Examples with AuthenticationFlowModel org.keycloak.models.AuthenticationFlowModel used on opensource projects

Example 36 with AuthenticationFlowModel

use of org.keycloak.models.AuthenticationFlowModel in project keycloak by keycloak.

the class AuthenticationManagementResource method addExecution.

/**
 * Add new authentication execution
 *
 * @param execution JSON model describing authentication execution
 */
@Path("/executions")
@POST
@NoCache
@Consumes(MediaType.APPLICATION_JSON)
public Response addExecution(AuthenticationExecutionRepresentation execution) {
    auth.realm().requireManageRealm();
    AuthenticationExecutionModel model = RepresentationToModel.toModel(realm, execution);
    AuthenticationFlowModel parentFlow = getParentFlow(model);
    if (parentFlow.isBuiltIn()) {
        throw new BadRequestException("It is illegal to add execution to a built in flow");
    }
    model.setPriority(getNextPriority(parentFlow));
    model = realm.addAuthenticatorExecution(model);
    adminEvent.operation(OperationType.CREATE).resource(ResourceType.AUTH_EXECUTION).resourcePath(session.getContext().getUri(), model.getId()).representation(execution).success();
    return Response.created(session.getContext().getUri().getAbsolutePathBuilder().path(model.getId()).build()).build();
}

Example 37 with AuthenticationFlowModel

use of org.keycloak.models.AuthenticationFlowModel in project keycloak by keycloak.

the class AuthenticationManagementResource method copy.

/**
 * Copy existing authentication flow under a new name
 *
 * The new name is given as 'newName' attribute of the passed JSON object
 *
 * @param flowAlias Name of the existing authentication flow
 * @param data JSON containing 'newName' attribute
 */
@Path("/flows/{flowAlias}/copy")
@POST
@NoCache
@Consumes(MediaType.APPLICATION_JSON)
public Response copy(@PathParam("flowAlias") String flowAlias, Map<String, String> data) {
    auth.realm().requireManageRealm();
    String newName = data.get("newName");
    if (realm.getFlowByAlias(newName) != null) {
        return ErrorResponse.exists("New flow alias name already exists");
    }
    AuthenticationFlowModel flow = realm.getFlowByAlias(flowAlias);
    if (flow == null) {
        logger.debug("flow not found: " + flowAlias);
        return Response.status(NOT_FOUND).build();
    }
    AuthenticationFlowModel copy = copyFlow(realm, flow, newName);
    data.put("id", copy.getId());
    adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri()).representation(data).success();
    return Response.status(Response.Status.CREATED).build();
}

Example 38 with AuthenticationFlowModel

use of org.keycloak.models.AuthenticationFlowModel in project keycloak by keycloak.

the class AuthenticationManagementResource method updateExecutions.

/**
 * Update authentication executions of a Flow
 * @param flowAlias Flow alias
 * @param rep AuthenticationExecutionInfoRepresentation
 */
@Path("/flows/{flowAlias}/executions")
@PUT
@NoCache
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
public Response updateExecutions(@PathParam("flowAlias") String flowAlias, AuthenticationExecutionInfoRepresentation rep) {
    auth.realm().requireManageRealm();
    AuthenticationFlowModel flow = realm.getFlowByAlias(flowAlias);
    if (flow == null) {
        logger.debug("flow not found: " + flowAlias);
        throw new NotFoundException("flow not found");
    }
    AuthenticationExecutionModel model = realm.getAuthenticationExecutionById(rep.getId());
    if (model == null) {
        session.getTransactionManager().setRollbackOnly();
        throw new NotFoundException("Illegal execution");
    }
    if (!model.getRequirement().name().equals(rep.getRequirement())) {
        model.setRequirement(AuthenticationExecutionModel.Requirement.valueOf(rep.getRequirement()));
        realm.updateAuthenticatorExecution(model);
        adminEvent.operation(OperationType.UPDATE).resource(ResourceType.AUTH_EXECUTION).resourcePath(session.getContext().getUri()).representation(rep).success();
        return Response.accepted(flow).build();
    }
    // executions can't have name and description updated
    if (rep.getAuthenticationFlow() == null) {
        return Response.accepted(flow).build();
    }
    // check if updating a correct flow
    AuthenticationFlowModel checkFlow = realm.getAuthenticationFlowById(rep.getFlowId());
    if (checkFlow == null) {
        session.getTransactionManager().setRollbackOnly();
        throw new NotFoundException("Illegal execution");
    }
    // if a different flow with the same name does already exist, throw an exception
    if (realm.getFlowByAlias(rep.getDisplayName()) != null && !checkFlow.getAlias().equals(rep.getDisplayName())) {
        return ErrorResponse.exists("Flow alias name already exists");
    }
    // if the name changed
    if (!checkFlow.getAlias().equals(rep.getDisplayName())) {
        checkFlow.setAlias(rep.getDisplayName());
    }
    // check if the description changed
    if (!checkFlow.getDescription().equals(rep.getDescription())) {
        checkFlow.setDescription(rep.getDescription());
    }
    // update the flow
    realm.updateAuthenticationFlow(checkFlow);
    adminEvent.operation(OperationType.UPDATE).resource(ResourceType.AUTH_EXECUTION).resourcePath(session.getContext().getUri()).representation(rep).success();
    return Response.accepted(flow).build();
}

Example 39 with AuthenticationFlowModel

use of org.keycloak.models.AuthenticationFlowModel in project keycloak by keycloak.

the class AuthenticationManagementResource method getExecutions.

/**
 * Get authentication executions for a flow
 *
 * @param flowAlias Flow alias
 */
@Path("/flows/{flowAlias}/executions")
@GET
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public Response getExecutions(@PathParam("flowAlias") String flowAlias) {
    auth.realm().requireViewRealm();
    AuthenticationFlowModel flow = realm.getFlowByAlias(flowAlias);
    if (flow == null) {
        logger.debug("flow not found: " + flowAlias);
        return Response.status(NOT_FOUND).build();
    }
    List<AuthenticationExecutionInfoRepresentation> result = new LinkedList<>();
    int level = 0;
    recurseExecutions(flow, result, level);
    return Response.ok(result).build();
}

Example 40 with AuthenticationFlowModel

use of org.keycloak.models.AuthenticationFlowModel in project keycloak by keycloak.

the class AuthenticationManagementResource method deleteFlow.

private void deleteFlow(String id, boolean isTopMostLevel) {
    AuthenticationFlowModel flow = realm.getAuthenticationFlowById(id);
    if (flow == null) {
        throw new NotFoundException("Could not find flow with id");
    }
    if (flow.isBuiltIn()) {
        throw new BadRequestException("Can't delete built in flow");
    }
    realm.getAuthenticationExecutionsStream(id).map(AuthenticationExecutionModel::getFlowId).filter(Objects::nonNull).forEachOrdered(flowId -> deleteFlow(flowId, false));
    realm.removeAuthenticationFlow(flow);
    // Use just one event for top-level flow. Using separate events won't work properly for flows of depth 2 or bigger
    if (isTopMostLevel)
        adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri()).success();
}