Example 11 with NoCache
use of org.jboss.resteasy.annotations.cache.NoCache in project keycloak by keycloak.
the class UserResource method addFederatedIdentity.
/**
* Add a social login provider to the user
*
* @param provider Social login provider id
* @param rep
* @return
*/
@Path("federated-identity/{provider}")
@POST
@NoCache
public Response addFederatedIdentity(@PathParam("provider") final String provider, FederatedIdentityRepresentation rep) {
auth.users().requireManage(user);
if (session.users().getFederatedIdentity(realm, user, provider) != null) {
return ErrorResponse.exists("User is already linked with provider");
}
FederatedIdentityModel socialLink = new FederatedIdentityModel(provider, rep.getUserId(), rep.getUserName());
session.users().addFederatedIdentity(realm, user, socialLink);
adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri()).representation(rep).success();
return Response.noContent().build();
}
Also used :
FederatedIdentityModel(org.keycloak.models.FederatedIdentityModel)
Path(javax.ws.rs.Path)
POST(javax.ws.rs.POST)
NoCache(org.jboss.resteasy.annotations.cache.NoCache)
Example 12 with NoCache
use of org.jboss.resteasy.annotations.cache.NoCache in project keycloak by keycloak.
the class UsersResource method getUsersCount.
/**
* Returns the number of users that match the given criteria.
* It can be called in three different ways.
* 1. Don't specify any criteria and pass {@code null}. The number of all
* users within that realm will be returned.
* <p>
* 2. If {@code search} is specified other criteria such as {@code last} will
* be ignored even though you set them. The {@code search} string will be
* matched against the first and last name, the username and the email of a
* user.
* <p>
* 3. If {@code search} is unspecified but any of {@code last}, {@code first},
* {@code email} or {@code username} those criteria are matched against their
* respective fields on a user entity. Combined with a logical and.
*
* @param search arbitrary search string for all the fields below
* @param last last name filter
* @param first first name filter
* @param email email filter
* @param username username filter
* @return the number of users that match the given criteria
*/
@Path("count")
@GET
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public Integer getUsersCount(@QueryParam("search") String search, @QueryParam("lastName") String last, @QueryParam("firstName") String first, @QueryParam("email") String email, @QueryParam("emailVerified") Boolean emailVerified, @QueryParam("username") String username) {
UserPermissionEvaluator userPermissionEvaluator = auth.users();
userPermissionEvaluator.requireQuery();
if (search != null) {
if (search.startsWith(SEARCH_ID_PARAMETER)) {
UserModel userModel = session.users().getUserById(realm, search.substring(SEARCH_ID_PARAMETER.length()).trim());
return userModel != null && userPermissionEvaluator.canView(userModel) ? 1 : 0;
} else if (userPermissionEvaluator.canView()) {
return session.users().getUsersCount(realm, search.trim());
} else {
return session.users().getUsersCount(realm, search.trim(), auth.groups().getGroupsWithViewPermission());
}
} else if (last != null || first != null || email != null || username != null || emailVerified != null) {
Map<String, String> parameters = new HashMap<>();
if (last != null) {
parameters.put(UserModel.LAST_NAME, last);
}
if (first != null) {
parameters.put(UserModel.FIRST_NAME, first);
}
if (email != null) {
parameters.put(UserModel.EMAIL, email);
}
if (username != null) {
parameters.put(UserModel.USERNAME, username);
}
if (emailVerified != null) {
parameters.put(UserModel.EMAIL_VERIFIED, emailVerified.toString());
}
if (userPermissionEvaluator.canView()) {
return session.users().getUsersCount(realm, parameters);
} else {
return session.users().getUsersCount(realm, parameters, auth.groups().getGroupsWithViewPermission());
}
} else if (userPermissionEvaluator.canView()) {
return session.users().getUsersCount(realm);
} else {
return session.users().getUsersCount(realm, auth.groups().getGroupsWithViewPermission());
}
}
Also used :
UserModel(org.keycloak.models.UserModel)
UserPermissionEvaluator(org.keycloak.services.resources.admin.permissions.UserPermissionEvaluator)
Map(java.util.Map)
HashMap(java.util.HashMap)
Path(javax.ws.rs.Path)
KeycloakModelUtils.findGroupByPath(org.keycloak.models.utils.KeycloakModelUtils.findGroupByPath)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
NoCache(org.jboss.resteasy.annotations.cache.NoCache)
Example 13 with NoCache
use of org.jboss.resteasy.annotations.cache.NoCache in project keycloak by keycloak.
the class UsersResource method getUsers.
/**
* Get users
*
* Returns a stream of users, filtered according to query parameters.
*
* @param search A String contained in username, first or last name, or email
* @param last A String contained in lastName, or the complete lastName, if param "exact" is true
* @param first A String contained in firstName, or the complete firstName, if param "exact" is true
* @param email A String contained in email, or the complete email, if param "exact" is true
* @param username A String contained in username, or the complete username, if param "exact" is true
* @param emailVerified whether the email has been verified
* @param idpAlias The alias of an Identity Provider linked to the user
* @param idpUserId The userId at an Identity Provider linked to the user
* @param firstResult Pagination offset
* @param maxResults Maximum results size (defaults to 100)
* @param enabled Boolean representing if user is enabled or not
* @param briefRepresentation Boolean which defines whether brief representations are returned (default: false)
* @param exact Boolean which defines whether the params "last", "first", "email" and "username" must match exactly
* @param searchQuery A query to search for custom attributes, in the format 'key1:value2 key2:value2'
* @return a non-null {@code Stream} of users
*/
@GET
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public Stream<UserRepresentation> getUsers(@QueryParam("search") String search, @QueryParam("lastName") String last, @QueryParam("firstName") String first, @QueryParam("email") String email, @QueryParam("username") String username, @QueryParam("emailVerified") Boolean emailVerified, @QueryParam("idpAlias") String idpAlias, @QueryParam("idpUserId") String idpUserId, @QueryParam("first") Integer firstResult, @QueryParam("max") Integer maxResults, @QueryParam("enabled") Boolean enabled, @QueryParam("briefRepresentation") Boolean briefRepresentation, @QueryParam("exact") Boolean exact, @QueryParam("q") String searchQuery) {
UserPermissionEvaluator userPermissionEvaluator = auth.users();
userPermissionEvaluator.requireQuery();
firstResult = firstResult != null ? firstResult : -1;
maxResults = maxResults != null ? maxResults : Constants.DEFAULT_MAX_RESULTS;
Map<String, String> searchAttributes = searchQuery == null ? Collections.emptyMap() : SearchQueryUtils.getFields(searchQuery);
Stream<UserModel> userModels = Stream.empty();
if (search != null) {
if (search.startsWith(SEARCH_ID_PARAMETER)) {
UserModel userModel = session.users().getUserById(realm, search.substring(SEARCH_ID_PARAMETER.length()).trim());
if (userModel != null) {
userModels = Stream.of(userModel);
}
} else {
Map<String, String> attributes = new HashMap<>();
attributes.put(UserModel.SEARCH, search.trim());
if (enabled != null) {
attributes.put(UserModel.ENABLED, enabled.toString());
}
return searchForUser(attributes, realm, userPermissionEvaluator, briefRepresentation, firstResult, maxResults, false);
}
} else if (last != null || first != null || email != null || username != null || emailVerified != null || idpAlias != null || idpUserId != null || enabled != null || exact != null || !searchAttributes.isEmpty()) {
Map<String, String> attributes = new HashMap<>();
if (last != null) {
attributes.put(UserModel.LAST_NAME, last);
}
if (first != null) {
attributes.put(UserModel.FIRST_NAME, first);
}
if (email != null) {
attributes.put(UserModel.EMAIL, email);
}
if (username != null) {
attributes.put(UserModel.USERNAME, username);
}
if (emailVerified != null) {
attributes.put(UserModel.EMAIL_VERIFIED, emailVerified.toString());
}
if (idpAlias != null) {
attributes.put(UserModel.IDP_ALIAS, idpAlias);
}
if (idpUserId != null) {
attributes.put(UserModel.IDP_USER_ID, idpUserId);
}
if (enabled != null) {
attributes.put(UserModel.ENABLED, enabled.toString());
}
if (exact != null) {
attributes.put(UserModel.EXACT, exact.toString());
}
attributes.putAll(searchAttributes);
return searchForUser(attributes, realm, userPermissionEvaluator, briefRepresentation, firstResult, maxResults, true);
} else {
return searchForUser(new HashMap<>(), realm, userPermissionEvaluator, briefRepresentation, firstResult, maxResults, false);
}
return toRepresentation(realm, userPermissionEvaluator, briefRepresentation, userModels);
}
Also used :
UserModel(org.keycloak.models.UserModel)
UserPermissionEvaluator(org.keycloak.services.resources.admin.permissions.UserPermissionEvaluator)
HashMap(java.util.HashMap)
Map(java.util.Map)
HashMap(java.util.HashMap)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
NoCache(org.jboss.resteasy.annotations.cache.NoCache)
Example 14 with NoCache
use of org.jboss.resteasy.annotations.cache.NoCache in project keycloak by keycloak.
the class UserStorageProviderResource method getSimpleName.
/**
* Need this for admin console to display simple name of provider when displaying user detail
*
* KEYCLOAK-4328
*
* @param id
* @return
*/
@GET
@Path("{id}/name")
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public Map<String, String> getSimpleName(@PathParam("id") String id) {
auth.users().requireQuery();
ComponentModel model = realm.getComponent(id);
if (model == null) {
throw new NotFoundException("Could not find component");
}
if (!model.getProviderType().equals(UserStorageProvider.class.getName())) {
throw new NotFoundException("found, but not a UserStorageProvider");
}
Map<String, String> data = new HashMap<>();
data.put("id", model.getId());
data.put("name", model.getName());
return data;
}
Also used :
HashMap(java.util.HashMap)
ComponentModel(org.keycloak.component.ComponentModel)
NotFoundException(javax.ws.rs.NotFoundException)
Path(javax.ws.rs.Path)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
NoCache(org.jboss.resteasy.annotations.cache.NoCache)
Example 15 with NoCache
use of org.jboss.resteasy.annotations.cache.NoCache in project keycloak by keycloak.
the class UserStorageProviderResource method unlinkUsers.
/**
* Unlink imported users from a storage provider
*
* @param id
* @return
*/
@POST
@Path("{id}/unlink-users")
@NoCache
public void unlinkUsers(@PathParam("id") String id) {
auth.users().requireManage();
ComponentModel model = realm.getComponent(id);
if (model == null) {
throw new NotFoundException("Could not find component");
}
if (!model.getProviderType().equals(UserStorageProvider.class.getName())) {
throw new NotFoundException("found, but not a UserStorageProvider");
}
session.users().unlinkUsers(realm, id);
}
Also used :
ComponentModel(org.keycloak.component.ComponentModel)
NotFoundException(javax.ws.rs.NotFoundException)
Path(javax.ws.rs.Path)
POST(javax.ws.rs.POST)
NoCache(org.jboss.resteasy.annotations.cache.NoCache)
Aggregations
NoCache (org.jboss.resteasy.annotations.cache.NoCache)152
Path (javax.ws.rs.Path)128
Produces (javax.ws.rs.Produces)100
GET (javax.ws.rs.GET)82
NotFoundException (javax.ws.rs.NotFoundException)67
POST (javax.ws.rs.POST)49
Consumes (javax.ws.rs.Consumes)48
PUT (javax.ws.rs.PUT)24
DELETE (javax.ws.rs.DELETE)23
HashMap (java.util.HashMap)20
RoleModel (org.keycloak.models.RoleModel)18
UserModel (org.keycloak.models.UserModel)18
BadRequestException (javax.ws.rs.BadRequestException)17
Response (javax.ws.rs.core.Response)16
ErrorResponseException (org.keycloak.services.ErrorResponseException)16
ClientModel (org.keycloak.models.ClientModel)15
AuthenticationFlowModel (org.keycloak.models.AuthenticationFlowModel)14
RealmModel (org.keycloak.models.RealmModel)14
List (java.util.List)12
Map (java.util.Map)12
