Example 1 with ConfigurableAuthenticatorFactory
use of org.keycloak.authentication.ConfigurableAuthenticatorFactory in project keycloak by keycloak.
the class AuthenticationManagementResource method buildProviderMetadata.
public Stream<Map<String, Object>> buildProviderMetadata(Stream<ProviderFactory> factories) {
return factories.map(factory -> {
Map<String, Object> data = new HashMap<>();
data.put("id", factory.getId());
ConfigurableAuthenticatorFactory configured = (ConfigurableAuthenticatorFactory) factory;
data.put("description", configured.getHelpText());
data.put("displayName", configured.getDisplayType());
return data;
});
}
Also used :
HashMap(java.util.HashMap)
ConfigurableAuthenticatorFactory(org.keycloak.authentication.ConfigurableAuthenticatorFactory)
Example 2 with ConfigurableAuthenticatorFactory
use of org.keycloak.authentication.ConfigurableAuthenticatorFactory in project keycloak by keycloak.
the class AuthenticationManagementResource method getAuthenticatorConfigDescription.
/**
* Get authenticator provider's configuration description
*/
@Path("config-description/{providerId}")
@GET
@Produces(MediaType.APPLICATION_JSON)
@NoCache
public AuthenticatorConfigInfoRepresentation getAuthenticatorConfigDescription(@PathParam("providerId") String providerId) {
auth.realm().requireViewRealm();
ConfigurableAuthenticatorFactory factory = CredentialHelper.getConfigurableAuthenticatorFactory(session, providerId);
if (factory == null) {
throw new NotFoundException("Could not find authenticator provider");
}
AuthenticatorConfigInfoRepresentation rep = new AuthenticatorConfigInfoRepresentation();
rep.setProviderId(providerId);
rep.setName(factory.getDisplayType());
rep.setHelpText(factory.getHelpText());
rep.setProperties(new LinkedList<>());
List<ProviderConfigProperty> configProperties = Optional.ofNullable(factory.getConfigProperties()).orElse(Collections.emptyList());
for (ProviderConfigProperty prop : configProperties) {
ConfigPropertyRepresentation propRep = getConfigPropertyRep(prop);
rep.getProperties().add(propRep);
}
return rep;
}
Also used :
AuthenticatorConfigInfoRepresentation(org.keycloak.representations.idm.AuthenticatorConfigInfoRepresentation)
ProviderConfigProperty(org.keycloak.provider.ProviderConfigProperty)
ConfigurableAuthenticatorFactory(org.keycloak.authentication.ConfigurableAuthenticatorFactory)
NotFoundException(javax.ws.rs.NotFoundException)
ConfigPropertyRepresentation(org.keycloak.representations.idm.ConfigPropertyRepresentation)
Path(javax.ws.rs.Path)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
NoCache(org.jboss.resteasy.annotations.cache.NoCache)
Example 3 with ConfigurableAuthenticatorFactory
use of org.keycloak.authentication.ConfigurableAuthenticatorFactory in project keycloak by keycloak.
the class AuthenticationManagementResource method recurseExecutions.
public void recurseExecutions(AuthenticationFlowModel flow, List<AuthenticationExecutionInfoRepresentation> result, int level) {
AtomicInteger index = new AtomicInteger(0);
realm.getAuthenticationExecutionsStream(flow.getId()).forEachOrdered(execution -> {
AuthenticationExecutionInfoRepresentation rep = new AuthenticationExecutionInfoRepresentation();
rep.setLevel(level);
rep.setIndex(index.getAndIncrement());
rep.setRequirementChoices(new LinkedList<>());
if (execution.isAuthenticatorFlow()) {
AuthenticationFlowModel flowRef = realm.getAuthenticationFlowById(execution.getFlowId());
if (AuthenticationFlow.BASIC_FLOW.equals(flowRef.getProviderId())) {
rep.getRequirementChoices().add(AuthenticationExecutionModel.Requirement.REQUIRED.name());
rep.getRequirementChoices().add(AuthenticationExecutionModel.Requirement.ALTERNATIVE.name());
rep.getRequirementChoices().add(AuthenticationExecutionModel.Requirement.DISABLED.name());
rep.getRequirementChoices().add(AuthenticationExecutionModel.Requirement.CONDITIONAL.name());
} else if (AuthenticationFlow.FORM_FLOW.equals(flowRef.getProviderId())) {
rep.getRequirementChoices().add(AuthenticationExecutionModel.Requirement.REQUIRED.name());
rep.getRequirementChoices().add(AuthenticationExecutionModel.Requirement.DISABLED.name());
rep.setProviderId(execution.getAuthenticator());
rep.setAuthenticationConfig(execution.getAuthenticatorConfig());
} else if (AuthenticationFlow.CLIENT_FLOW.equals(flowRef.getProviderId())) {
rep.getRequirementChoices().add(AuthenticationExecutionModel.Requirement.ALTERNATIVE.name());
rep.getRequirementChoices().add(AuthenticationExecutionModel.Requirement.REQUIRED.name());
rep.getRequirementChoices().add(AuthenticationExecutionModel.Requirement.DISABLED.name());
}
rep.setDisplayName(flowRef.getAlias());
rep.setDescription(flowRef.getDescription());
rep.setConfigurable(false);
rep.setId(execution.getId());
rep.setAuthenticationFlow(execution.isAuthenticatorFlow());
rep.setRequirement(execution.getRequirement().name());
rep.setFlowId(execution.getFlowId());
result.add(rep);
AuthenticationFlowModel subFlow = realm.getAuthenticationFlowById(execution.getFlowId());
recurseExecutions(subFlow, result, level + 1);
} else {
String providerId = execution.getAuthenticator();
ConfigurableAuthenticatorFactory factory = CredentialHelper.getConfigurableAuthenticatorFactory(session, providerId);
if (factory == null) {
logger.warnf("Cannot find authentication provider implementation with provider ID '%s'", providerId);
throw new NotFoundException("Could not find authenticator provider");
}
rep.setDisplayName(factory.getDisplayType());
rep.setConfigurable(factory.isConfigurable());
for (AuthenticationExecutionModel.Requirement choice : factory.getRequirementChoices()) {
rep.getRequirementChoices().add(choice.name());
}
rep.setId(execution.getId());
if (factory.isConfigurable()) {
String authenticatorConfigId = execution.getAuthenticatorConfig();
if (authenticatorConfigId != null) {
AuthenticatorConfigModel authenticatorConfig = realm.getAuthenticatorConfigById(authenticatorConfigId);
if (authenticatorConfig != null) {
rep.setAlias(authenticatorConfig.getAlias());
}
}
}
rep.setRequirement(execution.getRequirement().name());
rep.setProviderId(execution.getAuthenticator());
rep.setAuthenticationConfig(execution.getAuthenticatorConfig());
result.add(rep);
}
});
}
Also used :
AtomicInteger(java.util.concurrent.atomic.AtomicInteger)
AuthenticationExecutionModel(org.keycloak.models.AuthenticationExecutionModel)
AuthenticationExecutionInfoRepresentation(org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation)
ConfigurableAuthenticatorFactory(org.keycloak.authentication.ConfigurableAuthenticatorFactory)
AuthenticationFlowModel(org.keycloak.models.AuthenticationFlowModel)
NotFoundException(javax.ws.rs.NotFoundException)
AuthenticatorConfigModel(org.keycloak.models.AuthenticatorConfigModel)
Example 4 with ConfigurableAuthenticatorFactory
use of org.keycloak.authentication.ConfigurableAuthenticatorFactory in project keycloak by keycloak.
the class AuthenticationManagementResource method addExecutionToFlow.
/**
* Add new authentication execution to a flow
*
* @param flowAlias Alias of parent flow
* @param data New execution JSON data containing 'provider' attribute
*/
@Path("/flows/{flowAlias}/executions/execution")
@POST
@NoCache
@Consumes(MediaType.APPLICATION_JSON)
public Response addExecutionToFlow(@PathParam("flowAlias") String flowAlias, Map<String, String> data) {
auth.realm().requireManageRealm();
AuthenticationFlowModel parentFlow = realm.getFlowByAlias(flowAlias);
if (parentFlow == null) {
throw new BadRequestException("Parent flow doesn't exist");
}
if (parentFlow.isBuiltIn()) {
throw new BadRequestException("It is illegal to add execution to a built in flow");
}
String provider = data.get("provider");
// make sure provider is one of the registered providers
ProviderFactory f;
if (parentFlow.getProviderId().equals(AuthenticationFlow.CLIENT_FLOW)) {
f = session.getKeycloakSessionFactory().getProviderFactory(ClientAuthenticator.class, provider);
} else if (parentFlow.getProviderId().equals(AuthenticationFlow.FORM_FLOW)) {
f = session.getKeycloakSessionFactory().getProviderFactory(FormAction.class, provider);
} else {
f = session.getKeycloakSessionFactory().getProviderFactory(Authenticator.class, provider);
}
if (f == null) {
throw new BadRequestException("No authentication provider found for id: " + provider);
}
AuthenticationExecutionModel execution = new AuthenticationExecutionModel();
execution.setParentFlow(parentFlow.getId());
ConfigurableAuthenticatorFactory conf = (ConfigurableAuthenticatorFactory) f;
if (conf.getRequirementChoices().length == 1)
execution.setRequirement(conf.getRequirementChoices()[0]);
else
execution.setRequirement(AuthenticationExecutionModel.Requirement.DISABLED);
execution.setAuthenticatorFlow(false);
execution.setAuthenticator(provider);
execution.setPriority(getNextPriority(parentFlow));
execution = realm.addAuthenticatorExecution(execution);
data.put("id", execution.getId());
adminEvent.operation(OperationType.CREATE).resource(ResourceType.AUTH_EXECUTION).resourcePath(session.getContext().getUri()).representation(data).success();
String addExecutionPathSegment = UriBuilder.fromMethod(AuthenticationManagementResource.class, "addExecutionToFlow").build(parentFlow.getAlias()).getPath();
return Response.created(session.getContext().getUri().getBaseUriBuilder().path(session.getContext().getUri().getPath().replace(addExecutionPathSegment, "")).path("executions").path(execution.getId()).build()).build();
}
Also used :
AuthenticationExecutionModel(org.keycloak.models.AuthenticationExecutionModel)
ProviderFactory(org.keycloak.provider.ProviderFactory)
ClientAuthenticator(org.keycloak.authentication.ClientAuthenticator)
ConfigurableAuthenticatorFactory(org.keycloak.authentication.ConfigurableAuthenticatorFactory)
AuthenticationFlowModel(org.keycloak.models.AuthenticationFlowModel)
BadRequestException(javax.ws.rs.BadRequestException)
Path(javax.ws.rs.Path)
POST(javax.ws.rs.POST)
Consumes(javax.ws.rs.Consumes)
NoCache(org.jboss.resteasy.annotations.cache.NoCache)
Aggregations
ConfigurableAuthenticatorFactory (org.keycloak.authentication.ConfigurableAuthenticatorFactory)4
NotFoundException (javax.ws.rs.NotFoundException)2
Path (javax.ws.rs.Path)2
NoCache (org.jboss.resteasy.annotations.cache.NoCache)2
AuthenticationExecutionModel (org.keycloak.models.AuthenticationExecutionModel)2
AuthenticationFlowModel (org.keycloak.models.AuthenticationFlowModel)2
HashMap (java.util.HashMap)1
AtomicInteger (java.util.concurrent.atomic.AtomicInteger)1
BadRequestException (javax.ws.rs.BadRequestException)1
Consumes (javax.ws.rs.Consumes)1
GET (javax.ws.rs.GET)1
POST (javax.ws.rs.POST)1
Produces (javax.ws.rs.Produces)1
ClientAuthenticator (org.keycloak.authentication.ClientAuthenticator)1
AuthenticatorConfigModel (org.keycloak.models.AuthenticatorConfigModel)1
ProviderConfigProperty (org.keycloak.provider.ProviderConfigProperty)1
ProviderFactory (org.keycloak.provider.ProviderFactory)1
AuthenticationExecutionInfoRepresentation (org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation)1
AuthenticatorConfigInfoRepresentation (org.keycloak.representations.idm.AuthenticatorConfigInfoRepresentation)1
ConfigPropertyRepresentation (org.keycloak.representations.idm.ConfigPropertyRepresentation)1
