Example 1 with ClientRepresentation
use of org.keycloak.representations.idm.ClientRepresentation in project openremote by openremote.
the class KeycloakCleanSetup method onStart.
@Override
public void onStart() throws Exception {
super.onStart();
// Delete all realms that are not the master realm
LOG.info("Deleting all non-master realms");
RealmsResource realmsResource = keycloakProvider.getRealms(accessToken);
List<RealmRepresentation> realms = realmsResource.findAll();
for (RealmRepresentation realmRepresentation : realms) {
if (!realmRepresentation.getRealm().equals(MASTER_REALM)) {
keycloakProvider.getRealms(accessToken).realm(realmRepresentation.getRealm()).remove();
}
}
// Find out if there is a client already present for this application, if so, delete it
masterClientsResource.findAll().stream().filter(clientRepresentation -> clientRepresentation.getClientId().equals(KEYCLOAK_CLIENT_ID)).map(ClientRepresentation::getId).forEach(clientObjectId -> {
LOG.info("Deleting client: " + clientObjectId);
masterClientsResource.get(clientObjectId).remove();
});
// Find out if there are any users except the admin, delete them
masterUsersResource.search(null, null, null).stream().filter(userRepresentation -> !userRepresentation.getUsername().equals(MASTER_REALM_ADMIN_USER)).map(userRepresentation -> {
LOG.info("Deleting user: " + userRepresentation);
return masterUsersResource.get(userRepresentation.getId());
}).forEach(UserResource::remove);
}
Also used :
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
Container(org.openremote.container.Container)
List(java.util.List)
RealmsResource(org.keycloak.admin.client.resource.RealmsResource)
AbstractKeycloakSetup(org.openremote.manager.setup.AbstractKeycloakSetup)
UserResource(org.keycloak.admin.client.resource.UserResource)
Logger(java.util.logging.Logger)
Constants(org.openremote.model.Constants)
RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation)
RealmsResource(org.keycloak.admin.client.resource.RealmsResource)
RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation)
UserResource(org.keycloak.admin.client.resource.UserResource)
Example 2 with ClientRepresentation
use of org.keycloak.representations.idm.ClientRepresentation in project keycloak by keycloak.
the class UpdateCmd method execute.
@Override
public CommandResult execute(CommandInvocation commandInvocation) throws CommandException, InterruptedException {
List<AttributeOperation> attrs = new LinkedList<>();
try {
if (printHelp()) {
return help ? CommandResult.SUCCESS : CommandResult.FAILURE;
}
processGlobalOptions();
String clientId = null;
if (args != null) {
Iterator<String> it = args.iterator();
if (!it.hasNext()) {
throw new IllegalArgumentException("CLIENT_ID not specified");
}
clientId = it.next();
if (clientId.startsWith("-")) {
warnfErr(ParseUtil.CLIENT_OPTION_WARN, clientId);
}
while (it.hasNext()) {
String option = it.next();
switch(option) {
case "-s":
case "--set":
{
if (!it.hasNext()) {
throw new IllegalArgumentException("Option " + option + " requires a value");
}
String[] keyVal = parseKeyVal(it.next());
attrs.add(new AttributeOperation(SET, keyVal[0], keyVal[1]));
break;
}
case "-d":
case "--delete":
{
attrs.add(new AttributeOperation(DELETE, it.next()));
break;
}
default:
{
throw new IllegalArgumentException("Unsupported option: " + option);
}
}
}
}
if (file == null && attrs.size() == 0) {
throw new IllegalArgumentException("No file nor attribute values specified");
}
//
if (file == null && attrs.size() > 0) {
mergeMode = true;
}
CmdStdinContext ctx = new CmdStdinContext();
if (file != null) {
ctx = parseFileOrStdin(file, regType);
regType = ctx.getEndpointType();
}
if (regType == null) {
regType = DEFAULT;
ctx.setEndpointType(regType);
} else if (regType != DEFAULT && regType != OIDC) {
throw new RuntimeException("Update not supported for endpoint type: " + regType.getEndpoint());
}
// initialize config only after reading from stdin,
// to allow proper operation when piping 'get' - which consumes the old
// registration access token, and saves the new one to the config
ConfigData config = loadConfig();
config = copyWithServerInfo(config);
final String server = config.getServerUrl();
final String realm = config.getRealm();
if (token == null) {
// if registration access token is not set via --token, see if it's in the body of any input file
// but first see if it's overridden by --set, or maybe deliberately muted via -d registrationAccessToken
boolean processed = false;
for (AttributeOperation op : attrs) {
if ("registrationAccessToken".equals(op.getKey().toString())) {
processed = true;
if (op.getType() == AttributeOperation.Type.SET) {
token = op.getValue();
}
// otherwise it's delete - meaning it should stay null
break;
}
}
if (!processed) {
token = ctx.getRegistrationAccessToken();
}
}
if (token == null) {
// if registration access token is not set, try use the one from configuration
token = getRegistrationToken(config.sessionRealmConfigData(), clientId);
}
setupTruststore(config, commandInvocation);
String auth = token;
if (auth == null) {
config = ensureAuthInfo(config, commandInvocation);
config = copyWithServerInfo(config);
if (credentialsAvailable(config)) {
auth = ensureToken(config);
}
}
auth = auth != null ? "Bearer " + auth : null;
if (mergeMode) {
InputStream response = doGet(server + "/realms/" + realm + "/clients-registrations/" + regType.getEndpoint() + "/" + urlencode(clientId), APPLICATION_JSON, auth);
String json = readFully(response);
CmdStdinContext ctxremote = new CmdStdinContext();
ctxremote.setContent(json);
ctxremote.setEndpointType(regType);
try {
if (regType == DEFAULT) {
ctxremote.setClient(JsonSerialization.readValue(json, ClientRepresentation.class));
token = ctxremote.getClient().getRegistrationAccessToken();
} else if (regType == OIDC) {
ctxremote.setOidcClient(JsonSerialization.readValue(json, OIDCClientRepresentation.class));
token = ctxremote.getOidcClient().getRegistrationAccessToken();
}
} catch (JsonParseException e) {
throw new RuntimeException("Not a valid JSON document. " + e.getMessage(), e);
} catch (IOException e) {
throw new RuntimeException("Not a valid JSON document", e);
}
// that ensures optimistic locking semantics
if (token != null) {
// we use auth with doPost later
auth = "Bearer " + token;
String newToken = token;
String clientToUpdate = clientId;
saveMergeConfig(cfg -> {
setRegistrationToken(cfg.ensureRealmConfigData(server, realm), clientToUpdate, newToken);
});
}
// merge local representation over remote one
if (ctx.getClient() != null) {
ReflectionUtil.merge(ctx.getClient(), ctxremote.getClient());
} else if (ctx.getOidcClient() != null) {
ReflectionUtil.merge(ctx.getOidcClient(), ctxremote.getOidcClient());
}
ctx = ctxremote;
}
if (attrs.size() > 0) {
ctx = mergeAttributes(ctx, attrs);
}
// now update
InputStream response = doPut(server + "/realms/" + realm + "/clients-registrations/" + regType.getEndpoint() + "/" + urlencode(clientId), APPLICATION_JSON, APPLICATION_JSON, ctx.getContent(), auth);
try {
if (regType == DEFAULT) {
ClientRepresentation clirep = JsonSerialization.readValue(response, ClientRepresentation.class);
outputResult(clirep);
token = clirep.getRegistrationAccessToken();
} else if (regType == OIDC) {
OIDCClientRepresentation clirep = JsonSerialization.readValue(response, OIDCClientRepresentation.class);
outputResult(clirep);
token = clirep.getRegistrationAccessToken();
}
String newToken = token;
String clientToUpdate = clientId;
saveMergeConfig(cfg -> {
setRegistrationToken(cfg.ensureRealmConfigData(server, realm), clientToUpdate, newToken);
});
} catch (IOException e) {
throw new RuntimeException("Failed to process HTTP response", e);
}
return CommandResult.SUCCESS;
} catch (IllegalArgumentException e) {
throw new IllegalArgumentException(e.getMessage() + suggestHelp(), e);
} finally {
commandInvocation.stop();
}
}
Also used :
AttributeOperation(org.keycloak.client.registration.cli.common.AttributeOperation)
InputStream(java.io.InputStream)
IOException(java.io.IOException)
JsonParseException(com.fasterxml.jackson.core.JsonParseException)
LinkedList(java.util.LinkedList)
OIDCClientRepresentation(org.keycloak.representations.oidc.OIDCClientRepresentation)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
OIDCClientRepresentation(org.keycloak.representations.oidc.OIDCClientRepresentation)
ConfigData(org.keycloak.client.registration.cli.config.ConfigData)
CmdStdinContext(org.keycloak.client.registration.cli.common.CmdStdinContext)
Example 3 with ClientRepresentation
use of org.keycloak.representations.idm.ClientRepresentation in project keycloak by keycloak.
the class ParseUtil method parseFileOrStdin.
public static CmdStdinContext parseFileOrStdin(String file, EndpointType type) {
String content = readFileOrStdin(file).trim();
ClientRepresentation client = null;
OIDCClientRepresentation oidcClient = null;
if (type == null) {
// guess the correct endpoint from content of the file
if (content.startsWith("<")) {
// looks like XML
type = EndpointType.SAML2;
} else if (content.startsWith("{")) {
// try parse as ClientRepresentation
try {
client = JsonSerialization.readValue(content, ClientRepresentation.class);
type = EndpointType.DEFAULT;
} catch (JsonParseException e) {
throw new RuntimeException("Failed to read the input document as JSON: " + e.getMessage(), e);
} catch (Exception ignored) {
// deliberately not logged
}
if (client == null) {
// try parse as OIDCClientRepresentation
try {
oidcClient = JsonSerialization.readValue(content, OIDCClientRepresentation.class);
type = EndpointType.OIDC;
} catch (IOException ne) {
throw new RuntimeException("Unable to determine input document type. Use -e TYPE to specify the registration endpoint to use");
} catch (Exception e) {
throw new RuntimeException("Failed to read the input document as JSON", e);
}
}
} else if (content.length() == 0) {
throw new RuntimeException("Document provided by --file option is empty");
} else {
throw new RuntimeException("Unable to determine input document type. Use -e TYPE to specify the registration endpoint to use");
}
}
// check content type, making sure it can be parsed into .json if it's not saml xml
if (content != null) {
try {
if (type == EndpointType.DEFAULT && client == null) {
client = JsonSerialization.readValue(content, ClientRepresentation.class);
} else if (type == EndpointType.OIDC && oidcClient == null) {
oidcClient = JsonSerialization.readValue(content, OIDCClientRepresentation.class);
}
} catch (JsonParseException e) {
throw new RuntimeException("Not a valid JSON document - " + e.getMessage(), e);
} catch (UnrecognizedPropertyException e) {
throw new RuntimeException("Attribute '" + e.getPropertyName() + "' not supported on document type '" + type.getName() + "'", e);
} catch (IOException e) {
throw new RuntimeException("Not a valid JSON document", e);
}
}
CmdStdinContext ctx = new CmdStdinContext();
ctx.setEndpointType(type);
ctx.setContent(content);
ctx.setClient(client);
ctx.setOidcClient(oidcClient);
return ctx;
}
Also used :
OIDCClientRepresentation(org.keycloak.representations.oidc.OIDCClientRepresentation)
CmdStdinContext(org.keycloak.client.registration.cli.common.CmdStdinContext)
UnrecognizedPropertyException(com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException)
IOException(java.io.IOException)
JsonParseException(com.fasterxml.jackson.core.JsonParseException)
UnrecognizedPropertyException(com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException)
IOException(java.io.IOException)
JsonParseException(com.fasterxml.jackson.core.JsonParseException)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
OIDCClientRepresentation(org.keycloak.representations.oidc.OIDCClientRepresentation)
Example 4 with ClientRepresentation
use of org.keycloak.representations.idm.ClientRepresentation in project keycloak by keycloak.
the class ParseUtil method mergeAttributes.
public static CmdStdinContext mergeAttributes(CmdStdinContext ctx, List<AttributeOperation> attrs) {
String content = ctx.getContent();
ClientRepresentation client = ctx.getClient();
OIDCClientRepresentation oidcClient = ctx.getOidcClient();
EndpointType type = ctx.getEndpointType();
try {
if (content == null) {
if (type == EndpointType.DEFAULT) {
client = new ClientRepresentation();
} else if (type == EndpointType.OIDC) {
oidcClient = new OIDCClientRepresentation();
}
}
Object rep = client != null ? client : oidcClient;
if (rep != null) {
try {
setAttributes(rep, attrs);
} catch (AttributeException e) {
throw new RuntimeException("Failed to set attribute '" + e.getAttributeName() + "' on document type '" + type.getName() + "'", e);
}
content = JsonSerialization.writeValueAsString(rep);
} else {
throw new RuntimeException("Setting attributes is not supported for type: " + type.getName());
}
} catch (IOException e) {
throw new RuntimeException("Failed to merge set attributes with configuration from file", e);
}
ctx.setContent(content);
ctx.setClient(client);
ctx.setOidcClient(oidcClient);
return ctx;
}
Also used :
OIDCClientRepresentation(org.keycloak.representations.oidc.OIDCClientRepresentation)
EndpointType(org.keycloak.client.registration.cli.common.EndpointType)
IOException(java.io.IOException)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
OIDCClientRepresentation(org.keycloak.representations.oidc.OIDCClientRepresentation)
Example 5 with ClientRepresentation
use of org.keycloak.representations.idm.ClientRepresentation in project keycloak by keycloak.
the class ClientRegistration method update.
public ClientRepresentation update(ClientRepresentation client) throws ClientRegistrationException {
String content = serialize(client);
InputStream resultStream = httpUtil.doPut(content, JSON, UTF_8, JSON, DEFAULT, client.getClientId());
return resultStream != null ? deserialize(resultStream, ClientRepresentation.class) : null;
}
Also used :
InputStream(java.io.InputStream)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
OIDCClientRepresentation(org.keycloak.representations.oidc.OIDCClientRepresentation)
Aggregations
ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)576
Test (org.junit.Test)359
ClientResource (org.keycloak.admin.client.resource.ClientResource)189
OIDCClientRepresentation (org.keycloak.representations.oidc.OIDCClientRepresentation)139
OAuthClient (org.keycloak.testsuite.util.OAuthClient)101
AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)61
Response (javax.ws.rs.core.Response)59
Matchers.containsString (org.hamcrest.Matchers.containsString)58
RealmResource (org.keycloak.admin.client.resource.RealmResource)58
RealmRepresentation (org.keycloak.representations.idm.RealmRepresentation)58
UserRepresentation (org.keycloak.representations.idm.UserRepresentation)53
RoleRepresentation (org.keycloak.representations.idm.RoleRepresentation)43
AuthenticationRequestAcknowledgement (org.keycloak.testsuite.util.OAuthClient.AuthenticationRequestAcknowledgement)41
ClientsResource (org.keycloak.admin.client.resource.ClientsResource)38
AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)38
ClientPoliciesBuilder (org.keycloak.testsuite.util.ClientPoliciesUtil.ClientPoliciesBuilder)37
ClientPolicyBuilder (org.keycloak.testsuite.util.ClientPoliciesUtil.ClientPolicyBuilder)37
ClientProfileBuilder (org.keycloak.testsuite.util.ClientPoliciesUtil.ClientProfileBuilder)37
ClientProfilesBuilder (org.keycloak.testsuite.util.ClientPoliciesUtil.ClientProfilesBuilder)37
HashMap (java.util.HashMap)33
