Search in sources :

Example 31 with StoreFactory

use of org.keycloak.authorization.store.StoreFactory in project keycloak by keycloak.

the class JPAPolicyStore method findByResource.

@Override
public void findByResource(String resourceId, String resourceServerId, Consumer<Policy> consumer) {
    TypedQuery<PolicyEntity> query = entityManager.createNamedQuery("findPolicyIdByResource", PolicyEntity.class);
    query.setFlushMode(FlushModeType.COMMIT);
    query.setParameter("resourceId", resourceId);
    query.setParameter("serverId", resourceServerId);
    PolicyStore storeFactory = provider.getStoreFactory().getPolicyStore();
    closing(query.getResultStream().map(entity -> storeFactory.findById(entity.getId(), resourceServerId)).filter(Objects::nonNull)).forEach(consumer::accept);
}
Also used : AbstractPolicyRepresentation(org.keycloak.representations.idm.authorization.AbstractPolicyRepresentation) KeycloakModelUtils(org.keycloak.models.utils.KeycloakModelUtils) StoreFactory(org.keycloak.authorization.store.StoreFactory) NoResultException(javax.persistence.NoResultException) FlushModeType(javax.persistence.FlushModeType) TypedQuery(javax.persistence.TypedQuery) ArrayList(java.util.ArrayList) Predicate(javax.persistence.criteria.Predicate) Map(java.util.Map) CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder) LinkedList(java.util.LinkedList) AuthorizationProvider(org.keycloak.authorization.AuthorizationProvider) Root(javax.persistence.criteria.Root) ResourceServer(org.keycloak.authorization.model.ResourceServer) CriteriaQuery(javax.persistence.criteria.CriteriaQuery) StreamsUtil.closing(org.keycloak.utils.StreamsUtil.closing) EntityManager(javax.persistence.EntityManager) PolicyStore(org.keycloak.authorization.store.PolicyStore) Objects(java.util.Objects) Consumer(java.util.function.Consumer) PaginationUtils.paginateQuery(org.keycloak.models.jpa.PaginationUtils.paginateQuery) Policy(org.keycloak.authorization.model.Policy) List(java.util.List) PolicyEntity(org.keycloak.authorization.jpa.entities.PolicyEntity) LockModeType(javax.persistence.LockModeType) Collections(java.util.Collections) PolicyEntity(org.keycloak.authorization.jpa.entities.PolicyEntity) Objects(java.util.Objects) PolicyStore(org.keycloak.authorization.store.PolicyStore)

Example 32 with StoreFactory

use of org.keycloak.authorization.store.StoreFactory in project keycloak by keycloak.

the class JPAResourceStore method findByScope.

@Override
public void findByScope(List<String> scopes, String resourceServerId, Consumer<Resource> consumer) {
    TypedQuery<ResourceEntity> query = entityManager.createNamedQuery("findResourceIdByScope", ResourceEntity.class);
    query.setFlushMode(FlushModeType.COMMIT);
    query.setParameter("scopeIds", scopes);
    query.setParameter("serverId", resourceServerId);
    StoreFactory storeFactory = provider.getStoreFactory();
    query.getResultList().stream().map(id -> new ResourceAdapter(id, entityManager, storeFactory)).forEach(consumer);
}
Also used : ResourceServer(org.keycloak.authorization.model.ResourceServer) CriteriaQuery(javax.persistence.criteria.CriteriaQuery) KeycloakModelUtils(org.keycloak.models.utils.KeycloakModelUtils) StreamsUtil.closing(org.keycloak.utils.StreamsUtil.closing) StoreFactory(org.keycloak.authorization.store.StoreFactory) NoResultException(javax.persistence.NoResultException) FlushModeType(javax.persistence.FlushModeType) EntityManager(javax.persistence.EntityManager) ResourceStore(org.keycloak.authorization.store.ResourceStore) TypedQuery(javax.persistence.TypedQuery) ArrayList(java.util.ArrayList) Consumer(java.util.function.Consumer) PaginationUtils.paginateQuery(org.keycloak.models.jpa.PaginationUtils.paginateQuery) List(java.util.List) Predicate(javax.persistence.criteria.Predicate) ResourceEntity(org.keycloak.authorization.jpa.entities.ResourceEntity) Map(java.util.Map) CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder) AuthorizationProvider(org.keycloak.authorization.AuthorizationProvider) Expression(javax.persistence.criteria.Expression) LinkedList(java.util.LinkedList) Root(javax.persistence.criteria.Root) Resource(org.keycloak.authorization.model.Resource) ResourceEntity(org.keycloak.authorization.jpa.entities.ResourceEntity) StoreFactory(org.keycloak.authorization.store.StoreFactory)

Example 33 with StoreFactory

use of org.keycloak.authorization.store.StoreFactory in project keycloak by keycloak.

the class JPAResourceStore method findByTypeInstance.

@Override
public void findByTypeInstance(String type, String resourceServerId, Consumer<Resource> consumer) {
    TypedQuery<ResourceEntity> query = entityManager.createNamedQuery("findResourceIdByTypeInstance", ResourceEntity.class);
    query.setFlushMode(FlushModeType.COMMIT);
    query.setParameter("type", type);
    query.setParameter("serverId", resourceServerId);
    StoreFactory storeFactory = provider.getStoreFactory();
    query.getResultList().stream().map(entity -> new ResourceAdapter(entity, entityManager, storeFactory)).forEach(consumer);
}
Also used : ResourceServer(org.keycloak.authorization.model.ResourceServer) CriteriaQuery(javax.persistence.criteria.CriteriaQuery) KeycloakModelUtils(org.keycloak.models.utils.KeycloakModelUtils) StreamsUtil.closing(org.keycloak.utils.StreamsUtil.closing) StoreFactory(org.keycloak.authorization.store.StoreFactory) NoResultException(javax.persistence.NoResultException) FlushModeType(javax.persistence.FlushModeType) EntityManager(javax.persistence.EntityManager) ResourceStore(org.keycloak.authorization.store.ResourceStore) TypedQuery(javax.persistence.TypedQuery) ArrayList(java.util.ArrayList) Consumer(java.util.function.Consumer) PaginationUtils.paginateQuery(org.keycloak.models.jpa.PaginationUtils.paginateQuery) List(java.util.List) Predicate(javax.persistence.criteria.Predicate) ResourceEntity(org.keycloak.authorization.jpa.entities.ResourceEntity) Map(java.util.Map) CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder) AuthorizationProvider(org.keycloak.authorization.AuthorizationProvider) Expression(javax.persistence.criteria.Expression) LinkedList(java.util.LinkedList) Root(javax.persistence.criteria.Root) Resource(org.keycloak.authorization.model.Resource) ResourceEntity(org.keycloak.authorization.jpa.entities.ResourceEntity) StoreFactory(org.keycloak.authorization.store.StoreFactory)

Example 34 with StoreFactory

use of org.keycloak.authorization.store.StoreFactory in project keycloak by keycloak.

the class ClientPolicyProviderFactory method postInit.

@Override
public void postInit(KeycloakSessionFactory factory) {
    factory.register(event -> {
        if (event instanceof ClientRemovedEvent) {
            KeycloakSession keycloakSession = ((ClientRemovedEvent) event).getKeycloakSession();
            AuthorizationProvider provider = keycloakSession.getProvider(AuthorizationProvider.class);
            StoreFactory storeFactory = provider.getStoreFactory();
            PolicyStore policyStore = storeFactory.getPolicyStore();
            ClientModel removedClient = ((ClientRemovedEvent) event).getClient();
            ResourceServerStore resourceServerStore = storeFactory.getResourceServerStore();
            ResourceServer resourceServer = resourceServerStore.findByClient(removedClient);
            if (resourceServer != null) {
                policyStore.findByType(getId(), resourceServer.getId()).forEach(policy -> {
                    List<String> clients = new ArrayList<>();
                    for (String clientId : getClients(policy)) {
                        if (!clientId.equals(removedClient.getId())) {
                            clients.add(clientId);
                        }
                    }
                    try {
                        if (clients.isEmpty()) {
                            policyStore.delete(policy.getId());
                        } else {
                            policy.putConfig("clients", JsonSerialization.writeValueAsString(clients));
                        }
                    } catch (IOException e) {
                        throw new RuntimeException("Error while synchronizing clients with policy [" + policy.getName() + "].", e);
                    }
                });
            }
        }
    });
}
Also used : ClientRemovedEvent(org.keycloak.models.ClientModel.ClientRemovedEvent) AuthorizationProvider(org.keycloak.authorization.AuthorizationProvider) ArrayList(java.util.ArrayList) IOException(java.io.IOException) StoreFactory(org.keycloak.authorization.store.StoreFactory) ClientModel(org.keycloak.models.ClientModel) ResourceServerStore(org.keycloak.authorization.store.ResourceServerStore) KeycloakSession(org.keycloak.models.KeycloakSession) PolicyStore(org.keycloak.authorization.store.PolicyStore) ResourceServer(org.keycloak.authorization.model.ResourceServer)

Example 35 with StoreFactory

use of org.keycloak.authorization.store.StoreFactory in project keycloak by keycloak.

the class ClientScopePolicyProviderFactory method postInit.

@Override
public void postInit(KeycloakSessionFactory factory) {
    factory.register(event -> {
        if (event instanceof ClientScopeRemovedEvent) {
            KeycloakSession keycloakSession = ((ClientScopeRemovedEvent) event).getKeycloakSession();
            AuthorizationProvider provider = keycloakSession.getProvider(AuthorizationProvider.class);
            StoreFactory storeFactory = provider.getStoreFactory();
            PolicyStore policyStore = storeFactory.getPolicyStore();
            ClientScopeModel removedClientScope = ((ClientScopeRemovedEvent) event).getClientScope();
            Map<Policy.FilterOption, String[]> filters = new HashMap<>();
            filters.put(Policy.FilterOption.TYPE, new String[] { getId() });
            policyStore.findByResourceServer(filters, null, -1, -1).forEach(new Consumer<Policy>() {

                @Override
                public void accept(Policy policy) {
                    List<Map<String, Object>> clientScopes = new ArrayList<>();
                    for (Map<String, Object> clientScope : getClientScopes(policy)) {
                        if (!clientScope.get("id").equals(removedClientScope.getId())) {
                            Map<String, Object> updated = new HashMap<>();
                            updated.put("id", clientScope.get("id"));
                            Object required = clientScope.get("required");
                            if (required != null) {
                                updated.put("required", required);
                            }
                            clientScopes.add(updated);
                        }
                    }
                    if (clientScopes.isEmpty()) {
                        policyStore.delete(policy.getId());
                    } else {
                        try {
                            policy.putConfig("clientScopes", JsonSerialization.writeValueAsString(clientScopes));
                        } catch (IOException e) {
                            throw new RuntimeException("Error while synchronizing client scopes with policy [" + policy.getName() + "].", e);
                        }
                    }
                }
            });
        }
    });
}
Also used : Policy(org.keycloak.authorization.model.Policy) ClientScopeRemovedEvent(org.keycloak.models.ClientScopeModel.ClientScopeRemovedEvent) HashMap(java.util.HashMap) AuthorizationProvider(org.keycloak.authorization.AuthorizationProvider) ClientScopeModel(org.keycloak.models.ClientScopeModel) IOException(java.io.IOException) StoreFactory(org.keycloak.authorization.store.StoreFactory) KeycloakSession(org.keycloak.models.KeycloakSession) PolicyStore(org.keycloak.authorization.store.PolicyStore) ArrayList(java.util.ArrayList) List(java.util.List) HashMap(java.util.HashMap) Map(java.util.Map)

Aggregations

StoreFactory (org.keycloak.authorization.store.StoreFactory)61 AuthorizationProvider (org.keycloak.authorization.AuthorizationProvider)33 ResourceServer (org.keycloak.authorization.model.ResourceServer)32 Policy (org.keycloak.authorization.model.Policy)31 Resource (org.keycloak.authorization.model.Resource)26 ClientModel (org.keycloak.models.ClientModel)21 Scope (org.keycloak.authorization.model.Scope)20 PolicyStore (org.keycloak.authorization.store.PolicyStore)20 Map (java.util.Map)19 List (java.util.List)17 ResourceStore (org.keycloak.authorization.store.ResourceStore)17 Path (javax.ws.rs.Path)15 Produces (javax.ws.rs.Produces)15 ArrayList (java.util.ArrayList)14 EnumMap (java.util.EnumMap)12 HashMap (java.util.HashMap)12 GET (javax.ws.rs.GET)12 KeycloakSession (org.keycloak.models.KeycloakSession)11 UserModel (org.keycloak.models.UserModel)11 JSPolicyRepresentation (org.keycloak.representations.idm.authorization.JSPolicyRepresentation)11