Search in sources :

Example 1 with KeycloakSecurityConstraint

use of org.commonjava.indy.subsys.keycloak.conf.KeycloakSecurityConstraint in project indy by Commonjava.

the class KeycloakDeploymentProvider method getDeploymentInfo.

@Override
public DeploymentInfo getDeploymentInfo() {
    logger.debug("Keycloak deployment provider triggered.");
    final DeploymentInfo di = new DeploymentInfo();
    if (config.isEnabled()) {
        di.addAuthenticationMechanism(BASIC_LOGIN_MECHANISM, new ImmediateAuthenticationMechanismFactory(basicAuthInjector));
        logger.debug("Adding keycloak security constraints");
        final SecurityConstraint ui = new SecurityConstraint();
        ui.setEmptyRoleSemantic(EmptyRoleSemantic.PERMIT);
        final WebResourceCollection uiCollection = new WebResourceCollection();
        uiCollection.addUrlPatterns(UIServlet.PATHS);
        uiCollection.addHttpMethods(UIServlet.METHODS);
        ui.addWebResourceCollection(uiCollection);
        di.addSecurityConstraint(ui);
        for (final KeycloakSecurityConstraint constraint : bindings.getConstraints()) {
            final SecurityConstraint sc = new SecurityConstraint();
            sc.setEmptyRoleSemantic(EmptyRoleSemantic.PERMIT);
            final WebResourceCollection collection = new WebResourceCollection();
            collection.addUrlPattern(constraint.getUrlPattern());
            logger.debug("new constraint>>> URL pattern: {}", constraint.getUrlPattern());
            if (constraint.getMethods() != null) {
                logger.debug("methods: {}", constraint.getMethods());
                collection.addHttpMethods(constraint.getMethods());
            }
            sc.addWebResourceCollection(collection);
            if (constraint.getRole() != null) {
                logger.debug("role: {}", constraint.getRole());
                sc.addRoleAllowed(constraint.getRole());
            }
            logger.debug("Keycloak Security Constraint: {}", sc);
            di.addSecurityConstraint(sc);
        }
        logger.debug("Using keycloak.json: {} (exists? {})", config.getKeycloakJson(), new File(config.getKeycloakJson()).exists());
        di.addInitParameter(KEYCLOAK_CONFIG_FILE_PARAM, config.getKeycloakJson());
        logger.debug("login realm: {}", config.getRealm());
        final LoginConfig loginConfig = new LoginConfig(KEYCLOAK_LOGIN_MECHANISM, config.getRealm());
        loginConfig.addFirstAuthMethod(BASIC_LOGIN_MECHANISM);
        di.setLoginConfig(loginConfig);
    }
    return di;
}
Also used : WebResourceCollection(io.undertow.servlet.api.WebResourceCollection) KeycloakSecurityConstraint(org.commonjava.indy.subsys.keycloak.conf.KeycloakSecurityConstraint) ImmediateAuthenticationMechanismFactory(io.undertow.util.ImmediateAuthenticationMechanismFactory) LoginConfig(io.undertow.servlet.api.LoginConfig) DeploymentInfo(io.undertow.servlet.api.DeploymentInfo) File(java.io.File) SecurityConstraint(io.undertow.servlet.api.SecurityConstraint) KeycloakSecurityConstraint(org.commonjava.indy.subsys.keycloak.conf.KeycloakSecurityConstraint)

Aggregations

DeploymentInfo (io.undertow.servlet.api.DeploymentInfo)1 LoginConfig (io.undertow.servlet.api.LoginConfig)1 SecurityConstraint (io.undertow.servlet.api.SecurityConstraint)1 WebResourceCollection (io.undertow.servlet.api.WebResourceCollection)1 ImmediateAuthenticationMechanismFactory (io.undertow.util.ImmediateAuthenticationMechanismFactory)1 File (java.io.File)1 KeycloakSecurityConstraint (org.commonjava.indy.subsys.keycloak.conf.KeycloakSecurityConstraint)1