Examples with ModelException org.keycloak.models.ModelException used on opensource projects

Example 66 with ModelException

use of org.keycloak.models.ModelException in project keycloak by keycloak.

the class OwnerReplacementTest method doTest.

private void doTest(KeycloakSession session1, BiFunction<KeycloakSession, RealmModel, String> realm1ObjectIdProducer, TriConsumer<KeycloakSession, RealmModel, String> testLookupRealm1ObjectInRealm2, TetraConsumer<KeycloakSession, RealmModel, RealmModel, String> updaterRealm1ObjectInRealm2, TriConsumer<KeycloakSession, RealmModel, String> testUpdateFailed, TetraConsumer<KeycloakSession, RealmModel, RealmModel, String> removeRealm1ObjectInRealm2, TriConsumer<KeycloakSession, RealmModel, String> testRemoveFailed) {
    // Transaction 1 - Lookup object of realm1
    AtomicReference<String> realm1ObjectId = new AtomicReference<>();
    KeycloakModelUtils.runJobInTransaction(session1.getKeycloakSessionFactory(), (KeycloakSession session) -> {
        RealmModel realm1 = session.getProvider(RealmProvider.class).getRealm("test");
        realm1ObjectId.set(realm1ObjectIdProducer.apply(session, realm1));
    });
    // Transaction 2
    KeycloakModelUtils.runJobInTransaction(session1.getKeycloakSessionFactory(), (KeycloakSession session) -> {
        RealmModel realm1 = session.getProvider(RealmProvider.class).getRealm("test");
        RealmModel realm2 = session.getProvider(RealmProvider.class).getRealm("foo");
        testLookupRealm1ObjectInRealm2.accept(session, realm2, realm1ObjectId.get());
        updaterRealm1ObjectInRealm2.accept(session, realm1, realm2, realm1ObjectId.get());
    });
    // Transaction 3
    KeycloakModelUtils.runJobInTransaction(session1.getKeycloakSessionFactory(), (KeycloakSession session) -> {
        RealmModel realm1 = session.getProvider(RealmProvider.class).getRealm("test");
        testUpdateFailed.accept(session, realm1, realm1ObjectId.get());
    });
    // Transaction 4
    try {
        KeycloakModelUtils.runJobInTransaction(session1.getKeycloakSessionFactory(), (KeycloakSession session) -> {
            RealmModel realm1 = session.getProvider(RealmProvider.class).getRealm("test");
            RealmModel realm2 = session.getProvider(RealmProvider.class).getRealm("foo");
            removeRealm1ObjectInRealm2.accept(session, realm1, realm2, realm1ObjectId.get());
        });
    } catch (ModelException e) {
    // This is fine. Attempt to remove on incorrect object can throw an exception in some cases, which will enforce transaction rollback
    }
    // Transaction 5
    KeycloakModelUtils.runJobInTransaction(session1.getKeycloakSessionFactory(), (KeycloakSession session) -> {
        RealmModel realm1 = session.getProvider(RealmProvider.class).getRealm("test");
        testRemoveFailed.accept(session, realm1, realm1ObjectId.get());
    });
}

Example 67 with ModelException

use of org.keycloak.models.ModelException in project keycloak by keycloak.

the class JpaUserFederatedStorageProvider method getGrantedConsentEntity.

private FederatedUserConsentEntity getGrantedConsentEntity(String userId, String clientId, LockModeType lockMode) {
    StorageId clientStorageId = new StorageId(clientId);
    String queryName = clientStorageId.isLocal() ? "userFederatedConsentByUserAndClient" : "userFederatedConsentByUserAndExternalClient";
    TypedQuery<FederatedUserConsentEntity> query = em.createNamedQuery(queryName, FederatedUserConsentEntity.class);
    query.setLockMode(lockMode);
    query.setParameter("userId", userId);
    if (clientStorageId.isLocal()) {
        query.setParameter("clientId", clientId);
    } else {
        query.setParameter("clientStorageProvider", clientStorageId.getProviderId());
        query.setParameter("externalClientId", clientStorageId.getExternalId());
    }
    List<FederatedUserConsentEntity> results = query.getResultList();
    if (results.size() > 1) {
        throw new ModelException("More results found for user [" + userId + "] and client [" + clientId + "]");
    } else if (results.size() == 1) {
        return results.get(0);
    } else {
        return null;
    }
}

Example 68 with ModelException

use of org.keycloak.models.ModelException in project keycloak by keycloak.

the class JpaUserProvider method getGrantedConsentEntity.

private UserConsentEntity getGrantedConsentEntity(String userId, String clientId, LockModeType lockMode) {
    StorageId clientStorageId = new StorageId(clientId);
    String queryName = clientStorageId.isLocal() ? "userConsentByUserAndClient" : "userConsentByUserAndExternalClient";
    TypedQuery<UserConsentEntity> query = em.createNamedQuery(queryName, UserConsentEntity.class);
    query.setParameter("userId", userId);
    if (clientStorageId.isLocal()) {
        query.setParameter("clientId", clientId);
    } else {
        query.setParameter("clientStorageProvider", clientStorageId.getProviderId());
        query.setParameter("externalClientId", clientStorageId.getExternalId());
    }
    query.setLockMode(lockMode);
    List<UserConsentEntity> results = query.getResultList();
    if (results.size() > 1) {
        throw new ModelException("More results found for user [" + userId + "] and client [" + clientId + "]");
    } else if (results.size() == 1) {
        return results.get(0);
    } else {
        return null;
    }
}

Example 69 with ModelException

use of org.keycloak.models.ModelException in project keycloak by keycloak.

the class JpaUserProvider method updateConsent.

@Override
public void updateConsent(RealmModel realm, String userId, UserConsentModel consent) {
    String clientId = consent.getClient().getId();
    UserConsentEntity consentEntity = getGrantedConsentEntity(userId, clientId, LockModeType.PESSIMISTIC_WRITE);
    if (consentEntity == null) {
        throw new ModelException("Consent not found for client [" + clientId + "] and user [" + userId + "]");
    }
    updateGrantedConsentEntity(consentEntity, consent);
}

Example 70 with ModelException

use of org.keycloak.models.ModelException in project keycloak by keycloak.

the class UpdatePassword method processAction.

@Override
public void processAction(RequiredActionContext context) {
    EventBuilder event = context.getEvent();
    AuthenticationSessionModel authSession = context.getAuthenticationSession();
    RealmModel realm = context.getRealm();
    UserModel user = context.getUser();
    KeycloakSession session = context.getSession();
    MultivaluedMap<String, String> formData = context.getHttpRequest().getDecodedFormParameters();
    event.event(EventType.UPDATE_PASSWORD);
    String passwordNew = formData.getFirst("password-new");
    String passwordConfirm = formData.getFirst("password-confirm");
    EventBuilder errorEvent = event.clone().event(EventType.UPDATE_PASSWORD_ERROR).client(authSession.getClient()).user(authSession.getAuthenticatedUser());
    if (Validation.isBlank(passwordNew)) {
        Response challenge = context.form().setAttribute("username", authSession.getAuthenticatedUser().getUsername()).addError(new FormMessage(Validation.FIELD_PASSWORD, Messages.MISSING_PASSWORD)).createResponse(UserModel.RequiredAction.UPDATE_PASSWORD);
        context.challenge(challenge);
        errorEvent.error(Errors.PASSWORD_MISSING);
        return;
    } else if (!passwordNew.equals(passwordConfirm)) {
        Response challenge = context.form().setAttribute("username", authSession.getAuthenticatedUser().getUsername()).addError(new FormMessage(Validation.FIELD_PASSWORD_CONFIRM, Messages.NOTMATCH_PASSWORD)).createResponse(UserModel.RequiredAction.UPDATE_PASSWORD);
        context.challenge(challenge);
        errorEvent.error(Errors.PASSWORD_CONFIRM_ERROR);
        return;
    }
    if (getId().equals(authSession.getClientNote(Constants.KC_ACTION_EXECUTING)) && "on".equals(formData.getFirst("logout-sessions"))) {
        session.sessions().getUserSessionsStream(realm, user).filter(s -> !Objects.equals(s.getId(), authSession.getParentSession().getId())).collect(// collect to avoid concurrent modification as backchannelLogout removes the user sessions.
        Collectors.toList()).forEach(s -> AuthenticationManager.backchannelLogout(session, realm, s, session.getContext().getUri(), context.getConnection(), context.getHttpRequest().getHttpHeaders(), true));
    }
    try {
        session.userCredentialManager().updateCredential(realm, user, UserCredentialModel.password(passwordNew, false));
        context.success();
    } catch (ModelException me) {
        errorEvent.detail(Details.REASON, me.getMessage()).error(Errors.PASSWORD_REJECTED);
        Response challenge = context.form().setAttribute("username", authSession.getAuthenticatedUser().getUsername()).setError(me.getMessage(), me.getParameters()).createResponse(UserModel.RequiredAction.UPDATE_PASSWORD);
        context.challenge(challenge);
        return;
    } catch (Exception ape) {
        errorEvent.detail(Details.REASON, ape.getMessage()).error(Errors.PASSWORD_REJECTED);
        Response challenge = context.form().setAttribute("username", authSession.getAuthenticatedUser().getUsername()).setError(ape.getMessage()).createResponse(UserModel.RequiredAction.UPDATE_PASSWORD);
        context.challenge(challenge);
        return;
    }
}