Examples with RealmModel org.keycloak.models.RealmModel used on opensource projects

Example 21 with RealmModel

use of org.keycloak.models.RealmModel in project keycloak by keycloak.

the class ApplicationsBean method getApplications.

private Stream<ClientModel> getApplications(KeycloakSession session, RealmModel realm, UserModel user) {
    Predicate<ClientModel> bearerOnly = ClientModel::isBearerOnly;
    Stream<ClientModel> clients = realm.getClientsStream().filter(bearerOnly.negate());
    Predicate<ClientModel> isLocal = client -> new StorageId(client.getId()).isLocal();
    return Stream.concat(clients, session.users().getConsentsStream(realm, user.getId()).map(UserConsentModel::getClient).filter(isLocal.negate())).distinct();
}

Example 22 with RealmModel

use of org.keycloak.models.RealmModel in project keycloak by keycloak.

the class ApplicationsBean method processRoles.

private void processRoles(Set<RoleModel> inputRoles, List<RoleModel> realmRoles, MultivaluedHashMap<String, ClientRoleEntry> clientRoles) {
    for (RoleModel role : inputRoles) {
        if (role.getContainer() instanceof RealmModel) {
            realmRoles.add(role);
        } else {
            ClientModel currentClient = (ClientModel) role.getContainer();
            ClientRoleEntry clientRole = new ClientRoleEntry(currentClient.getClientId(), currentClient.getName(), role.getName(), role.getDescription());
            clientRoles.add(currentClient.getClientId(), clientRole);
        }
    }
}

Example 23 with RealmModel

use of org.keycloak.models.RealmModel in project keycloak by keycloak.

the class ImportUtils method importRealm.

/**
 * Fully import realm from representation, save it to model and return model of newly created realm
 *
 * @param session
 * @param rep
 * @param strategy specifies whether to overwrite or ignore existing realm or user entries
 * @param skipUserDependent If true, then import of any models, which needs users already imported in DB, will be skipped. For example authorization
 * @return newly imported realm (or existing realm if ignoreExisting is true and realm of this name already exists)
 */
public static boolean importRealm(KeycloakSession session, RealmRepresentation rep, Strategy strategy, boolean skipUserDependent) {
    String realmName = rep.getRealm();
    RealmProvider model = session.realms();
    RealmModel realm = model.getRealmByName(realmName);
    if (realm != null) {
        if (strategy == Strategy.IGNORE_EXISTING) {
            logger.infof("Realm '%s' already exists. Import skipped", realmName);
            return false;
        } else {
            logger.infof("Realm '%s' already exists. Removing it before import", realmName);
            if (Config.getAdminRealm().equals(realm.getId())) {
                // Delete all masterAdmin apps due to foreign key constraints
                model.getRealmsStream().forEach(r -> r.setMasterAdminClient(null));
            }
            // TODO: For migration between versions, it should be possible to delete just realm but keep it's users
            model.removeRealm(realm.getId());
        }
    }
    RealmManager realmManager = new RealmManager(session);
    realmManager.importRealm(rep, skipUserDependent);
    if (System.getProperty(ExportImportConfig.ACTION) != null) {
        logger.infof("Realm '%s' imported", realmName);
    }
    return true;
}

Example 24 with RealmModel

use of org.keycloak.models.RealmModel in project keycloak by keycloak.

the class DefaultKeyManager method getActiveKey.

@Override
public KeyWrapper getActiveKey(RealmModel realm, KeyUse use, String algorithm) {
    KeyWrapper activeKey = getActiveKey(getProviders(realm), realm, use, algorithm);
    if (activeKey != null) {
        return activeKey;
    }
    logger.debugv("Failed to find active key for realm, trying fallback: realm={0} algorithm={1} use={2}", realm.getName(), algorithm, use.name());
    Optional<KeyProviderFactory> keyProviderFactory = session.getKeycloakSessionFactory().getProviderFactoriesStream(KeyProvider.class).map(KeyProviderFactory.class::cast).filter(kf -> kf.createFallbackKeys(session, use, algorithm)).findFirst();
    if (keyProviderFactory.isPresent()) {
        providersMap.remove(realm.getId());
        List<KeyProvider> providers = getProviders(realm);
        activeKey = getActiveKey(providers, realm, use, algorithm);
        if (activeKey != null) {
            logger.infov("No keys found for realm={0} and algorithm={1} for use={2}. Generating keys.", realm.getName(), algorithm, use.name());
            return activeKey;
        }
    }
    logger.errorv("Failed to create fallback key for realm: realm={0} algorithm={1} use={2", realm.getName(), algorithm, use.name());
    throw new RuntimeException("Failed to find key: realm=" + realm.getName() + " algorithm=" + algorithm + " use=" + use.name());
}

Example 25 with RealmModel

use of org.keycloak.models.RealmModel in project keycloak by keycloak.

the class GeneratedEcdsaKeyProviderFactory method createFallbackKeys.

@Override
public boolean createFallbackKeys(KeycloakSession session, KeyUse keyUse, String algorithm) {
    if (keyUse.equals(KeyUse.SIG) && (algorithm.equals(Algorithm.ES256) || algorithm.equals(Algorithm.ES384) || algorithm.equals(Algorithm.ES512))) {
        RealmModel realm = session.getContext().getRealm();
        ComponentModel generated = new ComponentModel();
        generated.setName("fallback-" + algorithm);
        generated.setParentId(realm.getId());
        generated.setProviderId(ID);
        generated.setProviderType(KeyProvider.class.getName());
        MultivaluedHashMap<String, String> config = new MultivaluedHashMap<>();
        config.putSingle(Attributes.PRIORITY_KEY, "-100");
        config.putSingle(ECDSA_ELLIPTIC_CURVE_KEY, convertAlgorithmToECDomainParmNistRep(algorithm));
        generated.setConfig(config);
        realm.addComponentModel(generated);
        return true;
    } else {
        return false;
    }
}