Examples with ClientCRUDContext org.keycloak.services.clientpolicy.context.ClientCRUDContext used on opensource projects

Search in sources :

Example 6 with ClientCRUDContext

use of org.keycloak.services.clientpolicy.context.ClientCRUDContext in project keycloak by keycloak.

the class PKCEEnforcerExecutor method executeOnEvent.

@Override
public void executeOnEvent(ClientPolicyContext context) throws ClientPolicyException {
    switch(context.getEvent()) {
        case REGISTER:
        case UPDATE:
            ClientCRUDContext clientUpdateContext = (ClientCRUDContext) context;
            autoConfigure(clientUpdateContext.getProposedClientRepresentation());
            validate(clientUpdateContext.getProposedClientRepresentation());
            break;
        case AUTHORIZATION_REQUEST:
            AuthorizationRequestContext authorizationRequestContext = (AuthorizationRequestContext) context;
            executeOnAuthorizationRequest(authorizationRequestContext.getparsedResponseType(), authorizationRequestContext.getAuthorizationEndpointRequest(), authorizationRequestContext.getRedirectUri());
            return;
        case TOKEN_REQUEST:
            TokenRequestContext tokenRequestContext = (TokenRequestContext) context;
            executeOnTokenRequest(tokenRequestContext.getParams(), tokenRequestContext.getParseResult());
            return;
        default:
            return;
    }
}
Also used : TokenRequestContext(org.keycloak.services.clientpolicy.context.TokenRequestContext) ClientCRUDContext(org.keycloak.services.clientpolicy.context.ClientCRUDContext) AuthorizationRequestContext(org.keycloak.services.clientpolicy.context.AuthorizationRequestContext)

Example 7 with ClientCRUDContext

use of org.keycloak.services.clientpolicy.context.ClientCRUDContext in project keycloak by keycloak.

the class SecureClientUrisExecutor method executeOnEvent.

@Override
public void executeOnEvent(ClientPolicyContext context) throws ClientPolicyException {
    switch(context.getEvent()) {
        case REGISTER:
            if (context instanceof AdminClientRegisterContext || context instanceof DynamicClientRegisterContext) {
                ClientRepresentation clientRep = ((ClientCRUDContext) context).getProposedClientRepresentation();
                confirmSecureUris(clientRep);
                // Use rootUrl as default redirectUrl to avoid creation of redirectUris with wildcards, which is done at later stages during client creation
                if (clientRep.getRootUrl() != null && (clientRep.getRedirectUris() == null || clientRep.getRedirectUris().isEmpty())) {
                    logger.debugf("Setup Redirect URI = %s for client %s", clientRep.getRootUrl(), clientRep.getClientId());
                    clientRep.setRedirectUris(Collections.singletonList(clientRep.getRootUrl()));
                }
            } else {
                throw new ClientPolicyException(OAuthErrorException.INVALID_REQUEST, "not allowed input format.");
            }
            return;
        case UPDATE:
            if (context instanceof AdminClientUpdateContext || context instanceof DynamicClientUpdateContext) {
                confirmSecureUris(((ClientCRUDContext) context).getProposedClientRepresentation());
            } else {
                throw new ClientPolicyException(OAuthErrorException.INVALID_REQUEST, "not allowed input format.");
            }
            return;
        case AUTHORIZATION_REQUEST:
            confirmSecureRedirectUri(((AuthorizationRequestContext) context).getRedirectUri());
            return;
        default:
            return;
    }
}
Also used : ClientCRUDContext(org.keycloak.services.clientpolicy.context.ClientCRUDContext) AdminClientUpdateContext(org.keycloak.services.clientpolicy.context.AdminClientUpdateContext) DynamicClientUpdateContext(org.keycloak.services.clientpolicy.context.DynamicClientUpdateContext) DynamicClientRegisterContext(org.keycloak.services.clientpolicy.context.DynamicClientRegisterContext) AdminClientRegisterContext(org.keycloak.services.clientpolicy.context.AdminClientRegisterContext) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) ClientPolicyException(org.keycloak.services.clientpolicy.ClientPolicyException)

Example 8 with ClientCRUDContext

use of org.keycloak.services.clientpolicy.context.ClientCRUDContext in project keycloak by keycloak.

the class SecureLogoutExecutor method executeOnEvent.

@Override
public void executeOnEvent(ClientPolicyContext context) throws ClientPolicyException {
    switch(context.getEvent()) {
        case REGISTER:
        case UPDATE:
            ClientCRUDContext updateContext = (ClientCRUDContext) context;
            ClientRepresentation client = updateContext.getProposedClientRepresentation();
            OIDCAdvancedConfigWrapper clientWrapper = OIDCAdvancedConfigWrapper.fromClientRepresentation(client);
            if (!configuration.isAllowFrontChannelLogout() && (Optional.ofNullable(client.isFrontchannelLogout()).orElse(false) || StringUtil.isNotBlank(clientWrapper.getFrontChannelLogoutUrl()))) {
                throwFrontChannelLogoutNotAllowed();
            }
            return;
        case LOGOUT_REQUEST:
            HttpRequest request = session.getContext().getContextObject(HttpRequest.class);
            if (HttpMethod.GET.equalsIgnoreCase(request.getHttpMethod()) && !configuration.isAllowFrontChannelLogout()) {
                throwFrontChannelLogoutNotAllowed();
            }
            return;
        default:
            return;
    }
}
Also used : HttpRequest(org.jboss.resteasy.spi.HttpRequest) ClientCRUDContext(org.keycloak.services.clientpolicy.context.ClientCRUDContext) OIDCAdvancedConfigWrapper(org.keycloak.protocol.oidc.OIDCAdvancedConfigWrapper) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)

Example 9 with ClientCRUDContext

use of org.keycloak.services.clientpolicy.context.ClientCRUDContext in project keycloak by keycloak.

the class SecureResponseTypeExecutor method executeOnEvent.

@Override
public void executeOnEvent(ClientPolicyContext context) throws ClientPolicyException {
    switch(context.getEvent()) {
        case REGISTER:
        case UPDATE:
            ClientCRUDContext clientUpdateContext = (ClientCRUDContext) context;
            autoConfigure(clientUpdateContext.getProposedClientRepresentation());
            validate(clientUpdateContext.getProposedClientRepresentation());
            break;
        case AUTHORIZATION_REQUEST:
            AuthorizationRequestContext authorizationRequestContext = (AuthorizationRequestContext) context;
            executeOnAuthorizationRequest(authorizationRequestContext.getparsedResponseType(), authorizationRequestContext.getAuthorizationEndpointRequest(), authorizationRequestContext.getRedirectUri());
            break;
        default:
    }
    return;
}
Also used : ClientCRUDContext(org.keycloak.services.clientpolicy.context.ClientCRUDContext) AuthorizationRequestContext(org.keycloak.services.clientpolicy.context.AuthorizationRequestContext)

Aggregations

ClientCRUDContext (org.keycloak.services.clientpolicy.context.ClientCRUDContext)9 HttpRequest (org.jboss.resteasy.spi.HttpRequest)2 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)2 ClientPolicyException (org.keycloak.services.clientpolicy.ClientPolicyException)2 AuthorizationRequestContext (org.keycloak.services.clientpolicy.context.AuthorizationRequestContext)2 OIDCAdvancedConfigWrapper (org.keycloak.protocol.oidc.OIDCAdvancedConfigWrapper)1 AccessToken (org.keycloak.representations.AccessToken)1 AdminClientRegisterContext (org.keycloak.services.clientpolicy.context.AdminClientRegisterContext)1 AdminClientUpdateContext (org.keycloak.services.clientpolicy.context.AdminClientUpdateContext)1 DynamicClientRegisterContext (org.keycloak.services.clientpolicy.context.DynamicClientRegisterContext)1 DynamicClientUpdateContext (org.keycloak.services.clientpolicy.context.DynamicClientUpdateContext)1 ResourceOwnerPasswordCredentialsContext (org.keycloak.services.clientpolicy.context.ResourceOwnerPasswordCredentialsContext)1 TokenRequestContext (org.keycloak.services.clientpolicy.context.TokenRequestContext)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial