Search in sources :

Example 1 with RolesRepresentation

use of org.keycloak.representations.idm.RolesRepresentation in project keycloak by keycloak.

the class PartialImportTest method addClientRoles.

private void addClientRoles() {
    RolesRepresentation roles = piRep.getRoles();
    if (roles == null)
        roles = new RolesRepresentation();
    Map<String, List<RoleRepresentation>> clientRolesMap = new HashMap<>();
    clientRolesMap.put(CLIENT_ROLES_CLIENT, makeRoles(CLIENT_ROLE_PREFIX));
    roles.setClient(clientRolesMap);
    piRep.setRoles(roles);
}
Also used : HashMap(java.util.HashMap) RolesRepresentation(org.keycloak.representations.idm.RolesRepresentation) List(java.util.List) ArrayList(java.util.ArrayList)

Example 2 with RolesRepresentation

use of org.keycloak.representations.idm.RolesRepresentation in project keycloak by keycloak.

the class PartialImportTest method addRealmRoles.

private void addRealmRoles() {
    RolesRepresentation roles = piRep.getRoles();
    if (roles == null)
        roles = new RolesRepresentation();
    roles.setRealm(makeRoles(REALM_ROLE_PREFIX));
    piRep.setRoles(roles);
}
Also used : RolesRepresentation(org.keycloak.representations.idm.RolesRepresentation)

Example 3 with RolesRepresentation

use of org.keycloak.representations.idm.RolesRepresentation in project wildfly by wildfly.

the class KeycloakConfiguration method createRealm.

private static RealmRepresentation createRealm(String name, String clientSecret, String clientHostName, int clientPort, String... clientApps) {
    RealmRepresentation realm = new RealmRepresentation();
    realm.setRealm(name);
    realm.setEnabled(true);
    realm.setUsers(new ArrayList<>());
    realm.setClients(new ArrayList<>());
    realm.setAccessTokenLifespan(3);
    realm.setSsoSessionMaxLifespan(3);
    RolesRepresentation roles = new RolesRepresentation();
    List<RoleRepresentation> realmRoles = new ArrayList<>();
    roles.setRealm(realmRoles);
    realm.setRoles(roles);
    realm.getRoles().getRealm().add(new RoleRepresentation(USER_ROLE, null, false));
    realm.getRoles().getRealm().add(new RoleRepresentation(JBOSS_ADMIN_ROLE, null, false));
    for (String clientApp : clientApps) {
        realm.getClients().add(createWebAppClient(clientApp, clientSecret, clientHostName, clientPort, clientApp));
    }
    realm.getUsers().add(createUser(ALICE, ALICE_PASSWORD, Arrays.asList(USER_ROLE, JBOSS_ADMIN_ROLE)));
    realm.getUsers().add(createUser(BOB, BOB_PASSWORD, Arrays.asList(USER_ROLE)));
    return realm;
}
Also used : RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation) RolesRepresentation(org.keycloak.representations.idm.RolesRepresentation) ArrayList(java.util.ArrayList)

Example 4 with RolesRepresentation

use of org.keycloak.representations.idm.RolesRepresentation in project keycloak by keycloak.

the class ExportUtils method exportRealm.

public static RealmRepresentation exportRealm(KeycloakSession session, RealmModel realm, ExportOptions options, boolean internal) {
    RealmRepresentation rep = ModelToRepresentation.toRepresentation(session, realm, internal);
    ModelToRepresentation.exportAuthenticationFlows(realm, rep);
    ModelToRepresentation.exportRequiredActions(realm, rep);
    // Project/product version
    rep.setKeycloakVersion(Version.VERSION_KEYCLOAK);
    // Client Scopes
    rep.setClientScopes(realm.getClientScopesStream().map(ModelToRepresentation::toRepresentation).collect(Collectors.toList()));
    rep.setDefaultDefaultClientScopes(realm.getDefaultClientScopesStream(true).map(ClientScopeModel::getName).collect(Collectors.toList()));
    rep.setDefaultOptionalClientScopes(realm.getDefaultClientScopesStream(false).map(ClientScopeModel::getName).collect(Collectors.toList()));
    // Clients
    List<ClientModel> clients = new LinkedList<>();
    if (options.isClientsIncluded()) {
        // we iterate over all clients in the stream.
        // only those client models that can be translated into a valid client representation will be added to the client list
        // that is later used to retrieve related information about groups and roles
        List<ClientRepresentation> clientReps = ModelToRepresentation.filterValidRepresentations(realm.getClientsStream(), app -> {
            ClientRepresentation clientRepresentation = exportClient(session, app);
            clients.add(app);
            return clientRepresentation;
        }).collect(Collectors.toList());
        rep.setClients(clientReps);
    }
    // Groups and Roles
    if (options.isGroupsAndRolesIncluded()) {
        ModelToRepresentation.exportGroups(realm, rep);
        Map<String, List<RoleRepresentation>> clientRolesReps = new HashMap<>();
        List<RoleRepresentation> realmRoleReps = exportRoles(realm.getRolesStream());
        RolesRepresentation rolesRep = new RolesRepresentation();
        if (!realmRoleReps.isEmpty()) {
            rolesRep.setRealm(realmRoleReps);
        }
        if (options.isClientsIncluded()) {
            for (ClientModel client : clients) {
                Stream<RoleModel> currentAppRoles = client.getRolesStream();
                List<RoleRepresentation> currentAppRoleReps = exportRoles(currentAppRoles);
                clientRolesReps.put(client.getClientId(), currentAppRoleReps);
            }
            if (clientRolesReps.size() > 0) {
                rolesRep.setClient(clientRolesReps);
            }
        }
        rep.setRoles(rolesRep);
    }
    // Scopes
    Map<String, List<ScopeMappingRepresentation>> clientScopeReps = new HashMap<>();
    if (options.isClientsIncluded()) {
        List<ClientModel> allClients = new ArrayList<>(clients);
        // Scopes of clients
        for (ClientModel client : allClients) {
            Set<RoleModel> clientScopes = client.getScopeMappingsStream().collect(Collectors.toSet());
            ScopeMappingRepresentation scopeMappingRep = null;
            for (RoleModel scope : clientScopes) {
                if (scope.getContainer() instanceof RealmModel) {
                    if (scopeMappingRep == null) {
                        scopeMappingRep = rep.clientScopeMapping(client.getClientId());
                    }
                    scopeMappingRep.role(scope.getName());
                } else {
                    ClientModel app = (ClientModel) scope.getContainer();
                    String appName = app.getClientId();
                    List<ScopeMappingRepresentation> currentAppScopes = clientScopeReps.get(appName);
                    if (currentAppScopes == null) {
                        currentAppScopes = new ArrayList<>();
                        clientScopeReps.put(appName, currentAppScopes);
                    }
                    ScopeMappingRepresentation currentClientScope = null;
                    for (ScopeMappingRepresentation scopeMapping : currentAppScopes) {
                        if (client.getClientId().equals(scopeMapping.getClient())) {
                            currentClientScope = scopeMapping;
                            break;
                        }
                    }
                    if (currentClientScope == null) {
                        currentClientScope = new ScopeMappingRepresentation();
                        currentClientScope.setClient(client.getClientId());
                        currentAppScopes.add(currentClientScope);
                    }
                    currentClientScope.role(scope.getName());
                }
            }
        }
    }
    // Scopes of client scopes
    realm.getClientScopesStream().forEach(clientScope -> {
        Set<RoleModel> clientScopes = clientScope.getScopeMappingsStream().collect(Collectors.toSet());
        ScopeMappingRepresentation scopeMappingRep = null;
        for (RoleModel scope : clientScopes) {
            if (scope.getContainer() instanceof RealmModel) {
                if (scopeMappingRep == null) {
                    scopeMappingRep = rep.clientScopeScopeMapping(clientScope.getName());
                }
                scopeMappingRep.role(scope.getName());
            } else {
                ClientModel app = (ClientModel) scope.getContainer();
                String appName = app.getClientId();
                List<ScopeMappingRepresentation> currentAppScopes = clientScopeReps.get(appName);
                if (currentAppScopes == null) {
                    currentAppScopes = new ArrayList<>();
                    clientScopeReps.put(appName, currentAppScopes);
                }
                ScopeMappingRepresentation currentClientTemplateScope = null;
                for (ScopeMappingRepresentation scopeMapping : currentAppScopes) {
                    if (clientScope.getName().equals(scopeMapping.getClientScope())) {
                        currentClientTemplateScope = scopeMapping;
                        break;
                    }
                }
                if (currentClientTemplateScope == null) {
                    currentClientTemplateScope = new ScopeMappingRepresentation();
                    currentClientTemplateScope.setClientScope(clientScope.getName());
                    currentAppScopes.add(currentClientTemplateScope);
                }
                currentClientTemplateScope.role(scope.getName());
            }
        }
    });
    if (clientScopeReps.size() > 0) {
        rep.setClientScopeMappings(clientScopeReps);
    }
    // Finally users if needed
    if (options.isUsersIncluded()) {
        List<UserRepresentation> users = session.users().getUsersStream(realm, true).map(user -> exportUser(session, realm, user, options, internal)).collect(Collectors.toList());
        if (users.size() > 0) {
            rep.setUsers(users);
        }
        List<UserRepresentation> federatedUsers = session.userFederatedStorage().getStoredUsersStream(realm, 0, -1).map(user -> exportFederatedUser(session, realm, user, options)).collect(Collectors.toList());
        if (federatedUsers.size() > 0) {
            rep.setFederatedUsers(federatedUsers);
        }
    } else if (options.isClientsIncluded() && options.isOnlyServiceAccountsIncluded()) {
        List<UserRepresentation> users = new LinkedList<>();
        for (ClientModel app : clients) {
            if (app.isServiceAccountsEnabled() && !app.isPublicClient() && !app.isBearerOnly()) {
                UserModel user = session.users().getServiceAccount(app);
                if (user != null) {
                    UserRepresentation userRep = exportUser(session, realm, user, options, internal);
                    users.add(userRep);
                }
            }
        }
        if (users.size() > 0) {
            rep.setUsers(users);
        }
    }
    // components
    MultivaluedHashMap<String, ComponentExportRepresentation> components = exportComponents(realm, realm.getId());
    rep.setComponents(components);
    return rep;
}
Also used : ResourceRepresentation(org.keycloak.representations.idm.authorization.ResourceRepresentation) Version(org.keycloak.common.Version) RoleContainerModel(org.keycloak.models.RoleContainerModel) Map(java.util.Map) ModelToRepresentation.toRepresentation(org.keycloak.models.utils.ModelToRepresentation.toRepresentation) CredentialRepresentation(org.keycloak.representations.idm.CredentialRepresentation) UserConsentRepresentation(org.keycloak.representations.idm.UserConsentRepresentation) ResourceOwnerRepresentation(org.keycloak.representations.idm.authorization.ResourceOwnerRepresentation) AuthorizationProvider(org.keycloak.authorization.AuthorizationProvider) ClientScopeModel(org.keycloak.models.ClientScopeModel) RealmModel(org.keycloak.models.RealmModel) FederatedIdentityRepresentation(org.keycloak.representations.idm.FederatedIdentityRepresentation) Collection(java.util.Collection) AuthorizationProviderFactory(org.keycloak.authorization.AuthorizationProviderFactory) Set(java.util.Set) RoleModel(org.keycloak.models.RoleModel) PolicyStore(org.keycloak.authorization.store.PolicyStore) Collectors(java.util.stream.Collectors) RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) ModelToRepresentation(org.keycloak.models.utils.ModelToRepresentation) ResourceServerRepresentation(org.keycloak.representations.idm.authorization.ResourceServerRepresentation) List(java.util.List) Stream(java.util.stream.Stream) ClientModel(org.keycloak.models.ClientModel) Scope(org.keycloak.authorization.model.Scope) Profile(org.keycloak.common.Profile) JsonGenerator(com.fasterxml.jackson.core.JsonGenerator) ScopeMappingRepresentation(org.keycloak.representations.idm.ScopeMappingRepresentation) StoreFactory(org.keycloak.authorization.store.StoreFactory) HashMap(java.util.HashMap) PolicyRepresentation(org.keycloak.representations.idm.authorization.PolicyRepresentation) ArrayList(java.util.ArrayList) HashSet(java.util.HashSet) UserModel(org.keycloak.models.UserModel) ComponentExportRepresentation(org.keycloak.representations.idm.ComponentExportRepresentation) JsonEncoding(com.fasterxml.jackson.core.JsonEncoding) ScopeRepresentation(org.keycloak.representations.idm.authorization.ScopeRepresentation) LinkedList(java.util.LinkedList) RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) ResourceServer(org.keycloak.authorization.model.ResourceServer) FederatedIdentityModel(org.keycloak.models.FederatedIdentityModel) OutputStream(java.io.OutputStream) RolesRepresentation(org.keycloak.representations.idm.RolesRepresentation) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) CredentialModel(org.keycloak.credential.CredentialModel) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) KeycloakSession(org.keycloak.models.KeycloakSession) IOException(java.io.IOException) JsonSerialization(org.keycloak.util.JsonSerialization) Policy(org.keycloak.authorization.model.Policy) JsonFactory(com.fasterxml.jackson.core.JsonFactory) SerializationFeature(com.fasterxml.jackson.databind.SerializationFeature) MultivaluedHashMap(org.keycloak.common.util.MultivaluedHashMap) Resource(org.keycloak.authorization.model.Resource) RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) HashMap(java.util.HashMap) MultivaluedHashMap(org.keycloak.common.util.MultivaluedHashMap) ScopeMappingRepresentation(org.keycloak.representations.idm.ScopeMappingRepresentation) ArrayList(java.util.ArrayList) ClientScopeModel(org.keycloak.models.ClientScopeModel) RoleModel(org.keycloak.models.RoleModel) RealmModel(org.keycloak.models.RealmModel) UserModel(org.keycloak.models.UserModel) List(java.util.List) ArrayList(java.util.ArrayList) LinkedList(java.util.LinkedList) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation) RolesRepresentation(org.keycloak.representations.idm.RolesRepresentation) ComponentExportRepresentation(org.keycloak.representations.idm.ComponentExportRepresentation) ModelToRepresentation(org.keycloak.models.utils.ModelToRepresentation) LinkedList(java.util.LinkedList) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) ClientModel(org.keycloak.models.ClientModel)

Example 5 with RolesRepresentation

use of org.keycloak.representations.idm.RolesRepresentation in project keycloak by keycloak.

the class PartialImportTest method testOverwriteExistingClientWithRoles.

// KEYCLOAK-3042
@Test
public void testOverwriteExistingClientWithRoles() {
    setOverwrite();
    ClientRepresentation client = adminClient.realm(MASTER).clients().findByClientId("broker").get(0);
    List<RoleRepresentation> clientRoles = adminClient.realm(MASTER).clients().get(client.getId()).roles().list();
    Map<String, List<RoleRepresentation>> clients = new HashMap<>();
    clients.put(client.getClientId(), clientRoles);
    RolesRepresentation roles = new RolesRepresentation();
    roles.setClient(clients);
    piRep.setClients(Arrays.asList(client));
    piRep.setRoles(roles);
    doImport();
}
Also used : RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) HashMap(java.util.HashMap) RolesRepresentation(org.keycloak.representations.idm.RolesRepresentation) List(java.util.List) ArrayList(java.util.ArrayList) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) AbstractAuthTest(org.keycloak.testsuite.AbstractAuthTest) Test(org.junit.Test)

Aggregations

RolesRepresentation (org.keycloak.representations.idm.RolesRepresentation)5 ArrayList (java.util.ArrayList)4 HashMap (java.util.HashMap)3 List (java.util.List)3 RoleRepresentation (org.keycloak.representations.idm.RoleRepresentation)3 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)2 RealmRepresentation (org.keycloak.representations.idm.RealmRepresentation)2 JsonEncoding (com.fasterxml.jackson.core.JsonEncoding)1 JsonFactory (com.fasterxml.jackson.core.JsonFactory)1 JsonGenerator (com.fasterxml.jackson.core.JsonGenerator)1 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1 SerializationFeature (com.fasterxml.jackson.databind.SerializationFeature)1 IOException (java.io.IOException)1 OutputStream (java.io.OutputStream)1 Collection (java.util.Collection)1 HashSet (java.util.HashSet)1 LinkedList (java.util.LinkedList)1 Map (java.util.Map)1 Set (java.util.Set)1 Collectors (java.util.stream.Collectors)1