use of org.keycloak.models.ModelException in project keycloak by keycloak.
the class ClientPublicKeyLoader method getSignatureValidationKey.
private static KeyWrapper getSignatureValidationKey(CertificateRepresentation certInfo) throws ModelException {
KeyWrapper keyWrapper = new KeyWrapper();
String encodedCertificate = certInfo.getCertificate();
String encodedPublicKey = certInfo.getPublicKey();
if (encodedCertificate == null && encodedPublicKey == null) {
throw new ModelException("Client doesn't have certificate or publicKey configured");
}
if (encodedCertificate != null && encodedPublicKey != null) {
throw new ModelException("Client has both publicKey and certificate configured");
}
keyWrapper.setAlgorithm(Algorithm.RS256);
keyWrapper.setType(KeyType.RSA);
keyWrapper.setUse(KeyUse.SIG);
String kid = null;
if (encodedCertificate != null) {
X509Certificate clientCert = KeycloakModelUtils.getCertificate(encodedCertificate);
// Check if we have kid in DB, generate otherwise
kid = certInfo.getKid() != null ? certInfo.getKid() : KeyUtils.createKeyId(clientCert.getPublicKey());
keyWrapper.setKid(kid);
keyWrapper.setPublicKey(clientCert.getPublicKey());
keyWrapper.setCertificate(clientCert);
} else {
PublicKey publicKey = KeycloakModelUtils.getPublicKey(encodedPublicKey);
// Check if we have kid in DB, generate otherwise
kid = certInfo.getKid() != null ? certInfo.getKid() : KeyUtils.createKeyId(publicKey);
keyWrapper.setKid(kid);
keyWrapper.setPublicKey(publicKey);
}
return keyWrapper;
}
use of org.keycloak.models.ModelException in project keycloak by keycloak.
the class ClientStorageManager method getStorageProvider.
public static ClientStorageProvider getStorageProvider(KeycloakSession session, RealmModel realm, String componentId) {
ComponentModel model = realm.getComponent(componentId);
if (model == null)
return null;
ClientStorageProviderModel storageModel = new ClientStorageProviderModel(model);
ClientStorageProviderFactory factory = (ClientStorageProviderFactory) session.getKeycloakSessionFactory().getProviderFactory(ClientStorageProvider.class, model.getProviderId());
if (factory == null) {
throw new ModelException("Could not find ClientStorageProviderFactory for: " + model.getProviderId());
}
return getStorageProviderInstance(session, storageModel, factory);
}
use of org.keycloak.models.ModelException in project keycloak by keycloak.
the class RoleStorageManager method getStorageProvider.
public static RoleStorageProvider getStorageProvider(KeycloakSession session, RealmModel realm, String componentId) {
ComponentModel model = realm.getComponent(componentId);
if (model == null)
return null;
RoleStorageProviderModel storageModel = new RoleStorageProviderModel(model);
RoleStorageProviderFactory factory = (RoleStorageProviderFactory) session.getKeycloakSessionFactory().getProviderFactory(RoleStorageProvider.class, model.getProviderId());
if (factory == null) {
throw new ModelException("Could not find RoletStorageProviderFactory for: " + model.getProviderId());
}
return getStorageProviderInstance(session, storageModel, factory);
}
use of org.keycloak.models.ModelException in project keycloak by keycloak.
the class UserStorageManager method removeUser.
@Override
public boolean removeUser(RealmModel realm, UserModel user) {
if (getFederatedStorage() != null)
getFederatedStorage().preRemove(realm, user);
StorageId storageId = new StorageId(user.getId());
if (storageId.getProviderId() == null) {
String federationLink = user.getFederationLink();
boolean linkRemoved = federationLink == null || Optional.ofNullable(getStorageProviderInstance(realm, federationLink, UserRegistrationProvider.class)).map(provider -> provider.removeUser(realm, user)).orElse(false);
return localStorage().removeUser(realm, user) && linkRemoved;
}
UserRegistrationProvider registry = getStorageProviderInstance(realm, storageId.getProviderId(), UserRegistrationProvider.class);
if (registry == null) {
throw new ModelException("Could not resolve UserRegistrationProvider: " + storageId.getProviderId());
}
return registry.removeUser(realm, user);
}
use of org.keycloak.models.ModelException in project keycloak by keycloak.
the class UserConsentModelTest method setupEnv.
public static void setupEnv(KeycloakSession session) {
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionEnv) -> {
KeycloakSession currentSession = sessionEnv;
RealmManager realmManager = new RealmManager(currentSession);
RealmModel realm = realmManager.createRealm("original");
ClientModel fooClient = realm.addClient("foo-client");
ClientModel barClient = realm.addClient("bar-client");
ClientScopeModel fooScope = realm.addClientScope("foo");
fooScope.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
ClientScopeModel barScope = realm.addClientScope("bar");
fooScope.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
UserModel john = currentSession.users().addUser(realm, "john");
UserModel mary = currentSession.users().addUser(realm, "mary");
UserConsentModel johnFooGrant = new UserConsentModel(fooClient);
johnFooGrant.addGrantedClientScope(fooScope);
realmManager.getSession().users().addConsent(realm, john.getId(), johnFooGrant);
UserConsentModel johnBarGrant = new UserConsentModel(barClient);
johnBarGrant.addGrantedClientScope(barScope);
// Update should fail as grant doesn't yet exists
try {
realmManager.getSession().users().updateConsent(realm, john.getId(), johnBarGrant);
Assert.fail("Not expected to end here");
} catch (ModelException expected) {
}
realmManager.getSession().users().addConsent(realm, john.getId(), johnBarGrant);
UserConsentModel maryFooGrant = new UserConsentModel(fooClient);
maryFooGrant.addGrantedClientScope(fooScope);
realmManager.getSession().users().addConsent(realm, mary.getId(), maryFooGrant);
ClientStorageProviderModel clientStorage = new ClientStorageProviderModel();
clientStorage.setProviderId(HardcodedClientStorageProviderFactory.PROVIDER_ID);
clientStorage.getConfig().putSingle(HardcodedClientStorageProviderFactory.CLIENT_ID, "hardcoded-client");
clientStorage.getConfig().putSingle(HardcodedClientStorageProviderFactory.REDIRECT_URI, "http://localhost:8081/*");
clientStorage.getConfig().putSingle(HardcodedClientStorageProviderFactory.CONSENT, "true");
clientStorage.setParentId(realm.getId());
clientStorageComponent = realm.addComponentModel(clientStorage);
ClientModel hardcodedClient = currentSession.clients().getClientByClientId(realm, "hardcoded-client");
Assert.assertNotNull(hardcodedClient);
UserConsentModel maryHardcodedGrant = new UserConsentModel(hardcodedClient);
realmManager.getSession().users().addConsent(realm, mary.getId(), maryHardcodedGrant);
});
}
Aggregations