Example 6 with ComponentModel
use of org.keycloak.component.ComponentModel in project keycloak by keycloak.
the class GeneratedEcdsaKeyProviderFactory method createFallbackKeys.
@Override
public boolean createFallbackKeys(KeycloakSession session, KeyUse keyUse, String algorithm) {
if (keyUse.equals(KeyUse.SIG) && (algorithm.equals(Algorithm.ES256) || algorithm.equals(Algorithm.ES384) || algorithm.equals(Algorithm.ES512))) {
RealmModel realm = session.getContext().getRealm();
ComponentModel generated = new ComponentModel();
generated.setName("fallback-" + algorithm);
generated.setParentId(realm.getId());
generated.setProviderId(ID);
generated.setProviderType(KeyProvider.class.getName());
MultivaluedHashMap<String, String> config = new MultivaluedHashMap<>();
config.putSingle(Attributes.PRIORITY_KEY, "-100");
config.putSingle(ECDSA_ELLIPTIC_CURVE_KEY, convertAlgorithmToECDomainParmNistRep(algorithm));
generated.setConfig(config);
realm.addComponentModel(generated);
return true;
} else {
return false;
}
}
Also used :
RealmModel(org.keycloak.models.RealmModel)
MultivaluedHashMap(org.keycloak.common.util.MultivaluedHashMap)
ComponentModel(org.keycloak.component.ComponentModel)
Example 7 with ComponentModel
use of org.keycloak.component.ComponentModel in project keycloak by keycloak.
the class GeneratedHmacKeyProviderFactory method createFallbackKeys.
@Override
public boolean createFallbackKeys(KeycloakSession session, KeyUse keyUse, String algorithm) {
if (keyUse.equals(KeyUse.SIG) && (algorithm.equals(Algorithm.HS256) || algorithm.equals(Algorithm.HS384) || algorithm.equals(Algorithm.HS512))) {
RealmModel realm = session.getContext().getRealm();
ComponentModel generated = new ComponentModel();
generated.setName("fallback-" + algorithm);
generated.setParentId(realm.getId());
generated.setProviderId(ID);
generated.setProviderType(KeyProvider.class.getName());
MultivaluedHashMap<String, String> config = new MultivaluedHashMap<>();
config.putSingle(Attributes.PRIORITY_KEY, "-100");
config.putSingle(Attributes.ALGORITHM_KEY, algorithm);
generated.setConfig(config);
realm.addComponentModel(generated);
return true;
} else {
return false;
}
}
Also used :
RealmModel(org.keycloak.models.RealmModel)
MultivaluedHashMap(org.keycloak.common.util.MultivaluedHashMap)
ComponentModel(org.keycloak.component.ComponentModel)
Example 8 with ComponentModel
use of org.keycloak.component.ComponentModel in project keycloak by keycloak.
the class ClientRegistrationPolicyManager method triggerPolicies.
private static void triggerPolicies(KeycloakSession session, ClientRegistrationProvider provider, RegistrationAuth authType, String opDescription, ClientRegOperation op) throws ClientRegistrationPolicyException {
RealmModel realm = session.getContext().getRealm();
String policyTypeKey = getComponentTypeKey(authType);
realm.getComponentsStream(realm.getId(), ClientRegistrationPolicy.class.getName()).filter(componentModel -> Objects.equals(componentModel.getSubType(), policyTypeKey)).forEach(policyModel -> runPolicy(policyModel, session, provider, opDescription, op));
}
Also used :
RealmModel(org.keycloak.models.RealmModel)
Objects(java.util.Objects)
ClientModel(org.keycloak.models.ClientModel)
ClientRegistrationProvider(org.keycloak.services.clientregistration.ClientRegistrationProvider)
RealmModel(org.keycloak.models.RealmModel)
Details(org.keycloak.events.Details)
ClientRegistrationContext(org.keycloak.services.clientregistration.ClientRegistrationContext)
Logger(org.jboss.logging.Logger)
ComponentModel(org.keycloak.component.ComponentModel)
KeycloakSession(org.keycloak.models.KeycloakSession)
ServicesLogger(org.keycloak.services.ServicesLogger)
Example 9 with ComponentModel
use of org.keycloak.component.ComponentModel in project keycloak by keycloak.
the class DefaultClientRegistrationPolicies method addAnonymousPolicies.
private static void addAnonymousPolicies(RealmModel realm, String policyTypeKey) {
ComponentModel trustedHostModel = createModelInstance("Trusted Hosts", realm, TrustedHostClientRegistrationPolicyFactory.PROVIDER_ID, policyTypeKey);
// Not any trusted hosts by default
trustedHostModel.getConfig().put(TrustedHostClientRegistrationPolicyFactory.TRUSTED_HOSTS, Collections.emptyList());
trustedHostModel.getConfig().putSingle(TrustedHostClientRegistrationPolicyFactory.HOST_SENDING_REGISTRATION_REQUEST_MUST_MATCH, "true");
trustedHostModel.getConfig().putSingle(TrustedHostClientRegistrationPolicyFactory.CLIENT_URIS_MUST_MATCH, "true");
realm.addComponentModel(trustedHostModel);
ComponentModel consentRequiredModel = createModelInstance("Consent Required", realm, ConsentRequiredClientRegistrationPolicyFactory.PROVIDER_ID, policyTypeKey);
realm.addComponentModel(consentRequiredModel);
ComponentModel scopeModel = createModelInstance("Full Scope Disabled", realm, ScopeClientRegistrationPolicyFactory.PROVIDER_ID, policyTypeKey);
realm.addComponentModel(scopeModel);
ComponentModel maxClientsModel = createModelInstance("Max Clients Limit", realm, MaxClientsClientRegistrationPolicyFactory.PROVIDER_ID, policyTypeKey);
maxClientsModel.put(MaxClientsClientRegistrationPolicyFactory.MAX_CLIENTS, MaxClientsClientRegistrationPolicyFactory.DEFAULT_MAX_CLIENTS);
realm.addComponentModel(maxClientsModel);
addGenericPolicies(realm, policyTypeKey);
}
Also used :
ComponentModel(org.keycloak.component.ComponentModel)
Example 10 with ComponentModel
use of org.keycloak.component.ComponentModel in project keycloak by keycloak.
the class LDAPGroupMapper2WaySyncTest method test01_syncNoPreserveGroupInheritance.
@Test
public void test01_syncNoPreserveGroupInheritance() throws Exception {
testingClient.server().run(session -> {
LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel realm = ctx.getRealm();
ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm, ctx.getLdapModel(), "groupsMapper");
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ctx.getLdapModel());
// Update group mapper to skip preserve inheritance and check it will pass now
LDAPTestUtils.updateGroupMapperConfigOptions(mapperModel, GroupMapperConfig.PRESERVE_GROUP_INHERITANCE, "false");
realm.updateComponent(mapperModel);
// Sync from Keycloak into LDAP
SynchronizationResult syncResult = new GroupLDAPStorageMapperFactory().create(session, mapperModel).syncDataFromKeycloakToFederationProvider(realm);
LDAPTestAsserts.assertSyncEquals(syncResult, 4, 0, 0, 0);
});
testingClient.server().run(session -> {
LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel realm = ctx.getRealm();
// Delete all KC groups now
removeAllModelGroups(realm);
Assert.assertNull(KeycloakModelUtils.findGroupByPath(realm, "/group1"));
Assert.assertNull(KeycloakModelUtils.findGroupByPath(realm, "/group11"));
Assert.assertNull(KeycloakModelUtils.findGroupByPath(realm, "/group2"));
});
testingClient.server().run(session -> {
LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel realm = ctx.getRealm();
ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm, ctx.getLdapModel(), "groupsMapper");
// Sync from LDAP back into Keycloak
SynchronizationResult syncResult = new GroupLDAPStorageMapperFactory().create(session, mapperModel).syncDataFromFederationProviderToKeycloak(realm);
LDAPTestAsserts.assertSyncEquals(syncResult, 4, 0, 0, 0);
});
testingClient.server().run(session -> {
LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel realm = ctx.getRealm();
String descriptionAttrName = LDAPTestUtils.getGroupDescriptionLDAPAttrName(ctx.getLdapProvider());
ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm, ctx.getLdapModel(), "groupsMapper");
// Assert groups are imported to keycloak. All are at top level
GroupModel kcGroup1 = KeycloakModelUtils.findGroupByPath(realm, "/group1");
GroupModel kcGroup11 = KeycloakModelUtils.findGroupByPath(realm, "/group11");
GroupModel kcGroup12 = KeycloakModelUtils.findGroupByPath(realm, "/group12");
GroupModel kcGroup2 = KeycloakModelUtils.findGroupByPath(realm, "/group2");
Assert.assertEquals(0, kcGroup1.getSubGroupsStream().count());
Assert.assertEquals("group1 - description1", kcGroup1.getFirstAttribute(descriptionAttrName));
Assert.assertNull(kcGroup11.getFirstAttribute(descriptionAttrName));
Assert.assertEquals("group12 - description12", kcGroup12.getFirstAttribute(descriptionAttrName));
Assert.assertNull(kcGroup2.getFirstAttribute(descriptionAttrName));
// test drop non-existing works
testDropNonExisting(session, ctx, mapperModel);
});
}
Also used :
RealmModel(org.keycloak.models.RealmModel)
ComponentModel(org.keycloak.component.ComponentModel)
LDAPStorageProvider(org.keycloak.storage.ldap.LDAPStorageProvider)
GroupModel(org.keycloak.models.GroupModel)
GroupLDAPStorageMapperFactory(org.keycloak.storage.ldap.mappers.membership.group.GroupLDAPStorageMapperFactory)
SynchronizationResult(org.keycloak.storage.user.SynchronizationResult)
Test(org.junit.Test)
Aggregations
ComponentModel (org.keycloak.component.ComponentModel)155
RealmModel (org.keycloak.models.RealmModel)74
Test (org.junit.Test)52
LDAPStorageProvider (org.keycloak.storage.ldap.LDAPStorageProvider)46
LDAPObject (org.keycloak.storage.ldap.idm.model.LDAPObject)34
UserModel (org.keycloak.models.UserModel)29
HashMap (java.util.HashMap)22
UserStorageProviderModel (org.keycloak.storage.UserStorageProviderModel)22
GroupModel (org.keycloak.models.GroupModel)21
MultivaluedHashMap (org.keycloak.common.util.MultivaluedHashMap)18
SynchronizationResult (org.keycloak.storage.user.SynchronizationResult)18
ComponentValidationException (org.keycloak.component.ComponentValidationException)16
UserStorageProvider (org.keycloak.storage.UserStorageProvider)16
LDAPStorageMapper (org.keycloak.storage.ldap.mappers.LDAPStorageMapper)15
GroupLDAPStorageMapper (org.keycloak.storage.ldap.mappers.membership.group.GroupLDAPStorageMapper)15
Path (javax.ws.rs.Path)14
DeclarativeUserProfileProvider (org.keycloak.userprofile.DeclarativeUserProfileProvider)13
ModelException (org.keycloak.models.ModelException)11
UPAttribute (org.keycloak.userprofile.config.UPAttribute)11
UPConfig (org.keycloak.userprofile.config.UPConfig)11
