Search in sources :

Example 6 with KeycloakContext

use of org.keycloak.models.KeycloakContext in project keycloak by keycloak.

the class LDAPUserPropertiesMappingTest method createAndReadUser.

@Test
public void createAndReadUser() {
    testingClient.server(TEST_REALM_NAME).run(session -> {
        KeycloakContext context = session.getContext();
        RealmModel realm = context.getRealm();
        UserModel test10 = session.users().getUserByUsername(DIETMAR, realm);
        Assert.assertTrue(test10.isEnabled());
        Assert.assertTrue(test10.isEmailVerified());
        UserModel test11 = session.users().getUserByUsername(STEFAN, realm);
        Assert.assertFalse(test11.isEnabled());
        Assert.assertFalse(test11.isEmailVerified());
        ComponentModel ldapProviderModel = LDAPTestUtils.getLdapProviderModel(realm);
        LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapProviderModel);
        LDAPObject user10FromLdap = ldapProvider.loadLDAPUserByUsername(realm, DIETMAR);
        Assert.assertTrue(Boolean.parseBoolean(user10FromLdap.getAttributeAsString(USER_EMAIL_VERIFIED_LDAP_ATTRIBUTE)));
        Assert.assertTrue(Boolean.parseBoolean(user10FromLdap.getAttributeAsString(USER_ENABLED_LDAP_ATTRIBUTE)));
        LDAPObject user11FromLdap = ldapProvider.loadLDAPUserByUsername(realm, STEFAN);
        Assert.assertFalse(Boolean.parseBoolean(user11FromLdap.getAttributeAsString(USER_EMAIL_VERIFIED_LDAP_ATTRIBUTE)));
        Assert.assertFalse(Boolean.parseBoolean(user11FromLdap.getAttributeAsString(USER_ENABLED_LDAP_ATTRIBUTE)));
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) UserModel(org.keycloak.models.UserModel) KeycloakContext(org.keycloak.models.KeycloakContext) ComponentModel(org.keycloak.component.ComponentModel) LDAPStorageProvider(org.keycloak.storage.ldap.LDAPStorageProvider) LDAPObject(org.keycloak.storage.ldap.idm.model.LDAPObject) Test(org.junit.Test)

Example 7 with KeycloakContext

use of org.keycloak.models.KeycloakContext in project keycloak by keycloak.

the class DeviceEndpointFactory method create.

@Override
public RealmResourceProvider create(KeycloakSession session) {
    KeycloakContext context = session.getContext();
    RealmModel realm = context.getRealm();
    EventBuilder event = new EventBuilder(realm, session, context.getConnection());
    DeviceEndpoint provider = new DeviceEndpoint(realm, event);
    ResteasyProviderFactory.getInstance().injectProperties(provider);
    return provider;
}
Also used : RealmModel(org.keycloak.models.RealmModel) EventBuilder(org.keycloak.events.EventBuilder) KeycloakContext(org.keycloak.models.KeycloakContext)

Example 8 with KeycloakContext

use of org.keycloak.models.KeycloakContext in project keycloak by keycloak.

the class DeleteAccount method processAction.

@Override
public void processAction(RequiredActionContext context) {
    KeycloakSession session = context.getSession();
    EventBuilder eventBuilder = context.getEvent();
    KeycloakContext keycloakContext = session.getContext();
    RealmModel realm = keycloakContext.getRealm();
    UserModel user = keycloakContext.getAuthenticationSession().getAuthenticatedUser();
    try {
        if (!clientHasDeleteAccountRole(context)) {
            throw new ForbiddenException();
        }
        boolean removed = new UserManager(session).removeUser(realm, user);
        if (removed) {
            eventBuilder.event(EventType.DELETE_ACCOUNT).client(keycloakContext.getClient()).user(user).detail(Details.USERNAME, user.getUsername()).success();
            cleanSession(context, RequiredActionContext.KcActionStatus.SUCCESS);
            context.challenge(context.form().setAttribute("messageHeader", "").setInfo("userDeletedSuccessfully").createForm("info.ftl"));
        } else {
            eventBuilder.event(EventType.DELETE_ACCOUNT).client(keycloakContext.getClient()).user(user).detail(Details.USERNAME, user.getUsername()).error("User could not be deleted");
            cleanSession(context, RequiredActionContext.KcActionStatus.ERROR);
            context.failure();
        }
    } catch (ForbiddenException forbidden) {
        logger.error("account client does not have the required roles for user deletion");
        eventBuilder.event(EventType.DELETE_ACCOUNT_ERROR).client(keycloakContext.getClient()).user(keycloakContext.getAuthenticationSession().getAuthenticatedUser()).detail(Details.REASON, "does not have the required roles for user deletion").error(Errors.USER_DELETE_ERROR);
        // deletingAccountForbidden
        context.challenge(context.form().setAttribute(TRIGGERED_FROM_AIA, isCurrentActionTriggeredFromAIA(context)).setError(Messages.DELETE_ACCOUNT_LACK_PRIVILEDGES).createForm("delete-account-confirm.ftl"));
    } catch (Exception exception) {
        logger.error("unexpected error happened during account deletion", exception);
        eventBuilder.event(EventType.DELETE_ACCOUNT_ERROR).client(keycloakContext.getClient()).user(keycloakContext.getAuthenticationSession().getAuthenticatedUser()).detail(Details.REASON, exception.getMessage()).error(Errors.USER_DELETE_ERROR);
        context.challenge(context.form().setError(Messages.DELETE_ACCOUNT_ERROR).createForm("delete-account-confirm.ftl"));
    }
}
Also used : RealmModel(org.keycloak.models.RealmModel) UserModel(org.keycloak.models.UserModel) ForbiddenException(org.keycloak.services.ForbiddenException) EventBuilder(org.keycloak.events.EventBuilder) KeycloakContext(org.keycloak.models.KeycloakContext) UserManager(org.keycloak.models.UserManager) KeycloakSession(org.keycloak.models.KeycloakSession) ForbiddenException(org.keycloak.services.ForbiddenException)

Example 9 with KeycloakContext

use of org.keycloak.models.KeycloakContext in project keycloak by keycloak.

the class AbstractUserProfileProvider method editUsernameCondition.

private static boolean editUsernameCondition(AttributeContext c) {
    KeycloakSession session = c.getSession();
    KeycloakContext context = session.getContext();
    RealmModel realm = context.getRealm();
    switch(c.getContext()) {
        case REGISTRATION_PROFILE:
        case IDP_REVIEW:
            return !realm.isRegistrationEmailAsUsername();
        case ACCOUNT_OLD:
        case ACCOUNT:
        case UPDATE_PROFILE:
            return realm.isEditUsernameAllowed();
        case USER_API:
            return true;
        default:
            return false;
    }
}
Also used : RealmModel(org.keycloak.models.RealmModel) KeycloakContext(org.keycloak.models.KeycloakContext) KeycloakSession(org.keycloak.models.KeycloakSession)

Example 10 with KeycloakContext

use of org.keycloak.models.KeycloakContext in project keycloak by keycloak.

the class AbstractUserProfileProvider method readUsernameCondition.

private static boolean readUsernameCondition(AttributeContext c) {
    KeycloakSession session = c.getSession();
    KeycloakContext context = session.getContext();
    RealmModel realm = context.getRealm();
    switch(c.getContext()) {
        case REGISTRATION_PROFILE:
        case IDP_REVIEW:
            return !realm.isRegistrationEmailAsUsername();
        case UPDATE_PROFILE:
            return realm.isEditUsernameAllowed();
        default:
            return true;
    }
}
Also used : RealmModel(org.keycloak.models.RealmModel) KeycloakContext(org.keycloak.models.KeycloakContext) KeycloakSession(org.keycloak.models.KeycloakSession)

Aggregations

KeycloakContext (org.keycloak.models.KeycloakContext)10 RealmModel (org.keycloak.models.RealmModel)7 KeycloakSession (org.keycloak.models.KeycloakSession)4 UserModel (org.keycloak.models.UserModel)3 UriBuilder (javax.ws.rs.core.UriBuilder)2 EventBuilder (org.keycloak.events.EventBuilder)2 KeycloakUriInfo (org.keycloak.models.KeycloakUriInfo)2 OAuth2DeviceTokenStoreProvider (org.keycloak.models.OAuth2DeviceTokenStoreProvider)2 IOException (java.io.IOException)1 DateFormat (java.text.DateFormat)1 ParseException (java.text.ParseException)1 Locale (java.util.Locale)1 Map (java.util.Map)1 Cookie (javax.ws.rs.core.Cookie)1 HttpHeaders (javax.ws.rs.core.HttpHeaders)1 UriInfo (javax.ws.rs.core.UriInfo)1 Test (org.junit.Test)1 ComponentModel (org.keycloak.component.ComponentModel)1 UserManager (org.keycloak.models.UserManager)1 DeviceRepresentation (org.keycloak.representations.account.DeviceRepresentation)1