Examples with ClientRegistrationPolicyException org.keycloak.services.clientregistration.policy.ClientRegistrationPolicyException used on opensource projects

Search in sources :

Example 1 with ClientRegistrationPolicyException

use of org.keycloak.services.clientregistration.policy.ClientRegistrationPolicyException in project keycloak by keycloak.

the class ProtocolMappersClientRegistrationPolicy method testMappers.

protected void testMappers(ClientRegistrationContext context) throws ClientRegistrationPolicyException {
    List<ProtocolMapperRepresentation> protocolMappers = context.getClient().getProtocolMappers();
    if (protocolMappers == null) {
        return;
    }
    List<String> allowedMapperProviders = getAllowedMapperProviders();
    for (ProtocolMapperRepresentation mapper : protocolMappers) {
        String mapperType = mapper.getProtocolMapper();
        if (!allowedMapperProviders.contains(mapperType)) {
            ServicesLogger.LOGGER.clientRegistrationMapperNotAllowed(mapper.getName(), mapperType);
            throw new ClientRegistrationPolicyException("ProtocolMapper type not allowed");
        }
    }
}
Also used : ProtocolMapperRepresentation(org.keycloak.representations.idm.ProtocolMapperRepresentation) ClientRegistrationPolicyException(org.keycloak.services.clientregistration.policy.ClientRegistrationPolicyException)

Example 2 with ClientRegistrationPolicyException

use of org.keycloak.services.clientregistration.policy.ClientRegistrationPolicyException in project keycloak by keycloak.

the class ClientRegistrationAuth method requireUpdate.

public RegistrationAuth requireUpdate(ClientRegistrationContext context, ClientModel client) {
    RegistrationAuth regAuth = requireUpdateAuth(client);
    try {
        session.clientPolicy().triggerOnEvent(new DynamicClientUpdateContext(context, client, jwt, realm));
        ClientRegistrationPolicyManager.triggerBeforeUpdate(context, regAuth, client);
    } catch (ClientRegistrationPolicyException | ClientPolicyException crpe) {
        throw forbidden(crpe.getMessage());
    }
    return regAuth;
}
Also used : RegistrationAuth(org.keycloak.services.clientregistration.policy.RegistrationAuth) DynamicClientUpdateContext(org.keycloak.services.clientpolicy.context.DynamicClientUpdateContext) ClientRegistrationPolicyException(org.keycloak.services.clientregistration.policy.ClientRegistrationPolicyException) ClientPolicyException(org.keycloak.services.clientpolicy.ClientPolicyException)

Example 3 with ClientRegistrationPolicyException

use of org.keycloak.services.clientregistration.policy.ClientRegistrationPolicyException in project keycloak by keycloak.

the class MaxClientsClientRegistrationPolicy method beforeRegister.

@Override
public void beforeRegister(ClientRegistrationContext context) throws ClientRegistrationPolicyException {
    RealmModel realm = session.getContext().getRealm();
    long currentCount = realm.getClientsCount();
    int maxCount = componentModel.get(MaxClientsClientRegistrationPolicyFactory.MAX_CLIENTS, MaxClientsClientRegistrationPolicyFactory.DEFAULT_MAX_CLIENTS);
    if (currentCount >= maxCount) {
        throw new ClientRegistrationPolicyException("It's allowed to have max " + maxCount + " clients per realm");
    }
}
Also used : RealmModel(org.keycloak.models.RealmModel) ClientRegistrationPolicyException(org.keycloak.services.clientregistration.policy.ClientRegistrationPolicyException)

Example 4 with ClientRegistrationPolicyException

use of org.keycloak.services.clientregistration.policy.ClientRegistrationPolicyException in project keycloak by keycloak.

the class ClientRegistrationAuth method requireDelete.

public void requireDelete(ClientModel client) {
    RegistrationAuth chainType = requireUpdateAuth(client);
    try {
        session.clientPolicy().triggerOnEvent(new DynamicClientUnregisterContext(session, client, jwt, realm));
        ClientRegistrationPolicyManager.triggerBeforeRemove(session, provider, chainType, client);
    } catch (ClientRegistrationPolicyException | ClientPolicyException crpe) {
        throw forbidden(crpe.getMessage());
    }
}
Also used : RegistrationAuth(org.keycloak.services.clientregistration.policy.RegistrationAuth) DynamicClientUnregisterContext(org.keycloak.services.clientpolicy.context.DynamicClientUnregisterContext) ClientRegistrationPolicyException(org.keycloak.services.clientregistration.policy.ClientRegistrationPolicyException) ClientPolicyException(org.keycloak.services.clientpolicy.ClientPolicyException)

Example 5 with ClientRegistrationPolicyException

use of org.keycloak.services.clientregistration.policy.ClientRegistrationPolicyException in project keycloak by keycloak.

the class ClientRegistrationAuth method requireView.

public void requireView(ClientModel client, boolean allowPublicClient) {
    RegistrationAuth authType = null;
    boolean authenticated = false;
    init();
    if (isBearerToken()) {
        checkClientProtocol();
        if (hasRole(AdminRoles.MANAGE_CLIENTS, AdminRoles.VIEW_CLIENTS)) {
            if (client == null) {
                throw notFound();
            }
            authenticated = true;
            authType = RegistrationAuth.AUTHENTICATED;
        } else {
            throw forbidden();
        }
    } else if (isRegistrationAccessToken()) {
        if (client != null && client.getRegistrationToken() != null && client.getRegistrationToken().equals(jwt.getId())) {
            checkClientProtocol(client);
            authenticated = true;
            authType = getRegistrationAuth();
        }
    } else if (isInitialAccessToken()) {
        throw unauthorized("Not initial access token allowed");
    } else if (allowPublicClient && authenticatePublicClient(client)) {
        authenticated = true;
        authType = RegistrationAuth.AUTHENTICATED;
    }
    if (authenticated) {
        try {
            session.clientPolicy().triggerOnEvent(new DynamicClientViewContext(session, client, jwt, realm));
            ClientRegistrationPolicyManager.triggerBeforeView(session, provider, authType, client);
        } catch (ClientRegistrationPolicyException | ClientPolicyException crpe) {
            throw forbidden(crpe.getMessage());
        }
    } else {
        throw unauthorized("Not authorized to view client. Not valid token or client credentials provided.");
    }
}
Also used : RegistrationAuth(org.keycloak.services.clientregistration.policy.RegistrationAuth) DynamicClientViewContext(org.keycloak.services.clientpolicy.context.DynamicClientViewContext) ClientRegistrationPolicyException(org.keycloak.services.clientregistration.policy.ClientRegistrationPolicyException) ClientPolicyException(org.keycloak.services.clientpolicy.ClientPolicyException)

Aggregations

ClientRegistrationPolicyException (org.keycloak.services.clientregistration.policy.ClientRegistrationPolicyException)6 ClientPolicyException (org.keycloak.services.clientpolicy.ClientPolicyException)4 RegistrationAuth (org.keycloak.services.clientregistration.policy.RegistrationAuth)4 RealmModel (org.keycloak.models.RealmModel)1 ProtocolMapperRepresentation (org.keycloak.representations.idm.ProtocolMapperRepresentation)1 DynamicClientRegisterContext (org.keycloak.services.clientpolicy.context.DynamicClientRegisterContext)1 DynamicClientUnregisterContext (org.keycloak.services.clientpolicy.context.DynamicClientUnregisterContext)1 DynamicClientUpdateContext (org.keycloak.services.clientpolicy.context.DynamicClientUpdateContext)1 DynamicClientViewContext (org.keycloak.services.clientpolicy.context.DynamicClientViewContext)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial