Example 46 with UserSessionModel
use of org.keycloak.models.UserSessionModel in project keycloak by keycloak.
the class UserSessionProviderTest method testCreateAndGetInSameTransaction.
@Test
@ModelTest
public void testCreateAndGetInSameTransaction(KeycloakSession session) {
RealmModel realm = session.realms().getRealmByName("test");
ClientModel client = realm.getClientByClientId("test-app");
UserSessionModel userSession = session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.2", "form", true, null, null);
AuthenticatedClientSessionModel clientSession = createClientSession(session, client, userSession, "http://redirect", "state");
UserSessionModel userSessionLoaded = session.sessions().getUserSession(realm, userSession.getId());
AuthenticatedClientSessionModel clientSessionLoaded = userSessionLoaded.getAuthenticatedClientSessions().get(client.getId());
Assert.assertNotNull(userSessionLoaded);
Assert.assertNotNull(clientSessionLoaded);
Assert.assertEquals(userSession.getId(), clientSessionLoaded.getUserSession().getId());
Assert.assertEquals(1, userSessionLoaded.getAuthenticatedClientSessions().size());
}
Also used :
RealmModel(org.keycloak.models.RealmModel)
ClientModel(org.keycloak.models.ClientModel)
UserSessionModel(org.keycloak.models.UserSessionModel)
AuthenticatedClientSessionModel(org.keycloak.models.AuthenticatedClientSessionModel)
ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest)
ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest)
Test(org.junit.Test)
AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)
Example 47 with UserSessionModel
use of org.keycloak.models.UserSessionModel in project keycloak by keycloak.
the class KeycloakIdentity method getUserFromToken.
private UserModel getUserFromToken() {
if (accessToken.getSessionState() == null) {
return TokenManager.lookupUserFromStatelessToken(keycloakSession, realm, accessToken);
}
UserSessionProvider sessions = keycloakSession.sessions();
UserSessionModel userSession = sessions.getUserSession(realm, accessToken.getSessionState());
if (userSession == null) {
userSession = sessions.getOfflineUserSession(realm, accessToken.getSessionState());
}
return userSession.getUser();
}
Also used :
UserSessionProvider(org.keycloak.models.UserSessionProvider)
UserSessionModel(org.keycloak.models.UserSessionModel)
Example 48 with UserSessionModel
use of org.keycloak.models.UserSessionModel in project keycloak by keycloak.
the class AccountFormService method forwardToPage.
private Response forwardToPage(String path, AccountPages page) {
if (auth != null) {
try {
auth.require(AccountRoles.MANAGE_ACCOUNT);
} catch (ForbiddenException e) {
return session.getProvider(LoginFormsProvider.class).setError(Messages.NO_ACCESS).createErrorPage(Response.Status.FORBIDDEN);
}
setReferrerOnPage();
UserSessionModel userSession = auth.getSession();
String tabId = session.getContext().getUri().getQueryParameters().getFirst(org.keycloak.models.Constants.TAB_ID);
if (tabId != null) {
AuthenticationSessionModel authSession = new AuthenticationSessionManager(session).getAuthenticationSessionByIdAndClient(realm, userSession.getId(), client, tabId);
if (authSession != null) {
String forwardedError = authSession.getAuthNote(ACCOUNT_MGMT_FORWARDED_ERROR_NOTE);
if (forwardedError != null) {
try {
FormMessage errorMessage = JsonSerialization.readValue(forwardedError, FormMessage.class);
account.setError(Response.Status.INTERNAL_SERVER_ERROR, errorMessage.getMessage(), errorMessage.getParameters());
authSession.removeAuthNote(ACCOUNT_MGMT_FORWARDED_ERROR_NOTE);
} catch (IOException ioe) {
throw new RuntimeException(ioe);
}
}
}
}
String locale = session.getContext().getUri().getQueryParameters().getFirst(LocaleSelectorProvider.KC_LOCALE_PARAM);
if (locale != null) {
LocaleUpdaterProvider updater = session.getProvider(LocaleUpdaterProvider.class);
updater.updateUsersLocale(auth.getUser(), locale);
}
return account.createResponse(page);
} else {
return login(path);
}
}
Also used :
AuthenticationSessionManager(org.keycloak.services.managers.AuthenticationSessionManager)
ForbiddenException(org.keycloak.services.ForbiddenException)
LoginFormsProvider(org.keycloak.forms.login.LoginFormsProvider)
UserSessionModel(org.keycloak.models.UserSessionModel)
AuthenticationSessionModel(org.keycloak.sessions.AuthenticationSessionModel)
LocaleUpdaterProvider(org.keycloak.locale.LocaleUpdaterProvider)
IOException(java.io.IOException)
FormMessage(org.keycloak.models.utils.FormMessage)
Example 49 with UserSessionModel
use of org.keycloak.models.UserSessionModel in project keycloak by keycloak.
the class AccountFormService method init.
public void init() {
eventStore = session.getProvider(EventStoreProvider.class);
account = session.getProvider(AccountProvider.class).setRealm(realm).setUriInfo(session.getContext().getUri()).setHttpHeaders(headers);
AuthenticationManager.AuthResult authResult = authManager.authenticateIdentityCookie(session, realm);
if (authResult != null) {
stateChecker = (String) session.getAttribute("state_checker");
auth = new Auth(realm, authResult.getToken(), authResult.getUser(), client, authResult.getSession(), true);
account.setStateChecker(stateChecker);
}
String requestOrigin = UriUtils.getOrigin(session.getContext().getUri().getBaseUri());
String origin = headers.getRequestHeaders().getFirst("Origin");
if (origin != null && !origin.equals("null") && !requestOrigin.equals(origin)) {
throw new ForbiddenException();
}
if (!request.getHttpMethod().equals("GET")) {
String referrer = headers.getRequestHeaders().getFirst("Referer");
if (referrer != null && !requestOrigin.equals(UriUtils.getOrigin(referrer))) {
throw new ForbiddenException();
}
}
if (authResult != null) {
UserSessionModel userSession = authResult.getSession();
if (userSession != null) {
AuthenticatedClientSessionModel clientSession = userSession.getAuthenticatedClientSessionByClient(client.getId());
if (clientSession == null) {
clientSession = session.sessions().createClientSession(userSession.getRealm(), client, userSession);
}
auth.setClientSession(clientSession);
}
account.setUser(auth.getUser());
}
account.setFeatures(realm.isIdentityFederationEnabled(), eventStore != null && realm.isEventsEnabled(), true, Profile.isFeatureEnabled(Profile.Feature.AUTHORIZATION));
}
Also used :
AuthenticationManager(org.keycloak.services.managers.AuthenticationManager)
ForbiddenException(org.keycloak.services.ForbiddenException)
UserSessionModel(org.keycloak.models.UserSessionModel)
Auth(org.keycloak.services.managers.Auth)
AuthenticatedClientSessionModel(org.keycloak.models.AuthenticatedClientSessionModel)
EventStoreProvider(org.keycloak.events.EventStoreProvider)
Example 50 with UserSessionModel
use of org.keycloak.models.UserSessionModel in project keycloak by keycloak.
the class ClientScopeEvaluateResource method sessionAware.
private <R> R sessionAware(UserModel user, String scopeParam, BiFunction<UserSessionModel, ClientSessionContext, R> function) {
AuthenticationSessionModel authSession = null;
AuthenticationSessionManager authSessionManager = new AuthenticationSessionManager(session);
try {
RootAuthenticationSessionModel rootAuthSession = authSessionManager.createAuthenticationSession(realm, false);
authSession = rootAuthSession.createAuthenticationSession(client);
authSession.setAuthenticatedUser(user);
authSession.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
authSession.setClientNote(OIDCLoginProtocol.ISSUER, Urls.realmIssuer(uriInfo.getBaseUri(), realm.getName()));
authSession.setClientNote(OIDCLoginProtocol.SCOPE_PARAM, scopeParam);
UserSessionModel userSession = session.sessions().createUserSession(authSession.getParentSession().getId(), realm, user, user.getUsername(), clientConnection.getRemoteAddr(), "example-auth", false, null, null, UserSessionModel.SessionPersistenceState.TRANSIENT);
AuthenticationManager.setClientScopesInSession(authSession);
ClientSessionContext clientSessionCtx = TokenManager.attachAuthenticationSession(session, userSession, authSession);
return function.apply(userSession, clientSessionCtx);
} finally {
if (authSession != null) {
authSessionManager.removeAuthenticationSession(realm, authSession, false);
}
}
}
Also used :
AuthenticationSessionManager(org.keycloak.services.managers.AuthenticationSessionManager)
AuthenticationSessionModel(org.keycloak.sessions.AuthenticationSessionModel)
RootAuthenticationSessionModel(org.keycloak.sessions.RootAuthenticationSessionModel)
UserSessionModel(org.keycloak.models.UserSessionModel)
ClientSessionContext(org.keycloak.models.ClientSessionContext)
RootAuthenticationSessionModel(org.keycloak.sessions.RootAuthenticationSessionModel)
Aggregations
UserSessionModel (org.keycloak.models.UserSessionModel)133
RealmModel (org.keycloak.models.RealmModel)68
Test (org.junit.Test)53
ClientModel (org.keycloak.models.ClientModel)44
UserModel (org.keycloak.models.UserModel)43
AuthenticatedClientSessionModel (org.keycloak.models.AuthenticatedClientSessionModel)38
AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)29
KeycloakSession (org.keycloak.models.KeycloakSession)26
ModelTest (org.keycloak.testsuite.arquillian.annotation.ModelTest)26
AuthenticationSessionModel (org.keycloak.sessions.AuthenticationSessionModel)21
ClientSessionContext (org.keycloak.models.ClientSessionContext)20
AtomicReference (java.util.concurrent.atomic.AtomicReference)18
RootAuthenticationSessionModel (org.keycloak.sessions.RootAuthenticationSessionModel)17
KeycloakModelTest (org.keycloak.testsuite.model.KeycloakModelTest)17
Response (javax.ws.rs.core.Response)15
ClientPolicyException (org.keycloak.services.clientpolicy.ClientPolicyException)14
List (java.util.List)13
CorsErrorResponseException (org.keycloak.services.CorsErrorResponseException)13
Map (java.util.Map)12
UserSessionPersisterProvider (org.keycloak.models.session.UserSessionPersisterProvider)12
