use of org.keycloak.representations.idm.authorization.ResourceOwnerRepresentation in project keycloak by keycloak.
the class RepresentationToModel method toModel.
public static ResourceServer toModel(ResourceServerRepresentation rep, AuthorizationProvider authorization, ClientModel client) {
ResourceServerStore resourceServerStore = authorization.getStoreFactory().getResourceServerStore();
ResourceServer resourceServer;
ResourceServer existing = resourceServerStore.findByClient(client);
if (existing == null) {
resourceServer = resourceServerStore.create(client);
resourceServer.setAllowRemoteResourceManagement(true);
resourceServer.setPolicyEnforcementMode(PolicyEnforcementMode.ENFORCING);
} else {
resourceServer = existing;
}
resourceServer.setPolicyEnforcementMode(rep.getPolicyEnforcementMode());
resourceServer.setAllowRemoteResourceManagement(rep.isAllowRemoteResourceManagement());
DecisionStrategy decisionStrategy = rep.getDecisionStrategy();
if (decisionStrategy == null) {
decisionStrategy = DecisionStrategy.UNANIMOUS;
}
resourceServer.setDecisionStrategy(decisionStrategy);
for (ScopeRepresentation scope : rep.getScopes()) {
toModel(scope, resourceServer, authorization);
}
KeycloakSession session = authorization.getKeycloakSession();
RealmModel realm = authorization.getRealm();
for (ResourceRepresentation resource : rep.getResources()) {
ResourceOwnerRepresentation owner = resource.getOwner();
if (owner == null) {
owner = new ResourceOwnerRepresentation();
owner.setId(resourceServer.getId());
resource.setOwner(owner);
} else if (owner.getName() != null) {
UserModel user = session.users().getUserByUsername(realm, owner.getName());
if (user != null) {
owner.setId(user.getId());
}
}
toModel(resource, resourceServer, authorization);
}
importPolicies(authorization, resourceServer, rep.getPolicies(), null);
return resourceServer;
}
use of org.keycloak.representations.idm.authorization.ResourceOwnerRepresentation in project keycloak by keycloak.
the class ResourceService method create.
@POST
@Consumes("application/json")
@Produces("application/json")
public Response create(UmaResourceRepresentation resource) {
checkResourceServerSettings();
if (resource == null) {
return Response.status(Status.BAD_REQUEST).build();
}
ResourceOwnerRepresentation owner = resource.getOwner();
if (owner == null) {
owner = new ResourceOwnerRepresentation();
resource.setOwner(owner);
}
String ownerId = owner.getId();
if (ownerId == null) {
ownerId = this.identity.getId();
}
owner.setId(ownerId);
ResourceRepresentation newResource = resourceManager.create(resource);
resourceManager.audit(resource, resource.getId(), OperationType.CREATE);
return Response.status(Status.CREATED).entity(new UmaResourceRepresentation(newResource)).build();
}
use of org.keycloak.representations.idm.authorization.ResourceOwnerRepresentation in project keycloak by keycloak.
the class AbstractResourceServerTest method addResource.
protected ResourceRepresentation addResource(String resourceName, String owner, boolean ownerManagedAccess, String... scopeNames) throws Exception {
ClientResource client = getClient(getRealm());
AuthorizationResource authorization = client.authorization();
ResourceRepresentation resource = new ResourceRepresentation(resourceName);
if (owner != null) {
resource.setOwner(new ResourceOwnerRepresentation(owner));
}
resource.setOwnerManagedAccess(ownerManagedAccess);
resource.addScope(scopeNames);
Response response = authorization.resources().create(resource);
ResourceRepresentation temp = response.readEntity(ResourceRepresentation.class);
resource.setId(temp.getId());
response.close();
return resource;
}
use of org.keycloak.representations.idm.authorization.ResourceOwnerRepresentation in project keycloak by keycloak.
the class ExportUtils method exportAuthorizationSettings.
public static ResourceServerRepresentation exportAuthorizationSettings(KeycloakSession session, ClientModel client) {
AuthorizationProviderFactory providerFactory = (AuthorizationProviderFactory) session.getKeycloakSessionFactory().getProviderFactory(AuthorizationProvider.class);
AuthorizationProvider authorization = providerFactory.create(session, client.getRealm());
StoreFactory storeFactory = authorization.getStoreFactory();
ResourceServer settingsModel = authorization.getStoreFactory().getResourceServerStore().findByClient(client);
if (settingsModel == null) {
return null;
}
ResourceServerRepresentation representation = toRepresentation(settingsModel, client);
representation.setId(null);
representation.setName(null);
representation.setClientId(null);
List<ResourceRepresentation> resources = storeFactory.getResourceStore().findByResourceServer(settingsModel.getId()).stream().map(resource -> {
ResourceRepresentation rep = toRepresentation(resource, settingsModel.getId(), authorization);
if (rep.getOwner().getId().equals(settingsModel.getId())) {
rep.setOwner((ResourceOwnerRepresentation) null);
} else {
rep.getOwner().setId(null);
}
rep.getScopes().forEach(scopeRepresentation -> {
scopeRepresentation.setId(null);
scopeRepresentation.setIconUri(null);
});
return rep;
}).collect(Collectors.toList());
representation.setResources(resources);
List<PolicyRepresentation> policies = new ArrayList<>();
PolicyStore policyStore = storeFactory.getPolicyStore();
policies.addAll(policyStore.findByResourceServer(settingsModel.getId()).stream().filter(policy -> !policy.getType().equals("resource") && !policy.getType().equals("scope") && policy.getOwner() == null).map(policy -> createPolicyRepresentation(authorization, policy)).collect(Collectors.toList()));
policies.addAll(policyStore.findByResourceServer(settingsModel.getId()).stream().filter(policy -> (policy.getType().equals("resource") || policy.getType().equals("scope") && policy.getOwner() == null)).map(policy -> createPolicyRepresentation(authorization, policy)).collect(Collectors.toList()));
representation.setPolicies(policies);
List<ScopeRepresentation> scopes = storeFactory.getScopeStore().findByResourceServer(settingsModel.getId()).stream().map(scope -> {
ScopeRepresentation rep = toRepresentation(scope);
rep.setPolicies(null);
rep.setResources(null);
return rep;
}).collect(Collectors.toList());
representation.setScopes(scopes);
return representation;
}
use of org.keycloak.representations.idm.authorization.ResourceOwnerRepresentation in project keycloak by keycloak.
the class AuthorizationTest method createResource.
@NotNull
private ResourceRepresentation createResource(String name, String owner, String... scopes) {
ResourceRepresentation resource = new ResourceRepresentation();
resource.setName(name);
resource.setOwner(owner != null ? new ResourceOwnerRepresentation(owner) : null);
resource.addScope(scopes);
Response response = getClient().authorization().resources().create(resource);
ResourceRepresentation stored = response.readEntity(ResourceRepresentation.class);
response.close();
resource.setId(stored.getId());
return resource;
}
Aggregations