom/login/resources/css/tile.css       |   0
 .../img/feedback-error-arrow-down.png         | Bin
 .../resources/img/feedback-error-sign.png     | Bin
 .../img/feedback-success-arrow-down.png       | Bin
 .../resources/img/feedback-success-sign.png   | Bin
 .../img/feedback-warning-arrow-down.png       | Bin
 .../resources/img/feedback-warning-sign.png   | Bin
 .../login/resources/img/keycloak-bg.png       | Bin
 .../resources/img/keycloak-logo-text.png      | Bin
 .../login/resources/img/keycloak-logo.png     | Bin
 .../custom/login/resources/js/base64url.js    |   0
 .../themes}/custom/login/saml-post-form.ftl   |   0
 .../custom/login/select-authenticator.ftl     |   0
 .../themes}/custom/login/template.ftl         |   0
 .../themes}/custom/login/terms.ftl            |   0
 .../themes}/custom/login/theme.properties     |   0
 .../custom/login/update-user-profile.ftl      |   0
 .../custom/login/user-profile-commons.ftl     |   0
 .../custom/login/webauthn-authenticate.ftl    |   0
 .../themes}/custom/login/webauthn-error.ftl   |   0
 .../custom/login/webauthn-register.ftl        |   0
 .../lhotse/api/config/SwaggerConfig.java      |  42 ++++++++--------
 .../AdminOrganizationsController.java         |   4 +-
 .../controllers/OrganizationsController.java  |   3 +-
 .../api/rest/controllers/UserController.java  |   8 ++-
 .../api/rest/controllers/UsersController.java |  12 ++---
 .../lhotse/api/config/TestApiConfig.java      |   2 +-
 src/common/build.gradle                       |   2 +-
 .../KeycloakSynchronizationService.java       |  46 ++++++++++--------
 src/launcher/build.gradle                     |  10 ++--
 .../main/resources/database/projections.xml   |   1 -
 src/users/build.gradle                        |   2 +-
 .../eventhandlers/UsersEventHandler.java      |  11 ++---
 85 files changed, 91 insertions(+), 81 deletions(-)
 create mode 100644 .env
 rename {imports => keycloak/imports}/realm-export.json (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/cli_splash.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/code.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/delete-account-confirm.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/error.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/idp-review-user-profile.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/info.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/login-config-totp-text.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/login-config-totp.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/login-idp-link-confirm.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/login-idp-link-email.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/login-oauth-grant.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/login-oauth2-device-verify-user-code.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/login-otp.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/login-page-expired.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/login-password.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/login-reset-password.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/login-update-password.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/login-update-profile.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/login-username.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/login-verify-email-code-text.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/login-verify-email.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/login-x509-info.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/login.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/messages/messages_ca.properties (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/messages/messages_cs.properties (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/messages/messages_da.properties (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/messages/messages_de.properties (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/messages/messages_en.properties (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/messages/messages_es.properties (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/messages/messages_fr.properties (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/messages/messages_hu.properties (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/messages/messages_it.properties (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/messages/messages_ja.properties (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/messages/messages_lt.properties (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/messages/messages_nl.properties (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/messages/messages_no.properties (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/messages/messages_pl.properties (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/messages/messages_pt_BR.properties (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/messages/messages_ru.properties (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/messages/messages_sk.properties (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/messages/messages_sv.properties (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/messages/messages_tr.properties (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/messages/messages_zh_CN.properties (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/register-user-profile.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/register.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/resources/css/login.css (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/resources/css/tile.css (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/resources/img/feedback-error-arrow-down.png (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/resources/img/feedback-error-sign.png (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/resources/img/feedback-success-arrow-down.png (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/resources/img/feedback-success-sign.png (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/resources/img/feedback-warning-arrow-down.png (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/resources/img/feedback-warning-sign.png (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/resources/img/keycloak-bg.png (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/resources/img/keycloak-logo-text.png (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/resources/img/keycloak-logo.png (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/resources/js/base64url.js (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/saml-post-form.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/select-authenticator.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/template.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/terms.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/theme.properties (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/update-user-profile.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/user-profile-commons.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/webauthn-authenticate.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/webauthn-error.ftl (100%)
 rename {keycloak-themes => keycloak/themes}/custom/login/webauthn-register.ftl (100%)

diff --git a/.env b/.env
new file mode 100644
index 00000000..b80aaebf
--- /dev/null
+++ b/.env
@@ -0,0 +1,3 @@
+KEYCLOAK_SERVER_PORT=8180
+KEYCLOAK_USER=admin@everest.engineering
+KEYCLOAK_PASSWORD=ac0n3x72
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
index c28c1410..70e67e62 100644
--- a/.gitignore
+++ b/.gitignore
@@ -44,6 +44,5 @@ build/
 .project
 .settings
 .vscode
-.env
 /src/launcher/bin
 *.classpath
diff --git a/README.md b/README.md
index f2ecac69..7895bd28 100644
--- a/README.md
+++ b/README.md
@@ -169,8 +169,8 @@ Previously known as Axon Framework, [Axon](https://axoniq.io/) is a framework fo
 [aggregates](https://www.martinfowler.com/bliki/DDD_Aggregate.html) and
 [CQRS](https://www.martinfowler.com/bliki/CQRS.html).
 
-DDD is, at its core, about **linguistics**. Establishing a ubiquitous language helps identify sources of overlap or
-tension in conceptual understanding that **may be** indicative of a separation of concern in a system. Rather than
+DDD is, at its core, about _linguistics_. Establishing a ubiquitous language helps identify sources of overlap or
+tension in conceptual understanding that _may be_ indicative of a separation of concern in a system. Rather than
 attempting to model a domain in intricate detail inside a common model, DDD places great emphasis on identifying these
 boundaries in order to define [bounded contexts](https://www.martinfowler.com/bliki/BoundedContext.html). These reduce
 complexity of the system by avoiding [anemic domain models](https://www.martinfowler.com/bliki/AnemicDomainModel.html)
@@ -178,11 +178,11 @@ due to a slow migration of complex domain logic from within the domain model to
 system evolves.
 
 Event sourcing captures the activities of a business in an event log, an append-only history of every important
-**business action** that has ever been taken by users or by the system itself. Events are mapped to an arbitrary number
+_business action_ that has ever been taken by users or by the system itself. Events are mapped to an arbitrary number
 of projections for use by the query side of the system. Being able to replay events offers several significant benefits:
 
 - Projections can be optimised for reading by denormalising data
-- Events can be **upcasted**. That is, events are marked with a revision that allows them to be transformed to an updated
+- Events can be _upcasted_. That is, events are marked with a revision that allows them to be transformed to an updated
   version of the same event. This protects developers from creating significant errors in users' data due to, for example,
   accidentally transposing two fields within a command or event;
 - Projections can be updated with new information that was either captured by or derived from events. New business
@@ -230,7 +230,7 @@ overhead.
 
 There is a philosophical argument for defining aggregates such that all information required to validate commands is
 held by an aggregate in memory. In practice, however, more natural aggregates can be formed by allowing some validation
-to be based on **projections**. We also know from experience that some validation will be shared among multiple aggregates.
+to be based on _projections_. We also know from experience that some validation will be shared among multiple aggregates.
 The amount of testing required to verify all possible command failure situations tends to grow non-linearly as the number
 of checks that are performed inside an aggregate grows.
 
@@ -308,9 +308,7 @@ explains how it works, its limitations and an important caveat.
 
 ## Security and access control
 
-[Keycloak](https://www.keycloak.org/) is an open-source identity and access management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code.
-
-We are using Keycloak to manage users' authentication, authorization, and session management.
+We are using [Keycloak](https://www.keycloak.org/) to manage users' authentication, authorization, and session management.
 
 Keycloak has the following three main concepts.
 
@@ -320,11 +318,10 @@ Keycloak has the following three main concepts.
 
 _Note: Our app has some internal roles for managing the user's access levels but those roles don't have any relation with Keycloak roles._
 
-### User and Authentication Token
+### User and Token
 
 A user object in the business domain often requires more attributes than a user object from the Keycloak authentication token.
-For an example, the starter kit's user object has an extra `organizationId` property. To bridge this difference for
-authentication context, we added this info in the Keycloak authentication token as other claims, and we can access these claims like remaining claims of a user object.
+For an example, the starter kit's user object has an extra `organizationId` attribute, to authorize the user, we added this info in the Keycloak authentication token as other claims, and we can access these claims like remaining claims of a user object.
 
 ### Endpoint access control
 
diff --git a/build.gradle b/build.gradle
index 21bd6b08..6c96c773 100644
--- a/build.gradle
+++ b/build.gradle
@@ -60,7 +60,6 @@ subprojects {
         javaXPersistenceVersion = '2.2'
         jsonHelperVersion = '20210307'
         keycloakVersion = '15.0.2'
-        keycloakRestClientVersion = '15.0.2'
         liquibaseVersion = '4.4.0'
         lombokVersion = '1.18.20'
         microMeterPrometheusVersion = '1.7.1'
@@ -73,7 +72,6 @@ subprojects {
         h2Version = '1.4.200'
         hamcrestVersion = '2.2'
         junitVersion = '5.7.2'
-        keycloakTestServerVersion = '15.0.2'
         mockitoVersion = '3.11.2'
         undercouchVersion = '4.1.2'
     }
diff --git a/docker-compose.yml b/docker-compose.yml
index 44725f47..8d60382b 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -37,8 +37,8 @@ services:
     command: 
       -Djboss.http.port=${KEYCLOAK_SERVER_PORT}
     volumes:
-      - ./imports:/opt/jboss/keycloak/imports
-      - ./keycloak-themes/custom:/opt/jboss/keycloak/themes/custom
+      - ./keycloak/imports:/opt/jboss/keycloak/imports
+      - ./keycloak/themes/custom:/opt/jboss/keycloak/themes/custom
     environment:
       DB_VENDOR: POSTGRES
       DB_ADDR: postgres-db
diff --git a/imports/realm-export.json b/keycloak/imports/realm-export.json
similarity index 100%
rename from imports/realm-export.json
rename to keycloak/imports/realm-export.json
diff --git a/keycloak-themes/custom/login/cli_splash.ftl b/keycloak/themes/custom/login/cli_splash.ftl
similarity index 100%
rename from keycloak-themes/custom/login/cli_splash.ftl
rename to keycloak/themes/custom/login/cli_splash.ftl
diff --git a/keycloak-themes/custom/login/code.ftl b/keycloak/themes/custom/login/code.ftl
similarity index 100%
rename from keycloak-themes/custom/login/code.ftl
rename to keycloak/themes/custom/login/code.ftl
diff --git a/keycloak-themes/custom/login/delete-account-confirm.ftl b/keycloak/themes/custom/login/delete-account-confirm.ftl
similarity index 100%
rename from keycloak-themes/custom/login/delete-account-confirm.ftl
rename to keycloak/themes/custom/login/delete-account-confirm.ftl
diff --git a/keycloak-themes/custom/login/error.ftl b/keycloak/themes/custom/login/error.ftl
similarity index 100%
rename from keycloak-themes/custom/login/error.ftl
rename to keycloak/themes/custom/login/error.ftl
diff --git a/keycloak-themes/custom/login/idp-review-user-profile.ftl b/keycloak/themes/custom/login/idp-review-user-profile.ftl
similarity index 100%
rename from keycloak-themes/custom/login/idp-review-user-profile.ftl
rename to keycloak/themes/custom/login/idp-review-user-profile.ftl
diff --git a/keycloak-themes/custom/login/info.ftl b/keycloak/themes/custom/login/info.ftl
similarity index 100%
rename from keycloak-themes/custom/login/info.ftl
rename to keycloak/themes/custom/login/info.ftl
diff --git a/keycloak-themes/custom/login/login-config-totp-text.ftl b/keycloak/themes/custom/login/login-config-totp-text.ftl
similarity index 100%
rename from keycloak-themes/custom/login/login-config-totp-text.ftl
rename to keycloak/themes/custom/login/login-config-totp-text.ftl
diff --git a/keycloak-themes/custom/login/login-config-totp.ftl b/keycloak/themes/custom/login/login-config-totp.ftl
similarity index 100%
rename from keycloak-themes/custom/login/login-config-totp.ftl
rename to keycloak/themes/custom/login/login-config-totp.ftl
diff --git a/keycloak-themes/custom/login/login-idp-link-confirm.ftl b/keycloak/themes/custom/login/login-idp-link-confirm.ftl
similarity index 100%
rename from keycloak-themes/custom/login/login-idp-link-confirm.ftl
rename to keycloak/themes/custom/login/login-idp-link-confirm.ftl
diff --git a/keycloak-themes/custom/login/login-idp-link-email.ftl b/keycloak/themes/custom/login/login-idp-link-email.ftl
similarity index 100%
rename from keycloak-themes/custom/login/login-idp-link-email.ftl
rename to keycloak/themes/custom/login/login-idp-link-email.ftl
diff --git a/keycloak-themes/custom/login/login-oauth-grant.ftl b/keycloak/themes/custom/login/login-oauth-grant.ftl
similarity index 100%
rename from keycloak-themes/custom/login/login-oauth-grant.ftl
rename to keycloak/themes/custom/login/login-oauth-grant.ftl
diff --git a/keycloak-themes/custom/login/login-oauth2-device-verify-user-code.ftl b/keycloak/themes/custom/login/login-oauth2-device-verify-user-code.ftl
similarity index 100%
rename from keycloak-themes/custom/login/login-oauth2-device-verify-user-code.ftl
rename to keycloak/themes/custom/login/login-oauth2-device-verify-user-code.ftl
diff --git a/keycloak-themes/custom/login/login-otp.ftl b/keycloak/themes/custom/login/login-otp.ftl
similarity index 100%
rename from keycloak-themes/custom/login/login-otp.ftl
rename to keycloak/themes/custom/login/login-otp.ftl
diff --git a/keycloak-themes/custom/login/login-page-expired.ftl b/keycloak/themes/custom/login/login-page-expired.ftl
similarity index 100%
rename from keycloak-themes/custom/login/login-page-expired.ftl
rename to keycloak/themes/custom/login/login-page-expired.ftl
diff --git a/keycloak-themes/custom/login/login-password.ftl b/keycloak/themes/custom/login/login-password.ftl
similarity index 100%
rename from keycloak-themes/custom/login/login-password.ftl
rename to keycloak/themes/custom/login/login-password.ftl
diff --git a/keycloak-themes/custom/login/login-reset-password.ftl b/keycloak/themes/custom/login/login-reset-password.ftl
similarity index 100%
rename from keycloak-themes/custom/login/login-reset-password.ftl
rename to keycloak/themes/custom/login/login-reset-password.ftl
diff --git a/keycloak-themes/custom/login/login-update-password.ftl b/keycloak/themes/custom/login/login-update-password.ftl
similarity index 100%
rename from keycloak-themes/custom/login/login-update-password.ftl
rename to keycloak/themes/custom/login/login-update-password.ftl
diff --git a/keycloak-themes/custom/login/login-update-profile.ftl b/keycloak/themes/custom/login/login-update-profile.ftl
similarity index 100%
rename from keycloak-themes/custom/login/login-update-profile.ftl
rename to keycloak/themes/custom/login/login-update-profile.ftl
diff --git a/keycloak-themes/custom/login/login-username.ftl b/keycloak/themes/custom/login/login-username.ftl
similarity index 100%
rename from keycloak-themes/custom/login/login-username.ftl
rename to keycloak/themes/custom/login/login-username.ftl
diff --git a/keycloak-themes/custom/login/login-verify-email-code-text.ftl b/keycloak/themes/custom/login/login-verify-email-code-text.ftl
similarity index 100%
rename from keycloak-themes/custom/login/login-verify-email-code-text.ftl
rename to keycloak/themes/custom/login/login-verify-email-code-text.ftl
diff --git a/keycloak-themes/custom/login/login-verify-email.ftl b/keycloak/themes/custom/login/login-verify-email.ftl
similarity index 100%
rename from keycloak-themes/custom/login/login-verify-email.ftl
rename to keycloak/themes/custom/login/login-verify-email.ftl
diff --git a/keycloak-themes/custom/login/login-x509-info.ftl b/keycloak/themes/custom/login/login-x509-info.ftl
similarity index 100%
rename from keycloak-themes/custom/login/login-x509-info.ftl
rename to keycloak/themes/custom/login/login-x509-info.ftl
diff --git a/keycloak-themes/custom/login/login.ftl b/keycloak/themes/custom/login/login.ftl
similarity index 100%
rename from keycloak-themes/custom/login/login.ftl
rename to keycloak/themes/custom/login/login.ftl
diff --git a/keycloak-themes/custom/login/messages/messages_ca.properties b/keycloak/themes/custom/login/messages/messages_ca.properties
similarity index 100%
rename from keycloak-themes/custom/login/messages/messages_ca.properties
rename to keycloak/themes/custom/login/messages/messages_ca.properties
diff --git a/keycloak-themes/custom/login/messages/messages_cs.properties b/keycloak/themes/custom/login/messages/messages_cs.properties
similarity index 100%
rename from keycloak-themes/custom/login/messages/messages_cs.properties
rename to keycloak/themes/custom/login/messages/messages_cs.properties
diff --git a/keycloak-themes/custom/login/messages/messages_da.properties b/keycloak/themes/custom/login/messages/messages_da.properties
similarity index 100%
rename from keycloak-themes/custom/login/messages/messages_da.properties
rename to keycloak/themes/custom/login/messages/messages_da.properties
diff --git a/keycloak-themes/custom/login/messages/messages_de.properties b/keycloak/themes/custom/login/messages/messages_de.properties
similarity index 100%
rename from keycloak-themes/custom/login/messages/messages_de.properties
rename to keycloak/themes/custom/login/messages/messages_de.properties
diff --git a/keycloak-themes/custom/login/messages/messages_en.properties b/keycloak/themes/custom/login/messages/messages_en.properties
similarity index 100%
rename from keycloak-themes/custom/login/messages/messages_en.properties
rename to keycloak/themes/custom/login/messages/messages_en.properties
diff --git a/keycloak-themes/custom/login/messages/messages_es.properties b/keycloak/themes/custom/login/messages/messages_es.properties
similarity index 100%
rename from keycloak-themes/custom/login/messages/messages_es.properties
rename to keycloak/themes/custom/login/messages/messages_es.properties
diff --git a/keycloak-themes/custom/login/messages/messages_fr.properties b/keycloak/themes/custom/login/messages/messages_fr.properties
similarity index 100%
rename from keycloak-themes/custom/login/messages/messages_fr.properties
rename to keycloak/themes/custom/login/messages/messages_fr.properties
diff --git a/keycloak-themes/custom/login/messages/messages_hu.properties b/keycloak/themes/custom/login/messages/messages_hu.properties
similarity index 100%
rename from keycloak-themes/custom/login/messages/messages_hu.properties
rename to keycloak/themes/custom/login/messages/messages_hu.properties
diff --git a/keycloak-themes/custom/login/messages/messages_it.properties b/keycloak/themes/custom/login/messages/messages_it.properties
similarity index 100%
rename from keycloak-themes/custom/login/messages/messages_it.properties
rename to keycloak/themes/custom/login/messages/messages_it.properties
diff --git a/keycloak-themes/custom/login/messages/messages_ja.properties b/keycloak/themes/custom/login/messages/messages_ja.properties
similarity index 100%
rename from keycloak-themes/custom/login/messages/messages_ja.properties
rename to keycloak/themes/custom/login/messages/messages_ja.properties
diff --git a/keycloak-themes/custom/login/messages/messages_lt.properties b/keycloak/themes/custom/login/messages/messages_lt.properties
similarity index 100%
rename from keycloak-themes/custom/login/messages/messages_lt.properties
rename to keycloak/themes/custom/login/messages/messages_lt.properties
diff --git a/keycloak-themes/custom/login/messages/messages_nl.properties b/keycloak/themes/custom/login/messages/messages_nl.properties
similarity index 100%
rename from keycloak-themes/custom/login/messages/messages_nl.properties
rename to keycloak/themes/custom/login/messages/messages_nl.properties
diff --git a/keycloak-themes/custom/login/messages/messages_no.properties b/keycloak/themes/custom/login/messages/messages_no.properties
similarity index 100%
rename from keycloak-themes/custom/login/messages/messages_no.properties
rename to keycloak/themes/custom/login/messages/messages_no.properties
diff --git a/keycloak-themes/custom/login/messages/messages_pl.properties b/keycloak/themes/custom/login/messages/messages_pl.properties
similarity index 100%
rename from keycloak-themes/custom/login/messages/messages_pl.properties
rename to keycloak/themes/custom/login/messages/messages_pl.properties
diff --git a/keycloak-themes/custom/login/messages/messages_pt_BR.properties b/keycloak/themes/custom/login/messages/messages_pt_BR.properties
similarity index 100%
rename from keycloak-themes/custom/login/messages/messages_pt_BR.properties
rename to keycloak/themes/custom/login/messages/messages_pt_BR.properties
diff --git a/keycloak-themes/custom/login/messages/messages_ru.properties b/keycloak/themes/custom/login/messages/messages_ru.properties
similarity index 100%
rename from keycloak-themes/custom/login/messages/messages_ru.properties
rename to keycloak/themes/custom/login/messages/messages_ru.properties
diff --git a/keycloak-themes/custom/login/messages/messages_sk.properties b/keycloak/themes/custom/login/messages/messages_sk.properties
similarity index 100%
rename from keycloak-themes/custom/login/messages/messages_sk.properties
rename to keycloak/themes/custom/login/messages/messages_sk.properties
diff --git a/keycloak-themes/custom/login/messages/messages_sv.properties b/keycloak/themes/custom/login/messages/messages_sv.properties
similarity index 100%
rename from keycloak-themes/custom/login/messages/messages_sv.properties
rename to keycloak/themes/custom/login/messages/messages_sv.properties
diff --git a/keycloak-themes/custom/login/messages/messages_tr.properties b/keycloak/themes/custom/login/messages/messages_tr.properties
similarity index 100%
rename from keycloak-themes/custom/login/messages/messages_tr.properties
rename to keycloak/themes/custom/login/messages/messages_tr.properties
diff --git a/keycloak-themes/custom/login/messages/messages_zh_CN.properties b/keycloak/themes/custom/login/messages/messages_zh_CN.properties
similarity index 100%
rename from keycloak-themes/custom/login/messages/messages_zh_CN.properties
rename to keycloak/themes/custom/login/messages/messages_zh_CN.properties
diff --git a/keycloak-themes/custom/login/register-user-profile.ftl b/keycloak/themes/custom/login/register-user-profile.ftl
similarity index 100%
rename from keycloak-themes/custom/login/register-user-profile.ftl
rename to keycloak/themes/custom/login/register-user-profile.ftl
diff --git a/keycloak-themes/custom/login/register.ftl b/keycloak/themes/custom/login/register.ftl
similarity index 100%
rename from keycloak-themes/custom/login/register.ftl
rename to keycloak/themes/custom/login/register.ftl
diff --git a/keycloak-themes/custom/login/resources/css/login.css b/keycloak/themes/custom/login/resources/css/login.css
similarity index 100%
rename from keycloak-themes/custom/login/resources/css/login.css
rename to keycloak/themes/custom/login/resources/css/login.css
diff --git a/keycloak-themes/custom/login/resources/css/tile.css b/keycloak/themes/custom/login/resources/css/tile.css
similarity index 100%
rename from keycloak-themes/custom/login/resources/css/tile.css
rename to keycloak/themes/custom/login/resources/css/tile.css
diff --git a/keycloak-themes/custom/login/resources/img/feedback-error-arrow-down.png b/keycloak/themes/custom/login/resources/img/feedback-error-arrow-down.png
similarity index 100%
rename from keycloak-themes/custom/login/resources/img/feedback-error-arrow-down.png
rename to keycloak/themes/custom/login/resources/img/feedback-error-arrow-down.png
diff --git a/keycloak-themes/custom/login/resources/img/feedback-error-sign.png b/keycloak/themes/custom/login/resources/img/feedback-error-sign.png
similarity index 100%
rename from keycloak-themes/custom/login/resources/img/feedback-error-sign.png
rename to keycloak/themes/custom/login/resources/img/feedback-error-sign.png
diff --git a/keycloak-themes/custom/login/resources/img/feedback-success-arrow-down.png b/keycloak/themes/custom/login/resources/img/feedback-success-arrow-down.png
similarity index 100%
rename from keycloak-themes/custom/login/resources/img/feedback-success-arrow-down.png
rename to keycloak/themes/custom/login/resources/img/feedback-success-arrow-down.png
diff --git a/keycloak-themes/custom/login/resources/img/feedback-success-sign.png b/keycloak/themes/custom/login/resources/img/feedback-success-sign.png
similarity index 100%
rename from keycloak-themes/custom/login/resources/img/feedback-success-sign.png
rename to keycloak/themes/custom/login/resources/img/feedback-success-sign.png
diff --git a/keycloak-themes/custom/login/resources/img/feedback-warning-arrow-down.png b/keycloak/themes/custom/login/resources/img/feedback-warning-arrow-down.png
similarity index 100%
rename from keycloak-themes/custom/login/resources/img/feedback-warning-arrow-down.png
rename to keycloak/themes/custom/login/resources/img/feedback-warning-arrow-down.png
diff --git a/keycloak-themes/custom/login/resources/img/feedback-warning-sign.png b/keycloak/themes/custom/login/resources/img/feedback-warning-sign.png
similarity index 100%
rename from keycloak-themes/custom/login/resources/img/feedback-warning-sign.png
rename to keycloak/themes/custom/login/resources/img/feedback-warning-sign.png
diff --git a/keycloak-themes/custom/login/resources/img/keycloak-bg.png b/keycloak/themes/custom/login/resources/img/keycloak-bg.png
similarity index 100%
rename from keycloak-themes/custom/login/resources/img/keycloak-bg.png
rename to keycloak/themes/custom/login/resources/img/keycloak-bg.png
diff --git a/keycloak-themes/custom/login/resources/img/keycloak-logo-text.png b/keycloak/themes/custom/login/resources/img/keycloak-logo-text.png
similarity index 100%
rename from keycloak-themes/custom/login/resources/img/keycloak-logo-text.png
rename to keycloak/themes/custom/login/resources/img/keycloak-logo-text.png
diff --git a/keycloak-themes/custom/login/resources/img/keycloak-logo.png b/keycloak/themes/custom/login/resources/img/keycloak-logo.png
similarity index 100%
rename from keycloak-themes/custom/login/resources/img/keycloak-logo.png
rename to keycloak/themes/custom/login/resources/img/keycloak-logo.png
diff --git a/keycloak-themes/custom/login/resources/js/base64url.js b/keycloak/themes/custom/login/resources/js/base64url.js
similarity index 100%
rename from keycloak-themes/custom/login/resources/js/base64url.js
rename to keycloak/themes/custom/login/resources/js/base64url.js
diff --git a/keycloak-themes/custom/login/saml-post-form.ftl b/keycloak/themes/custom/login/saml-post-form.ftl
similarity index 100%
rename from keycloak-themes/custom/login/saml-post-form.ftl
rename to keycloak/themes/custom/login/saml-post-form.ftl
diff --git a/keycloak-themes/custom/login/select-authenticator.ftl b/keycloak/themes/custom/login/select-authenticator.ftl
similarity index 100%
rename from keycloak-themes/custom/login/select-authenticator.ftl
rename to keycloak/themes/custom/login/select-authenticator.ftl
diff --git a/keycloak-themes/custom/login/template.ftl b/keycloak/themes/custom/login/template.ftl
similarity index 100%
rename from keycloak-themes/custom/login/template.ftl
rename to keycloak/themes/custom/login/template.ftl
diff --git a/keycloak-themes/custom/login/terms.ftl b/keycloak/themes/custom/login/terms.ftl
similarity index 100%
rename from keycloak-themes/custom/login/terms.ftl
rename to keycloak/themes/custom/login/terms.ftl
diff --git a/keycloak-themes/custom/login/theme.properties b/keycloak/themes/custom/login/theme.properties
similarity index 100%
rename from keycloak-themes/custom/login/theme.properties
rename to keycloak/themes/custom/login/theme.properties
diff --git a/keycloak-themes/custom/login/update-user-profile.ftl b/keycloak/themes/custom/login/update-user-profile.ftl
similarity index 100%
rename from keycloak-themes/custom/login/update-user-profile.ftl
rename to keycloak/themes/custom/login/update-user-profile.ftl
diff --git a/keycloak-themes/custom/login/user-profile-commons.ftl b/keycloak/themes/custom/login/user-profile-commons.ftl
similarity index 100%
rename from keycloak-themes/custom/login/user-profile-commons.ftl
rename to keycloak/themes/custom/login/user-profile-commons.ftl
diff --git a/keycloak-themes/custom/login/webauthn-authenticate.ftl b/keycloak/themes/custom/login/webauthn-authenticate.ftl
similarity index 100%
rename from keycloak-themes/custom/login/webauthn-authenticate.ftl
rename to keycloak/themes/custom/login/webauthn-authenticate.ftl
diff --git a/keycloak-themes/custom/login/webauthn-error.ftl b/keycloak/themes/custom/login/webauthn-error.ftl
similarity index 100%
rename from keycloak-themes/custom/login/webauthn-error.ftl
rename to keycloak/themes/custom/login/webauthn-error.ftl
diff --git a/keycloak-themes/custom/login/webauthn-register.ftl b/keycloak/themes/custom/login/webauthn-register.ftl
similarity index 100%
rename from keycloak-themes/custom/login/webauthn-register.ftl
rename to keycloak/themes/custom/login/webauthn-register.ftl
diff --git a/src/api/src/main/java/engineering/everest/lhotse/api/config/SwaggerConfig.java b/src/api/src/main/java/engineering/everest/lhotse/api/config/SwaggerConfig.java
index 3437abe9..7c564113 100644
--- a/src/api/src/main/java/engineering/everest/lhotse/api/config/SwaggerConfig.java
+++ b/src/api/src/main/java/engineering/everest/lhotse/api/config/SwaggerConfig.java
@@ -1,36 +1,35 @@
 package engineering.everest.lhotse.api.config;
 
+import io.swagger.annotations.SwaggerDefinition;
+import io.swagger.annotations.Tag;
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.ComponentScan;
-import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.PropertySource;
-
-import io.swagger.annotations.SwaggerDefinition;
-import io.swagger.annotations.Tag;
+import org.springframework.context.annotation.Bean;
 import springfox.documentation.builders.ApiInfoBuilder;
 import springfox.documentation.builders.OAuthBuilder;
 import springfox.documentation.builders.RequestHandlerSelectors;
 import springfox.documentation.service.ApiInfo;
-import springfox.documentation.service.AuthorizationScope;
+import springfox.documentation.service.SecurityScheme;
 import springfox.documentation.service.GrantType;
 import springfox.documentation.service.ResourceOwnerPasswordCredentialsGrant;
 import springfox.documentation.service.SecurityReference;
-import springfox.documentation.service.SecurityScheme;
+import springfox.documentation.service.AuthorizationScope;
 import springfox.documentation.spi.DocumentationType;
 import springfox.documentation.spi.service.contexts.SecurityContext;
 import springfox.documentation.spring.web.plugins.Docket;
 import springfox.documentation.swagger.web.SecurityConfiguration;
 import springfox.documentation.swagger.web.SecurityConfigurationBuilder;
 
-import static org.springframework.http.MediaType.APPLICATION_JSON_VALUE;
-import static springfox.documentation.builders.PathSelectors.regex;
-
 import java.util.Arrays;
 import java.util.Set;
 import java.util.function.Predicate;
 
+import static org.springframework.http.MediaType.APPLICATION_JSON_VALUE;
+import static springfox.documentation.builders.PathSelectors.regex;
+
 @Profile("!prod")
 @Configuration
 @ComponentScan({"engineering.everest.lhotse.api"})
@@ -42,18 +41,22 @@
     @Tag(name = "OrgAdmins", description = "Organization Admin information and management"),
 })
 public class SwaggerConfig {
-    @Value("${keycloak.auth-server-url}")
+
     private String authServer;
-   
-    @Value("${keycloak.credentials.secret}")
     private String clientSecret;
-   
-    @Value("${keycloak.resource}")
     private String cliendId;
-   
-    @Value("${keycloak.realm}")
     private String realm;
 
+    public SwaggerConfig(@Value("${keycloak.auth-server-url}") String authServer,
+                         @Value("${keycloak.credentials.secret}") String clientSecret,
+                         @Value("${keycloak.resource}") String cliendId,
+                         @Value("${keycloak.realm}") String realm) {
+        this.authServer = authServer;
+        this.cliendId = cliendId;
+        this.clientSecret = clientSecret;
+        this.realm = realm;
+    }
+
     @Bean
     public Docket apiDocumentation() {
         return new Docket(DocumentationType.SWAGGER_2)
@@ -114,7 +117,6 @@ private SecurityContext securityContext() {
     private AuthorizationScope[] scopes() {
         return new AuthorizationScope[] { 
             new AuthorizationScope("read", "for read operations"), 
-            new AuthorizationScope("write", "for write operations"), 
-            new AuthorizationScope("foo", "Access foo API") };
+            new AuthorizationScope("write", "for write operations") };
     }
 }
diff --git a/src/api/src/main/java/engineering/everest/lhotse/api/rest/controllers/AdminOrganizationsController.java b/src/api/src/main/java/engineering/everest/lhotse/api/rest/controllers/AdminOrganizationsController.java
index 9ba5834f..b62db144 100644
--- a/src/api/src/main/java/engineering/everest/lhotse/api/rest/controllers/AdminOrganizationsController.java
+++ b/src/api/src/main/java/engineering/everest/lhotse/api/rest/controllers/AdminOrganizationsController.java
@@ -53,7 +53,9 @@ public AdminOrganizationsController(DtoConverter dtoConverter, OrganizationsServ
     @ApiOperation("Retrieves details of all organizations")
     @AdminOnly
     public List<OrganizationResponse> getAllOrganizations() {
-        return organizationsReadService.getOrganizations().stream().map(dtoConverter::convert).collect(toList());
+        return organizationsReadService.getOrganizations().stream()
+                .map(dtoConverter::convert)
+                .collect(toList());
     }
 
     @PostMapping
diff --git a/src/api/src/main/java/engineering/everest/lhotse/api/rest/controllers/OrganizationsController.java b/src/api/src/main/java/engineering/everest/lhotse/api/rest/controllers/OrganizationsController.java
index 4b0484a1..6bf65ae0 100644
--- a/src/api/src/main/java/engineering/everest/lhotse/api/rest/controllers/OrganizationsController.java
+++ b/src/api/src/main/java/engineering/everest/lhotse/api/rest/controllers/OrganizationsController.java
@@ -102,7 +102,8 @@ public void updateOrganization(@ApiIgnore Principal principal, @PathVariable UUI
     @ApiOperation("Retrieve a list of users for an organization")
     @AdminOrUserOfTargetOrganization
     public List<UserResponse> listOrganizationUsers(@ApiIgnore Principal principal, @PathVariable UUID organizationId) {
-        return usersReadService.getUsersForOrganization(organizationId).stream().map(dtoConverter::convert)
+        return usersReadService.getUsersForOrganization(organizationId)
+                .stream().map(dtoConverter::convert)
                 .collect(toList());
     }
 
diff --git a/src/api/src/main/java/engineering/everest/lhotse/api/rest/controllers/UserController.java b/src/api/src/main/java/engineering/everest/lhotse/api/rest/controllers/UserController.java
index 920819c1..46f9e1bf 100644
--- a/src/api/src/main/java/engineering/everest/lhotse/api/rest/controllers/UserController.java
+++ b/src/api/src/main/java/engineering/everest/lhotse/api/rest/controllers/UserController.java
@@ -77,7 +77,9 @@ public ResponseEntity<StreamingResponseBody> streamProfilePhoto(@ApiIgnore Princ
                 inputStream.transferTo(outputStream);
             }
         };
-        return ResponseEntity.ok().contentType(APPLICATION_OCTET_STREAM).body(streamingResponse);
+        return ResponseEntity.ok()
+                .contentType(APPLICATION_OCTET_STREAM)
+                .body(streamingResponse);
     }
 
     @GetMapping(value = "/profile-photo/thumbnail", produces = APPLICATION_OCTET_STREAM_VALUE)
@@ -89,6 +91,8 @@ public ResponseEntity<StreamingResponseBody> streamProfilePhotoThumbnail(@ApiIgn
                 inputStream.transferTo(outputStream);
             }
         };
-        return ResponseEntity.ok().contentType(APPLICATION_OCTET_STREAM).body(streamingResponse);
+        return ResponseEntity.ok()
+                .contentType(APPLICATION_OCTET_STREAM)
+                .body(streamingResponse);
     }
 }
diff --git a/src/api/src/main/java/engineering/everest/lhotse/api/rest/controllers/UsersController.java b/src/api/src/main/java/engineering/everest/lhotse/api/rest/controllers/UsersController.java
index 9887e57e..1dd764d9 100644
--- a/src/api/src/main/java/engineering/everest/lhotse/api/rest/controllers/UsersController.java
+++ b/src/api/src/main/java/engineering/everest/lhotse/api/rest/controllers/UsersController.java
@@ -12,19 +12,19 @@
 import engineering.everest.lhotse.users.services.UsersService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.RestController;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.PutMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.ResponseStatus;
 import springfox.documentation.annotations.ApiIgnore;
 
-import org.springframework.beans.factory.annotation.Autowired;
-
 import javax.validation.Valid;
+import java.security.Principal;
 import java.util.List;
 import java.util.Set;
 import java.util.UUID;
@@ -32,8 +32,6 @@
 import static java.util.stream.Collectors.toList;
 import static org.springframework.http.HttpStatus.OK;
 
-import java.security.Principal;
-
 @RestController
 @RequestMapping("/api/users")
 @Api(tags = "Users")
@@ -54,7 +52,9 @@ public UsersController(DtoConverter dtoConverter, UsersService usersService, Use
     @ApiOperation("Retrieves entire user list for all organisations")
     @AdminOnly
     public List<UserResponse> getAllUsers() {
-        return usersReadService.getUsers().stream().map(dtoConverter::convert).collect(toList());
+        return usersReadService.getUsers()
+                .stream().map(dtoConverter::convert)
+                .collect(toList());
     }
 
     @PostMapping("/{userId}/forget")
diff --git a/src/api/src/test/java/engineering/everest/lhotse/api/config/TestApiConfig.java b/src/api/src/test/java/engineering/everest/lhotse/api/config/TestApiConfig.java
index d67bc800..e5bf8cde 100644
--- a/src/api/src/test/java/engineering/everest/lhotse/api/config/TestApiConfig.java
+++ b/src/api/src/test/java/engineering/everest/lhotse/api/config/TestApiConfig.java
@@ -31,7 +31,7 @@
 import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 
-import java.util.*;
+import java.util.UUID;
 
 import static org.mockito.Mockito.mock;
 import static org.springframework.core.Ordered.HIGHEST_PRECEDENCE;
diff --git a/src/common/build.gradle b/src/common/build.gradle
index f2754517..4d909489 100644
--- a/src/common/build.gradle
+++ b/src/common/build.gradle
@@ -5,7 +5,7 @@ dependencies {
     implementation "org.springframework.boot:spring-boot-starter-json:${springBootVersion}"
     implementation "org.apache.commons:commons-lang3:${commonsLangVersion}"
     implementation "org.json:json:${jsonHelperVersion}"
-    implementation "org.keycloak:keycloak-admin-client:${keycloakRestClientVersion}"
+    implementation "org.keycloak:keycloak-admin-client:${keycloakVersion}"
     implementation "org.springframework.boot:spring-boot-starter-webflux:${webfluxVersion}"
 
     testImplementation "org.junit.jupiter:junit-jupiter:${junitVersion}"
diff --git a/src/common/src/main/java/engineering/everest/lhotse/axon/common/services/KeycloakSynchronizationService.java b/src/common/src/main/java/engineering/everest/lhotse/axon/common/services/KeycloakSynchronizationService.java
index 6d2841b5..953e7a3b 100644
--- a/src/common/src/main/java/engineering/everest/lhotse/axon/common/services/KeycloakSynchronizationService.java
+++ b/src/common/src/main/java/engineering/everest/lhotse/axon/common/services/KeycloakSynchronizationService.java
@@ -1,11 +1,5 @@
 package engineering.everest.lhotse.axon.common.services;
 
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.UUID;
-
 import engineering.everest.lhotse.axon.common.domain.Role;
 import engineering.everest.lhotse.axon.common.domain.UserAttribute;
 import engineering.everest.lhotse.axon.common.exceptions.KeycloakSynchronizationException;
@@ -20,9 +14,14 @@
 import org.springframework.http.MediaType;
 import org.springframework.stereotype.Component;
 import org.springframework.web.reactive.function.client.WebClient;
-
 import reactor.core.publisher.Mono;
 
+import java.util.UUID;
+import java.util.List;
+import java.util.Set;
+import java.util.Map;
+import java.util.HashMap;
+
 @Slf4j
 @Component
 public class KeycloakSynchronizationService {
@@ -30,18 +29,27 @@ public class KeycloakSynchronizationService {
     private static final String AUTHORIZATION = "Authorization";
     private static final String VALUE_KEY = "value";
 
-    @Value("${keycloak.auth-server-url}")
-    private String keycloakServerAuthUrl;
-    @Value("${kc.server.admin-user}")
-    private String keycloakAdminUser;
-    @Value("${kc.server.admin-password}")
-    private String keycloakAdminPassword;
-    @Value("${kc.server.master-realm.default.client-id}")
-    private String keycloakMasterRealmAdminClientId;
-    @Value("${keycloak.resource}")
-    private String keycloakDefaultRealmDefaultClientId;
-    @Value("${kc.server.connection.pool-size}")
-    private int keycloakServerConnectionPoolSize;
+
+    private final String keycloakServerAuthUrl;
+    private final String keycloakAdminUser;
+    private final String keycloakAdminPassword;
+    private final String keycloakMasterRealmAdminClientId;
+    private final String keycloakDefaultRealmDefaultClientId;
+    private final int keycloakServerConnectionPoolSize;
+
+    public KeycloakSynchronizationService(@Value("${keycloak.auth-server-url}") String keycloakServerAuthUrl,
+                                          @Value("${kc.server.admin-user}") String keycloakAdminUser,
+                                          @Value("${kc.server.admin-password}") String keycloakAdminPassword,
+                                          @Value("${kc.server.master-realm.default.client-id}") String keycloakMasterRealmAdminClientId,
+                                          @Value("${keycloak.resource}") String keycloakDefaultRealmDefaultClientId,
+                                          @Value("${kc.server.connection.pool-size}") int keycloakServerConnectionPoolSize) {
+        this.keycloakServerAuthUrl = keycloakServerAuthUrl;
+        this.keycloakAdminUser = keycloakAdminUser;
+        this.keycloakAdminPassword = keycloakAdminPassword;
+        this.keycloakMasterRealmAdminClientId = keycloakMasterRealmAdminClientId;
+        this.keycloakDefaultRealmDefaultClientId = keycloakDefaultRealmDefaultClientId;
+        this.keycloakServerConnectionPoolSize = keycloakServerConnectionPoolSize;
+    }
 
     private Keycloak getAdminKeycloakClientInstance() {
         return KeycloakBuilder.builder().serverUrl(keycloakServerAuthUrl).grantType(OAuth2Constants.PASSWORD)
diff --git a/src/launcher/build.gradle b/src/launcher/build.gradle
index b7f3e64e..3ea024e7 100644
--- a/src/launcher/build.gradle
+++ b/src/launcher/build.gradle
@@ -78,7 +78,7 @@ dependencies {
     testImplementation "org.apache.commons:commons-text:${commonsTextVersion}"
     testImplementation "org.bouncycastle:bcpkix-jdk15on:${bouncyCastleVersion}"
     testImplementation 'de.flapdoodle.embed:de.flapdoodle.embed.mongo'
-    testImplementation "org.keycloak:keycloak-admin-client:${keycloakRestClientVersion}"
+    testImplementation "org.keycloak:keycloak-admin-client:${keycloakVersion}"
 }
 
 dependencyManagement {
@@ -88,8 +88,8 @@ dependencyManagement {
 }
 
 task downloadKeycloakZipFile(type: Download) {
-    src "https://github.com/keycloak/keycloak/releases/download/${keycloakTestServerVersion}/keycloak-${keycloakTestServerVersion}.zip"
-    dest new File(buildDir, "keycloak-${keycloakTestServerVersion}.zip")
+    src "https://github.com/keycloak/keycloak/releases/download/${keycloakVersion}/keycloak-${keycloakVersion}.zip"
+    dest new File(buildDir, "keycloak-${keycloakVersion}.zip")
     onlyIfModified true
 }
 
@@ -100,7 +100,7 @@ task downloadAndUnzipKeycloakFile(dependsOn: downloadKeycloakZipFile, type: Copy
 
 task startServer(dependsOn: 'downloadAndUnzipKeycloakFile') {
     doLast {
-        def keycloakDir = "$buildDir/keycloak-${keycloakTestServerVersion}"
+        def keycloakDir = "$buildDir/keycloak-${keycloakVersion}"
         def port = 8180
         def waitTime = 10000
         def testUser = "admin@everest.engineering"
@@ -114,7 +114,7 @@ task startServer(dependsOn: 'downloadAndUnzipKeycloakFile') {
         startServer.consumeProcessOutput(System.out, System.err)
         startServer.waitForOrKill(3 * waitTime)
 
-        def createRealm = "$keycloakDir/bin/kcadm.sh create realms -f $rootDir/imports/realm-export.json --no-config --server http://localhost:$port/auth --realm master --user $testUser --password $testPass".execute()
+        def createRealm = "$keycloakDir/bin/kcadm.sh create realms -f $rootDir/keycloak/imports/realm-export.json --no-config --server http://localhost:$port/auth --realm master --user $testUser --password $testPass".execute()
         createRealm.consumeProcessOutput(System.out, System.err)
         createRealm.waitForOrKill(waitTime)
     }
diff --git a/src/launcher/src/main/resources/database/projections.xml b/src/launcher/src/main/resources/database/projections.xml
index 2f0f9c57..f1d0977c 100644
--- a/src/launcher/src/main/resources/database/projections.xml
+++ b/src/launcher/src/main/resources/database/projections.xml
@@ -35,7 +35,6 @@
             </column>
             <column name="displayname" type="varchar(255)"/>
             <column name="email" type="varchar(255)"/>
-            <column name="encodedpassword" type="varchar(255)"/>
             <column name="organizationid" type="uuid"/>
             <column name="profilephotofileid" type="uuid"/>
             <column name="username" type="varchar(255)">
diff --git a/src/users/build.gradle b/src/users/build.gradle
index 2c411859..fa4ce5f7 100644
--- a/src/users/build.gradle
+++ b/src/users/build.gradle
@@ -15,7 +15,7 @@ dependencies {
     implementation "engineering.everest.axon:command-distribution-extension:${axonHazelcastCommandDistributionVersion}"
     implementation "org.apache.commons:commons-lang3:${commonsLangVersion}"
     implementation "org.json:json:${jsonHelperVersion}"
-    implementation "org.keycloak:keycloak-admin-client:${keycloakRestClientVersion}"
+    implementation "org.keycloak:keycloak-admin-client:${keycloakVersion}"
     implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
     implementation 'org.springframework.boot:spring-boot-starter-security'
     implementation "org.springframework.boot:spring-boot-starter-webflux:${webfluxVersion}"
diff --git a/src/users/src/main/java/engineering/everest/lhotse/users/eventhandlers/UsersEventHandler.java b/src/users/src/main/java/engineering/everest/lhotse/users/eventhandlers/UsersEventHandler.java
index 8d1180f6..5bd10edf 100644
--- a/src/users/src/main/java/engineering/everest/lhotse/users/eventhandlers/UsersEventHandler.java
+++ b/src/users/src/main/java/engineering/everest/lhotse/users/eventhandlers/UsersEventHandler.java
@@ -56,17 +56,14 @@ void on(UserCreatedForNewlyRegisteredOrganizationEvent event, @Timestamp Instant
                 event.getOrganizationId());
         usersRepository.createUser(event.getUserId(), event.getOrganizationId(), event.getUserDisplayName(),
                 event.getUserEmail(), creationTime);
-
-        // You may also want a non-replayable event handler for sending a welcome email
-        // to new users
     }
 
     @EventHandler
     void on(UserDetailsUpdatedByAdminEvent event) {
         LOGGER.info("User {} details updated by admin {}", event.getUserId(), event.getAdminId());
         var persistableUser = usersRepository.findById(event.getUserId()).orElseThrow();
-        persistableUser
-                .setDisplayName(selectDesiredState(event.getDisplayNameChange(), persistableUser.getDisplayName()));
+        persistableUser.setDisplayName(selectDesiredState(event.getDisplayNameChange(),
+                persistableUser.getDisplayName()));
         persistableUser.setEmail(selectDesiredState(event.getEmailChange(), persistableUser.getEmail()));
         usersRepository.save(persistableUser);
     }
@@ -99,8 +96,8 @@ void on(UserPromotedToOrganizationAdminEvent event) {
     void on(UserDeletedAndForgottenEvent event) {
         LOGGER.info("Deleting user {}", event.getDeletedUserId());
         usersRepository.deleteById(event.getDeletedUserId());
-        cryptoShreddingKeyService
-                .deleteSecretKey(new TypeDifferentiatedSecretKeyId(event.getDeletedUserId().toString(), ""));
+        cryptoShreddingKeyService.deleteSecretKey(new TypeDifferentiatedSecretKeyId(event.getDeletedUserId()
+                .toString(), ""));
     }
 
     private String selectDesiredState(String desiredState, String currentState) {