Examples with ExchangeTokenToIdentityProviderToken org.keycloak.broker.provider.ExchangeTokenToIdentityProviderToken used on opensource projects

Search in sources :

Example 1 with ExchangeTokenToIdentityProviderToken

use of org.keycloak.broker.provider.ExchangeTokenToIdentityProviderToken in project keycloak by keycloak.

the class DefaultTokenExchangeProvider method exchangeToIdentityProvider.

protected Response exchangeToIdentityProvider(UserModel targetUser, UserSessionModel targetUserSession, String requestedIssuer) {
    event.detail(Details.REQUESTED_ISSUER, requestedIssuer);
    IdentityProviderModel providerModel = realm.getIdentityProviderByAlias(requestedIssuer);
    if (providerModel == null) {
        event.detail(Details.REASON, "unknown requested_issuer");
        event.error(Errors.UNKNOWN_IDENTITY_PROVIDER);
        throw new CorsErrorResponseException(cors, OAuthErrorException.INVALID_REQUEST, "Invalid issuer", Response.Status.BAD_REQUEST);
    }
    IdentityProvider provider = IdentityBrokerService.getIdentityProvider(session, realm, requestedIssuer);
    if (!(provider instanceof ExchangeTokenToIdentityProviderToken)) {
        event.detail(Details.REASON, "exchange unsupported by requested_issuer");
        event.error(Errors.UNKNOWN_IDENTITY_PROVIDER);
        throw new CorsErrorResponseException(cors, OAuthErrorException.INVALID_REQUEST, "Issuer does not support token exchange", Response.Status.BAD_REQUEST);
    }
    if (!AdminPermissions.management(session, realm).idps().canExchangeTo(client, providerModel)) {
        event.detail(Details.REASON, "client not allowed to exchange for requested_issuer");
        event.error(Errors.NOT_ALLOWED);
        throw new CorsErrorResponseException(cors, OAuthErrorException.ACCESS_DENIED, "Client not allowed to exchange", Response.Status.FORBIDDEN);
    }
    Response response = ((ExchangeTokenToIdentityProviderToken) provider).exchangeFromToken(session.getContext().getUri(), event, client, targetUserSession, targetUser, formParams);
    return cors.builder(Response.fromResponse(response)).build();
}
Also used : AccessTokenResponse(org.keycloak.representations.AccessTokenResponse) Response(javax.ws.rs.core.Response) ExchangeTokenToIdentityProviderToken(org.keycloak.broker.provider.ExchangeTokenToIdentityProviderToken) IdentityProvider(org.keycloak.broker.provider.IdentityProvider) IdentityProviderModel(org.keycloak.models.IdentityProviderModel) CorsErrorResponseException(org.keycloak.services.CorsErrorResponseException)

Aggregations

Response (javax.ws.rs.core.Response)1 ExchangeTokenToIdentityProviderToken (org.keycloak.broker.provider.ExchangeTokenToIdentityProviderToken)1 IdentityProvider (org.keycloak.broker.provider.IdentityProvider)1 IdentityProviderModel (org.keycloak.models.IdentityProviderModel)1 AccessTokenResponse (org.keycloak.representations.AccessTokenResponse)1 CorsErrorResponseException (org.keycloak.services.CorsErrorResponseException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial