Examples with AuthenticationExecutionModel org.keycloak.models.AuthenticationExecutionModel used on opensource projects

Example 21 with AuthenticationExecutionModel

use of org.keycloak.models.AuthenticationExecutionModel in project keycloak by keycloak.

the class AuthenticationManagementResource method removeExecution.

/**
 * Delete execution
 *
 * @param execution Execution id
 */
@Path("/executions/{executionId}")
@DELETE
@NoCache
public void removeExecution(@PathParam("executionId") String execution) {
    auth.realm().requireManageRealm();
    AuthenticationExecutionModel model = realm.getAuthenticationExecutionById(execution);
    if (model == null) {
        session.getTransactionManager().setRollbackOnly();
        throw new NotFoundException("Illegal execution");
    }
    AuthenticationFlowModel parentFlow = getParentFlow(model);
    if (parentFlow.isBuiltIn()) {
        throw new BadRequestException("It is illegal to remove execution from a built in flow");
    }
    if (model.getFlowId() != null) {
        AuthenticationFlowModel nonTopLevelFlow = realm.getAuthenticationFlowById(model.getFlowId());
        realm.removeAuthenticationFlow(nonTopLevelFlow);
    }
    realm.removeAuthenticatorExecution(model);
    adminEvent.operation(OperationType.DELETE).resource(ResourceType.AUTH_EXECUTION).resourcePath(session.getContext().getUri()).success();
}

Example 22 with AuthenticationExecutionModel

use of org.keycloak.models.AuthenticationExecutionModel in project keycloak by keycloak.

the class AuthenticationManagementResource method raisePriority.

/**
 * Raise execution's priority
 *
 * @param execution Execution id
 */
@Path("/executions/{executionId}/raise-priority")
@POST
@NoCache
public void raisePriority(@PathParam("executionId") String execution) {
    auth.realm().requireManageRealm();
    AuthenticationExecutionModel model = realm.getAuthenticationExecutionById(execution);
    if (model == null) {
        session.getTransactionManager().setRollbackOnly();
        throw new NotFoundException("Illegal execution");
    }
    AuthenticationFlowModel parentFlow = getParentFlow(model);
    if (parentFlow.isBuiltIn()) {
        throw new BadRequestException("It is illegal to modify execution in a built in flow");
    }
    AuthenticationExecutionModel previous = null;
    for (AuthenticationExecutionModel exe : realm.getAuthenticationExecutionsStream(parentFlow.getId()).collect(Collectors.toList())) {
        if (exe.getId().equals(model.getId())) {
            break;
        }
        previous = exe;
    }
    if (previous == null)
        return;
    int tmp = previous.getPriority();
    previous.setPriority(model.getPriority());
    realm.updateAuthenticatorExecution(previous);
    model.setPriority(tmp);
    realm.updateAuthenticatorExecution(model);
    adminEvent.operation(OperationType.UPDATE).resource(ResourceType.AUTH_EXECUTION).resourcePath(session.getContext().getUri()).success();
}

Example 23 with AuthenticationExecutionModel

use of org.keycloak.models.AuthenticationExecutionModel in project keycloak by keycloak.

the class AuthenticationManagementResource method addExecutionFlow.

/**
 * Add new flow with new execution to existing flow
 *
 * @param flowAlias Alias of parent authentication flow
 * @param data New authentication flow / execution JSON data containing 'alias', 'type', 'provider', and 'description' attributes
 */
@Path("/flows/{flowAlias}/executions/flow")
@POST
@NoCache
@Consumes(MediaType.APPLICATION_JSON)
public Response addExecutionFlow(@PathParam("flowAlias") String flowAlias, Map<String, String> data) {
    auth.realm().requireManageRealm();
    AuthenticationFlowModel parentFlow = realm.getFlowByAlias(flowAlias);
    if (parentFlow == null) {
        return ErrorResponse.error("Parent flow doesn't exist", Response.Status.BAD_REQUEST);
    }
    String alias = data.get("alias");
    String type = data.get("type");
    String provider = data.get("provider");
    String description = data.get("description");
    AuthenticationFlowModel newFlow = realm.getFlowByAlias(alias);
    if (newFlow != null) {
        return ErrorResponse.exists("New flow alias name already exists");
    }
    newFlow = new AuthenticationFlowModel();
    newFlow.setAlias(alias);
    newFlow.setDescription(description);
    newFlow.setProviderId(type);
    newFlow = realm.addAuthenticationFlow(newFlow);
    AuthenticationExecutionModel execution = new AuthenticationExecutionModel();
    execution.setParentFlow(parentFlow.getId());
    execution.setFlowId(newFlow.getId());
    execution.setRequirement(AuthenticationExecutionModel.Requirement.DISABLED);
    execution.setAuthenticatorFlow(true);
    if (type.equals("form-flow")) {
        execution.setAuthenticator(provider);
    }
    execution.setPriority(getNextPriority(parentFlow));
    execution = realm.addAuthenticatorExecution(execution);
    data.put("id", execution.getId());
    adminEvent.operation(OperationType.CREATE).resource(ResourceType.AUTH_EXECUTION_FLOW).resourcePath(session.getContext().getUri()).representation(data).success();
    String addExecutionPathSegment = UriBuilder.fromMethod(AuthenticationManagementResource.class, "addExecutionFlow").build(parentFlow.getAlias()).getPath();
    return Response.created(session.getContext().getUri().getBaseUriBuilder().path(session.getContext().getUri().getPath().replace(addExecutionPathSegment, "")).path("flows").path(newFlow.getId()).build()).build();
}

Example 24 with AuthenticationExecutionModel

use of org.keycloak.models.AuthenticationExecutionModel in project keycloak by keycloak.

the class BrokerRunOnServerUtil method configureAutoLinkFlow.

static RunOnServer configureAutoLinkFlow(String idpAlias) {
    return (session -> {
        RealmModel appRealm = session.getContext().getRealm();
        AuthenticationFlowModel newFlow = new AuthenticationFlowModel();
        newFlow.setAlias("AutoLink");
        newFlow.setDescription("AutoLink");
        newFlow.setProviderId("basic-flow");
        newFlow.setBuiltIn(false);
        newFlow.setTopLevel(true);
        newFlow = appRealm.addAuthenticationFlow(newFlow);
        AuthenticationExecutionModel execution = new AuthenticationExecutionModel();
        execution.setRequirement(AuthenticationExecutionModel.Requirement.ALTERNATIVE);
        execution.setAuthenticatorFlow(false);
        execution.setAuthenticator("idp-create-user-if-unique");
        execution.setPriority(1);
        execution.setParentFlow(newFlow.getId());
        execution = appRealm.addAuthenticatorExecution(execution);
        AuthenticationExecutionModel execution2 = new AuthenticationExecutionModel();
        execution2.setRequirement(AuthenticationExecutionModel.Requirement.ALTERNATIVE);
        execution2.setAuthenticatorFlow(false);
        execution2.setAuthenticator("idp-auto-link");
        execution2.setPriority(2);
        execution2.setParentFlow(newFlow.getId());
        execution2 = appRealm.addAuthenticatorExecution(execution2);
        IdentityProviderModel idp = appRealm.getIdentityProviderByAlias(idpAlias);
        idp.setFirstBrokerLoginFlowId(newFlow.getId());
        appRealm.updateIdentityProvider(idp);
    });
}

Example 25 with AuthenticationExecutionModel

use of org.keycloak.models.AuthenticationExecutionModel in project keycloak by keycloak.

the class FlowUtil method updateExecution.

public FlowUtil updateExecution(int index, Consumer<AuthenticationExecutionModel> updater) {
    List<AuthenticationExecutionModel> executions = getExecutions();
    if (executions != null && updater != null) {
        AuthenticationExecutionModel execution = executions.get(index);
        updater.accept(execution);
        realm.updateAuthenticatorExecution(execution);
    }
    return this;
}