Example 1 with ScriptModel
use of org.keycloak.models.ScriptModel in project keycloak by keycloak.
the class ScriptBasedAuthenticator method getInvocableScriptAdapter.
private InvocableScriptAdapter getInvocableScriptAdapter(AuthenticationFlowContext context) {
Map<String, String> config = getAuthenticatorConfig(context).getConfig();
String scriptName = config.get(SCRIPT_NAME);
String scriptCode = config.get(SCRIPT_CODE);
String scriptDescription = config.get(SCRIPT_DESCRIPTION);
RealmModel realm = context.getRealm();
ScriptingProvider scripting = context.getSession().getProvider(ScriptingProvider.class);
// TODO lookup script by scriptId instead of creating it every time
ScriptModel script = scripting.createScript(realm.getId(), ScriptModel.TEXT_JAVASCRIPT, scriptName, scriptCode, scriptDescription);
// how to deal with long running scripts -> timeout?
return scripting.prepareInvocableScript(script, bindings -> {
bindings.put("script", script);
bindings.put("realm", context.getRealm());
bindings.put("user", context.getUser());
bindings.put("session", context.getSession());
bindings.put("httpRequest", context.getHttpRequest());
bindings.put("authenticationSession", context.getAuthenticationSession());
bindings.put("LOG", LOGGER);
});
}
Also used :
RealmModel(org.keycloak.models.RealmModel)
ScriptModel(org.keycloak.models.ScriptModel)
ScriptingProvider(org.keycloak.scripting.ScriptingProvider)
Example 2 with ScriptModel
use of org.keycloak.models.ScriptModel in project keycloak by keycloak.
the class ScriptBasedOIDCProtocolMapper method validateConfig.
@Override
public void validateConfig(KeycloakSession session, RealmModel realm, ProtocolMapperContainerModel client, ProtocolMapperModel mapperModel) throws ProtocolMapperConfigException {
String scriptCode = getScriptCode(mapperModel);
if (scriptCode == null) {
return;
}
ScriptingProvider scripting = session.getProvider(ScriptingProvider.class);
ScriptModel scriptModel = scripting.createScript(realm.getId(), ScriptModel.TEXT_JAVASCRIPT, mapperModel.getName() + "-script", scriptCode, "");
try {
scripting.prepareEvaluatableScript(scriptModel);
} catch (ScriptCompilationException ex) {
throw new ProtocolMapperConfigException("error", "{0}", ex.getMessage());
}
}
Also used :
ScriptModel(org.keycloak.models.ScriptModel)
ProtocolMapperConfigException(org.keycloak.protocol.ProtocolMapperConfigException)
ScriptingProvider(org.keycloak.scripting.ScriptingProvider)
ScriptCompilationException(org.keycloak.scripting.ScriptCompilationException)
Example 3 with ScriptModel
use of org.keycloak.models.ScriptModel in project keycloak by keycloak.
the class JSPolicyProviderFactory method getEvaluatableScript.
private EvaluatableScriptAdapter getEvaluatableScript(final AuthorizationProvider authz, final Policy policy) {
return scriptCache.computeIfAbsent(policy.getId(), id -> {
final ScriptingProvider scripting = authz.getKeycloakSession().getProvider(ScriptingProvider.class);
ScriptModel script = getScriptModel(policy, authz.getRealm(), scripting);
return scripting.prepareEvaluatableScript(script);
});
}
Also used :
ScriptModel(org.keycloak.models.ScriptModel)
ScriptingProvider(org.keycloak.scripting.ScriptingProvider)
Example 4 with ScriptModel
use of org.keycloak.models.ScriptModel in project keycloak by keycloak.
the class ScriptBasedOIDCProtocolMapper method evaluateScript.
private Object evaluateScript(Object tokenBinding, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession keycloakSession) {
UserModel user = userSession.getUser();
String scriptSource = getScriptCode(mappingModel);
RealmModel realm = userSession.getRealm();
ScriptingProvider scripting = keycloakSession.getProvider(ScriptingProvider.class);
ScriptModel scriptModel = scripting.createScript(realm.getId(), ScriptModel.TEXT_JAVASCRIPT, "token-mapper-script_" + mappingModel.getName(), scriptSource, null);
EvaluatableScriptAdapter script = scripting.prepareEvaluatableScript(scriptModel);
Object claimValue;
try {
claimValue = script.eval((bindings) -> {
bindings.put("user", user);
bindings.put("realm", realm);
if (tokenBinding instanceof IDToken) {
bindings.put("token", tokenBinding);
} else if (tokenBinding instanceof AccessTokenResponse) {
bindings.put("tokenResponse", tokenBinding);
}
bindings.put("userSession", userSession);
bindings.put("keycloakSession", keycloakSession);
});
} catch (Exception ex) {
LOGGER.error("Error during execution of ProtocolMapper script", ex);
claimValue = null;
}
return claimValue;
}
Also used :
UserModel(org.keycloak.models.UserModel)
RealmModel(org.keycloak.models.RealmModel)
ScriptModel(org.keycloak.models.ScriptModel)
ProtocolMapperContainerModel(org.keycloak.models.ProtocolMapperContainerModel)
RealmModel(org.keycloak.models.RealmModel)
Profile(org.keycloak.common.Profile)
ProtocolMapperModel(org.keycloak.models.ProtocolMapperModel)
ProtocolMapperConfigException(org.keycloak.protocol.ProtocolMapperConfigException)
Logger(org.jboss.logging.Logger)
ProviderConfigProperty(org.keycloak.provider.ProviderConfigProperty)
KeycloakSession(org.keycloak.models.KeycloakSession)
UserSessionModel(org.keycloak.models.UserSessionModel)
EnvironmentDependentProviderFactory(org.keycloak.provider.EnvironmentDependentProviderFactory)
IDToken(org.keycloak.representations.IDToken)
ProviderConfigurationBuilder(org.keycloak.provider.ProviderConfigurationBuilder)
AccessTokenResponse(org.keycloak.representations.AccessTokenResponse)
ScriptModel(org.keycloak.models.ScriptModel)
EvaluatableScriptAdapter(org.keycloak.scripting.EvaluatableScriptAdapter)
List(java.util.List)
UserModel(org.keycloak.models.UserModel)
ClientSessionContext(org.keycloak.models.ClientSessionContext)
ScriptingProvider(org.keycloak.scripting.ScriptingProvider)
ScriptCompilationException(org.keycloak.scripting.ScriptCompilationException)
ProtocolMapperUtils(org.keycloak.protocol.ProtocolMapperUtils)
ScriptingProvider(org.keycloak.scripting.ScriptingProvider)
EvaluatableScriptAdapter(org.keycloak.scripting.EvaluatableScriptAdapter)
IDToken(org.keycloak.representations.IDToken)
AccessTokenResponse(org.keycloak.representations.AccessTokenResponse)
ProtocolMapperConfigException(org.keycloak.protocol.ProtocolMapperConfigException)
ScriptCompilationException(org.keycloak.scripting.ScriptCompilationException)
Aggregations
ScriptModel (org.keycloak.models.ScriptModel)4
ScriptingProvider (org.keycloak.scripting.ScriptingProvider)4
RealmModel (org.keycloak.models.RealmModel)2
ProtocolMapperConfigException (org.keycloak.protocol.ProtocolMapperConfigException)2
ScriptCompilationException (org.keycloak.scripting.ScriptCompilationException)2
List (java.util.List)1
Logger (org.jboss.logging.Logger)1
Profile (org.keycloak.common.Profile)1
ClientSessionContext (org.keycloak.models.ClientSessionContext)1
KeycloakSession (org.keycloak.models.KeycloakSession)1
ProtocolMapperContainerModel (org.keycloak.models.ProtocolMapperContainerModel)1
ProtocolMapperModel (org.keycloak.models.ProtocolMapperModel)1
UserModel (org.keycloak.models.UserModel)1
UserSessionModel (org.keycloak.models.UserSessionModel)1
ProtocolMapperUtils (org.keycloak.protocol.ProtocolMapperUtils)1
EnvironmentDependentProviderFactory (org.keycloak.provider.EnvironmentDependentProviderFactory)1
ProviderConfigProperty (org.keycloak.provider.ProviderConfigProperty)1
ProviderConfigurationBuilder (org.keycloak.provider.ProviderConfigurationBuilder)1
AccessTokenResponse (org.keycloak.representations.AccessTokenResponse)1
IDToken (org.keycloak.representations.IDToken)1
