Search in sources :

Example 21 with AuthenticationFlowModel

use of org.keycloak.models.AuthenticationFlowModel in project keycloak by keycloak.

the class AuthenticationManagementResource method createFlow.

/**
 * Create a new authentication flow
 *
 * @param flow Authentication flow representation
 * @return
 */
@Path("/flows")
@POST
@NoCache
@Consumes(MediaType.APPLICATION_JSON)
public Response createFlow(AuthenticationFlowRepresentation flow) {
    auth.realm().requireManageRealm();
    if (flow.getAlias() == null || flow.getAlias().isEmpty()) {
        return ErrorResponse.exists("Failed to create flow with empty alias name");
    }
    if (realm.getFlowByAlias(flow.getAlias()) != null) {
        return ErrorResponse.exists("Flow " + flow.getAlias() + " already exists");
    }
    ReservedCharValidator.validate(flow.getAlias());
    AuthenticationFlowModel createdModel = realm.addAuthenticationFlow(RepresentationToModel.toModel(flow));
    flow.setId(createdModel.getId());
    adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri(), createdModel.getId()).representation(flow).success();
    return Response.created(session.getContext().getUri().getAbsolutePathBuilder().path(flow.getId()).build()).build();
}
Also used : AuthenticationFlowModel(org.keycloak.models.AuthenticationFlowModel) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) NoCache(org.jboss.resteasy.annotations.cache.NoCache)

Example 22 with AuthenticationFlowModel

use of org.keycloak.models.AuthenticationFlowModel in project keycloak by keycloak.

the class AuthenticationManagementResource method addExecutionFlow.

/**
 * Add new flow with new execution to existing flow
 *
 * @param flowAlias Alias of parent authentication flow
 * @param data New authentication flow / execution JSON data containing 'alias', 'type', 'provider', and 'description' attributes
 */
@Path("/flows/{flowAlias}/executions/flow")
@POST
@NoCache
@Consumes(MediaType.APPLICATION_JSON)
public Response addExecutionFlow(@PathParam("flowAlias") String flowAlias, Map<String, String> data) {
    auth.realm().requireManageRealm();
    AuthenticationFlowModel parentFlow = realm.getFlowByAlias(flowAlias);
    if (parentFlow == null) {
        return ErrorResponse.error("Parent flow doesn't exist", Response.Status.BAD_REQUEST);
    }
    String alias = data.get("alias");
    String type = data.get("type");
    String provider = data.get("provider");
    String description = data.get("description");
    AuthenticationFlowModel newFlow = realm.getFlowByAlias(alias);
    if (newFlow != null) {
        return ErrorResponse.exists("New flow alias name already exists");
    }
    newFlow = new AuthenticationFlowModel();
    newFlow.setAlias(alias);
    newFlow.setDescription(description);
    newFlow.setProviderId(type);
    newFlow = realm.addAuthenticationFlow(newFlow);
    AuthenticationExecutionModel execution = new AuthenticationExecutionModel();
    execution.setParentFlow(parentFlow.getId());
    execution.setFlowId(newFlow.getId());
    execution.setRequirement(AuthenticationExecutionModel.Requirement.DISABLED);
    execution.setAuthenticatorFlow(true);
    if (type.equals("form-flow")) {
        execution.setAuthenticator(provider);
    }
    execution.setPriority(getNextPriority(parentFlow));
    execution = realm.addAuthenticatorExecution(execution);
    data.put("id", execution.getId());
    adminEvent.operation(OperationType.CREATE).resource(ResourceType.AUTH_EXECUTION_FLOW).resourcePath(session.getContext().getUri()).representation(data).success();
    String addExecutionPathSegment = UriBuilder.fromMethod(AuthenticationManagementResource.class, "addExecutionFlow").build(parentFlow.getAlias()).getPath();
    return Response.created(session.getContext().getUri().getBaseUriBuilder().path(session.getContext().getUri().getPath().replace(addExecutionPathSegment, "")).path("flows").path(newFlow.getId()).build()).build();
}
Also used : AuthenticationExecutionModel(org.keycloak.models.AuthenticationExecutionModel) AuthenticationFlowModel(org.keycloak.models.AuthenticationFlowModel) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) NoCache(org.jboss.resteasy.annotations.cache.NoCache)

Example 23 with AuthenticationFlowModel

use of org.keycloak.models.AuthenticationFlowModel in project keycloak by keycloak.

the class AuthenticationManagementResource method lowerPriority.

/**
 * Lower execution's priority
 *
 * @param execution Execution id
 */
@Path("/executions/{executionId}/lower-priority")
@POST
@NoCache
public void lowerPriority(@PathParam("executionId") String execution) {
    auth.realm().requireManageRealm();
    AuthenticationExecutionModel model = realm.getAuthenticationExecutionById(execution);
    if (model == null) {
        session.getTransactionManager().setRollbackOnly();
        throw new NotFoundException("Illegal execution");
    }
    AuthenticationFlowModel parentFlow = getParentFlow(model);
    if (parentFlow.isBuiltIn()) {
        throw new BadRequestException("It is illegal to modify execution in a built in flow");
    }
    List<AuthenticationExecutionModel> executions = realm.getAuthenticationExecutionsStream(parentFlow.getId()).collect(Collectors.toList());
    int i;
    for (i = 0; i < executions.size(); i++) {
        if (executions.get(i).getId().equals(model.getId())) {
            break;
        }
    }
    if (i + 1 >= executions.size())
        return;
    AuthenticationExecutionModel next = executions.get(i + 1);
    int tmp = model.getPriority();
    model.setPriority(next.getPriority());
    realm.updateAuthenticatorExecution(model);
    next.setPriority(tmp);
    realm.updateAuthenticatorExecution(next);
    adminEvent.operation(OperationType.UPDATE).resource(ResourceType.AUTH_EXECUTION).resourcePath(session.getContext().getUri()).success();
}
Also used : AuthenticationExecutionModel(org.keycloak.models.AuthenticationExecutionModel) NotFoundException(javax.ws.rs.NotFoundException) AuthenticationFlowModel(org.keycloak.models.AuthenticationFlowModel) BadRequestException(javax.ws.rs.BadRequestException) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) NoCache(org.jboss.resteasy.annotations.cache.NoCache)

Example 24 with AuthenticationFlowModel

use of org.keycloak.models.AuthenticationFlowModel in project keycloak by keycloak.

the class AuthenticationManagementResource method getFlow.

/**
 * Get authentication flow for id
 *
 * @param id Flow id
 * @return
 */
@Path("/flows/{id}")
@GET
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public AuthenticationFlowRepresentation getFlow(@PathParam("id") String id) {
    auth.realm().requireViewRealm();
    AuthenticationFlowModel flow = realm.getAuthenticationFlowById(id);
    if (flow == null) {
        throw new NotFoundException("Could not find flow with id");
    }
    return ModelToRepresentation.toRepresentation(realm, flow);
}
Also used : AuthenticationFlowModel(org.keycloak.models.AuthenticationFlowModel) NotFoundException(javax.ws.rs.NotFoundException) Path(javax.ws.rs.Path) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) NoCache(org.jboss.resteasy.annotations.cache.NoCache)

Example 25 with AuthenticationFlowModel

use of org.keycloak.models.AuthenticationFlowModel in project keycloak by keycloak.

the class AuthenticationManagementResource method updateFlow.

/**
 * Update an authentication flow
 *
 * @param flow Authentication flow representation
 * @return
 */
@Path("/flows/{id}")
@PUT
@NoCache
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
public Response updateFlow(@PathParam("id") String id, AuthenticationFlowRepresentation flow) {
    auth.realm().requireManageRealm();
    AuthenticationFlowRepresentation existingFlow = getFlow(id);
    if (flow.getAlias() == null || flow.getAlias().isEmpty()) {
        return ErrorResponse.exists("Failed to update flow with empty alias name");
    }
    // check if updating a correct flow
    AuthenticationFlowModel checkFlow = realm.getAuthenticationFlowById(id);
    if (checkFlow == null) {
        session.getTransactionManager().setRollbackOnly();
        throw new NotFoundException("Illegal execution");
    }
    // if a different flow with the same name does already exist, throw an exception
    if (realm.getFlowByAlias(flow.getAlias()) != null && !checkFlow.getAlias().equals(flow.getAlias())) {
        return ErrorResponse.exists("Flow alias name already exists");
    }
    // if the name changed
    if (checkFlow.getAlias() != null && !checkFlow.getAlias().equals(flow.getAlias())) {
        checkFlow.setAlias(flow.getAlias());
    } else if (checkFlow.getAlias() == null && flow.getAlias() != null) {
        checkFlow.setAlias(flow.getAlias());
    }
    // check if the description changed
    if (checkFlow.getDescription() != null && !checkFlow.getDescription().equals(flow.getDescription())) {
        checkFlow.setDescription(flow.getDescription());
    } else if (checkFlow.getDescription() == null && flow.getDescription() != null) {
        checkFlow.setDescription(flow.getDescription());
    }
    // update the flow
    flow.setId(existingFlow.getId());
    realm.updateAuthenticationFlow(RepresentationToModel.toModel(flow));
    adminEvent.operation(OperationType.UPDATE).resourcePath(session.getContext().getUri()).representation(flow).success();
    return Response.accepted(flow).build();
}
Also used : AuthenticationFlowRepresentation(org.keycloak.representations.idm.AuthenticationFlowRepresentation) AuthenticationFlowModel(org.keycloak.models.AuthenticationFlowModel) NotFoundException(javax.ws.rs.NotFoundException) Path(javax.ws.rs.Path) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces) NoCache(org.jboss.resteasy.annotations.cache.NoCache) PUT(javax.ws.rs.PUT)

Aggregations

AuthenticationFlowModel (org.keycloak.models.AuthenticationFlowModel)60 AuthenticationExecutionModel (org.keycloak.models.AuthenticationExecutionModel)32 Path (javax.ws.rs.Path)14 RealmModel (org.keycloak.models.RealmModel)13 NoCache (org.jboss.resteasy.annotations.cache.NoCache)12 NotFoundException (javax.ws.rs.NotFoundException)9 AuthenticatorConfigModel (org.keycloak.models.AuthenticatorConfigModel)8 Consumes (javax.ws.rs.Consumes)7 POST (javax.ws.rs.POST)7 AuthenticationProcessor (org.keycloak.authentication.AuthenticationProcessor)7 BadRequestException (javax.ws.rs.BadRequestException)6 Produces (javax.ws.rs.Produces)6 Before (org.junit.Before)5 ClientModel (org.keycloak.models.ClientModel)5 HashMap (java.util.HashMap)4 GET (javax.ws.rs.GET)4 Response (javax.ws.rs.core.Response)3 IdentityProviderModel (org.keycloak.models.IdentityProviderModel)3 ModelException (org.keycloak.models.ModelException)3 ArrayList (java.util.ArrayList)2