Example 16 with ComponentValidationException
use of org.keycloak.component.ComponentValidationException in project keycloak by keycloak.
the class AbstractImportedRsaKeyProviderFactory method validateConfiguration.
@Override
public void validateConfiguration(KeycloakSession session, RealmModel realm, ComponentModel model) throws ComponentValidationException {
ConfigurationValidationHelper.check(model).checkLong(Attributes.PRIORITY_PROPERTY, false).checkBoolean(Attributes.ENABLED_PROPERTY, false).checkBoolean(Attributes.ACTIVE_PROPERTY, false).checkSingle(Attributes.PRIVATE_KEY_PROPERTY, true).checkSingle(Attributes.CERTIFICATE_PROPERTY, false);
KeyPair keyPair;
try {
PrivateKey privateKey = PemUtils.decodePrivateKey(model.get(Attributes.PRIVATE_KEY_KEY));
PublicKey publicKey = KeyUtils.extractPublicKey(privateKey);
keyPair = new KeyPair(publicKey, privateKey);
} catch (Throwable t) {
throw new ComponentValidationException("Failed to decode private key", t);
}
if (model.contains(Attributes.CERTIFICATE_KEY)) {
Certificate certificate = null;
try {
certificate = PemUtils.decodeCertificate(model.get(Attributes.CERTIFICATE_KEY));
} catch (Throwable t) {
throw new ComponentValidationException("Failed to decode certificate", t);
}
if (certificate == null) {
throw new ComponentValidationException("Failed to decode certificate");
}
if (!certificate.getPublicKey().equals(keyPair.getPublic())) {
throw new ComponentValidationException("Certificate does not match private key");
}
} else {
try {
Certificate certificate = CertificateUtils.generateV1SelfSignedCertificate(keyPair, realm.getName());
model.put(Attributes.CERTIFICATE_KEY, PemUtils.encodeCertificate(certificate));
} catch (Throwable t) {
throw new ComponentValidationException("Failed to generate self-signed certificate");
}
}
}
Also used :
ComponentValidationException(org.keycloak.component.ComponentValidationException)
KeyPair(java.security.KeyPair)
PrivateKey(java.security.PrivateKey)
PublicKey(java.security.PublicKey)
Certificate(java.security.cert.Certificate)
Example 17 with ComponentValidationException
use of org.keycloak.component.ComponentValidationException in project keycloak by keycloak.
the class GeneratedEcdsaKeyProviderFactory method getCurveFromPublicKey.
private String getCurveFromPublicKey(String publicEcdsaKeyBase64Encoded) {
try {
KeyFactory kf = KeyFactory.getInstance("EC");
X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(Base64.decode(publicEcdsaKeyBase64Encoded));
ECPublicKey ecKey = (ECPublicKey) kf.generatePublic(publicKeySpec);
return "P-" + ecKey.getParams().getCurve().getField().getFieldSize();
} catch (Throwable t) {
throw new ComponentValidationException("Failed to get EC from its public key", t);
}
}
Also used :
ComponentValidationException(org.keycloak.component.ComponentValidationException)
ECPublicKey(java.security.interfaces.ECPublicKey)
X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec)
KeyFactory(java.security.KeyFactory)
Example 18 with ComponentValidationException
use of org.keycloak.component.ComponentValidationException in project keycloak by keycloak.
the class JavaKeystoreKeyProviderFactory method validateConfiguration.
@Override
public void validateConfiguration(KeycloakSession session, RealmModel realm, ComponentModel model) throws ComponentValidationException {
super.validateConfiguration(session, realm, model);
ConfigurationValidationHelper.check(model).checkSingle(KEYSTORE_PROPERTY, true).checkSingle(KEYSTORE_PASSWORD_PROPERTY, true).checkSingle(KEY_ALIAS_PROPERTY, true).checkSingle(KEY_PASSWORD_PROPERTY, true);
try {
new JavaKeystoreKeyProvider(session.getContext().getRealm(), model).loadKey(session.getContext().getRealm(), model);
} catch (Throwable t) {
logger.error("Failed to load keys.", t);
throw new ComponentValidationException("Failed to load keys. " + t.getMessage(), t);
}
}
Also used :
ComponentValidationException(org.keycloak.component.ComponentValidationException)
Example 19 with ComponentValidationException
use of org.keycloak.component.ComponentValidationException in project keycloak by keycloak.
the class AbstractGeneratedRsaKeyProviderFactory method generateKeys.
private void generateKeys(RealmModel realm, ComponentModel model, int size) {
KeyPair keyPair;
try {
keyPair = KeyUtils.generateRsaKeyPair(size);
model.put(Attributes.PRIVATE_KEY_KEY, PemUtils.encodeKey(keyPair.getPrivate()));
} catch (Throwable t) {
throw new ComponentValidationException("Failed to generate keys", t);
}
generateCertificate(realm, model, keyPair);
}
Also used :
ComponentValidationException(org.keycloak.component.ComponentValidationException)
KeyPair(java.security.KeyPair)
Example 20 with ComponentValidationException
use of org.keycloak.component.ComponentValidationException in project keycloak by keycloak.
the class LDAPBinaryAttributesTest method test01InvalidMapperConfiguration.
// Test invalid mapper configuration - validation exception thrown
@Test
public void test01InvalidMapperConfiguration() {
testingClient.server().run(session -> {
LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel appRealm = ctx.getRealm();
ComponentModel ldapComponentMapper = LDAPTestUtils.addUserAttributeMapper(appRealm, ctx.getLdapModel(), "jpeg-mapper", LDAPConstants.JPEG_PHOTO, LDAPConstants.JPEG_PHOTO);
ldapComponentMapper.put(UserAttributeLDAPStorageMapper.IS_BINARY_ATTRIBUTE, true);
try {
appRealm.updateComponent(ldapComponentMapper);
Assert.fail("Not expected to successfully update mapper");
} catch (ComponentValidationException cve) {
// Expected
}
});
}
Also used :
RealmModel(org.keycloak.models.RealmModel)
ComponentValidationException(org.keycloak.component.ComponentValidationException)
ComponentModel(org.keycloak.component.ComponentModel)
Test(org.junit.Test)
Aggregations
ComponentValidationException (org.keycloak.component.ComponentValidationException)24
ComponentModel (org.keycloak.component.ComponentModel)5
KeyPair (java.security.KeyPair)3
Consumes (javax.ws.rs.Consumes)3
DeclarativeUserProfileProvider (org.keycloak.userprofile.DeclarativeUserProfileProvider)3
Certificate (java.security.cert.Certificate)2
BadRequestException (javax.ws.rs.BadRequestException)2
PUT (javax.ws.rs.PUT)2
RealmModel (org.keycloak.models.RealmModel)2
UPConfig (org.keycloak.userprofile.config.UPConfig)2
ByteArrayInputStream (java.io.ByteArrayInputStream)1
File (java.io.File)1
IOException (java.io.IOException)1
KeyFactory (java.security.KeyFactory)1
PrivateKey (java.security.PrivateKey)1
PublicKey (java.security.PublicKey)1
ECPublicKey (java.security.interfaces.ECPublicKey)1
X509EncodedKeySpec (java.security.spec.X509EncodedKeySpec)1
NotFoundException (javax.ws.rs.NotFoundException)1
POST (javax.ws.rs.POST)1
