use of org.keycloak.models.ModelException in project keycloak by keycloak.
the class JpaRealmProvider method removeRole.
@Override
public boolean removeRole(RoleModel role) {
RealmModel realm;
if (role.getContainer() instanceof RealmModel) {
realm = (RealmModel) role.getContainer();
} else if (role.getContainer() instanceof ClientModel) {
realm = ((ClientModel) role.getContainer()).getRealm();
} else {
throw new IllegalStateException("RoleModel's container isn not instance of either RealmModel or ClientModel");
}
session.users().preRemove(realm, role);
RoleEntity roleEntity = em.getReference(RoleEntity.class, role.getId());
if (roleEntity == null || !roleEntity.getRealmId().equals(realm.getId())) {
// Throw model exception to ensure transaction rollback and revert previous operations (removing default roles) as well
throw new ModelException("Role not found or trying to remove role from incorrect realm");
}
String compositeRoleTable = JpaUtils.getTableNameForNativeQuery("COMPOSITE_ROLE", em);
em.createNativeQuery("delete from " + compositeRoleTable + " where CHILD_ROLE = :role").setParameter("role", roleEntity).executeUpdate();
em.createNamedQuery("deleteClientScopeRoleMappingByRole").setParameter("role", roleEntity).executeUpdate();
em.flush();
em.remove(roleEntity);
session.getKeycloakSessionFactory().publish(roleRemovedEvent(role));
em.flush();
return true;
}
use of org.keycloak.models.ModelException in project keycloak by keycloak.
the class JpaUserProvider method toConsentModel.
private UserConsentModel toConsentModel(RealmModel realm, UserConsentEntity entity) {
if (entity == null) {
return null;
}
StorageId clientStorageId = null;
if (entity.getClientId() == null) {
clientStorageId = new StorageId(entity.getClientStorageProvider(), entity.getExternalClientId());
} else {
clientStorageId = new StorageId(entity.getClientId());
}
ClientModel client = realm.getClientById(clientStorageId.getId());
if (client == null) {
throw new ModelException("Client with id " + clientStorageId.getId() + " is not available");
}
UserConsentModel model = new UserConsentModel(client);
model.setCreatedDate(entity.getCreatedDate());
model.setLastUpdatedDate(entity.getLastUpdatedDate());
Collection<UserConsentClientScopeEntity> grantedClientScopeEntities = entity.getGrantedClientScopes();
if (grantedClientScopeEntities != null) {
for (UserConsentClientScopeEntity grantedClientScope : grantedClientScopeEntities) {
ClientScopeModel grantedClientScopeModel = KeycloakModelUtils.findClientScopeById(realm, client, grantedClientScope.getScopeId());
if (grantedClientScopeModel != null) {
model.addGrantedClientScope(grantedClientScopeModel);
}
}
}
return model;
}
use of org.keycloak.models.ModelException in project keycloak by keycloak.
the class JpaUserProvider method setNotBeforeForUser.
@Override
public void setNotBeforeForUser(RealmModel realm, UserModel user, int notBefore) {
UserEntity entity = em.getReference(UserEntity.class, user.getId());
if (entity == null) {
throw new ModelException("User does not exists");
}
entity.setNotBefore(notBefore);
}
use of org.keycloak.models.ModelException in project keycloak by keycloak.
the class JpaUserFederatedStorageProvider method updateConsent.
@Override
public void updateConsent(RealmModel realm, String userId, UserConsentModel consent) {
createIndex(realm, userId);
String clientId = consent.getClient().getId();
FederatedUserConsentEntity consentEntity = getGrantedConsentEntity(userId, clientId, LockModeType.PESSIMISTIC_WRITE);
if (consentEntity == null) {
throw new ModelException("Consent not found for client [" + clientId + "] and user [" + userId + "]");
}
updateGrantedConsentEntity(consentEntity, consent);
}
use of org.keycloak.models.ModelException in project keycloak by keycloak.
the class RepresentationToModel method toModel.
public static IdentityProviderModel toModel(RealmModel realm, IdentityProviderRepresentation representation, KeycloakSession session) {
IdentityProviderFactory providerFactory = (IdentityProviderFactory) session.getKeycloakSessionFactory().getProviderFactory(IdentityProvider.class, representation.getProviderId());
if (providerFactory == null) {
providerFactory = (IdentityProviderFactory) session.getKeycloakSessionFactory().getProviderFactory(SocialIdentityProvider.class, representation.getProviderId());
}
if (providerFactory == null) {
throw new IllegalArgumentException("Invalid identity provider id [" + representation.getProviderId() + "]");
}
IdentityProviderModel identityProviderModel = providerFactory.createConfig();
identityProviderModel.setInternalId(representation.getInternalId());
identityProviderModel.setAlias(representation.getAlias());
identityProviderModel.setDisplayName(representation.getDisplayName());
identityProviderModel.setProviderId(representation.getProviderId());
identityProviderModel.setEnabled(representation.isEnabled());
identityProviderModel.setLinkOnly(representation.isLinkOnly());
identityProviderModel.setTrustEmail(representation.isTrustEmail());
identityProviderModel.setAuthenticateByDefault(representation.isAuthenticateByDefault());
identityProviderModel.setStoreToken(representation.isStoreToken());
identityProviderModel.setAddReadTokenRoleOnCreate(representation.isAddReadTokenRoleOnCreate());
identityProviderModel.setConfig(removeEmptyString(representation.getConfig()));
String flowAlias = representation.getFirstBrokerLoginFlowAlias();
if (flowAlias == null) {
flowAlias = DefaultAuthenticationFlows.FIRST_BROKER_LOGIN_FLOW;
}
AuthenticationFlowModel flowModel = realm.getFlowByAlias(flowAlias);
if (flowModel == null) {
throw new ModelException("No available authentication flow with alias: " + flowAlias);
}
identityProviderModel.setFirstBrokerLoginFlowId(flowModel.getId());
flowAlias = representation.getPostBrokerLoginFlowAlias();
if (flowAlias == null || flowAlias.trim().length() == 0) {
identityProviderModel.setPostBrokerLoginFlowId(null);
} else {
flowModel = realm.getFlowByAlias(flowAlias);
if (flowModel == null) {
throw new ModelException("No available authentication flow with alias: " + flowAlias);
}
identityProviderModel.setPostBrokerLoginFlowId(flowModel.getId());
}
identityProviderModel.validate(realm);
return identityProviderModel;
}
Aggregations