Examples with ClientProfileRepresentation org.keycloak.representations.idm.ClientProfileRepresentation used on opensource projects

Search in sources :

Example 11 with ClientProfileRepresentation

use of org.keycloak.representations.idm.ClientProfileRepresentation in project keycloak by keycloak.

the class ClientPoliciesUtil method getValidatedClientProfilesForUpdate.

/**
 * get validated and modified client profiles as representation.
 * it can be constructed by merging proposed client profiles with existing client profiles.
 * not return null.
 */
static ClientProfilesRepresentation getValidatedClientProfilesForUpdate(KeycloakSession session, RealmModel realm, ClientProfilesRepresentation proposedProfilesRep, List<ClientProfileRepresentation> globalClientProfiles) throws ClientPolicyException {
    if (realm == null) {
        throw new ClientPolicyException("realm not specified.");
    }
    // no profile contained (it is valid)
    List<ClientProfileRepresentation> proposedProfileRepList = proposedProfilesRep.getProfiles();
    if (proposedProfileRepList == null || proposedProfileRepList.isEmpty()) {
        proposedProfileRepList = new ArrayList<>();
        proposedProfilesRep.setProfiles(new ArrayList<>());
    }
    // Profile without name not allowed
    if (proposedProfileRepList.stream().anyMatch(clientProfile -> clientProfile.getName() == null || clientProfile.getName().isEmpty())) {
        throw new ClientPolicyException("client profile without its name not allowed.");
    }
    // duplicated profile name is not allowed.
    if (proposedProfileRepList.size() != proposedProfileRepList.stream().map(i -> i.getName()).distinct().count()) {
        throw new ClientPolicyException("proposed client profile name duplicated.");
    }
    // Conflict with any global profile is not allowed
    Set<String> globalProfileNames = globalClientProfiles.stream().map(ClientProfileRepresentation::getName).collect(Collectors.toSet());
    for (ClientProfileRepresentation clientProfile : proposedProfileRepList) {
        if (globalProfileNames.contains(clientProfile.getName())) {
            throw new ClientPolicyException("Proposed profile name duplicated as the name of some global profile");
        }
    }
    // Validate executor
    for (ClientProfileRepresentation proposedProfileRep : proposedProfilesRep.getProfiles()) {
        if (proposedProfileRep.getExecutors() != null) {
            for (ClientPolicyExecutorRepresentation executorRep : proposedProfileRep.getExecutors()) {
                if (!isValidExecutor(session, executorRep.getExecutorProviderId())) {
                    throw new ClientPolicyException("proposed client profile contains the executor, which does not have valid provider, or has invalid configuration.");
                }
            }
        }
    }
    // Make sure to not save built-in inside realm attribute
    proposedProfilesRep.setGlobalProfiles(null);
    return proposedProfilesRep;
}
Also used : ClientPoliciesRepresentation(org.keycloak.representations.idm.ClientPoliciesRepresentation) ClientProfilesRepresentation(org.keycloak.representations.idm.ClientProfilesRepresentation) Profile(org.keycloak.common.Profile) Logger(org.jboss.logging.Logger) Constants(org.keycloak.models.Constants) ArrayList(java.util.ArrayList) ComponentModel(org.keycloak.component.ComponentModel) ClientPolicyConditionConfigurationRepresentation(org.keycloak.representations.idm.ClientPolicyConditionConfigurationRepresentation) JsonNode(com.fasterxml.jackson.databind.JsonNode) LinkedList(java.util.LinkedList) ClientPolicyConditionProvider(org.keycloak.services.clientpolicy.condition.ClientPolicyConditionProvider) ClientPolicyExecutorProvider(org.keycloak.services.clientpolicy.executor.ClientPolicyExecutorProvider) ClientPolicyConditionRepresentation(org.keycloak.representations.idm.ClientPolicyConditionRepresentation) ClientPolicyRepresentation(org.keycloak.representations.idm.ClientPolicyRepresentation) ClientPolicyExecutorConfigurationRepresentation(org.keycloak.representations.idm.ClientPolicyExecutorConfigurationRepresentation) RealmModel(org.keycloak.models.RealmModel) Set(java.util.Set) KeycloakSession(org.keycloak.models.KeycloakSession) IOException(java.io.IOException) Collectors(java.util.stream.Collectors) JsonConfigComponentModel(org.keycloak.component.JsonConfigComponentModel) ClientPolicyExecutorRepresentation(org.keycloak.representations.idm.ClientPolicyExecutorRepresentation) ClientProfileRepresentation(org.keycloak.representations.idm.ClientProfileRepresentation) JsonSerialization(org.keycloak.util.JsonSerialization) List(java.util.List) Collections(java.util.Collections) InputStream(java.io.InputStream) ClientProfileRepresentation(org.keycloak.representations.idm.ClientProfileRepresentation) ClientPolicyExecutorRepresentation(org.keycloak.representations.idm.ClientPolicyExecutorRepresentation)

Example 12 with ClientProfileRepresentation

use of org.keycloak.representations.idm.ClientProfileRepresentation in project keycloak by keycloak.

the class ClientPoliciesUtil method getValidatedClientPoliciesForUpdate.

/**
 * get validated and modified client policies as representation.
 * it can be constructed by merging proposed client policies with existing client policies.
 * not return null.
 *
 * @param session
 * @param realm
 * @param proposedPoliciesRep
 */
static ClientPoliciesRepresentation getValidatedClientPoliciesForUpdate(KeycloakSession session, RealmModel realm, ClientPoliciesRepresentation proposedPoliciesRep, List<ClientProfileRepresentation> existingGlobalProfiles) throws ClientPolicyException {
    if (realm == null) {
        throw new ClientPolicyException("realm not specified.");
    }
    // no policy contained (it is valid)
    List<ClientPolicyRepresentation> proposedPolicyRepList = proposedPoliciesRep.getPolicies();
    if (proposedPolicyRepList == null || proposedPolicyRepList.isEmpty()) {
        proposedPolicyRepList = new ArrayList<>();
        proposedPoliciesRep.setPolicies(new ArrayList<>());
    }
    // Policy without name not allowed
    if (proposedPolicyRepList.stream().anyMatch(clientPolicy -> clientPolicy.getName() == null || clientPolicy.getName().isEmpty())) {
        throw new ClientPolicyException("proposed client policy name missing.");
    }
    // duplicated policy name is not allowed.
    if (proposedPolicyRepList.size() != proposedPolicyRepList.stream().map(i -> i.getName()).distinct().count()) {
        throw new ClientPolicyException("proposed client policy name duplicated.");
    }
    // construct updating policies from existing policies and proposed policies
    ClientPoliciesRepresentation updatingPoliciesRep = new ClientPoliciesRepresentation();
    updatingPoliciesRep.setPolicies(new ArrayList<>());
    List<ClientPolicyRepresentation> updatingPoliciesList = updatingPoliciesRep.getPolicies();
    for (ClientPolicyRepresentation proposedPolicyRep : proposedPoliciesRep.getPolicies()) {
        // newly proposed builtin policy not allowed because builtin policy cannot added/deleted/modified.
        Boolean enabled = (proposedPolicyRep.isEnabled() != null) ? proposedPolicyRep.isEnabled() : Boolean.FALSE;
        // basically, proposed policy totally overrides existing policy except for enabled field..
        ClientPolicyRepresentation policyRep = new ClientPolicyRepresentation();
        policyRep.setName(proposedPolicyRep.getName());
        policyRep.setDescription(proposedPolicyRep.getDescription());
        policyRep.setEnabled(enabled);
        policyRep.setConditions(new ArrayList<>());
        if (proposedPolicyRep.getConditions() != null) {
            for (ClientPolicyConditionRepresentation conditionRep : proposedPolicyRep.getConditions()) {
                if (!isValidCondition(session, conditionRep.getConditionProviderId())) {
                    throw new ClientPolicyException("the proposed client policy contains the condition with its invalid configuration.");
                }
                policyRep.getConditions().add(conditionRep);
            }
        }
        Set<String> existingProfileNames = existingGlobalProfiles.stream().map(ClientProfileRepresentation::getName).collect(Collectors.toSet());
        ClientProfilesRepresentation reps = getClientProfilesRepresentation(session, realm);
        policyRep.setProfiles(new ArrayList<>());
        if (reps.getProfiles() != null) {
            existingProfileNames.addAll(reps.getProfiles().stream().map(ClientProfileRepresentation::getName).collect(Collectors.toSet()));
        }
        if (proposedPolicyRep.getProfiles() != null) {
            for (String profileName : proposedPolicyRep.getProfiles()) {
                if (!existingProfileNames.contains(profileName)) {
                    logger.warnf("Client policy %s referred not existing profile %s");
                    throw new ClientPolicyException("referring not existing client profile not allowed.");
                }
            }
            proposedPolicyRep.getProfiles().stream().distinct().forEach(profileName -> policyRep.getProfiles().add(profileName));
        }
        updatingPoliciesList.add(policyRep);
    }
    return updatingPoliciesRep;
}
Also used : ClientPoliciesRepresentation(org.keycloak.representations.idm.ClientPoliciesRepresentation) ClientProfilesRepresentation(org.keycloak.representations.idm.ClientProfilesRepresentation) Profile(org.keycloak.common.Profile) Logger(org.jboss.logging.Logger) Constants(org.keycloak.models.Constants) ArrayList(java.util.ArrayList) ComponentModel(org.keycloak.component.ComponentModel) ClientPolicyConditionConfigurationRepresentation(org.keycloak.representations.idm.ClientPolicyConditionConfigurationRepresentation) JsonNode(com.fasterxml.jackson.databind.JsonNode) LinkedList(java.util.LinkedList) ClientPolicyConditionProvider(org.keycloak.services.clientpolicy.condition.ClientPolicyConditionProvider) ClientPolicyExecutorProvider(org.keycloak.services.clientpolicy.executor.ClientPolicyExecutorProvider) ClientPolicyConditionRepresentation(org.keycloak.representations.idm.ClientPolicyConditionRepresentation) ClientPolicyRepresentation(org.keycloak.representations.idm.ClientPolicyRepresentation) ClientPolicyExecutorConfigurationRepresentation(org.keycloak.representations.idm.ClientPolicyExecutorConfigurationRepresentation) RealmModel(org.keycloak.models.RealmModel) Set(java.util.Set) KeycloakSession(org.keycloak.models.KeycloakSession) IOException(java.io.IOException) Collectors(java.util.stream.Collectors) JsonConfigComponentModel(org.keycloak.component.JsonConfigComponentModel) ClientPolicyExecutorRepresentation(org.keycloak.representations.idm.ClientPolicyExecutorRepresentation) ClientProfileRepresentation(org.keycloak.representations.idm.ClientProfileRepresentation) JsonSerialization(org.keycloak.util.JsonSerialization) List(java.util.List) Collections(java.util.Collections) InputStream(java.io.InputStream) ClientPolicyRepresentation(org.keycloak.representations.idm.ClientPolicyRepresentation) ClientProfileRepresentation(org.keycloak.representations.idm.ClientProfileRepresentation) ClientPoliciesRepresentation(org.keycloak.representations.idm.ClientPoliciesRepresentation) ClientPolicyConditionRepresentation(org.keycloak.representations.idm.ClientPolicyConditionRepresentation) ClientProfilesRepresentation(org.keycloak.representations.idm.ClientProfilesRepresentation)

Aggregations

ClientProfileRepresentation (org.keycloak.representations.idm.ClientProfileRepresentation)12 ClientProfilesRepresentation (org.keycloak.representations.idm.ClientProfilesRepresentation)9 ClientPolicyRepresentation (org.keycloak.representations.idm.ClientPolicyRepresentation)7 ClientPoliciesRepresentation (org.keycloak.representations.idm.ClientPoliciesRepresentation)6 ArrayList (java.util.ArrayList)4 ClientPolicyExecutorRepresentation (org.keycloak.representations.idm.ClientPolicyExecutorRepresentation)4 ClientPolicyExecutorProvider (org.keycloak.services.clientpolicy.executor.ClientPolicyExecutorProvider)4 JsonNode (com.fasterxml.jackson.databind.JsonNode)3 IOException (java.io.IOException)3 InputStream (java.io.InputStream)3 Collections (java.util.Collections)3 LinkedList (java.util.LinkedList)3 List (java.util.List)3 Set (java.util.Set)3 Collectors (java.util.stream.Collectors)3 Logger (org.jboss.logging.Logger)3 Test (org.junit.Test)3 Profile (org.keycloak.common.Profile)3 ComponentModel (org.keycloak.component.ComponentModel)3 JsonConfigComponentModel (org.keycloak.component.JsonConfigComponentModel)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial