Examples with RefreshableKeycloakSecurityContext org.keycloak.adapters.RefreshableKeycloakSecurityContext used on opensource projects

Search in sources :

Example 16 with RefreshableKeycloakSecurityContext

use of org.keycloak.adapters.RefreshableKeycloakSecurityContext in project keycloak by keycloak.

the class KeycloakAuthenticationProviderTest method setUp.

@Before
public void setUp() throws Exception {
    Principal principal = mock(Principal.class);
    RefreshableKeycloakSecurityContext securityContext = mock(RefreshableKeycloakSecurityContext.class);
    KeycloakAccount account = new SimpleKeycloakAccount(principal, roles, securityContext);
    token = new KeycloakAuthenticationToken(account, false);
    interactiveToken = new KeycloakAuthenticationToken(account, true);
}
Also used : KeycloakAuthenticationToken(org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken) RefreshableKeycloakSecurityContext(org.keycloak.adapters.RefreshableKeycloakSecurityContext) SimpleKeycloakAccount(org.keycloak.adapters.springsecurity.account.SimpleKeycloakAccount) KeycloakAccount(org.keycloak.adapters.spi.KeycloakAccount) SimpleKeycloakAccount(org.keycloak.adapters.springsecurity.account.SimpleKeycloakAccount) Principal(java.security.Principal) Before(org.junit.Before)

Example 17 with RefreshableKeycloakSecurityContext

use of org.keycloak.adapters.RefreshableKeycloakSecurityContext in project keycloak by keycloak.

the class SimpleHttpFacadeTest method setup.

@Before
public void setup() {
    SecurityContext springSecurityContext = SecurityContextHolder.createEmptyContext();
    SecurityContextHolder.setContext(springSecurityContext);
    Set<String> roles = Sets.newSet("user");
    Principal principal = mock(Principal.class);
    RefreshableKeycloakSecurityContext keycloakSecurityContext = mock(RefreshableKeycloakSecurityContext.class);
    KeycloakAccount account = new SimpleKeycloakAccount(principal, roles, keycloakSecurityContext);
    KeycloakAuthenticationToken token = new KeycloakAuthenticationToken(account, false);
    springSecurityContext.setAuthentication(token);
}
Also used : KeycloakAuthenticationToken(org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken) RefreshableKeycloakSecurityContext(org.keycloak.adapters.RefreshableKeycloakSecurityContext) RefreshableKeycloakSecurityContext(org.keycloak.adapters.RefreshableKeycloakSecurityContext) SecurityContext(org.springframework.security.core.context.SecurityContext) SimpleKeycloakAccount(org.keycloak.adapters.springsecurity.account.SimpleKeycloakAccount) KeycloakAccount(org.keycloak.adapters.spi.KeycloakAccount) SimpleKeycloakAccount(org.keycloak.adapters.springsecurity.account.SimpleKeycloakAccount) Principal(java.security.Principal) Before(org.junit.Before)

Example 18 with RefreshableKeycloakSecurityContext

use of org.keycloak.adapters.RefreshableKeycloakSecurityContext in project keycloak by keycloak.

the class CatalinaCookieTokenStore method checkPrincipalFromCookie.

/**
 * Verify if we already have authenticated and active principal in cookie. Perform refresh if it's not active
 *
 * @return valid principal
 */
protected KeycloakPrincipal<RefreshableKeycloakSecurityContext> checkPrincipalFromCookie() {
    KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal = CookieTokenStore.getPrincipalFromCookie(deployment, facade, this);
    if (principal == null) {
        log.fine("Account was not in cookie or was invalid");
        return null;
    }
    RefreshableKeycloakSecurityContext session = principal.getKeycloakSecurityContext();
    if (session.isActive() && !session.getDeployment().isAlwaysRefreshToken())
        return principal;
    boolean success = session.refreshExpiredToken(false);
    if (success && session.isActive())
        return principal;
    log.fine("Cleanup and expire cookie for user " + principal.getName() + " after failed refresh");
    request.setUserPrincipal(null);
    request.setAuthType(null);
    CookieTokenStore.removeCookie(deployment, facade);
    return null;
}
Also used : RefreshableKeycloakSecurityContext(org.keycloak.adapters.RefreshableKeycloakSecurityContext)

Example 19 with RefreshableKeycloakSecurityContext

use of org.keycloak.adapters.RefreshableKeycloakSecurityContext in project keycloak by keycloak.

the class CatalinaSessionTokenStore method isCached.

@Override
public boolean isCached(RequestAuthenticator authenticator) {
    Session session = request.getSessionInternal(false);
    if (session == null)
        return false;
    SerializableKeycloakAccount account = (SerializableKeycloakAccount) session.getSession().getAttribute(SerializableKeycloakAccount.class.getName());
    if (account == null) {
        return false;
    }
    log.fine("remote logged in already. Establish state from session");
    RefreshableKeycloakSecurityContext securityContext = account.getKeycloakSecurityContext();
    if (!deployment.getRealm().equals(securityContext.getRealm())) {
        log.fine("Account from cookie is from a different realm than for the request.");
        cleanSession(session);
        return false;
    }
    securityContext.setCurrentRequestInfo(deployment, this);
    request.setAttribute(KeycloakSecurityContext.class.getName(), securityContext);
    GenericPrincipal principal = (GenericPrincipal) session.getPrincipal();
    // in clustered environment in JBossWeb, principal is not serialized or saved
    if (principal == null) {
        principal = principalFactory.createPrincipal(request.getContext().getRealm(), account.getPrincipal(), account.getRoles());
        session.setPrincipal(principal);
        session.setAuthType("KEYCLOAK");
    }
    request.setUserPrincipal(principal);
    request.setAuthType("KEYCLOAK");
    restoreRequest();
    return true;
}
Also used : GenericPrincipal(org.apache.catalina.realm.GenericPrincipal) RefreshableKeycloakSecurityContext(org.keycloak.adapters.RefreshableKeycloakSecurityContext) RefreshableKeycloakSecurityContext(org.keycloak.adapters.RefreshableKeycloakSecurityContext) KeycloakSecurityContext(org.keycloak.KeycloakSecurityContext) Session(org.apache.catalina.Session)

Example 20 with RefreshableKeycloakSecurityContext

use of org.keycloak.adapters.RefreshableKeycloakSecurityContext in project keycloak by keycloak.

the class FilterRequestAuthenticator method completeBearerAuthentication.

@Override
protected void completeBearerAuthentication(final KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal, String method) {
    final RefreshableKeycloakSecurityContext securityContext = principal.getKeycloakSecurityContext();
    final Set<String> roles = AdapterUtils.getRolesFromSecurityContext(securityContext);
    if (log.isLoggable(Level.FINE)) {
        log.fine("Completing bearer authentication. Bearer roles: " + roles);
    }
    request.setAttribute(KeycloakSecurityContext.class.getName(), securityContext);
    OidcKeycloakAccount account = new OidcKeycloakAccount() {

        @Override
        public Principal getPrincipal() {
            return principal;
        }

        @Override
        public Set<String> getRoles() {
            return roles;
        }

        @Override
        public KeycloakSecurityContext getKeycloakSecurityContext() {
            return securityContext;
        }
    };
    // need this here to obtain UserPrincipal
    request.setAttribute(KeycloakAccount.class.getName(), account);
}
Also used : OidcKeycloakAccount(org.keycloak.adapters.OidcKeycloakAccount) RefreshableKeycloakSecurityContext(org.keycloak.adapters.RefreshableKeycloakSecurityContext) RefreshableKeycloakSecurityContext(org.keycloak.adapters.RefreshableKeycloakSecurityContext) KeycloakSecurityContext(org.keycloak.KeycloakSecurityContext) KeycloakAccount(org.keycloak.adapters.spi.KeycloakAccount) OidcKeycloakAccount(org.keycloak.adapters.OidcKeycloakAccount)

Aggregations

RefreshableKeycloakSecurityContext (org.keycloak.adapters.RefreshableKeycloakSecurityContext)52 KeycloakSecurityContext (org.keycloak.KeycloakSecurityContext)30 KeycloakDeployment (org.keycloak.adapters.KeycloakDeployment)10 OidcKeycloakAccount (org.keycloak.adapters.OidcKeycloakAccount)8 KeycloakAccount (org.keycloak.adapters.spi.KeycloakAccount)5 SimpleKeycloakAccount (org.keycloak.adapters.springsecurity.account.SimpleKeycloakAccount)5 KeycloakPrincipal (org.keycloak.KeycloakPrincipal)4 AdapterTokenStore (org.keycloak.adapters.AdapterTokenStore)4 HttpScope (org.wildfly.security.http.HttpScope)4 IOException (java.io.IOException)3 Principal (java.security.Principal)3 HttpSession (javax.servlet.http.HttpSession)3 Session (org.apache.catalina.Session)3 GenericPrincipal (org.apache.catalina.realm.GenericPrincipal)3 KeycloakAuthenticationToken (org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken)3 Before (org.junit.Before)2 OIDCHttpFacade (org.keycloak.adapters.OIDCHttpFacade)2 HttpFacade (org.keycloak.adapters.spi.HttpFacade)2 SimpleHttpFacade (org.keycloak.adapters.springsecurity.facade.SimpleHttpFacade)2 JWSInput (org.keycloak.jose.jws.JWSInput)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial