Examples with Resource org.keycloak.authorization.model.Resource used on opensource projects

Search in sources :

Example 51 with Resource

use of org.keycloak.authorization.model.Resource in project keycloak by keycloak.

the class JPAPermissionTicketStore method findGrantedResources.

@Override
public List<Resource> findGrantedResources(String requester, String name, int first, int max) {
    TypedQuery<String> query = name == null ? entityManager.createNamedQuery("findGrantedResources", String.class) : entityManager.createNamedQuery("findGrantedResourcesByName", String.class);
    query.setFlushMode(FlushModeType.COMMIT);
    query.setParameter("requester", requester);
    if (name != null) {
        query.setParameter("resourceName", "%" + name.toLowerCase() + "%");
    }
    List<String> result = paginateQuery(query, first, max).getResultList();
    List<Resource> list = new LinkedList<>();
    ResourceStore resourceStore = provider.getStoreFactory().getResourceStore();
    for (String id : result) {
        Resource resource = resourceStore.findById(id, null);
        if (Objects.nonNull(resource)) {
            list.add(resource);
        }
    }
    return list;
}
Also used : Resource(org.keycloak.authorization.model.Resource) ResourceStore(org.keycloak.authorization.store.ResourceStore) LinkedList(java.util.LinkedList)

Example 52 with Resource

use of org.keycloak.authorization.model.Resource in project keycloak by keycloak.

the class JPAPermissionTicketStore method findGrantedOwnerResources.

@Override
public List<Resource> findGrantedOwnerResources(String owner, int first, int max) {
    TypedQuery<String> query = entityManager.createNamedQuery("findGrantedOwnerResources", String.class);
    query.setFlushMode(FlushModeType.COMMIT);
    query.setParameter("owner", owner);
    List<String> result = paginateQuery(query, first, max).getResultList();
    List<Resource> list = new LinkedList<>();
    ResourceStore resourceStore = provider.getStoreFactory().getResourceStore();
    for (String id : result) {
        Resource resource = resourceStore.findById(id, null);
        if (Objects.nonNull(resource)) {
            list.add(resource);
        }
    }
    return list;
}
Also used : Resource(org.keycloak.authorization.model.Resource) ResourceStore(org.keycloak.authorization.store.ResourceStore) LinkedList(java.util.LinkedList)

Example 53 with Resource

use of org.keycloak.authorization.model.Resource in project keycloak by keycloak.

the class JPAResourceStore method findByResourceServer.

@Override
public List<Resource> findByResourceServer(Map<Resource.FilterOption, String[]> attributes, String resourceServerId, int firstResult, int maxResult) {
    CriteriaBuilder builder = entityManager.getCriteriaBuilder();
    CriteriaQuery<ResourceEntity> querybuilder = builder.createQuery(ResourceEntity.class);
    Root<ResourceEntity> root = querybuilder.from(ResourceEntity.class);
    querybuilder.select(root.get("id"));
    List<Predicate> predicates = new ArrayList();
    if (resourceServerId != null) {
        predicates.add(builder.equal(root.get("resourceServer"), resourceServerId));
    }
    attributes.forEach((filterOption, value) -> {
        switch(filterOption) {
            case ID:
            case OWNER:
                predicates.add(root.get(filterOption.getName()).in(value));
                break;
            case SCOPE_ID:
                predicates.add(root.join("scopes").get("id").in(value));
                break;
            case OWNER_MANAGED_ACCESS:
                predicates.add(builder.equal(root.get(filterOption.getName()), Boolean.valueOf(value[0])));
                break;
            case URI:
                predicates.add(builder.lower(root.join("uris")).in(value[0].toLowerCase()));
                break;
            case URI_NOT_NULL:
                // predicates.add(builder.isNotEmpty(root.get("uris"))); looks like there is a bug in hibernate and this line doesn't work: https://hibernate.atlassian.net/browse/HHH-6686
                // Workaround
                Expression<Integer> urisSize = builder.size(root.get("uris"));
                predicates.add(builder.notEqual(urisSize, 0));
                break;
            case NAME:
            case TYPE:
                predicates.add(builder.like(builder.lower(root.get(filterOption.getName())), "%" + value[0].toLowerCase() + "%"));
                break;
            case EXACT_NAME:
                predicates.add(builder.equal(builder.lower(root.get(filterOption.getName())), value[0].toLowerCase()));
                break;
            default:
                throw new IllegalArgumentException("Unsupported filter [" + filterOption + "]");
        }
    });
    querybuilder.where(predicates.toArray(new Predicate[predicates.size()])).orderBy(builder.asc(root.get("name")));
    TypedQuery query = entityManager.createQuery(querybuilder);
    List<String> result = paginateQuery(query, firstResult, maxResult).getResultList();
    List<Resource> list = new LinkedList<>();
    ResourceStore resourceStore = provider.getStoreFactory().getResourceStore();
    for (String id : result) {
        Resource resource = resourceStore.findById(id, resourceServerId);
        if (resource != null) {
            list.add(resource);
        }
    }
    return list;
}
Also used : CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder) TypedQuery(javax.persistence.TypedQuery) ArrayList(java.util.ArrayList) Resource(org.keycloak.authorization.model.Resource) ResourceStore(org.keycloak.authorization.store.ResourceStore) LinkedList(java.util.LinkedList) Predicate(javax.persistence.criteria.Predicate) ResourceEntity(org.keycloak.authorization.jpa.entities.ResourceEntity)

Example 54 with Resource

use of org.keycloak.authorization.model.Resource in project keycloak by keycloak.

the class JPAResourceStore method findByType.

@Override
public void findByType(String type, String owner, String resourceServerId, Consumer<Resource> consumer) {
    TypedQuery<ResourceEntity> query;
    if (owner != null) {
        query = entityManager.createNamedQuery("findResourceIdByType", ResourceEntity.class);
    } else {
        query = entityManager.createNamedQuery("findResourceIdByTypeNoOwner", ResourceEntity.class);
    }
    query.setFlushMode(FlushModeType.COMMIT);
    query.setParameter("type", type);
    if (owner != null) {
        query.setParameter("ownerId", owner);
    }
    query.setParameter("serverId", resourceServerId);
    StoreFactory storeFactory = provider.getStoreFactory();
    query.getResultList().stream().map(entity -> new ResourceAdapter(entity, entityManager, storeFactory)).forEach(consumer);
}
Also used : ResourceServer(org.keycloak.authorization.model.ResourceServer) CriteriaQuery(javax.persistence.criteria.CriteriaQuery) KeycloakModelUtils(org.keycloak.models.utils.KeycloakModelUtils) StreamsUtil.closing(org.keycloak.utils.StreamsUtil.closing) StoreFactory(org.keycloak.authorization.store.StoreFactory) NoResultException(javax.persistence.NoResultException) FlushModeType(javax.persistence.FlushModeType) EntityManager(javax.persistence.EntityManager) ResourceStore(org.keycloak.authorization.store.ResourceStore) TypedQuery(javax.persistence.TypedQuery) ArrayList(java.util.ArrayList) Consumer(java.util.function.Consumer) PaginationUtils.paginateQuery(org.keycloak.models.jpa.PaginationUtils.paginateQuery) List(java.util.List) Predicate(javax.persistence.criteria.Predicate) ResourceEntity(org.keycloak.authorization.jpa.entities.ResourceEntity) Map(java.util.Map) CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder) AuthorizationProvider(org.keycloak.authorization.AuthorizationProvider) Expression(javax.persistence.criteria.Expression) LinkedList(java.util.LinkedList) Root(javax.persistence.criteria.Root) Resource(org.keycloak.authorization.model.Resource) ResourceEntity(org.keycloak.authorization.jpa.entities.ResourceEntity) StoreFactory(org.keycloak.authorization.store.StoreFactory)

Example 55 with Resource

use of org.keycloak.authorization.model.Resource in project keycloak by keycloak.

the class ResourceSetService method getPermissions.

@Path("{id}/permissions")
@GET
@NoCache
@Produces("application/json")
public Response getPermissions(@PathParam("id") String id) {
    requireView();
    StoreFactory storeFactory = authorization.getStoreFactory();
    ResourceStore resourceStore = storeFactory.getResourceStore();
    Resource model = resourceStore.findById(id, resourceServer.getId());
    if (model == null) {
        return Response.status(Status.NOT_FOUND).build();
    }
    PolicyStore policyStore = authorization.getStoreFactory().getPolicyStore();
    Set<Policy> policies = new HashSet<>();
    policies.addAll(policyStore.findByResource(model.getId(), resourceServer.getId()));
    if (model.getType() != null) {
        policies.addAll(policyStore.findByResourceType(model.getType(), resourceServer.getId()));
        Map<Resource.FilterOption, String[]> resourceFilter = new EnumMap<>(Resource.FilterOption.class);
        resourceFilter.put(Resource.FilterOption.OWNER, new String[] { resourceServer.getId() });
        resourceFilter.put(Resource.FilterOption.TYPE, new String[] { model.getType() });
        for (Resource resourceType : resourceStore.findByResourceServer(resourceFilter, resourceServer.getId(), -1, -1)) {
            policies.addAll(policyStore.findByResource(resourceType.getId(), resourceServer.getId()));
        }
    }
    policies.addAll(policyStore.findByScopeIds(model.getScopes().stream().map(scope -> scope.getId()).collect(Collectors.toList()), id, resourceServer.getId()));
    policies.addAll(policyStore.findByScopeIds(model.getScopes().stream().map(scope -> scope.getId()).collect(Collectors.toList()), null, resourceServer.getId()));
    List<PolicyRepresentation> representation = new ArrayList<>();
    for (Policy policyModel : policies) {
        if (!"uma".equalsIgnoreCase(policyModel.getType())) {
            PolicyRepresentation policy = new PolicyRepresentation();
            policy.setId(policyModel.getId());
            policy.setName(policyModel.getName());
            policy.setType(policyModel.getType());
            if (!representation.contains(policy)) {
                representation.add(policy);
            }
        }
    }
    return Response.ok(representation).build();
}
Also used : Policy(org.keycloak.authorization.model.Policy) ResourceRepresentation(org.keycloak.representations.idm.authorization.ResourceRepresentation) ResourceType(org.keycloak.events.admin.ResourceType) Produces(javax.ws.rs.Produces) BiFunction(java.util.function.BiFunction) Path(javax.ws.rs.Path) OAuthErrorException(org.keycloak.OAuthErrorException) QueryParam(javax.ws.rs.QueryParam) Consumes(javax.ws.rs.Consumes) ErrorResponseException(org.keycloak.services.ErrorResponseException) ModelToRepresentation.toRepresentation(org.keycloak.models.utils.ModelToRepresentation.toRepresentation) Map(java.util.Map) ResourceOwnerRepresentation(org.keycloak.representations.idm.authorization.ResourceOwnerRepresentation) AuthorizationProvider(org.keycloak.authorization.AuthorizationProvider) DELETE(javax.ws.rs.DELETE) RealmModel(org.keycloak.models.RealmModel) EnumMap(java.util.EnumMap) Collection(java.util.Collection) Set(java.util.Set) PolicyStore(org.keycloak.authorization.store.PolicyStore) ResourceStore(org.keycloak.authorization.store.ResourceStore) Collectors(java.util.stream.Collectors) List(java.util.List) Response(javax.ws.rs.core.Response) RepresentationToModel.toModel(org.keycloak.models.utils.RepresentationToModel.toModel) ClientModel(org.keycloak.models.ClientModel) OperationType(org.keycloak.events.admin.OperationType) PathParam(javax.ws.rs.PathParam) Scope(org.keycloak.authorization.model.Scope) GET(javax.ws.rs.GET) StoreFactory(org.keycloak.authorization.store.StoreFactory) Constants(org.keycloak.models.Constants) HashMap(java.util.HashMap) Function(java.util.function.Function) PolicyRepresentation(org.keycloak.representations.idm.authorization.PolicyRepresentation) ArrayList(java.util.ArrayList) HashSet(java.util.HashSet) UserModel(org.keycloak.models.UserModel) ScopeRepresentation(org.keycloak.representations.idm.authorization.ScopeRepresentation) Status(javax.ws.rs.core.Response.Status) PathMatcher(org.keycloak.common.util.PathMatcher) ResourceServer(org.keycloak.authorization.model.ResourceServer) POST(javax.ws.rs.POST) AdminPermissionEvaluator(org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator) KeycloakSession(org.keycloak.models.KeycloakSession) Policy(org.keycloak.authorization.model.Policy) NoCache(org.jboss.resteasy.annotations.cache.NoCache) PUT(javax.ws.rs.PUT) Collections(java.util.Collections) Resource(org.keycloak.authorization.model.Resource) AdminEventBuilder(org.keycloak.services.resources.admin.AdminEventBuilder) Resource(org.keycloak.authorization.model.Resource) ArrayList(java.util.ArrayList) ResourceStore(org.keycloak.authorization.store.ResourceStore) StoreFactory(org.keycloak.authorization.store.StoreFactory) PolicyRepresentation(org.keycloak.representations.idm.authorization.PolicyRepresentation) PolicyStore(org.keycloak.authorization.store.PolicyStore) EnumMap(java.util.EnumMap) HashSet(java.util.HashSet) Path(javax.ws.rs.Path) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) NoCache(org.jboss.resteasy.annotations.cache.NoCache)

Aggregations

Resource (org.keycloak.authorization.model.Resource)87 ResourceServer (org.keycloak.authorization.model.ResourceServer)51 Policy (org.keycloak.authorization.model.Policy)45 Scope (org.keycloak.authorization.model.Scope)44 AuthorizationProvider (org.keycloak.authorization.AuthorizationProvider)27 ResourceStore (org.keycloak.authorization.store.ResourceStore)27 StoreFactory (org.keycloak.authorization.store.StoreFactory)26 ArrayList (java.util.ArrayList)22 ClientModel (org.keycloak.models.ClientModel)22 List (java.util.List)20 HashSet (java.util.HashSet)19 Map (java.util.Map)19 UserModel (org.keycloak.models.UserModel)18 RealmModel (org.keycloak.models.RealmModel)16 HashMap (java.util.HashMap)15 Set (java.util.Set)15 EnumMap (java.util.EnumMap)14 Collectors (java.util.stream.Collectors)14 Path (javax.ws.rs.Path)13 PolicyStore (org.keycloak.authorization.store.PolicyStore)13
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial