use of org.keycloak.models.ProtocolMapperModel in project keycloak by keycloak.
the class OpenshiftSAClientAdapter method createClientScope.
private ClientScopeModel createClientScope(String scope) {
ClientScopeModel managedScope = realm.getClientScopesStream().filter(scopeModel -> Objects.equals(scopeModel.getName(), scope)).findAny().orElse(null);
if (managedScope != null) {
return managedScope;
}
Map<String, String> attributes = new HashMap<>();
attributes.put(ClientScopeModel.DISPLAY_ON_CONSENT_SCREEN, Boolean.valueOf(isConsentRequired()).toString());
if (component.get(OpenshiftClientStorageProviderFactory.CONFIG_PROPERTY_DISPLAY_SCOPE_CONSENT_TEXT, Boolean.TRUE)) {
StringBuilder consentText = new StringBuilder("${openshift.scope.");
if (scope.indexOf(':') != -1) {
consentText.append(scope.replaceFirst(":", "_"));
}
attributes.put(ClientScopeModel.CONSENT_SCREEN_TEXT, consentText.append("}").toString());
} else {
attributes.put(ClientScopeModel.CONSENT_SCREEN_TEXT, scope);
}
return new AbstractReadOnlyClientScopeAdapter() {
@Override
public String getId() {
return scope;
}
@Override
public String getName() {
return scope;
}
@Override
public RealmModel getRealm() {
return realm;
}
@Override
public String getDescription() {
return scope;
}
@Override
public String getProtocol() {
return OIDCLoginProtocol.LOGIN_PROTOCOL;
}
@Override
public String getAttribute(String name) {
return attributes.get(name);
}
@Override
public Map<String, String> getAttributes() {
return attributes;
}
@Override
public Stream<ProtocolMapperModel> getProtocolMappersStream() {
return createDefaultProtocolMappers().stream();
}
@Override
public ProtocolMapperModel getProtocolMapperById(String id) {
return null;
}
@Override
public ProtocolMapperModel getProtocolMapperByName(String protocol, String name) {
return null;
}
@Override
public Stream<RoleModel> getScopeMappingsStream() {
return Stream.empty();
}
@Override
public Stream<RoleModel> getRealmScopeMappingsStream() {
return Stream.empty();
}
@Override
public boolean hasScope(RoleModel role) {
return false;
}
};
}
use of org.keycloak.models.ProtocolMapperModel in project keycloak by keycloak.
the class MigrateTo1_6_0 method migrateImport.
@Override
public void migrateImport(KeycloakSession session, RealmModel realm, RealmRepresentation rep, boolean skipUserDependent) {
MigrationProvider provider = session.getProvider(MigrationProvider.class);
ProtocolMapperModel localeMapper = provider.getBuiltinMappers("openid-connect").get("locale");
if (localeMapper == null) {
throw new RuntimeException("Can't find default locale mapper");
}
migrateRealm(session, localeMapper, realm);
}
use of org.keycloak.models.ProtocolMapperModel in project keycloak by keycloak.
the class MigrateTo1_6_0 method migrate.
public void migrate(KeycloakSession session) {
MigrationProvider provider = session.getProvider(MigrationProvider.class);
ProtocolMapperModel localeMapper = provider.getBuiltinMappers("openid-connect").get("locale");
if (localeMapper == null) {
throw new RuntimeException("Can't find default locale mapper");
}
session.realms().getRealmsStream().forEach(realm -> migrateRealm(session, localeMapper, realm));
}
use of org.keycloak.models.ProtocolMapperModel in project keycloak by keycloak.
the class RealmManager method setupAdminConsoleLocaleMapper.
protected void setupAdminConsoleLocaleMapper(RealmModel realm) {
ClientModel adminConsole = session.clients().getClientByClientId(realm, Constants.ADMIN_CONSOLE_CLIENT_ID);
ProtocolMapperModel localeMapper = adminConsole.getProtocolMapperByName(OIDCLoginProtocol.LOGIN_PROTOCOL, OIDCLoginProtocolFactory.LOCALE);
if (localeMapper == null) {
localeMapper = ProtocolMapperUtils.findLocaleMapper(session);
if (localeMapper != null) {
adminConsole.addProtocolMapper(localeMapper);
}
}
}
use of org.keycloak.models.ProtocolMapperModel in project keycloak by keycloak.
the class ClientManager method enableServiceAccount.
public void enableServiceAccount(ClientModel client) {
client.setServiceAccountsEnabled(true);
// Add dedicated user for this service account
if (realmManager.getSession().users().getServiceAccount(client) == null) {
String username = ServiceAccountConstants.SERVICE_ACCOUNT_USER_PREFIX + client.getClientId();
logger.debugf("Creating service account user '%s'", username);
// Don't use federation for service account user
UserModel user = realmManager.getSession().userLocalStorage().addUser(client.getRealm(), username);
user.setEnabled(true);
user.setServiceAccountClientLink(client.getId());
}
// Add protocol mappers to retrieve clientId in access token
if (client.getProtocolMapperByName(OIDCLoginProtocol.LOGIN_PROTOCOL, ServiceAccountConstants.CLIENT_ID_PROTOCOL_MAPPER) == null) {
logger.debugf("Creating service account protocol mapper '%s' for client '%s'", ServiceAccountConstants.CLIENT_ID_PROTOCOL_MAPPER, client.getClientId());
ProtocolMapperModel protocolMapper = UserSessionNoteMapper.createClaimMapper(ServiceAccountConstants.CLIENT_ID_PROTOCOL_MAPPER, ServiceAccountConstants.CLIENT_ID, ServiceAccountConstants.CLIENT_ID, "String", true, true);
client.addProtocolMapper(protocolMapper);
}
// Add protocol mappers to retrieve hostname and IP address of client in access token
if (client.getProtocolMapperByName(OIDCLoginProtocol.LOGIN_PROTOCOL, ServiceAccountConstants.CLIENT_HOST_PROTOCOL_MAPPER) == null) {
logger.debugf("Creating service account protocol mapper '%s' for client '%s'", ServiceAccountConstants.CLIENT_HOST_PROTOCOL_MAPPER, client.getClientId());
ProtocolMapperModel protocolMapper = UserSessionNoteMapper.createClaimMapper(ServiceAccountConstants.CLIENT_HOST_PROTOCOL_MAPPER, ServiceAccountConstants.CLIENT_HOST, ServiceAccountConstants.CLIENT_HOST, "String", true, true);
client.addProtocolMapper(protocolMapper);
}
if (client.getProtocolMapperByName(OIDCLoginProtocol.LOGIN_PROTOCOL, ServiceAccountConstants.CLIENT_ADDRESS_PROTOCOL_MAPPER) == null) {
logger.debugf("Creating service account protocol mapper '%s' for client '%s'", ServiceAccountConstants.CLIENT_ADDRESS_PROTOCOL_MAPPER, client.getClientId());
ProtocolMapperModel protocolMapper = UserSessionNoteMapper.createClaimMapper(ServiceAccountConstants.CLIENT_ADDRESS_PROTOCOL_MAPPER, ServiceAccountConstants.CLIENT_ADDRESS, ServiceAccountConstants.CLIENT_ADDRESS, "String", true, true);
client.addProtocolMapper(protocolMapper);
}
}
Aggregations