Examples with AuthenticationFlowModel org.keycloak.models.AuthenticationFlowModel used on opensource projects

Example 16 with AuthenticationFlowModel

use of org.keycloak.models.AuthenticationFlowModel in project keycloak by keycloak.

the class FlowUtil method createFlowModel.

public static AuthenticationFlowModel createFlowModel(String alias, String providerId, String desc, boolean topLevel, boolean builtIn) {
    AuthenticationFlowModel flowModel = new AuthenticationFlowModel();
    flowModel.setId(UUID.randomUUID().toString());
    flowModel.setAlias(alias);
    flowModel.setDescription(desc);
    flowModel.setProviderId(providerId);
    flowModel.setTopLevel(topLevel);
    flowModel.setBuiltIn(builtIn);
    return flowModel;
}

Example 17 with AuthenticationFlowModel

use of org.keycloak.models.AuthenticationFlowModel in project keycloak by keycloak.

the class FlowUtil method copyFlow.

public FlowUtil copyFlow(String original, String newFlowAlias) {
    flowAlias = newFlowAlias;
    AuthenticationFlowModel existingBrowserFlow = realm.getFlowByAlias(original);
    if (existingBrowserFlow == null) {
        throw new FlowUtilException("Can't copy flow: " + original + " does not exist");
    }
    currentFlow = AuthenticationManagementResource.copyFlow(realm, existingBrowserFlow, newFlowAlias);
    return this;
}

Example 18 with AuthenticationFlowModel

use of org.keycloak.models.AuthenticationFlowModel in project keycloak by keycloak.

the class AuthenticationSelectionResolver method addAllExecutionsFromSubflow.

/**
 * Fill the typeAuthExecMap and nonCredentialExecutions collections with all available authentication mechanisms for the particular subflow with
 * given flowId
 *
 * Return true if at least something was added to any of the list
 */
private static boolean addAllExecutionsFromSubflow(AuthenticationProcessor processor, String flowId, Map<String, AuthenticationExecutionModel> typeAuthExecMap, List<AuthenticationExecutionModel> nonCredentialExecutions) {
    AuthenticationFlowModel flowModel = processor.getRealm().getAuthenticationFlowById(flowId);
    if (flowModel == null) {
        throw new AuthenticationFlowException("Flow not found", AuthenticationFlowError.INTERNAL_ERROR);
    }
    DefaultAuthenticationFlow flow = new DefaultAuthenticationFlow(processor, flowModel);
    logger.debugf("Going through the flow '%s' for adding executions", flowModel.getAlias());
    List<AuthenticationExecutionModel> requiredList = new ArrayList<>();
    List<AuthenticationExecutionModel> alternativeList = new ArrayList<>();
    flow.fillListsOfExecutions(processor.getRealm().getAuthenticationExecutionsStream(flowId), requiredList, alternativeList);
    // If requiredList is not empty, we're going to collect just very first execution from the flow
    if (!requiredList.isEmpty()) {
        AuthenticationExecutionModel requiredExecution = requiredList.stream().filter(ex -> {
            if (ex.isRequired())
                return true;
            // requiredExecution in the list
            return !flow.isConditionalSubflowDisabled(ex);
        }).findFirst().orElse(null);
        // Not requiredExecution found. Returning false as we did not add any authenticator
        if (requiredExecution == null)
            return false;
        // Don't add already processed executions
        if (flow.isProcessed(requiredExecution)) {
            return false;
        }
        FormAuthenticatorFactory factory = (FormAuthenticatorFactory) processor.getSession().getKeycloakSessionFactory().getProviderFactory(FormAuthenticator.class, requiredExecution.getAuthenticator());
        // Recursively add credentials from required execution
        if (requiredExecution.isAuthenticatorFlow() && factory == null) {
            return addAllExecutionsFromSubflow(processor, requiredExecution.getFlowId(), typeAuthExecMap, nonCredentialExecutions);
        } else {
            addSimpleAuthenticationExecution(processor, requiredExecution, typeAuthExecMap, nonCredentialExecutions);
            return true;
        }
    } else {
        // We're going through all the alternatives
        boolean anyAdded = false;
        for (AuthenticationExecutionModel execution : alternativeList) {
            // Don't add already processed executions
            if (flow.isProcessed(execution)) {
                continue;
            }
            if (!execution.isAuthenticatorFlow()) {
                addSimpleAuthenticationExecution(processor, execution, typeAuthExecMap, nonCredentialExecutions);
                anyAdded = true;
            } else {
                anyAdded |= addAllExecutionsFromSubflow(processor, execution.getFlowId(), typeAuthExecMap, nonCredentialExecutions);
            }
        }
        return anyAdded;
    }
}

Example 19 with AuthenticationFlowModel

use of org.keycloak.models.AuthenticationFlowModel in project keycloak by keycloak.

the class AuthenticationManagementResource method raisePriority.

/**
 * Raise execution's priority
 *
 * @param execution Execution id
 */
@Path("/executions/{executionId}/raise-priority")
@POST
@NoCache
public void raisePriority(@PathParam("executionId") String execution) {
    auth.realm().requireManageRealm();
    AuthenticationExecutionModel model = realm.getAuthenticationExecutionById(execution);
    if (model == null) {
        session.getTransactionManager().setRollbackOnly();
        throw new NotFoundException("Illegal execution");
    }
    AuthenticationFlowModel parentFlow = getParentFlow(model);
    if (parentFlow.isBuiltIn()) {
        throw new BadRequestException("It is illegal to modify execution in a built in flow");
    }
    AuthenticationExecutionModel previous = null;
    for (AuthenticationExecutionModel exe : realm.getAuthenticationExecutionsStream(parentFlow.getId()).collect(Collectors.toList())) {
        if (exe.getId().equals(model.getId())) {
            break;
        }
        previous = exe;
    }
    if (previous == null)
        return;
    int tmp = previous.getPriority();
    previous.setPriority(model.getPriority());
    realm.updateAuthenticatorExecution(previous);
    model.setPriority(tmp);
    realm.updateAuthenticatorExecution(model);
    adminEvent.operation(OperationType.UPDATE).resource(ResourceType.AUTH_EXECUTION).resourcePath(session.getContext().getUri()).success();
}

Example 20 with AuthenticationFlowModel

use of org.keycloak.models.AuthenticationFlowModel in project keycloak by keycloak.

the class AuthenticationManagementResource method copy.

public static void copy(RealmModel realm, String newName, AuthenticationFlowModel from, AuthenticationFlowModel to) {
    realm.getAuthenticationExecutionsStream(from.getId()).forEachOrdered(execution -> {
        if (execution.isAuthenticatorFlow()) {
            AuthenticationFlowModel subFlow = realm.getAuthenticationFlowById(execution.getFlowId());
            AuthenticationFlowModel copy = new AuthenticationFlowModel();
            copy.setAlias(newName + " " + subFlow.getAlias());
            copy.setDescription(subFlow.getDescription());
            copy.setProviderId(subFlow.getProviderId());
            copy.setBuiltIn(false);
            copy.setTopLevel(false);
            copy = realm.addAuthenticationFlow(copy);
            execution.setFlowId(copy.getId());
            copy(realm, newName, subFlow, copy);
        }
        execution.setId(null);
        execution.setParentFlow(to.getId());
        realm.addAuthenticatorExecution(execution);
    });
}