use of org.keycloak.admin.client.resource.RoleResource in project airavata by apache.
the class TenantManagementKeycloakImpl method addRoleToUser.
@Override
public boolean addRoleToUser(PasswordCredential realmAdminCreds, String tenantId, String username, String roleName) throws IamAdminServicesException {
Keycloak client = null;
try {
client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), tenantId, realmAdminCreds);
List<UserRepresentation> retrieveCreatedUserList = client.realm(tenantId).users().search(username, null, null, null, 0, 1);
UserResource retrievedUser = client.realm(tenantId).users().get(retrieveCreatedUserList.get(0).getId());
// Add user to the role
RoleResource roleResource = client.realm(tenantId).roles().get(roleName);
retrievedUser.roles().realmLevel().add(Arrays.asList(roleResource.toRepresentation()));
return true;
} catch (ApplicationSettingsException ex) {
logger.error("Error getting values from property file, reason: " + ex.getMessage(), ex);
IamAdminServicesException exception = new IamAdminServicesException();
exception.setMessage("Error getting values from property file, reason " + ex.getMessage());
throw exception;
} finally {
if (client != null) {
client.close();
}
}
}
use of org.keycloak.admin.client.resource.RoleResource in project airavata by apache.
the class TenantManagementKeycloakImpl method removeRoleFromUser.
@Override
public boolean removeRoleFromUser(PasswordCredential realmAdminCreds, String tenantId, String username, String roleName) throws IamAdminServicesException {
Keycloak client = null;
try {
client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), tenantId, realmAdminCreds);
List<UserRepresentation> retrieveCreatedUserList = client.realm(tenantId).users().search(username, null, null, null, 0, 1);
UserResource retrievedUser = client.realm(tenantId).users().get(retrieveCreatedUserList.get(0).getId());
// Remove role from user
RoleResource roleResource = client.realm(tenantId).roles().get(roleName);
retrievedUser.roles().realmLevel().remove(Arrays.asList(roleResource.toRepresentation()));
return true;
} catch (ApplicationSettingsException ex) {
logger.error("Error getting values from property file, reason: " + ex.getMessage(), ex);
IamAdminServicesException exception = new IamAdminServicesException();
exception.setMessage("Error getting values from property file, reason " + ex.getMessage());
throw exception;
} finally {
if (client != null) {
client.close();
}
}
}
use of org.keycloak.admin.client.resource.RoleResource in project airavata by apache.
the class TenantManagementKeycloakImpl method createTenantAdminAccount.
@Override
public boolean createTenantAdminAccount(PasswordCredential isSuperAdminPasswordCreds, Gateway gatewayDetails, String tenantAdminPassword) throws IamAdminServicesException {
Keycloak client = null;
try {
client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), this.superAdminRealmId, isSuperAdminPasswordCreds);
UserRepresentation user = new UserRepresentation();
user.setUsername(gatewayDetails.getIdentityServerUserName());
user.setFirstName(gatewayDetails.getGatewayAdminFirstName());
user.setLastName(gatewayDetails.getGatewayAdminLastName());
user.setEmail(gatewayDetails.getGatewayAdminEmail());
user.setEmailVerified(true);
user.setEnabled(true);
Response httpResponse = client.realm(gatewayDetails.getGatewayId()).users().create(user);
logger.info("Tenant Admin account creation exited with code : " + httpResponse.getStatus() + " : " + httpResponse.getStatusInfo());
if (httpResponse.getStatus() == 201) {
// HTTP code for record creation: HTTP 201
List<UserRepresentation> retrieveCreatedUserList = client.realm(gatewayDetails.getGatewayId()).users().search(user.getUsername(), user.getFirstName(), user.getLastName(), user.getEmail(), 0, 1);
UserResource retrievedUser = client.realm(gatewayDetails.getGatewayId()).users().get(retrieveCreatedUserList.get(0).getId());
// Add user to the "admin" role
RoleResource adminRoleResource = client.realm(gatewayDetails.getGatewayId()).roles().get("admin");
retrievedUser.roles().realmLevel().add(Arrays.asList(adminRoleResource.toRepresentation()));
CredentialRepresentation credential = new CredentialRepresentation();
credential.setType(CredentialRepresentation.PASSWORD);
credential.setValue(tenantAdminPassword);
credential.setTemporary(false);
retrievedUser.resetPassword(credential);
List<ClientRepresentation> realmClients = client.realm(gatewayDetails.getGatewayId()).clients().findAll();
String realmManagementClientId = null;
for (ClientRepresentation realmClient : realmClients) {
if (realmClient.getClientId().equals("realm-management")) {
realmManagementClientId = realmClient.getId();
}
}
retrievedUser.roles().clientLevel(realmManagementClientId).add(retrievedUser.roles().clientLevel(realmManagementClientId).listAvailable());
return true;
} else {
logger.error("Request for Tenant Admin Account Creation failed with HTTP code : " + httpResponse.getStatus());
logger.error("Reason for Tenant Admin account creation failure : " + httpResponse.getStatusInfo());
return false;
}
} catch (ApplicationSettingsException ex) {
logger.error("Error getting values from property file, reason: " + ex.getMessage(), ex);
IamAdminServicesException exception = new IamAdminServicesException();
exception.setMessage("Error getting values from property file, reason " + ex.getMessage());
throw exception;
} catch (Exception ex) {
logger.error("Error creating Realm Admin Account in keycloak server, reason: " + ex.getMessage(), ex);
IamAdminServicesException exception = new IamAdminServicesException();
exception.setMessage("Error creating Realm Admin Account in keycloak server, reason: " + ex.getMessage());
throw exception;
} finally {
if (client != null) {
client.close();
}
}
}
Aggregations