Search in sources :

Example 1 with ActionTokenValueEntity

use of org.keycloak.models.sessions.infinispan.entities.ActionTokenValueEntity in project keycloak by keycloak.

the class InfinispanOAuth2DeviceTokenStoreProvider method findDeviceCodeByUserCode.

private OAuth2DeviceCodeModel findDeviceCodeByUserCode(RealmModel realm, String userCode) throws HotRodClientException {
    BasicCache<String, ActionTokenValueEntity> cache = codeCache.get();
    String userCodeKey = OAuth2DeviceUserCodeModel.createKey(realm, userCode);
    ActionTokenValueEntity existing = cache.get(userCodeKey);
    if (existing == null) {
        return null;
    }
    OAuth2DeviceUserCodeModel data = OAuth2DeviceUserCodeModel.fromCache(realm, userCode, existing.getNotes());
    String deviceCode = data.getDeviceCode();
    String deviceCodeKey = OAuth2DeviceCodeModel.createKey(deviceCode);
    ActionTokenValueEntity existingDeviceCode = cache.get(deviceCodeKey);
    if (existingDeviceCode == null) {
        return null;
    }
    return OAuth2DeviceCodeModel.fromCache(realm, deviceCode, existingDeviceCode.getNotes());
}
Also used : ActionTokenValueEntity(org.keycloak.models.sessions.infinispan.entities.ActionTokenValueEntity) OAuth2DeviceUserCodeModel(org.keycloak.models.OAuth2DeviceUserCodeModel)

Example 2 with ActionTokenValueEntity

use of org.keycloak.models.sessions.infinispan.entities.ActionTokenValueEntity in project keycloak by keycloak.

the class InfinispanOAuth2DeviceTokenStoreProvider method deny.

@Override
public boolean deny(RealmModel realm, String userCode) {
    try {
        OAuth2DeviceCodeModel deviceCode = findDeviceCodeByUserCode(realm, userCode);
        if (deviceCode == null) {
            return false;
        }
        OAuth2DeviceCodeModel denied = deviceCode.deny();
        BasicCache<String, ActionTokenValueEntity> cache = codeCache.get();
        cache.replace(denied.serializeKey(), new ActionTokenValueEntity(denied.toMap()));
        return true;
    } catch (HotRodClientException re) {
        // In case of lock conflict, we don't want to retry anyway as there was likely an attempt to remove the code from different place.
        if (logger.isDebugEnabled()) {
            logger.debugf(re, "Failed when denying device user code %s", userCode);
        }
        return false;
    }
}
Also used : ActionTokenValueEntity(org.keycloak.models.sessions.infinispan.entities.ActionTokenValueEntity) OAuth2DeviceCodeModel(org.keycloak.models.OAuth2DeviceCodeModel) HotRodClientException(org.infinispan.client.hotrod.exceptions.HotRodClientException)

Example 3 with ActionTokenValueEntity

use of org.keycloak.models.sessions.infinispan.entities.ActionTokenValueEntity in project keycloak by keycloak.

the class InfinispanOAuth2DeviceTokenStoreProvider method approve.

@Override
public boolean approve(RealmModel realm, String userCode, String userSessionId, Map<String, String> additionalParams) {
    try {
        OAuth2DeviceCodeModel deviceCode = findDeviceCodeByUserCode(realm, userCode);
        if (deviceCode == null) {
            return false;
        }
        OAuth2DeviceCodeModel approved = deviceCode.approve(userSessionId, additionalParams);
        // Update the device code with approved status
        BasicCache<String, ActionTokenValueEntity> cache = codeCache.get();
        cache.replace(approved.serializeKey(), new ActionTokenValueEntity(approved.toMap()));
        return true;
    } catch (HotRodClientException re) {
        // In case of lock conflict, we don't want to retry anyway as there was likely an attempt to remove the code from different place.
        if (logger.isDebugEnabled()) {
            logger.debugf(re, "Failed when verifying device user code %s", userCode);
        }
        return false;
    }
}
Also used : ActionTokenValueEntity(org.keycloak.models.sessions.infinispan.entities.ActionTokenValueEntity) OAuth2DeviceCodeModel(org.keycloak.models.OAuth2DeviceCodeModel) HotRodClientException(org.infinispan.client.hotrod.exceptions.HotRodClientException)

Example 4 with ActionTokenValueEntity

use of org.keycloak.models.sessions.infinispan.entities.ActionTokenValueEntity in project keycloak by keycloak.

the class InfinispanOAuth2DeviceTokenStoreProvider method getByDeviceCode.

@Override
public OAuth2DeviceCodeModel getByDeviceCode(RealmModel realm, String deviceCode) {
    try {
        BasicCache<String, ActionTokenValueEntity> cache = codeCache.get();
        ActionTokenValueEntity existing = cache.get(OAuth2DeviceCodeModel.createKey(deviceCode));
        if (existing == null) {
            return null;
        }
        return OAuth2DeviceCodeModel.fromCache(realm, deviceCode, existing.getNotes());
    } catch (HotRodClientException re) {
        // In case of lock conflict, we don't want to retry anyway as there was likely an attempt to remove the code from different place.
        if (logger.isDebugEnabled()) {
            logger.debugf(re, "Failed when getting device code %s", deviceCode);
        }
        return null;
    }
}
Also used : ActionTokenValueEntity(org.keycloak.models.sessions.infinispan.entities.ActionTokenValueEntity) HotRodClientException(org.infinispan.client.hotrod.exceptions.HotRodClientException)

Example 5 with ActionTokenValueEntity

use of org.keycloak.models.sessions.infinispan.entities.ActionTokenValueEntity in project keycloak by keycloak.

the class InfinispanTokenRevocationStoreProvider method isRevoked.

@Override
public boolean isRevoked(String tokenId) {
    try {
        BasicCache<String, ActionTokenValueEntity> cache = tokenCache.get();
        ActionTokenValueEntity existing = cache.get(tokenId);
        if (existing == null) {
            return false;
        }
        return existing.getNotes().containsKey(REVOKED_KEY);
    } catch (HotRodClientException re) {
        // No need to retry. The hotrod (remoteCache) has some retries in itself in case of some random network error happened.
        if (logger.isDebugEnabled()) {
            logger.debugf(re, "Failed when trying to get revoked token %s", tokenId);
        }
        return false;
    }
}
Also used : ActionTokenValueEntity(org.keycloak.models.sessions.infinispan.entities.ActionTokenValueEntity) HotRodClientException(org.infinispan.client.hotrod.exceptions.HotRodClientException)

Aggregations

ActionTokenValueEntity (org.keycloak.models.sessions.infinispan.entities.ActionTokenValueEntity)18 HotRodClientException (org.infinispan.client.hotrod.exceptions.HotRodClientException)14 UUID (java.util.UUID)4 ActionTokenReducedKey (org.keycloak.models.sessions.infinispan.entities.ActionTokenReducedKey)3 OAuth2DeviceCodeModel (org.keycloak.models.OAuth2DeviceCodeModel)2 InfinispanConnectionProvider (org.keycloak.connections.infinispan.InfinispanConnectionProvider)1 OAuth2DeviceUserCodeModel (org.keycloak.models.OAuth2DeviceUserCodeModel)1