use of org.keycloak.models.RealmModel in project keycloak by keycloak.
the class PersisterLastSessionRefreshStore method sendMessage.
protected void sendMessage(KeycloakSession kcSession, Map<String, SessionData> refreshesToSend) {
Map<String, Set<String>> sessionIdsByRealm = refreshesToSend.entrySet().stream().collect(Collectors.groupingBy(entry -> entry.getValue().getRealmId(), Collectors.mapping(Map.Entry::getKey, Collectors.toSet())));
// Update DB with a bit lower value than current time to ensure 'revokeRefreshToken' will work correctly taking server
int lastSessionRefresh = Time.currentTime() - SessionTimeoutHelper.PERIODIC_TASK_INTERVAL_SECONDS;
if (logger.isDebugEnabled()) {
logger.debugf("Updating %d userSessions with lastSessionRefresh: %d", refreshesToSend.size(), lastSessionRefresh);
}
UserSessionPersisterProvider persister = kcSession.getProvider(UserSessionPersisterProvider.class);
for (Map.Entry<String, Set<String>> entry : sessionIdsByRealm.entrySet()) {
RealmModel realm = kcSession.realms().getRealm(entry.getKey());
// Case when realm was deleted in the meantime. UserSessions were already deleted as well (callback for realm deletion)
if (realm == null) {
continue;
}
Set<String> userSessionIds = entry.getValue();
persister.updateLastSessionRefreshes(realm, lastSessionRefresh, userSessionIds, offline);
}
}
use of org.keycloak.models.RealmModel in project keycloak by keycloak.
the class DefaultHostnameProvider method getRealmFrontEndUrl.
protected URI getRealmFrontEndUrl() {
KeycloakSession session = Resteasy.getContextData(KeycloakSession.class);
URI realmUrl = (URI) session.getAttribute(REALM_URI_SESSION_ATTRIBUTE);
if (realmUrl == null) {
RealmModel realm = session.getContext().getRealm();
if (realm != null) {
String frontendUrl = realm.getAttribute("frontendUrl");
if (isNotBlank(frontendUrl)) {
realmUrl = URI.create(frontendUrl);
session.setAttribute(DefaultHostnameProvider.REALM_URI_SESSION_ATTRIBUTE, realmUrl);
return realmUrl;
}
}
}
return realmUrl;
}
use of org.keycloak.models.RealmModel in project keycloak by keycloak.
the class RepresentationToModel method createCredentials.
public static void createCredentials(UserRepresentation userRep, KeycloakSession session, RealmModel realm, UserModel user, boolean adminRequest) {
convertDeprecatedCredentialsFormat(userRep);
if (userRep.getCredentials() != null) {
for (CredentialRepresentation cred : userRep.getCredentials()) {
if (cred.getId() != null && session.userCredentialManager().getStoredCredentialById(realm, user, cred.getId()) != null) {
continue;
}
if (cred.getValue() != null && !cred.getValue().isEmpty()) {
RealmModel origRealm = session.getContext().getRealm();
try {
session.getContext().setRealm(realm);
session.userCredentialManager().updateCredential(realm, user, UserCredentialModel.password(cred.getValue(), false));
} catch (ModelException ex) {
throw new PasswordPolicyNotMetException(ex.getMessage(), user.getUsername(), ex);
} finally {
session.getContext().setRealm(origRealm);
}
} else {
session.userCredentialManager().createCredentialThroughProvider(realm, user, toModel(cred));
}
}
}
}
use of org.keycloak.models.RealmModel in project keycloak by keycloak.
the class RepresentationToModel method toModel.
public static ResourceServer toModel(ResourceServerRepresentation rep, AuthorizationProvider authorization, ClientModel client) {
ResourceServerStore resourceServerStore = authorization.getStoreFactory().getResourceServerStore();
ResourceServer resourceServer;
ResourceServer existing = resourceServerStore.findByClient(client);
if (existing == null) {
resourceServer = resourceServerStore.create(client);
resourceServer.setAllowRemoteResourceManagement(true);
resourceServer.setPolicyEnforcementMode(PolicyEnforcementMode.ENFORCING);
} else {
resourceServer = existing;
}
resourceServer.setPolicyEnforcementMode(rep.getPolicyEnforcementMode());
resourceServer.setAllowRemoteResourceManagement(rep.isAllowRemoteResourceManagement());
DecisionStrategy decisionStrategy = rep.getDecisionStrategy();
if (decisionStrategy == null) {
decisionStrategy = DecisionStrategy.UNANIMOUS;
}
resourceServer.setDecisionStrategy(decisionStrategy);
for (ScopeRepresentation scope : rep.getScopes()) {
toModel(scope, resourceServer, authorization);
}
KeycloakSession session = authorization.getKeycloakSession();
RealmModel realm = authorization.getRealm();
for (ResourceRepresentation resource : rep.getResources()) {
ResourceOwnerRepresentation owner = resource.getOwner();
if (owner == null) {
owner = new ResourceOwnerRepresentation();
owner.setId(resourceServer.getId());
resource.setOwner(owner);
} else if (owner.getName() != null) {
UserModel user = session.users().getUserByUsername(realm, owner.getName());
if (user != null) {
owner.setId(user.getId());
}
}
toModel(resource, resourceServer, authorization);
}
importPolicies(authorization, resourceServer, rep.getPolicies(), null);
return resourceServer;
}
use of org.keycloak.models.RealmModel in project keycloak by keycloak.
the class DefaultAuthenticationFlows method addIdentityProviderAuthenticator.
public static void addIdentityProviderAuthenticator(RealmModel realm, String defaultProvider) {
String browserFlowId = realm.getAuthenticationFlowsStream().filter(f -> Objects.equals(f.getAlias(), DefaultAuthenticationFlows.BROWSER_FLOW)).map(AuthenticationFlowModel::getId).findFirst().orElse(null);
if (browserFlowId != null) {
if (realm.getAuthenticationExecutionsStream(browserFlowId).anyMatch(e -> Objects.equals(e.getAuthenticator(), "identity-provider-redirector")))
return;
AuthenticationExecutionModel execution;
execution = new AuthenticationExecutionModel();
execution.setParentFlow(browserFlowId);
execution.setRequirement(AuthenticationExecutionModel.Requirement.ALTERNATIVE);
execution.setAuthenticator("identity-provider-redirector");
execution.setPriority(25);
execution.setAuthenticatorFlow(false);
if (defaultProvider != null) {
AuthenticatorConfigModel configModel = new AuthenticatorConfigModel();
Map<String, String> config = new HashMap<>();
config.put("defaultProvider", defaultProvider);
configModel.setConfig(config);
configModel.setAlias(defaultProvider);
configModel = realm.addAuthenticatorConfig(configModel);
execution.setAuthenticatorConfig(configModel.getId());
}
realm.addAuthenticatorExecution(execution);
}
}
Aggregations