use of org.keycloak.sessions.RootAuthenticationSessionModel in project keycloak by keycloak.
the class AuthorizationEndpointBase method createNewAuthenticationSession.
private AuthenticationSessionModel createNewAuthenticationSession(AuthenticationSessionManager manager, ClientModel client) {
RootAuthenticationSessionModel rootAuthSession = manager.createAuthenticationSession(realm, true);
AuthenticationSessionModel authSession = rootAuthSession.createAuthenticationSession(client);
logger.debugf("Sent request to authz endpoint. Created new root authentication session with ID '%s' . Client: %s . New authentication session tab ID: %s", rootAuthSession.getId(), client.getClientId(), authSession.getTabId());
return authSession;
}
use of org.keycloak.sessions.RootAuthenticationSessionModel in project keycloak by keycloak.
the class AuthenticationSessionProviderTest method testOnClientRemoved.
@Test
@ModelTest
public void testOnClientRemoved(KeycloakSession session) {
AtomicReference<String> tab1ID = new AtomicReference<>();
AtomicReference<String> tab2ID = new AtomicReference<>();
AtomicReference<String> authSessionID = new AtomicReference<>();
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sesRealmRemoved1) -> {
KeycloakSession currentSession = sesRealmRemoved1;
RealmModel realm = currentSession.realms().getRealm("test");
authSessionID.set(currentSession.authenticationSessions().createRootAuthenticationSession(realm).getId());
AuthenticationSessionModel authSession1 = currentSession.authenticationSessions().getRootAuthenticationSession(realm, authSessionID.get()).createAuthenticationSession(realm.getClientByClientId("test-app"));
AuthenticationSessionModel authSession2 = currentSession.authenticationSessions().getRootAuthenticationSession(realm, authSessionID.get()).createAuthenticationSession(realm.getClientByClientId("third-party"));
tab1ID.set(authSession1.getTabId());
tab2ID.set(authSession2.getTabId());
authSession1.setAuthNote("foo", "bar");
authSession2.setAuthNote("foo", "baz");
});
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sesRealmRemoved1) -> {
KeycloakSession currentSession = sesRealmRemoved1;
RealmModel realm = currentSession.realms().getRealm("test");
RootAuthenticationSessionModel rootAuthSession = currentSession.authenticationSessions().getRootAuthenticationSession(realm, authSessionID.get());
assertThat(rootAuthSession.getAuthenticationSessions().size(), is(2));
assertThat(rootAuthSession.getAuthenticationSession(realm.getClientByClientId("test-app"), tab1ID.get()).getAuthNote("foo"), is("bar"));
assertThat(rootAuthSession.getAuthenticationSession(realm.getClientByClientId("third-party"), tab2ID.get()).getAuthNote("foo"), is("baz"));
new ClientManager(new RealmManager(currentSession)).removeClient(realm, realm.getClientByClientId("third-party"));
});
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sesRealmRemoved1) -> {
KeycloakSession currentSession = sesRealmRemoved1;
RealmModel realm = currentSession.realms().getRealm("test");
RootAuthenticationSessionModel rootAuthSession = currentSession.authenticationSessions().getRootAuthenticationSession(realm, authSessionID.get());
assertThat(rootAuthSession.getAuthenticationSession(realm.getClientByClientId("test-app"), tab1ID.get()).getAuthNote("foo"), is("bar"));
assertThat(rootAuthSession.getAuthenticationSession(realm.getClientByClientId("third-party"), tab2ID.get()), nullValue());
// Revert client
realm.addClient("third-party");
});
}
use of org.keycloak.sessions.RootAuthenticationSessionModel in project keycloak by keycloak.
the class AuthenticationSessionProviderTest method testAuthenticationSessionRestart.
@Test
@ModelTest
public void testAuthenticationSessionRestart(KeycloakSession session) {
AtomicReference<String> parentAuthSessionID = new AtomicReference<>();
AtomicReference<String> tabID = new AtomicReference<>();
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionRestart1) -> {
KeycloakSession currentSession = sessionRestart1;
RealmModel realm = currentSession.realms().getRealm("test");
ClientModel client1 = realm.getClientByClientId("test-app");
UserModel user1 = currentSession.users().getUserByUsername(realm, "user1");
AuthenticationSessionModel authSession = currentSession.authenticationSessions().createRootAuthenticationSession(realm).createAuthenticationSession(client1);
parentAuthSessionID.set(authSession.getParentSession().getId());
tabID.set(authSession.getTabId());
authSession.setAction("foo");
authSession.getParentSession().setTimestamp(100);
authSession.setAuthenticatedUser(user1);
authSession.setAuthNote("foo", "bar");
authSession.setClientNote("foo2", "bar2");
authSession.setExecutionStatus("123", CommonClientSessionModel.ExecutionStatus.SUCCESS);
});
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionRestart2) -> {
KeycloakSession currentSession = sessionRestart2;
RealmModel realm = currentSession.realms().getRealm("test");
// Test restart root authentication session
ClientModel client1 = realm.getClientByClientId("test-app");
AuthenticationSessionModel authSession = currentSession.authenticationSessions().getRootAuthenticationSession(realm, parentAuthSessionID.get()).getAuthenticationSession(client1, tabID.get());
authSession.getParentSession().restartSession(realm);
});
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionRestart3) -> {
KeycloakSession currentSession = sessionRestart3;
RealmModel realm = currentSession.realms().getRealm("test");
ClientModel client1 = realm.getClientByClientId("test-app");
RootAuthenticationSessionModel rootAuthSession = currentSession.authenticationSessions().getRootAuthenticationSession(realm, parentAuthSessionID.get());
assertThat(rootAuthSession.getAuthenticationSession(client1, tabID.get()), nullValue());
assertThat(rootAuthSession.getTimestamp() > 0, is(true));
});
}
use of org.keycloak.sessions.RootAuthenticationSessionModel in project keycloak by keycloak.
the class AuthenticationSessionProviderTest method testLoginSessionsCRUD.
@Test
@ModelTest
public void testLoginSessionsCRUD(KeycloakSession session) {
AtomicReference<String> rootAuthSessionID = new AtomicReference<>();
AtomicReference<String> tabID = new AtomicReference<>();
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionCRUD1) -> {
KeycloakSession currentSession = sessionCRUD1;
RealmModel realm = currentSession.realms().getRealm("test");
ClientModel client1 = realm.getClientByClientId("test-app");
RootAuthenticationSessionModel rootAuthSession = currentSession.authenticationSessions().createRootAuthenticationSession(realm);
rootAuthSessionID.set(rootAuthSession.getId());
AuthenticationSessionModel authSession = rootAuthSession.createAuthenticationSession(client1);
tabID.set(authSession.getTabId());
authSession.setAction("foo");
rootAuthSession.setTimestamp(100);
});
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionCRUD2) -> {
KeycloakSession currentSession = sessionCRUD2;
RealmModel realm = currentSession.realms().getRealm("test");
ClientModel client1 = realm.getClientByClientId("test-app");
// Ensure currentSession is here
RootAuthenticationSessionModel rootAuthSession = currentSession.authenticationSessions().getRootAuthenticationSession(realm, rootAuthSessionID.get());
AuthenticationSessionModel authSession = rootAuthSession.getAuthenticationSession(client1, tabID.get());
testAuthenticationSession(authSession, client1.getId(), null, "foo");
assertThat(rootAuthSession.getTimestamp(), is(100));
// Update and commit
authSession.setAction("foo-updated");
rootAuthSession.setTimestamp(200);
authSession.setAuthenticatedUser(currentSession.users().getUserByUsername(realm, "user1"));
});
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionCRUD3) -> {
KeycloakSession currentSession = sessionCRUD3;
RealmModel realm = currentSession.realms().getRealm("test");
UserModel user1 = currentSession.users().getUserByUsername(realm, "user1");
// Ensure currentSession was updated
RootAuthenticationSessionModel rootAuthSession = currentSession.authenticationSessions().getRootAuthenticationSession(realm, rootAuthSessionID.get());
ClientModel client1 = realm.getClientByClientId("test-app");
AuthenticationSessionModel authSession = rootAuthSession.getAuthenticationSession(client1, tabID.get());
testAuthenticationSession(authSession, client1.getId(), user1.getId(), "foo-updated");
assertThat(rootAuthSession.getTimestamp(), is(200));
// Remove and commit
currentSession.authenticationSessions().removeRootAuthenticationSession(realm, rootAuthSession);
});
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionCRUD4) -> {
KeycloakSession currentSession = sessionCRUD4;
RealmModel realm = currentSession.realms().getRealm("test");
// Ensure currentSession was removed
assertThat(currentSession.authenticationSessions().getRootAuthenticationSession(realm, rootAuthSessionID.get()), nullValue());
});
}
use of org.keycloak.sessions.RootAuthenticationSessionModel in project keycloak by keycloak.
the class ClientScopeEvaluateResource method sessionAware.
private <R> R sessionAware(UserModel user, String scopeParam, BiFunction<UserSessionModel, ClientSessionContext, R> function) {
AuthenticationSessionModel authSession = null;
AuthenticationSessionManager authSessionManager = new AuthenticationSessionManager(session);
try {
RootAuthenticationSessionModel rootAuthSession = authSessionManager.createAuthenticationSession(realm, false);
authSession = rootAuthSession.createAuthenticationSession(client);
authSession.setAuthenticatedUser(user);
authSession.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
authSession.setClientNote(OIDCLoginProtocol.ISSUER, Urls.realmIssuer(uriInfo.getBaseUri(), realm.getName()));
authSession.setClientNote(OIDCLoginProtocol.SCOPE_PARAM, scopeParam);
UserSessionModel userSession = session.sessions().createUserSession(authSession.getParentSession().getId(), realm, user, user.getUsername(), clientConnection.getRemoteAddr(), "example-auth", false, null, null, UserSessionModel.SessionPersistenceState.TRANSIENT);
AuthenticationManager.setClientScopesInSession(authSession);
ClientSessionContext clientSessionCtx = TokenManager.attachAuthenticationSession(session, userSession, authSession);
return function.apply(userSession, clientSessionCtx);
} finally {
if (authSession != null) {
authSessionManager.removeAuthenticationSession(realm, authSession, false);
}
}
}
Aggregations