Example 1 with RealmRepresentation
use of org.keycloak.representations.idm.RealmRepresentation in project openremote by openremote.
the class KeycloakCleanSetup method onStart.
@Override
public void onStart() throws Exception {
super.onStart();
// Delete all realms that are not the master realm
LOG.info("Deleting all non-master realms");
RealmsResource realmsResource = keycloakProvider.getRealms(accessToken);
List<RealmRepresentation> realms = realmsResource.findAll();
for (RealmRepresentation realmRepresentation : realms) {
if (!realmRepresentation.getRealm().equals(MASTER_REALM)) {
keycloakProvider.getRealms(accessToken).realm(realmRepresentation.getRealm()).remove();
}
}
// Find out if there is a client already present for this application, if so, delete it
masterClientsResource.findAll().stream().filter(clientRepresentation -> clientRepresentation.getClientId().equals(KEYCLOAK_CLIENT_ID)).map(ClientRepresentation::getId).forEach(clientObjectId -> {
LOG.info("Deleting client: " + clientObjectId);
masterClientsResource.get(clientObjectId).remove();
});
// Find out if there are any users except the admin, delete them
masterUsersResource.search(null, null, null).stream().filter(userRepresentation -> !userRepresentation.getUsername().equals(MASTER_REALM_ADMIN_USER)).map(userRepresentation -> {
LOG.info("Deleting user: " + userRepresentation);
return masterUsersResource.get(userRepresentation.getId());
}).forEach(UserResource::remove);
}
Also used :
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
Container(org.openremote.container.Container)
List(java.util.List)
RealmsResource(org.keycloak.admin.client.resource.RealmsResource)
AbstractKeycloakSetup(org.openremote.manager.setup.AbstractKeycloakSetup)
UserResource(org.keycloak.admin.client.resource.UserResource)
Logger(java.util.logging.Logger)
Constants(org.openremote.model.Constants)
RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation)
RealmsResource(org.keycloak.admin.client.resource.RealmsResource)
RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation)
UserResource(org.keycloak.admin.client.resource.UserResource)
Example 2 with RealmRepresentation
use of org.keycloak.representations.idm.RealmRepresentation in project openremote by openremote.
the class KeycloakInitSetup method onStart.
@Override
public void onStart() throws Exception {
super.onStart();
// Configure the master realm
RealmRepresentation masterRealm = masterRealmResource.toRepresentation();
masterRealm.setDisplayName("Master");
// Set SMTP server, theme, timeouts, etc.
keycloakProvider.configureRealm(masterRealm, emailConfig);
masterRealmResource.update(masterRealm);
// Create our client application with its default roles
keycloakProvider.createClientApplication(new ClientRequestInfo(null, accessToken), masterRealm.getRealm());
// Get the client application ID so we can assign roles to users at the client
// level (we can only check realm _or_ client application roles in @RolesAllowed!)
String clientObjectId = getClientObjectId(masterClientsResource);
ClientResource clientResource = masterClientsResource.get(clientObjectId);
RolesResource rolesResource = clientResource.roles();
// Give admin all roles on application client level
RoleRepresentation readRole = rolesResource.get(ClientRole.READ.getValue()).toRepresentation();
RoleRepresentation writeRole = rolesResource.get(ClientRole.WRITE.getValue()).toRepresentation();
masterUsersResource.search(MASTER_REALM_ADMIN_USER, null, null, null, null, null).stream().map(userRepresentation -> masterUsersResource.get(userRepresentation.getId())).forEach(adminUser -> {
adminUser.roles().clientLevel(clientObjectId).add(Arrays.asList(readRole, writeRole));
LOG.info("Assigned all application roles to 'admin' user");
UserRepresentation adminRep = adminUser.toRepresentation();
adminRep.setFirstName("System");
adminRep.setLastName("Administrator");
adminUser.update(adminRep);
});
}
Also used :
RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation)
Container(org.openremote.container.Container)
ClientRequestInfo(org.openremote.container.web.ClientRequestInfo)
Arrays(java.util.Arrays)
MASTER_REALM_ADMIN_USER(org.openremote.model.Constants.MASTER_REALM_ADMIN_USER)
UserRepresentation(org.keycloak.representations.idm.UserRepresentation)
ClientRole(org.openremote.model.security.ClientRole)
AbstractKeycloakSetup(org.openremote.manager.setup.AbstractKeycloakSetup)
RolesResource(org.keycloak.admin.client.resource.RolesResource)
Logger(java.util.logging.Logger)
ClientResource(org.keycloak.admin.client.resource.ClientResource)
RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation)
RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation)
RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation)
ClientRequestInfo(org.openremote.container.web.ClientRequestInfo)
ClientResource(org.keycloak.admin.client.resource.ClientResource)
RolesResource(org.keycloak.admin.client.resource.RolesResource)
UserRepresentation(org.keycloak.representations.idm.UserRepresentation)
Aggregations
Logger (java.util.logging.Logger)2
RealmRepresentation (org.keycloak.representations.idm.RealmRepresentation)2
Container (org.openremote.container.Container)2
AbstractKeycloakSetup (org.openremote.manager.setup.AbstractKeycloakSetup)2
Arrays (java.util.Arrays)1
List (java.util.List)1
ClientResource (org.keycloak.admin.client.resource.ClientResource)1
RealmsResource (org.keycloak.admin.client.resource.RealmsResource)1
RolesResource (org.keycloak.admin.client.resource.RolesResource)1
UserResource (org.keycloak.admin.client.resource.UserResource)1
ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)1
RoleRepresentation (org.keycloak.representations.idm.RoleRepresentation)1
UserRepresentation (org.keycloak.representations.idm.UserRepresentation)1
ClientRequestInfo (org.openremote.container.web.ClientRequestInfo)1
Constants (org.openremote.model.Constants)1
MASTER_REALM_ADMIN_USER (org.openremote.model.Constants.MASTER_REALM_ADMIN_USER)1
ClientRole (org.openremote.model.security.ClientRole)1
