Examples with CertificateRepresentation org.keycloak.representations.idm.CertificateRepresentation used on opensource projects

Example 16 with CertificateRepresentation

use of org.keycloak.representations.idm.CertificateRepresentation in project keycloak by keycloak.

the class ClientAttributeCertificateResource method uploadJks.

/**
 * Upload certificate and eventually private key
 *
 * @param input
 * @return
 * @throws IOException
 */
@POST
@Path("upload")
@Consumes(MediaType.MULTIPART_FORM_DATA)
@Produces(MediaType.APPLICATION_JSON)
public CertificateRepresentation uploadJks(MultipartFormDataInput input) throws IOException {
    auth.clients().requireConfigure(client);
    try {
        CertificateRepresentation info = getCertFromRequest(input);
        CertificateInfoHelper.updateClientModelCertificateInfo(client, info, attributePrefix);
        adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).representation(info).success();
        return info;
    } catch (IllegalStateException ise) {
        throw new ErrorResponseException("certificate-not-found", "Certificate or key with given alias not found in the keystore", Response.Status.BAD_REQUEST);
    }
}

Example 17 with CertificateRepresentation

use of org.keycloak.representations.idm.CertificateRepresentation in project keycloak by keycloak.

the class ClientAttributeCertificateResource method getKeystore.

/**
 * Get a keystore file for the client, containing private key and public certificate
 *
 * @param config Keystore configuration as JSON
 * @return
 */
@POST
@NoCache
@Path("/download")
@Produces(MediaType.APPLICATION_OCTET_STREAM)
@Consumes(MediaType.APPLICATION_JSON)
public byte[] getKeystore(final KeyStoreConfig config) {
    auth.clients().requireView(client);
    if (config.getFormat() != null && !config.getFormat().equals("JKS") && !config.getFormat().equals("PKCS12")) {
        throw new NotAcceptableException("Only support jks or pkcs12 format.");
    }
    CertificateRepresentation info = CertificateInfoHelper.getCertificateFromClient(client, attributePrefix);
    String privatePem = info.getPrivateKey();
    String certPem = info.getCertificate();
    if (privatePem == null && certPem == null) {
        throw new NotFoundException("keypair not generated for client");
    }
    if (privatePem != null && config.getKeyPassword() == null) {
        throw new ErrorResponseException("password-missing", "Need to specify a key password for jks download", Response.Status.BAD_REQUEST);
    }
    if (config.getStorePassword() == null) {
        throw new ErrorResponseException("password-missing", "Need to specify a store password for jks download", Response.Status.BAD_REQUEST);
    }
    byte[] rtn = getKeystore(config, privatePem, certPem);
    return rtn;
}