Examples with Resource org.keycloak.authorization.model.Resource used on opensource projects

Example 21 with Resource

use of org.keycloak.authorization.model.Resource in project keycloak by keycloak.

the class AuthorizationBean method toPermissionRepresentation.

private Collection<RequesterBean> toPermissionRepresentation(List<PermissionTicket> permissionRequests) {
    Map<String, RequesterBean> requests = new HashMap<>();
    for (PermissionTicket ticket : permissionRequests) {
        Resource resource = ticket.getResource();
        if (!resource.isOwnerManagedAccess()) {
            continue;
        }
        requests.computeIfAbsent(ticket.getRequester(), resourceId -> new RequesterBean(ticket, authorization)).addScope(ticket);
    }
    return requests.values();
}

Example 22 with Resource

use of org.keycloak.authorization.model.Resource in project keycloak by keycloak.

the class RepresentationToModel method updateResources.

private static void updateResources(Set<String> resourceIds, Policy policy, StoreFactory storeFactory) {
    if (resourceIds != null) {
        if (resourceIds.isEmpty()) {
            for (Resource resource : new HashSet<>(policy.getResources())) {
                policy.removeResource(resource);
            }
        }
        for (String resourceId : resourceIds) {
            boolean hasResource = false;
            for (Resource resourceModel : new HashSet<>(policy.getResources())) {
                if (resourceModel.getId().equals(resourceId) || resourceModel.getName().equals(resourceId)) {
                    hasResource = true;
                }
            }
            if (!hasResource && !"".equals(resourceId)) {
                Resource resource = storeFactory.getResourceStore().findById(resourceId, policy.getResourceServer().getId());
                if (resource == null) {
                    resource = storeFactory.getResourceStore().findByName(resourceId, policy.getResourceServer().getId());
                    if (resource == null) {
                        throw new RuntimeException("Resource with id or name [" + resourceId + "] does not exist or is not owned by the resource server");
                    }
                }
                policy.addResource(resource);
            }
        }
        for (Resource resourceModel : new HashSet<>(policy.getResources())) {
            boolean hasResource = false;
            for (String resourceId : resourceIds) {
                if (resourceModel.getId().equals(resourceId) || resourceModel.getName().equals(resourceId)) {
                    hasResource = true;
                }
            }
            if (!hasResource) {
                policy.removeResource(resourceModel);
            }
        }
    }
    policy.removeConfig("resources");
}

Example 23 with Resource

use of org.keycloak.authorization.model.Resource in project keycloak by keycloak.

the class RepresentationToModel method updateClientProtocolMappers.

public static void updateClientProtocolMappers(ClientRepresentation rep, ClientModel resource) {
    if (rep.getProtocolMappers() != null) {
        Map<String, ProtocolMapperModel> existingProtocolMappers = resource.getProtocolMappersStream().collect(Collectors.toMap(mapper -> generateProtocolNameKey(mapper.getProtocol(), mapper.getName()), Function.identity()));
        for (ProtocolMapperRepresentation protocolMapperRepresentation : rep.getProtocolMappers()) {
            String protocolNameKey = generateProtocolNameKey(protocolMapperRepresentation.getProtocol(), protocolMapperRepresentation.getName());
            ProtocolMapperModel existingMapper = existingProtocolMappers.get(protocolNameKey);
            if (existingMapper != null) {
                ProtocolMapperModel updatedProtocolMapperModel = toModel(protocolMapperRepresentation);
                updatedProtocolMapperModel.setId(existingMapper.getId());
                resource.updateProtocolMapper(updatedProtocolMapperModel);
                existingProtocolMappers.remove(protocolNameKey);
            } else {
                resource.addProtocolMapper(toModel(protocolMapperRepresentation));
            }
        }
        for (Map.Entry<String, ProtocolMapperModel> entryToDelete : existingProtocolMappers.entrySet()) {
            resource.removeProtocolMapper(entryToDelete.getValue());
        }
    }
}

Example 24 with Resource

use of org.keycloak.authorization.model.Resource in project keycloak by keycloak.

the class MapResourceStore method create.

@Override
public Resource create(String id, String name, ResourceServer resourceServer, String owner) {
    LOG.tracef("create(%s, %s, %s, %s)%s", id, name, resourceServer, owner, getShortStackTrace());
    // @UniqueConstraint(columnNames = {"NAME", "RESOURCE_SERVER_ID", "OWNER"})
    DefaultModelCriteria<Resource> mcb = forResourceServer(resourceServer.getId()).compare(SearchableFields.NAME, Operator.EQ, name).compare(SearchableFields.OWNER, Operator.EQ, owner);
    if (tx.getCount(withCriteria(mcb)) > 0) {
        throw new ModelDuplicateException("Resource with name '" + name + "' for " + resourceServer.getId() + " already exists for request owner " + owner);
    }
    MapResourceEntity entity = new MapResourceEntityImpl();
    entity.setId(id);
    entity.setName(name);
    entity.setResourceServerId(resourceServer.getId());
    entity.setOwner(owner);
    entity = tx.create(entity);
    return entityToAdapter(entity);
}

Example 25 with Resource

use of org.keycloak.authorization.model.Resource in project keycloak by keycloak.

the class ResourceSetService method delete.

@Path("{id}")
@DELETE
public Response delete(@PathParam("id") String id) {
    requireManage();
    StoreFactory storeFactory = authorization.getStoreFactory();
    Resource resource = storeFactory.getResourceStore().findById(id, resourceServer.getId());
    if (resource == null) {
        return Response.status(Status.NOT_FOUND).build();
    }
    storeFactory.getResourceStore().delete(id);
    audit(toRepresentation(resource, resourceServer.getId(), authorization), OperationType.DELETE);
    return Response.noContent().build();
}