use of org.keycloak.storage.StorageId in project keycloak by keycloak.
the class BackwardsCompatibilityUserStorage method getUserById.
@Override
public UserModel getUserById(String id, RealmModel realm) {
StorageId storageId = new StorageId(id);
final String username = storageId.getExternalId();
if (!users.containsKey(translateUserName(username)))
return null;
return createUser(realm, username);
}
use of org.keycloak.storage.StorageId in project keycloak by keycloak.
the class LDAPStorageProvider method importUserFromLDAP.
protected UserModel importUserFromLDAP(KeycloakSession session, RealmModel realm, LDAPObject ldapUser) {
String ldapUsername = LDAPUtils.getUsername(ldapUser, ldapIdentityStore.getConfig());
LDAPUtils.checkUuid(ldapUser, ldapIdentityStore.getConfig());
UserModel imported = null;
if (model.isImportEnabled()) {
// Search if there is already an existing user, which means the username might have changed in LDAP without Keycloak knowing about it
UserModel existingLocalUser = session.userLocalStorage().searchForUserByUserAttributeStream(realm, LDAPConstants.LDAP_ID, ldapUser.getUuid()).findFirst().orElse(null);
if (existingLocalUser != null) {
imported = existingLocalUser;
// Need to evict the existing user from cache
if (session.userCache() != null) {
session.userCache().evict(realm, existingLocalUser);
}
} else {
imported = session.userLocalStorage().addUser(realm, ldapUsername);
}
} else {
InMemoryUserAdapter adapter = new InMemoryUserAdapter(session, realm, new StorageId(model.getId(), ldapUsername).getId());
adapter.addDefaults();
imported = adapter;
}
imported.setEnabled(true);
UserModel finalImported = imported;
realm.getComponentsStream(model.getId(), LDAPStorageMapper.class.getName()).sorted(ldapMappersComparator.sortDesc()).forEachOrdered(mapperModel -> {
if (logger.isTraceEnabled()) {
logger.tracef("Using mapper %s during import user from LDAP", mapperModel);
}
LDAPStorageMapper ldapMapper = mapperManager.getMapper(mapperModel);
ldapMapper.onImportUserFromLDAP(ldapUser, finalImported, realm, true);
});
String userDN = ldapUser.getDn().toString();
if (model.isImportEnabled())
imported.setFederationLink(model.getId());
imported.setSingleAttribute(LDAPConstants.LDAP_ID, ldapUser.getUuid());
imported.setSingleAttribute(LDAPConstants.LDAP_ENTRY_DN, userDN);
if (getLdapIdentityStore().getConfig().isTrustEmail()) {
imported.setEmailVerified(true);
}
logger.debugf("Imported new user from LDAP to Keycloak DB. Username: [%s], Email: [%s], LDAP_ID: [%s], LDAP Entry DN: [%s]", imported.getUsername(), imported.getEmail(), ldapUser.getUuid(), userDN);
UserModel proxy = proxy(realm, imported, ldapUser, false);
return proxy;
}
use of org.keycloak.storage.StorageId in project keycloak by keycloak.
the class RealmCacheSession method cacheClient.
protected ClientModel cacheClient(RealmModel realm, ClientModel delegate, Long revision) {
if (invalidations.contains(delegate.getId()))
return delegate;
StorageId storageId = new StorageId(delegate.getId());
CachedClient cached = null;
ClientAdapter adapter = null;
if (!storageId.isLocal()) {
ComponentModel component = realm.getComponent(storageId.getProviderId());
ClientStorageProviderModel model = new ClientStorageProviderModel(component);
if (!model.isEnabled()) {
return delegate;
}
ClientStorageProviderModel.CachePolicy policy = model.getCachePolicy();
if (policy != null && policy == ClientStorageProviderModel.CachePolicy.NO_CACHE) {
return delegate;
}
cached = new CachedClient(revision, realm, delegate);
adapter = new ClientAdapter(realm, cached, this);
long lifespan = model.getLifespan();
if (lifespan > 0) {
cache.addRevisioned(cached, startupRevision, lifespan);
} else {
cache.addRevisioned(cached, startupRevision);
}
} else {
cached = new CachedClient(revision, realm, delegate);
adapter = new ClientAdapter(realm, cached, this);
cache.addRevisioned(cached, startupRevision);
}
return adapter;
}
use of org.keycloak.storage.StorageId in project keycloak by keycloak.
the class BackwardsCompatibilityUserStorageTest method addUserAndResetPassword.
private String addUserAndResetPassword(String username, String password) {
// Save user and assert he is saved in the new storage
UserRepresentation user = new UserRepresentation();
user.setEnabled(true);
user.setUsername(username);
Response response = testRealmResource().users().create(user);
String userId = ApiUtil.getCreatedId(response);
Assert.assertEquals(backwardsCompProviderId, new StorageId(userId).getProviderId());
// Update his password
CredentialRepresentation passwordRep = new CredentialRepresentation();
passwordRep.setType(CredentialModel.PASSWORD);
passwordRep.setValue(password);
passwordRep.setTemporary(false);
testRealmResource().users().get(userId).resetPassword(passwordRep);
return userId;
}
use of org.keycloak.storage.StorageId in project keycloak by keycloak.
the class LDAPProvidersIntegrationNoImportTest method assertFederatedUserLink.
@Override
protected void assertFederatedUserLink(UserRepresentation user) {
StorageId storageId = new StorageId(user.getId());
Assert.assertFalse(storageId.isLocal());
Assert.assertEquals(ldapModelId, storageId.getProviderId());
// TODO: It should be possibly LDAP_ID (LDAP UUID) used as an externalId inside storageId...
Assert.assertEquals(storageId.getExternalId(), user.getUsername());
Assert.assertNull(user.getFederationLink());
}
Aggregations