Example 1 with DynamicClientRegisteredContext
use of org.keycloak.services.clientpolicy.context.DynamicClientRegisteredContext in project keycloak by keycloak.
the class AbstractClientRegistrationProvider method create.
public ClientRepresentation create(ClientRegistrationContext context) {
ClientRepresentation client = context.getClient();
event.event(EventType.CLIENT_REGISTER);
RegistrationAuth registrationAuth = auth.requireCreate(context);
try {
RealmModel realm = session.getContext().getRealm();
ClientModel clientModel = ClientManager.createClient(session, realm, client);
if (client.getDefaultRoles() != null) {
for (String name : client.getDefaultRoles()) {
clientModel.addDefaultRole(name);
}
}
if (clientModel.isServiceAccountsEnabled()) {
new ClientManager(new RealmManager(session)).enableServiceAccount(clientModel);
}
if (Boolean.TRUE.equals(client.getAuthorizationServicesEnabled())) {
RepresentationToModel.createResourceServer(clientModel, session, true);
}
session.clientPolicy().triggerOnEvent(new DynamicClientRegisteredContext(context, clientModel, auth.getJwt(), realm));
ClientRegistrationPolicyManager.triggerAfterRegister(context, registrationAuth, clientModel);
client = ModelToRepresentation.toRepresentation(clientModel, session);
client.setSecret(clientModel.getSecret());
String registrationAccessToken = ClientRegistrationTokenUtils.updateRegistrationAccessToken(session, clientModel, registrationAuth);
client.setRegistrationAccessToken(registrationAccessToken);
if (auth.isInitialAccessToken()) {
ClientInitialAccessModel initialAccessModel = auth.getInitialAccessModel();
session.realms().decreaseRemainingCount(realm, initialAccessModel);
}
client.setDirectAccessGrantsEnabled(false);
Stream<String> defaultRolesNames = clientModel.getDefaultRolesStream();
if (defaultRolesNames != null) {
client.setDefaultRoles(defaultRolesNames.toArray(String[]::new));
}
event.client(client.getClientId()).success();
return client;
} catch (ModelDuplicateException e) {
throw new ErrorResponseException(ErrorCodes.INVALID_CLIENT_METADATA, "Client Identifier in use", Response.Status.BAD_REQUEST);
} catch (ClientPolicyException cpe) {
throw new ErrorResponseException(cpe.getError(), cpe.getErrorDetail(), Response.Status.BAD_REQUEST);
}
}
Also used :
ClientInitialAccessModel(org.keycloak.models.ClientInitialAccessModel)
RegistrationAuth(org.keycloak.services.clientregistration.policy.RegistrationAuth)
DynamicClientRegisteredContext(org.keycloak.services.clientpolicy.context.DynamicClientRegisteredContext)
RealmManager(org.keycloak.services.managers.RealmManager)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
OIDCClientRepresentation(org.keycloak.representations.oidc.OIDCClientRepresentation)
ClientPolicyException(org.keycloak.services.clientpolicy.ClientPolicyException)
RealmModel(org.keycloak.models.RealmModel)
ClientModel(org.keycloak.models.ClientModel)
ClientManager(org.keycloak.services.managers.ClientManager)
ModelDuplicateException(org.keycloak.models.ModelDuplicateException)
ErrorResponseException(org.keycloak.services.ErrorResponseException)
Aggregations
ClientInitialAccessModel (org.keycloak.models.ClientInitialAccessModel)1
ClientModel (org.keycloak.models.ClientModel)1
ModelDuplicateException (org.keycloak.models.ModelDuplicateException)1
RealmModel (org.keycloak.models.RealmModel)1
ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)1
OIDCClientRepresentation (org.keycloak.representations.oidc.OIDCClientRepresentation)1
ErrorResponseException (org.keycloak.services.ErrorResponseException)1
ClientPolicyException (org.keycloak.services.clientpolicy.ClientPolicyException)1
DynamicClientRegisteredContext (org.keycloak.services.clientpolicy.context.DynamicClientRegisteredContext)1
RegistrationAuth (org.keycloak.services.clientregistration.policy.RegistrationAuth)1
ClientManager (org.keycloak.services.managers.ClientManager)1
RealmManager (org.keycloak.services.managers.RealmManager)1
