Example 1 with RoleRepresentation
use of org.keycloak.representations.idm.RoleRepresentation in project openremote by openremote.
the class KeycloakInitSetup method onStart.
@Override
public void onStart() throws Exception {
super.onStart();
// Configure the master realm
RealmRepresentation masterRealm = masterRealmResource.toRepresentation();
masterRealm.setDisplayName("Master");
// Set SMTP server, theme, timeouts, etc.
keycloakProvider.configureRealm(masterRealm, emailConfig);
masterRealmResource.update(masterRealm);
// Create our client application with its default roles
keycloakProvider.createClientApplication(new ClientRequestInfo(null, accessToken), masterRealm.getRealm());
// Get the client application ID so we can assign roles to users at the client
// level (we can only check realm _or_ client application roles in @RolesAllowed!)
String clientObjectId = getClientObjectId(masterClientsResource);
ClientResource clientResource = masterClientsResource.get(clientObjectId);
RolesResource rolesResource = clientResource.roles();
// Give admin all roles on application client level
RoleRepresentation readRole = rolesResource.get(ClientRole.READ.getValue()).toRepresentation();
RoleRepresentation writeRole = rolesResource.get(ClientRole.WRITE.getValue()).toRepresentation();
masterUsersResource.search(MASTER_REALM_ADMIN_USER, null, null, null, null, null).stream().map(userRepresentation -> masterUsersResource.get(userRepresentation.getId())).forEach(adminUser -> {
adminUser.roles().clientLevel(clientObjectId).add(Arrays.asList(readRole, writeRole));
LOG.info("Assigned all application roles to 'admin' user");
UserRepresentation adminRep = adminUser.toRepresentation();
adminRep.setFirstName("System");
adminRep.setLastName("Administrator");
adminUser.update(adminRep);
});
}
Also used :
RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation)
Container(org.openremote.container.Container)
ClientRequestInfo(org.openremote.container.web.ClientRequestInfo)
Arrays(java.util.Arrays)
MASTER_REALM_ADMIN_USER(org.openremote.model.Constants.MASTER_REALM_ADMIN_USER)
UserRepresentation(org.keycloak.representations.idm.UserRepresentation)
ClientRole(org.openremote.model.security.ClientRole)
AbstractKeycloakSetup(org.openremote.manager.setup.AbstractKeycloakSetup)
RolesResource(org.keycloak.admin.client.resource.RolesResource)
Logger(java.util.logging.Logger)
ClientResource(org.keycloak.admin.client.resource.ClientResource)
RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation)
RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation)
RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation)
ClientRequestInfo(org.openremote.container.web.ClientRequestInfo)
ClientResource(org.keycloak.admin.client.resource.ClientResource)
RolesResource(org.keycloak.admin.client.resource.RolesResource)
UserRepresentation(org.keycloak.representations.idm.UserRepresentation)
Aggregations
Arrays (java.util.Arrays)1
Logger (java.util.logging.Logger)1
ClientResource (org.keycloak.admin.client.resource.ClientResource)1
RolesResource (org.keycloak.admin.client.resource.RolesResource)1
RealmRepresentation (org.keycloak.representations.idm.RealmRepresentation)1
RoleRepresentation (org.keycloak.representations.idm.RoleRepresentation)1
UserRepresentation (org.keycloak.representations.idm.UserRepresentation)1
Container (org.openremote.container.Container)1
ClientRequestInfo (org.openremote.container.web.ClientRequestInfo)1
AbstractKeycloakSetup (org.openremote.manager.setup.AbstractKeycloakSetup)1
MASTER_REALM_ADMIN_USER (org.openremote.model.Constants.MASTER_REALM_ADMIN_USER)1
ClientRole (org.openremote.model.security.ClientRole)1
