Examples with IdentityBrokerException org.keycloak.broker.provider.IdentityBrokerException used on opensource projects

Example 16 with IdentityBrokerException

use of org.keycloak.broker.provider.IdentityBrokerException in project keycloak by keycloak.

the class AbstractAttributeToRoleMapper method getRole.

/**
 * Obtains the {@link RoleModel} corresponding the role configured in the specified {@link IdentityProviderMapperModel}.
 * If the role doesn't correspond to one of the realm's client roles or to one of the realm's roles, this method throws
 * an {@link IdentityBrokerException} to convey that an invalid role was configured.
 *
 * @param realm a reference to the realm.
 * @param mapperModel a reference to the {@link IdentityProviderMapperModel} containing the configured role.
 * @return the {@link RoleModel} that corresponds to the mapper model role.
 * @throws IdentityBrokerException if the role name doesn't correspond to one of the realm's client roles or to one
 * of the realm's roles.
 */
private RoleModel getRole(final RealmModel realm, final IdentityProviderMapperModel mapperModel) {
    String roleName = mapperModel.getConfig().get(ConfigConstants.ROLE);
    RoleModel role = KeycloakModelUtils.getRoleFromString(realm, roleName);
    if (role == null) {
        throw new IdentityBrokerException("Unable to find role: " + roleName);
    }
    return role;
}

Example 17 with IdentityBrokerException

use of org.keycloak.broker.provider.IdentityBrokerException in project keycloak by keycloak.

the class AbstractClaimToRoleMapper method getRole.

/**
 * Obtains the {@link RoleModel} corresponding the role configured in the specified {@link IdentityProviderMapperModel}.
 * If the role doesn't correspond to one of the realm's client roles or to one of the realm's roles, this method throws
 * an {@link IdentityBrokerException} to convey that an invalid role was configured.
 *
 * @param realm a reference to the realm.
 * @param mapperModel a reference to the {@link IdentityProviderMapperModel} containing the configured role.
 * @return the {@link RoleModel} that corresponds to the mapper model role.
 * @throws IdentityBrokerException if the role name doesn't correspond to one of the realm's client roles or to one
 * of the realm's roles.
 */
private RoleModel getRole(final RealmModel realm, final IdentityProviderMapperModel mapperModel) {
    String roleName = mapperModel.getConfig().get(ConfigConstants.ROLE);
    RoleModel role = KeycloakModelUtils.getRoleFromString(realm, roleName);
    if (role == null) {
        throw new IdentityBrokerException("Unable to find role: " + roleName);
    }
    return role;
}

Example 18 with IdentityBrokerException

use of org.keycloak.broker.provider.IdentityBrokerException in project keycloak by keycloak.

the class TwitterIdentityProvider method performLogin.

@Override
public Response performLogin(AuthenticationRequest request) {
    try (VaultStringSecret vaultStringSecret = session.vault().getStringSecret(getConfig().getClientSecret())) {
        Twitter twitter = new TwitterFactory().getInstance();
        twitter.setOAuthConsumer(getConfig().getClientId(), vaultStringSecret.get().orElse(getConfig().getClientSecret()));
        URI uri = new URI(request.getRedirectUri() + "?state=" + request.getState().getEncoded());
        RequestToken requestToken = twitter.getOAuthRequestToken(uri.toString());
        AuthenticationSessionModel authSession = request.getAuthenticationSession();
        authSession.setAuthNote(TWITTER_TOKEN, requestToken.getToken());
        authSession.setAuthNote(TWITTER_TOKENSECRET, requestToken.getTokenSecret());
        URI authenticationUrl = URI.create(requestToken.getAuthenticationURL());
        return Response.seeOther(authenticationUrl).build();
    } catch (Exception e) {
        throw new IdentityBrokerException("Could send authentication request to twitter.", e);
    }
}

Example 19 with IdentityBrokerException

use of org.keycloak.broker.provider.IdentityBrokerException in project keycloak by keycloak.

the class OpenshiftV4IdentityProvider method doGetFederatedIdentity.

@Override
protected BrokeredIdentityContext doGetFederatedIdentity(String accessToken) {
    try {
        final JsonNode profile = fetchProfile(accessToken);
        final BrokeredIdentityContext user = extractUserContext(profile);
        AbstractJsonUserAttributeMapper.storeUserProfileForMapper(user, profile, getConfig().getAlias());
        return user;
    } catch (Exception e) {
        throw new IdentityBrokerException("Could not obtain user profile from Openshift.", e);
    }
}

Example 20 with IdentityBrokerException

use of org.keycloak.broker.provider.IdentityBrokerException in project keycloak by keycloak.

the class GitLabIdentityProvider method extractIdentity.

protected BrokeredIdentityContext extractIdentity(AccessTokenResponse tokenResponse, String accessToken, JsonWebToken idToken) throws IOException {
    SimpleHttp.Response response = null;
    int status = 0;
    for (int i = 0; i < 10; i++) {
        try {
            String userInfoUrl = getUserInfoUrl();
            response = SimpleHttp.doGet(userInfoUrl, session).header("Authorization", "Bearer " + accessToken).asResponse();
            status = response.getStatus();
        } catch (IOException e) {
            logger.debug("Failed to invoke user info for external exchange", e);
        }
        if (status == 200)
            break;
        response.close();
        try {
            Thread.sleep(200);
        } catch (InterruptedException e) {
            throw new RuntimeException(e);
        }
    }
    if (status != 200) {
        logger.debug("Failed to invoke user info status: " + status);
        throw new IdentityBrokerException("Gitlab user info call failure");
    }
    JsonNode profile = null;
    try {
        profile = response.asJson();
    } catch (IOException e) {
        throw new IdentityBrokerException("Gitlab user info call failure");
    }
    String id = getJsonProperty(profile, "id");
    if (id == null) {
        throw new IdentityBrokerException("Gitlab id claim is null from user info json");
    }
    BrokeredIdentityContext identity = gitlabExtractFromProfile(profile);
    identity.getContextData().put(FEDERATED_ACCESS_TOKEN_RESPONSE, tokenResponse);
    identity.getContextData().put(VALIDATED_ID_TOKEN, idToken);
    processAccessTokenResponse(identity, tokenResponse);
    return identity;
}