use of org.keycloak.models.AuthenticationFlowModel in project keycloak by keycloak.
the class AuthenticationManagementResource method createFlow.
/**
* Create a new authentication flow
*
* @param flow Authentication flow representation
* @return
*/
@Path("/flows")
@POST
@NoCache
@Consumes(MediaType.APPLICATION_JSON)
public Response createFlow(AuthenticationFlowRepresentation flow) {
auth.realm().requireManageRealm();
if (flow.getAlias() == null || flow.getAlias().isEmpty()) {
return ErrorResponse.exists("Failed to create flow with empty alias name");
}
if (realm.getFlowByAlias(flow.getAlias()) != null) {
return ErrorResponse.exists("Flow " + flow.getAlias() + " already exists");
}
ReservedCharValidator.validate(flow.getAlias());
AuthenticationFlowModel createdModel = realm.addAuthenticationFlow(RepresentationToModel.toModel(flow));
flow.setId(createdModel.getId());
adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri(), createdModel.getId()).representation(flow).success();
return Response.created(session.getContext().getUri().getAbsolutePathBuilder().path(flow.getId()).build()).build();
}
use of org.keycloak.models.AuthenticationFlowModel in project keycloak by keycloak.
the class AuthenticationManagementResource method addExecutionFlow.
/**
* Add new flow with new execution to existing flow
*
* @param flowAlias Alias of parent authentication flow
* @param data New authentication flow / execution JSON data containing 'alias', 'type', 'provider', and 'description' attributes
*/
@Path("/flows/{flowAlias}/executions/flow")
@POST
@NoCache
@Consumes(MediaType.APPLICATION_JSON)
public Response addExecutionFlow(@PathParam("flowAlias") String flowAlias, Map<String, String> data) {
auth.realm().requireManageRealm();
AuthenticationFlowModel parentFlow = realm.getFlowByAlias(flowAlias);
if (parentFlow == null) {
return ErrorResponse.error("Parent flow doesn't exist", Response.Status.BAD_REQUEST);
}
String alias = data.get("alias");
String type = data.get("type");
String provider = data.get("provider");
String description = data.get("description");
AuthenticationFlowModel newFlow = realm.getFlowByAlias(alias);
if (newFlow != null) {
return ErrorResponse.exists("New flow alias name already exists");
}
newFlow = new AuthenticationFlowModel();
newFlow.setAlias(alias);
newFlow.setDescription(description);
newFlow.setProviderId(type);
newFlow = realm.addAuthenticationFlow(newFlow);
AuthenticationExecutionModel execution = new AuthenticationExecutionModel();
execution.setParentFlow(parentFlow.getId());
execution.setFlowId(newFlow.getId());
execution.setRequirement(AuthenticationExecutionModel.Requirement.DISABLED);
execution.setAuthenticatorFlow(true);
if (type.equals("form-flow")) {
execution.setAuthenticator(provider);
}
execution.setPriority(getNextPriority(parentFlow));
execution = realm.addAuthenticatorExecution(execution);
data.put("id", execution.getId());
adminEvent.operation(OperationType.CREATE).resource(ResourceType.AUTH_EXECUTION_FLOW).resourcePath(session.getContext().getUri()).representation(data).success();
String addExecutionPathSegment = UriBuilder.fromMethod(AuthenticationManagementResource.class, "addExecutionFlow").build(parentFlow.getAlias()).getPath();
return Response.created(session.getContext().getUri().getBaseUriBuilder().path(session.getContext().getUri().getPath().replace(addExecutionPathSegment, "")).path("flows").path(newFlow.getId()).build()).build();
}
use of org.keycloak.models.AuthenticationFlowModel in project keycloak by keycloak.
the class AuthenticationManagementResource method lowerPriority.
/**
* Lower execution's priority
*
* @param execution Execution id
*/
@Path("/executions/{executionId}/lower-priority")
@POST
@NoCache
public void lowerPriority(@PathParam("executionId") String execution) {
auth.realm().requireManageRealm();
AuthenticationExecutionModel model = realm.getAuthenticationExecutionById(execution);
if (model == null) {
session.getTransactionManager().setRollbackOnly();
throw new NotFoundException("Illegal execution");
}
AuthenticationFlowModel parentFlow = getParentFlow(model);
if (parentFlow.isBuiltIn()) {
throw new BadRequestException("It is illegal to modify execution in a built in flow");
}
List<AuthenticationExecutionModel> executions = realm.getAuthenticationExecutionsStream(parentFlow.getId()).collect(Collectors.toList());
int i;
for (i = 0; i < executions.size(); i++) {
if (executions.get(i).getId().equals(model.getId())) {
break;
}
}
if (i + 1 >= executions.size())
return;
AuthenticationExecutionModel next = executions.get(i + 1);
int tmp = model.getPriority();
model.setPriority(next.getPriority());
realm.updateAuthenticatorExecution(model);
next.setPriority(tmp);
realm.updateAuthenticatorExecution(next);
adminEvent.operation(OperationType.UPDATE).resource(ResourceType.AUTH_EXECUTION).resourcePath(session.getContext().getUri()).success();
}
use of org.keycloak.models.AuthenticationFlowModel in project keycloak by keycloak.
the class AuthenticationManagementResource method getFlow.
/**
* Get authentication flow for id
*
* @param id Flow id
* @return
*/
@Path("/flows/{id}")
@GET
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public AuthenticationFlowRepresentation getFlow(@PathParam("id") String id) {
auth.realm().requireViewRealm();
AuthenticationFlowModel flow = realm.getAuthenticationFlowById(id);
if (flow == null) {
throw new NotFoundException("Could not find flow with id");
}
return ModelToRepresentation.toRepresentation(realm, flow);
}
use of org.keycloak.models.AuthenticationFlowModel in project keycloak by keycloak.
the class AuthenticationManagementResource method updateFlow.
/**
* Update an authentication flow
*
* @param flow Authentication flow representation
* @return
*/
@Path("/flows/{id}")
@PUT
@NoCache
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
public Response updateFlow(@PathParam("id") String id, AuthenticationFlowRepresentation flow) {
auth.realm().requireManageRealm();
AuthenticationFlowRepresentation existingFlow = getFlow(id);
if (flow.getAlias() == null || flow.getAlias().isEmpty()) {
return ErrorResponse.exists("Failed to update flow with empty alias name");
}
// check if updating a correct flow
AuthenticationFlowModel checkFlow = realm.getAuthenticationFlowById(id);
if (checkFlow == null) {
session.getTransactionManager().setRollbackOnly();
throw new NotFoundException("Illegal execution");
}
// if a different flow with the same name does already exist, throw an exception
if (realm.getFlowByAlias(flow.getAlias()) != null && !checkFlow.getAlias().equals(flow.getAlias())) {
return ErrorResponse.exists("Flow alias name already exists");
}
// if the name changed
if (checkFlow.getAlias() != null && !checkFlow.getAlias().equals(flow.getAlias())) {
checkFlow.setAlias(flow.getAlias());
} else if (checkFlow.getAlias() == null && flow.getAlias() != null) {
checkFlow.setAlias(flow.getAlias());
}
// check if the description changed
if (checkFlow.getDescription() != null && !checkFlow.getDescription().equals(flow.getDescription())) {
checkFlow.setDescription(flow.getDescription());
} else if (checkFlow.getDescription() == null && flow.getDescription() != null) {
checkFlow.setDescription(flow.getDescription());
}
// update the flow
flow.setId(existingFlow.getId());
realm.updateAuthenticationFlow(RepresentationToModel.toModel(flow));
adminEvent.operation(OperationType.UPDATE).resourcePath(session.getContext().getUri()).representation(flow).success();
return Response.accepted(flow).build();
}
Aggregations