Examples with ClientPolicyExecutorRepresentation org.keycloak.representations.idm.ClientPolicyExecutorRepresentation used on opensource projects

Search in sources :

Example 1 with ClientPolicyExecutorRepresentation

use of org.keycloak.representations.idm.ClientPolicyExecutorRepresentation in project keycloak by keycloak.

the class ClientPoliciesUtil method getValidatedGlobalClientProfilesRepresentation.

/**
 * get validated and modified global (built-in) client profiles set on keycloak app as representation.
 * it is loaded from json file enclosed in keycloak's binary.
 * not return null.
 */
static List<ClientProfileRepresentation> getValidatedGlobalClientProfilesRepresentation(KeycloakSession session, InputStream is) throws ClientPolicyException {
    // load builtin client profiles representation
    ClientProfilesRepresentation proposedProfilesRep = null;
    try {
        proposedProfilesRep = JsonSerialization.readValue(is, ClientProfilesRepresentation.class);
    } catch (Exception e) {
        throw new ClientPolicyException("failed to deserialize global proposed client profiles json string.", e.getMessage());
    }
    if (proposedProfilesRep == null) {
        return Collections.emptyList();
    }
    // no profile contained (it is valid)
    List<ClientProfileRepresentation> proposedProfileRepList = proposedProfilesRep.getProfiles();
    if (proposedProfileRepList == null || proposedProfileRepList.isEmpty()) {
        return Collections.emptyList();
    }
    // duplicated profile name is not allowed.
    if (proposedProfileRepList.size() != proposedProfileRepList.stream().map(i -> i.getName()).distinct().count()) {
        throw new ClientPolicyException("proposed global client profile name duplicated.");
    }
    // construct validated and modified profiles from builtin profiles in JSON file enclosed in keycloak binary.
    List<ClientProfileRepresentation> updatingProfileList = new LinkedList<>();
    for (ClientProfileRepresentation proposedProfileRep : proposedProfilesRep.getProfiles()) {
        if (proposedProfileRep.getName() == null) {
            throw new ClientPolicyException("client profile without its name not allowed.");
        }
        ClientProfileRepresentation profileRep = new ClientProfileRepresentation();
        profileRep.setName(proposedProfileRep.getName());
        profileRep.setDescription(proposedProfileRep.getDescription());
        // to prevent returning null
        profileRep.setExecutors(new ArrayList<>());
        if (proposedProfileRep.getExecutors() != null) {
            for (ClientPolicyExecutorRepresentation executorRep : proposedProfileRep.getExecutors()) {
                // Skip the check if feature is disabled as then the executor implementations are disabled
                if (Profile.isFeatureEnabled(Profile.Feature.CLIENT_POLICIES) && !isValidExecutor(session, executorRep.getExecutorProviderId())) {
                    throw new ClientPolicyException("proposed client profile contains the executor with its invalid configuration.");
                }
                profileRep.getExecutors().add(executorRep);
            }
        }
        updatingProfileList.add(profileRep);
    }
    return updatingProfileList;
}
Also used : ClientPoliciesRepresentation(org.keycloak.representations.idm.ClientPoliciesRepresentation) ClientProfilesRepresentation(org.keycloak.representations.idm.ClientProfilesRepresentation) Profile(org.keycloak.common.Profile) Logger(org.jboss.logging.Logger) Constants(org.keycloak.models.Constants) ArrayList(java.util.ArrayList) ComponentModel(org.keycloak.component.ComponentModel) ClientPolicyConditionConfigurationRepresentation(org.keycloak.representations.idm.ClientPolicyConditionConfigurationRepresentation) JsonNode(com.fasterxml.jackson.databind.JsonNode) LinkedList(java.util.LinkedList) ClientPolicyConditionProvider(org.keycloak.services.clientpolicy.condition.ClientPolicyConditionProvider) ClientPolicyExecutorProvider(org.keycloak.services.clientpolicy.executor.ClientPolicyExecutorProvider) ClientPolicyConditionRepresentation(org.keycloak.representations.idm.ClientPolicyConditionRepresentation) ClientPolicyRepresentation(org.keycloak.representations.idm.ClientPolicyRepresentation) ClientPolicyExecutorConfigurationRepresentation(org.keycloak.representations.idm.ClientPolicyExecutorConfigurationRepresentation) RealmModel(org.keycloak.models.RealmModel) Set(java.util.Set) KeycloakSession(org.keycloak.models.KeycloakSession) IOException(java.io.IOException) Collectors(java.util.stream.Collectors) JsonConfigComponentModel(org.keycloak.component.JsonConfigComponentModel) ClientPolicyExecutorRepresentation(org.keycloak.representations.idm.ClientPolicyExecutorRepresentation) ClientProfileRepresentation(org.keycloak.representations.idm.ClientProfileRepresentation) JsonSerialization(org.keycloak.util.JsonSerialization) List(java.util.List) Collections(java.util.Collections) InputStream(java.io.InputStream) ClientProfileRepresentation(org.keycloak.representations.idm.ClientProfileRepresentation) ClientPolicyExecutorRepresentation(org.keycloak.representations.idm.ClientPolicyExecutorRepresentation) ClientProfilesRepresentation(org.keycloak.representations.idm.ClientProfilesRepresentation) IOException(java.io.IOException) LinkedList(java.util.LinkedList)

Example 2 with ClientPolicyExecutorRepresentation

use of org.keycloak.representations.idm.ClientPolicyExecutorRepresentation in project keycloak by keycloak.

the class ClientPoliciesUtil method getClientProfileModel.

/**
 * Gets existing client profile of given name with resolved executor providers. It can be profile from realm or from global client profiles.
 */
static ClientProfile getClientProfileModel(KeycloakSession session, RealmModel realm, ClientProfilesRepresentation profilesRep, List<ClientProfileRepresentation> globalClientProfiles, String profileName) throws ClientPolicyException {
    // Obtain profiles from realm
    List<ClientProfileRepresentation> profiles = profilesRep.getProfiles();
    if (profiles == null) {
        profiles = new ArrayList<>();
    }
    // Add global profiles as well
    profiles.addAll(globalClientProfiles);
    ClientProfileRepresentation profileRep = profiles.stream().filter(clientProfile -> profileName.equals(clientProfile.getName())).findFirst().orElse(null);
    if (profileRep == null) {
        return null;
    }
    ClientProfile profileModel = new ClientProfile();
    profileModel.setName(profileRep.getName());
    profileModel.setDescription(profileRep.getDescription());
    if (profileRep.getExecutors() == null) {
        profileModel.setExecutors(new ArrayList<>());
        return profileModel;
    }
    List<ClientPolicyExecutorProvider> executors = new ArrayList<>();
    if (profileRep.getExecutors() != null) {
        for (ClientPolicyExecutorRepresentation executorRep : profileRep.getExecutors()) {
            ClientPolicyExecutorProvider provider = getExecutorProvider(session, realm, executorRep.getExecutorProviderId(), executorRep.getConfiguration());
            executors.add(provider);
        }
    }
    profileModel.setExecutors(executors);
    return profileModel;
}
Also used : ClientPolicyExecutorProvider(org.keycloak.services.clientpolicy.executor.ClientPolicyExecutorProvider) ClientProfileRepresentation(org.keycloak.representations.idm.ClientProfileRepresentation) ClientPolicyExecutorRepresentation(org.keycloak.representations.idm.ClientPolicyExecutorRepresentation) ArrayList(java.util.ArrayList)

Example 3 with ClientPolicyExecutorRepresentation

use of org.keycloak.representations.idm.ClientPolicyExecutorRepresentation in project keycloak by keycloak.

the class ClientPoliciesUtil method getValidatedClientProfilesForUpdate.

/**
 * get validated and modified client profiles as representation.
 * it can be constructed by merging proposed client profiles with existing client profiles.
 * not return null.
 */
static ClientProfilesRepresentation getValidatedClientProfilesForUpdate(KeycloakSession session, RealmModel realm, ClientProfilesRepresentation proposedProfilesRep, List<ClientProfileRepresentation> globalClientProfiles) throws ClientPolicyException {
    if (realm == null) {
        throw new ClientPolicyException("realm not specified.");
    }
    // no profile contained (it is valid)
    List<ClientProfileRepresentation> proposedProfileRepList = proposedProfilesRep.getProfiles();
    if (proposedProfileRepList == null || proposedProfileRepList.isEmpty()) {
        proposedProfileRepList = new ArrayList<>();
        proposedProfilesRep.setProfiles(new ArrayList<>());
    }
    // Profile without name not allowed
    if (proposedProfileRepList.stream().anyMatch(clientProfile -> clientProfile.getName() == null || clientProfile.getName().isEmpty())) {
        throw new ClientPolicyException("client profile without its name not allowed.");
    }
    // duplicated profile name is not allowed.
    if (proposedProfileRepList.size() != proposedProfileRepList.stream().map(i -> i.getName()).distinct().count()) {
        throw new ClientPolicyException("proposed client profile name duplicated.");
    }
    // Conflict with any global profile is not allowed
    Set<String> globalProfileNames = globalClientProfiles.stream().map(ClientProfileRepresentation::getName).collect(Collectors.toSet());
    for (ClientProfileRepresentation clientProfile : proposedProfileRepList) {
        if (globalProfileNames.contains(clientProfile.getName())) {
            throw new ClientPolicyException("Proposed profile name duplicated as the name of some global profile");
        }
    }
    // Validate executor
    for (ClientProfileRepresentation proposedProfileRep : proposedProfilesRep.getProfiles()) {
        if (proposedProfileRep.getExecutors() != null) {
            for (ClientPolicyExecutorRepresentation executorRep : proposedProfileRep.getExecutors()) {
                if (!isValidExecutor(session, executorRep.getExecutorProviderId())) {
                    throw new ClientPolicyException("proposed client profile contains the executor, which does not have valid provider, or has invalid configuration.");
                }
            }
        }
    }
    // Make sure to not save built-in inside realm attribute
    proposedProfilesRep.setGlobalProfiles(null);
    return proposedProfilesRep;
}
Also used : ClientPoliciesRepresentation(org.keycloak.representations.idm.ClientPoliciesRepresentation) ClientProfilesRepresentation(org.keycloak.representations.idm.ClientProfilesRepresentation) Profile(org.keycloak.common.Profile) Logger(org.jboss.logging.Logger) Constants(org.keycloak.models.Constants) ArrayList(java.util.ArrayList) ComponentModel(org.keycloak.component.ComponentModel) ClientPolicyConditionConfigurationRepresentation(org.keycloak.representations.idm.ClientPolicyConditionConfigurationRepresentation) JsonNode(com.fasterxml.jackson.databind.JsonNode) LinkedList(java.util.LinkedList) ClientPolicyConditionProvider(org.keycloak.services.clientpolicy.condition.ClientPolicyConditionProvider) ClientPolicyExecutorProvider(org.keycloak.services.clientpolicy.executor.ClientPolicyExecutorProvider) ClientPolicyConditionRepresentation(org.keycloak.representations.idm.ClientPolicyConditionRepresentation) ClientPolicyRepresentation(org.keycloak.representations.idm.ClientPolicyRepresentation) ClientPolicyExecutorConfigurationRepresentation(org.keycloak.representations.idm.ClientPolicyExecutorConfigurationRepresentation) RealmModel(org.keycloak.models.RealmModel) Set(java.util.Set) KeycloakSession(org.keycloak.models.KeycloakSession) IOException(java.io.IOException) Collectors(java.util.stream.Collectors) JsonConfigComponentModel(org.keycloak.component.JsonConfigComponentModel) ClientPolicyExecutorRepresentation(org.keycloak.representations.idm.ClientPolicyExecutorRepresentation) ClientProfileRepresentation(org.keycloak.representations.idm.ClientProfileRepresentation) JsonSerialization(org.keycloak.util.JsonSerialization) List(java.util.List) Collections(java.util.Collections) InputStream(java.io.InputStream) ClientProfileRepresentation(org.keycloak.representations.idm.ClientProfileRepresentation) ClientPolicyExecutorRepresentation(org.keycloak.representations.idm.ClientPolicyExecutorRepresentation)

Aggregations

ArrayList (java.util.ArrayList)3 ClientPolicyExecutorRepresentation (org.keycloak.representations.idm.ClientPolicyExecutorRepresentation)3 ClientProfileRepresentation (org.keycloak.representations.idm.ClientProfileRepresentation)3 ClientPolicyExecutorProvider (org.keycloak.services.clientpolicy.executor.ClientPolicyExecutorProvider)3 JsonNode (com.fasterxml.jackson.databind.JsonNode)2 IOException (java.io.IOException)2 InputStream (java.io.InputStream)2 Collections (java.util.Collections)2 LinkedList (java.util.LinkedList)2 List (java.util.List)2 Set (java.util.Set)2 Collectors (java.util.stream.Collectors)2 Logger (org.jboss.logging.Logger)2 Profile (org.keycloak.common.Profile)2 ComponentModel (org.keycloak.component.ComponentModel)2 JsonConfigComponentModel (org.keycloak.component.JsonConfigComponentModel)2 Constants (org.keycloak.models.Constants)2 KeycloakSession (org.keycloak.models.KeycloakSession)2 RealmModel (org.keycloak.models.RealmModel)2 ClientPoliciesRepresentation (org.keycloak.representations.idm.ClientPoliciesRepresentation)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial