Search in sources :

Example 1 with ConfigurableAuthenticatorFactory

use of org.keycloak.authentication.ConfigurableAuthenticatorFactory in project keycloak by keycloak.

the class AuthenticationManagementResource method buildProviderMetadata.

public Stream<Map<String, Object>> buildProviderMetadata(Stream<ProviderFactory> factories) {
    return factories.map(factory -> {
        Map<String, Object> data = new HashMap<>();
        data.put("id", factory.getId());
        ConfigurableAuthenticatorFactory configured = (ConfigurableAuthenticatorFactory) factory;
        data.put("description", configured.getHelpText());
        data.put("displayName", configured.getDisplayType());
        return data;
    });
}
Also used : HashMap(java.util.HashMap) ConfigurableAuthenticatorFactory(org.keycloak.authentication.ConfigurableAuthenticatorFactory)

Example 2 with ConfigurableAuthenticatorFactory

use of org.keycloak.authentication.ConfigurableAuthenticatorFactory in project keycloak by keycloak.

the class AuthenticationManagementResource method getAuthenticatorConfigDescription.

/**
 * Get authenticator provider's configuration description
 */
@Path("config-description/{providerId}")
@GET
@Produces(MediaType.APPLICATION_JSON)
@NoCache
public AuthenticatorConfigInfoRepresentation getAuthenticatorConfigDescription(@PathParam("providerId") String providerId) {
    auth.realm().requireViewRealm();
    ConfigurableAuthenticatorFactory factory = CredentialHelper.getConfigurableAuthenticatorFactory(session, providerId);
    if (factory == null) {
        throw new NotFoundException("Could not find authenticator provider");
    }
    AuthenticatorConfigInfoRepresentation rep = new AuthenticatorConfigInfoRepresentation();
    rep.setProviderId(providerId);
    rep.setName(factory.getDisplayType());
    rep.setHelpText(factory.getHelpText());
    rep.setProperties(new LinkedList<>());
    List<ProviderConfigProperty> configProperties = Optional.ofNullable(factory.getConfigProperties()).orElse(Collections.emptyList());
    for (ProviderConfigProperty prop : configProperties) {
        ConfigPropertyRepresentation propRep = getConfigPropertyRep(prop);
        rep.getProperties().add(propRep);
    }
    return rep;
}
Also used : AuthenticatorConfigInfoRepresentation(org.keycloak.representations.idm.AuthenticatorConfigInfoRepresentation) ProviderConfigProperty(org.keycloak.provider.ProviderConfigProperty) ConfigurableAuthenticatorFactory(org.keycloak.authentication.ConfigurableAuthenticatorFactory) NotFoundException(javax.ws.rs.NotFoundException) ConfigPropertyRepresentation(org.keycloak.representations.idm.ConfigPropertyRepresentation) Path(javax.ws.rs.Path) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) NoCache(org.jboss.resteasy.annotations.cache.NoCache)

Example 3 with ConfigurableAuthenticatorFactory

use of org.keycloak.authentication.ConfigurableAuthenticatorFactory in project keycloak by keycloak.

the class AuthenticationManagementResource method recurseExecutions.

public void recurseExecutions(AuthenticationFlowModel flow, List<AuthenticationExecutionInfoRepresentation> result, int level) {
    AtomicInteger index = new AtomicInteger(0);
    realm.getAuthenticationExecutionsStream(flow.getId()).forEachOrdered(execution -> {
        AuthenticationExecutionInfoRepresentation rep = new AuthenticationExecutionInfoRepresentation();
        rep.setLevel(level);
        rep.setIndex(index.getAndIncrement());
        rep.setRequirementChoices(new LinkedList<>());
        if (execution.isAuthenticatorFlow()) {
            AuthenticationFlowModel flowRef = realm.getAuthenticationFlowById(execution.getFlowId());
            if (AuthenticationFlow.BASIC_FLOW.equals(flowRef.getProviderId())) {
                rep.getRequirementChoices().add(AuthenticationExecutionModel.Requirement.REQUIRED.name());
                rep.getRequirementChoices().add(AuthenticationExecutionModel.Requirement.ALTERNATIVE.name());
                rep.getRequirementChoices().add(AuthenticationExecutionModel.Requirement.DISABLED.name());
                rep.getRequirementChoices().add(AuthenticationExecutionModel.Requirement.CONDITIONAL.name());
            } else if (AuthenticationFlow.FORM_FLOW.equals(flowRef.getProviderId())) {
                rep.getRequirementChoices().add(AuthenticationExecutionModel.Requirement.REQUIRED.name());
                rep.getRequirementChoices().add(AuthenticationExecutionModel.Requirement.DISABLED.name());
                rep.setProviderId(execution.getAuthenticator());
                rep.setAuthenticationConfig(execution.getAuthenticatorConfig());
            } else if (AuthenticationFlow.CLIENT_FLOW.equals(flowRef.getProviderId())) {
                rep.getRequirementChoices().add(AuthenticationExecutionModel.Requirement.ALTERNATIVE.name());
                rep.getRequirementChoices().add(AuthenticationExecutionModel.Requirement.REQUIRED.name());
                rep.getRequirementChoices().add(AuthenticationExecutionModel.Requirement.DISABLED.name());
            }
            rep.setDisplayName(flowRef.getAlias());
            rep.setDescription(flowRef.getDescription());
            rep.setConfigurable(false);
            rep.setId(execution.getId());
            rep.setAuthenticationFlow(execution.isAuthenticatorFlow());
            rep.setRequirement(execution.getRequirement().name());
            rep.setFlowId(execution.getFlowId());
            result.add(rep);
            AuthenticationFlowModel subFlow = realm.getAuthenticationFlowById(execution.getFlowId());
            recurseExecutions(subFlow, result, level + 1);
        } else {
            String providerId = execution.getAuthenticator();
            ConfigurableAuthenticatorFactory factory = CredentialHelper.getConfigurableAuthenticatorFactory(session, providerId);
            if (factory == null) {
                logger.warnf("Cannot find authentication provider implementation with provider ID '%s'", providerId);
                throw new NotFoundException("Could not find authenticator provider");
            }
            rep.setDisplayName(factory.getDisplayType());
            rep.setConfigurable(factory.isConfigurable());
            for (AuthenticationExecutionModel.Requirement choice : factory.getRequirementChoices()) {
                rep.getRequirementChoices().add(choice.name());
            }
            rep.setId(execution.getId());
            if (factory.isConfigurable()) {
                String authenticatorConfigId = execution.getAuthenticatorConfig();
                if (authenticatorConfigId != null) {
                    AuthenticatorConfigModel authenticatorConfig = realm.getAuthenticatorConfigById(authenticatorConfigId);
                    if (authenticatorConfig != null) {
                        rep.setAlias(authenticatorConfig.getAlias());
                    }
                }
            }
            rep.setRequirement(execution.getRequirement().name());
            rep.setProviderId(execution.getAuthenticator());
            rep.setAuthenticationConfig(execution.getAuthenticatorConfig());
            result.add(rep);
        }
    });
}
Also used : AtomicInteger(java.util.concurrent.atomic.AtomicInteger) AuthenticationExecutionModel(org.keycloak.models.AuthenticationExecutionModel) AuthenticationExecutionInfoRepresentation(org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation) ConfigurableAuthenticatorFactory(org.keycloak.authentication.ConfigurableAuthenticatorFactory) AuthenticationFlowModel(org.keycloak.models.AuthenticationFlowModel) NotFoundException(javax.ws.rs.NotFoundException) AuthenticatorConfigModel(org.keycloak.models.AuthenticatorConfigModel)

Example 4 with ConfigurableAuthenticatorFactory

use of org.keycloak.authentication.ConfigurableAuthenticatorFactory in project keycloak by keycloak.

the class AuthenticationManagementResource method addExecutionToFlow.

/**
 * Add new authentication execution to a flow
 *
 * @param flowAlias Alias of parent flow
 * @param data New execution JSON data containing 'provider' attribute
 */
@Path("/flows/{flowAlias}/executions/execution")
@POST
@NoCache
@Consumes(MediaType.APPLICATION_JSON)
public Response addExecutionToFlow(@PathParam("flowAlias") String flowAlias, Map<String, String> data) {
    auth.realm().requireManageRealm();
    AuthenticationFlowModel parentFlow = realm.getFlowByAlias(flowAlias);
    if (parentFlow == null) {
        throw new BadRequestException("Parent flow doesn't exist");
    }
    if (parentFlow.isBuiltIn()) {
        throw new BadRequestException("It is illegal to add execution to a built in flow");
    }
    String provider = data.get("provider");
    // make sure provider is one of the registered providers
    ProviderFactory f;
    if (parentFlow.getProviderId().equals(AuthenticationFlow.CLIENT_FLOW)) {
        f = session.getKeycloakSessionFactory().getProviderFactory(ClientAuthenticator.class, provider);
    } else if (parentFlow.getProviderId().equals(AuthenticationFlow.FORM_FLOW)) {
        f = session.getKeycloakSessionFactory().getProviderFactory(FormAction.class, provider);
    } else {
        f = session.getKeycloakSessionFactory().getProviderFactory(Authenticator.class, provider);
    }
    if (f == null) {
        throw new BadRequestException("No authentication provider found for id: " + provider);
    }
    AuthenticationExecutionModel execution = new AuthenticationExecutionModel();
    execution.setParentFlow(parentFlow.getId());
    ConfigurableAuthenticatorFactory conf = (ConfigurableAuthenticatorFactory) f;
    if (conf.getRequirementChoices().length == 1)
        execution.setRequirement(conf.getRequirementChoices()[0]);
    else
        execution.setRequirement(AuthenticationExecutionModel.Requirement.DISABLED);
    execution.setAuthenticatorFlow(false);
    execution.setAuthenticator(provider);
    execution.setPriority(getNextPriority(parentFlow));
    execution = realm.addAuthenticatorExecution(execution);
    data.put("id", execution.getId());
    adminEvent.operation(OperationType.CREATE).resource(ResourceType.AUTH_EXECUTION).resourcePath(session.getContext().getUri()).representation(data).success();
    String addExecutionPathSegment = UriBuilder.fromMethod(AuthenticationManagementResource.class, "addExecutionToFlow").build(parentFlow.getAlias()).getPath();
    return Response.created(session.getContext().getUri().getBaseUriBuilder().path(session.getContext().getUri().getPath().replace(addExecutionPathSegment, "")).path("executions").path(execution.getId()).build()).build();
}
Also used : AuthenticationExecutionModel(org.keycloak.models.AuthenticationExecutionModel) ProviderFactory(org.keycloak.provider.ProviderFactory) ClientAuthenticator(org.keycloak.authentication.ClientAuthenticator) ConfigurableAuthenticatorFactory(org.keycloak.authentication.ConfigurableAuthenticatorFactory) AuthenticationFlowModel(org.keycloak.models.AuthenticationFlowModel) BadRequestException(javax.ws.rs.BadRequestException) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) NoCache(org.jboss.resteasy.annotations.cache.NoCache)

Aggregations

ConfigurableAuthenticatorFactory (org.keycloak.authentication.ConfigurableAuthenticatorFactory)4 NotFoundException (javax.ws.rs.NotFoundException)2 Path (javax.ws.rs.Path)2 NoCache (org.jboss.resteasy.annotations.cache.NoCache)2 AuthenticationExecutionModel (org.keycloak.models.AuthenticationExecutionModel)2 AuthenticationFlowModel (org.keycloak.models.AuthenticationFlowModel)2 HashMap (java.util.HashMap)1 AtomicInteger (java.util.concurrent.atomic.AtomicInteger)1 BadRequestException (javax.ws.rs.BadRequestException)1 Consumes (javax.ws.rs.Consumes)1 GET (javax.ws.rs.GET)1 POST (javax.ws.rs.POST)1 Produces (javax.ws.rs.Produces)1 ClientAuthenticator (org.keycloak.authentication.ClientAuthenticator)1 AuthenticatorConfigModel (org.keycloak.models.AuthenticatorConfigModel)1 ProviderConfigProperty (org.keycloak.provider.ProviderConfigProperty)1 ProviderFactory (org.keycloak.provider.ProviderFactory)1 AuthenticationExecutionInfoRepresentation (org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation)1 AuthenticatorConfigInfoRepresentation (org.keycloak.representations.idm.AuthenticatorConfigInfoRepresentation)1 ConfigPropertyRepresentation (org.keycloak.representations.idm.ConfigPropertyRepresentation)1