Example 81 with RealmModel
use of org.keycloak.models.RealmModel in project keycloak by keycloak.
the class PersisterLastSessionRefreshStore method sendMessage.
protected void sendMessage(KeycloakSession kcSession, Map<String, SessionData> refreshesToSend) {
Map<String, Set<String>> sessionIdsByRealm = refreshesToSend.entrySet().stream().collect(Collectors.groupingBy(entry -> entry.getValue().getRealmId(), Collectors.mapping(Map.Entry::getKey, Collectors.toSet())));
// Update DB with a bit lower value than current time to ensure 'revokeRefreshToken' will work correctly taking server
int lastSessionRefresh = Time.currentTime() - SessionTimeoutHelper.PERIODIC_TASK_INTERVAL_SECONDS;
if (logger.isDebugEnabled()) {
logger.debugf("Updating %d userSessions with lastSessionRefresh: %d", refreshesToSend.size(), lastSessionRefresh);
}
UserSessionPersisterProvider persister = kcSession.getProvider(UserSessionPersisterProvider.class);
for (Map.Entry<String, Set<String>> entry : sessionIdsByRealm.entrySet()) {
RealmModel realm = kcSession.realms().getRealm(entry.getKey());
// Case when realm was deleted in the meantime. UserSessions were already deleted as well (callback for realm deletion)
if (realm == null) {
continue;
}
Set<String> userSessionIds = entry.getValue();
persister.updateLastSessionRefreshes(realm, lastSessionRefresh, userSessionIds, offline);
}
}
Also used :
RealmModel(org.keycloak.models.RealmModel)
UserSessionPersisterProvider(org.keycloak.models.session.UserSessionPersisterProvider)
Map(java.util.Map)
Logger(org.jboss.logging.Logger)
SessionTimeoutHelper(org.keycloak.models.utils.SessionTimeoutHelper)
Set(java.util.Set)
KeycloakSession(org.keycloak.models.KeycloakSession)
Collectors(java.util.stream.Collectors)
Time(org.keycloak.common.util.Time)
RealmModel(org.keycloak.models.RealmModel)
Set(java.util.Set)
UserSessionPersisterProvider(org.keycloak.models.session.UserSessionPersisterProvider)
Map(java.util.Map)
Example 82 with RealmModel
use of org.keycloak.models.RealmModel in project keycloak by keycloak.
the class DefaultHostnameProvider method getRealmFrontEndUrl.
protected URI getRealmFrontEndUrl() {
KeycloakSession session = Resteasy.getContextData(KeycloakSession.class);
URI realmUrl = (URI) session.getAttribute(REALM_URI_SESSION_ATTRIBUTE);
if (realmUrl == null) {
RealmModel realm = session.getContext().getRealm();
if (realm != null) {
String frontendUrl = realm.getAttribute("frontendUrl");
if (isNotBlank(frontendUrl)) {
realmUrl = URI.create(frontendUrl);
session.setAttribute(DefaultHostnameProvider.REALM_URI_SESSION_ATTRIBUTE, realmUrl);
return realmUrl;
}
}
}
return realmUrl;
}
Also used :
RealmModel(org.keycloak.models.RealmModel)
KeycloakSession(org.keycloak.models.KeycloakSession)
URI(java.net.URI)
Example 83 with RealmModel
use of org.keycloak.models.RealmModel in project keycloak by keycloak.
the class RepresentationToModel method createCredentials.
public static void createCredentials(UserRepresentation userRep, KeycloakSession session, RealmModel realm, UserModel user, boolean adminRequest) {
convertDeprecatedCredentialsFormat(userRep);
if (userRep.getCredentials() != null) {
for (CredentialRepresentation cred : userRep.getCredentials()) {
if (cred.getId() != null && session.userCredentialManager().getStoredCredentialById(realm, user, cred.getId()) != null) {
continue;
}
if (cred.getValue() != null && !cred.getValue().isEmpty()) {
RealmModel origRealm = session.getContext().getRealm();
try {
session.getContext().setRealm(realm);
session.userCredentialManager().updateCredential(realm, user, UserCredentialModel.password(cred.getValue(), false));
} catch (ModelException ex) {
throw new PasswordPolicyNotMetException(ex.getMessage(), user.getUsername(), ex);
} finally {
session.getContext().setRealm(origRealm);
}
} else {
session.userCredentialManager().createCredentialThroughProvider(realm, user, toModel(cred));
}
}
}
}
Also used :
CredentialRepresentation(org.keycloak.representations.idm.CredentialRepresentation)
RealmModel(org.keycloak.models.RealmModel)
ModelException(org.keycloak.models.ModelException)
PasswordPolicyNotMetException(org.keycloak.policy.PasswordPolicyNotMetException)
Example 84 with RealmModel
use of org.keycloak.models.RealmModel in project keycloak by keycloak.
the class RepresentationToModel method toModel.
public static ResourceServer toModel(ResourceServerRepresentation rep, AuthorizationProvider authorization, ClientModel client) {
ResourceServerStore resourceServerStore = authorization.getStoreFactory().getResourceServerStore();
ResourceServer resourceServer;
ResourceServer existing = resourceServerStore.findByClient(client);
if (existing == null) {
resourceServer = resourceServerStore.create(client);
resourceServer.setAllowRemoteResourceManagement(true);
resourceServer.setPolicyEnforcementMode(PolicyEnforcementMode.ENFORCING);
} else {
resourceServer = existing;
}
resourceServer.setPolicyEnforcementMode(rep.getPolicyEnforcementMode());
resourceServer.setAllowRemoteResourceManagement(rep.isAllowRemoteResourceManagement());
DecisionStrategy decisionStrategy = rep.getDecisionStrategy();
if (decisionStrategy == null) {
decisionStrategy = DecisionStrategy.UNANIMOUS;
}
resourceServer.setDecisionStrategy(decisionStrategy);
for (ScopeRepresentation scope : rep.getScopes()) {
toModel(scope, resourceServer, authorization);
}
KeycloakSession session = authorization.getKeycloakSession();
RealmModel realm = authorization.getRealm();
for (ResourceRepresentation resource : rep.getResources()) {
ResourceOwnerRepresentation owner = resource.getOwner();
if (owner == null) {
owner = new ResourceOwnerRepresentation();
owner.setId(resourceServer.getId());
resource.setOwner(owner);
} else if (owner.getName() != null) {
UserModel user = session.users().getUserByUsername(realm, owner.getName());
if (user != null) {
owner.setId(user.getId());
}
}
toModel(resource, resourceServer, authorization);
}
importPolicies(authorization, resourceServer, rep.getPolicies(), null);
return resourceServer;
}
Also used :
RealmModel(org.keycloak.models.RealmModel)
UserModel(org.keycloak.models.UserModel)
ResourceServerStore(org.keycloak.authorization.store.ResourceServerStore)
KeycloakSession(org.keycloak.models.KeycloakSession)
DecisionStrategy(org.keycloak.representations.idm.authorization.DecisionStrategy)
ScopeRepresentation(org.keycloak.representations.idm.authorization.ScopeRepresentation)
ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation)
ResourceOwnerRepresentation(org.keycloak.representations.idm.authorization.ResourceOwnerRepresentation)
ResourceServer(org.keycloak.authorization.model.ResourceServer)
ResourceRepresentation(org.keycloak.representations.idm.authorization.ResourceRepresentation)
Example 85 with RealmModel
use of org.keycloak.models.RealmModel in project keycloak by keycloak.
the class DefaultAuthenticationFlows method addIdentityProviderAuthenticator.
public static void addIdentityProviderAuthenticator(RealmModel realm, String defaultProvider) {
String browserFlowId = realm.getAuthenticationFlowsStream().filter(f -> Objects.equals(f.getAlias(), DefaultAuthenticationFlows.BROWSER_FLOW)).map(AuthenticationFlowModel::getId).findFirst().orElse(null);
if (browserFlowId != null) {
if (realm.getAuthenticationExecutionsStream(browserFlowId).anyMatch(e -> Objects.equals(e.getAuthenticator(), "identity-provider-redirector")))
return;
AuthenticationExecutionModel execution;
execution = new AuthenticationExecutionModel();
execution.setParentFlow(browserFlowId);
execution.setRequirement(AuthenticationExecutionModel.Requirement.ALTERNATIVE);
execution.setAuthenticator("identity-provider-redirector");
execution.setPriority(25);
execution.setAuthenticatorFlow(false);
if (defaultProvider != null) {
AuthenticatorConfigModel configModel = new AuthenticatorConfigModel();
Map<String, String> config = new HashMap<>();
config.put("defaultProvider", defaultProvider);
configModel.setConfig(config);
configModel.setAlias(defaultProvider);
configModel = realm.addAuthenticatorConfig(configModel);
execution.setAuthenticatorConfig(configModel.getId());
}
realm.addAuthenticatorExecution(execution);
}
}
Also used :
IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation)
RequiredCredentialModel(org.keycloak.models.RequiredCredentialModel)
java.util(java.util)
RealmModel(org.keycloak.models.RealmModel)
AuthenticationExecutionModel(org.keycloak.models.AuthenticationExecutionModel)
AuthenticatorConfigModel(org.keycloak.models.AuthenticatorConfigModel)
AuthenticationFlowModel(org.keycloak.models.AuthenticationFlowModel)
AuthenticationExecutionModel(org.keycloak.models.AuthenticationExecutionModel)
AuthenticationFlowModel(org.keycloak.models.AuthenticationFlowModel)
AuthenticatorConfigModel(org.keycloak.models.AuthenticatorConfigModel)
Aggregations
RealmModel (org.keycloak.models.RealmModel)591
Test (org.junit.Test)249
UserModel (org.keycloak.models.UserModel)225
KeycloakSession (org.keycloak.models.KeycloakSession)152
ClientModel (org.keycloak.models.ClientModel)149
AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)90
ModelTest (org.keycloak.testsuite.arquillian.annotation.ModelTest)84
ComponentModel (org.keycloak.component.ComponentModel)83
RoleModel (org.keycloak.models.RoleModel)73
UserSessionModel (org.keycloak.models.UserSessionModel)64
LDAPObject (org.keycloak.storage.ldap.idm.model.LDAPObject)62
List (java.util.List)55
LDAPStorageProvider (org.keycloak.storage.ldap.LDAPStorageProvider)51
GroupModel (org.keycloak.models.GroupModel)47
HashMap (java.util.HashMap)38
Collectors (java.util.stream.Collectors)34
CachedUserModel (org.keycloak.models.cache.CachedUserModel)34
Path (javax.ws.rs.Path)30
AbstractAuthTest (org.keycloak.testsuite.AbstractAuthTest)30
Map (java.util.Map)29
