Examples with StorageId org.keycloak.storage.StorageId used on opensource projects

Example 16 with StorageId

use of org.keycloak.storage.StorageId in project keycloak by keycloak.

the class BackwardsCompatibilityUserStorage method getUserById.

@Override
public UserModel getUserById(String id, RealmModel realm) {
    StorageId storageId = new StorageId(id);
    final String username = storageId.getExternalId();
    if (!users.containsKey(translateUserName(username)))
        return null;
    return createUser(realm, username);
}

Example 17 with StorageId

use of org.keycloak.storage.StorageId in project keycloak by keycloak.

the class LDAPStorageProvider method importUserFromLDAP.

protected UserModel importUserFromLDAP(KeycloakSession session, RealmModel realm, LDAPObject ldapUser) {
    String ldapUsername = LDAPUtils.getUsername(ldapUser, ldapIdentityStore.getConfig());
    LDAPUtils.checkUuid(ldapUser, ldapIdentityStore.getConfig());
    UserModel imported = null;
    if (model.isImportEnabled()) {
        // Search if there is already an existing user, which means the username might have changed in LDAP without Keycloak knowing about it
        UserModel existingLocalUser = session.userLocalStorage().searchForUserByUserAttributeStream(realm, LDAPConstants.LDAP_ID, ldapUser.getUuid()).findFirst().orElse(null);
        if (existingLocalUser != null) {
            imported = existingLocalUser;
            // Need to evict the existing user from cache
            if (session.userCache() != null) {
                session.userCache().evict(realm, existingLocalUser);
            }
        } else {
            imported = session.userLocalStorage().addUser(realm, ldapUsername);
        }
    } else {
        InMemoryUserAdapter adapter = new InMemoryUserAdapter(session, realm, new StorageId(model.getId(), ldapUsername).getId());
        adapter.addDefaults();
        imported = adapter;
    }
    imported.setEnabled(true);
    UserModel finalImported = imported;
    realm.getComponentsStream(model.getId(), LDAPStorageMapper.class.getName()).sorted(ldapMappersComparator.sortDesc()).forEachOrdered(mapperModel -> {
        if (logger.isTraceEnabled()) {
            logger.tracef("Using mapper %s during import user from LDAP", mapperModel);
        }
        LDAPStorageMapper ldapMapper = mapperManager.getMapper(mapperModel);
        ldapMapper.onImportUserFromLDAP(ldapUser, finalImported, realm, true);
    });
    String userDN = ldapUser.getDn().toString();
    if (model.isImportEnabled())
        imported.setFederationLink(model.getId());
    imported.setSingleAttribute(LDAPConstants.LDAP_ID, ldapUser.getUuid());
    imported.setSingleAttribute(LDAPConstants.LDAP_ENTRY_DN, userDN);
    if (getLdapIdentityStore().getConfig().isTrustEmail()) {
        imported.setEmailVerified(true);
    }
    logger.debugf("Imported new user from LDAP to Keycloak DB. Username: [%s], Email: [%s], LDAP_ID: [%s], LDAP Entry DN: [%s]", imported.getUsername(), imported.getEmail(), ldapUser.getUuid(), userDN);
    UserModel proxy = proxy(realm, imported, ldapUser, false);
    return proxy;
}

Example 18 with StorageId

use of org.keycloak.storage.StorageId in project keycloak by keycloak.

the class RealmCacheSession method cacheClient.

protected ClientModel cacheClient(RealmModel realm, ClientModel delegate, Long revision) {
    if (invalidations.contains(delegate.getId()))
        return delegate;
    StorageId storageId = new StorageId(delegate.getId());
    CachedClient cached = null;
    ClientAdapter adapter = null;
    if (!storageId.isLocal()) {
        ComponentModel component = realm.getComponent(storageId.getProviderId());
        ClientStorageProviderModel model = new ClientStorageProviderModel(component);
        if (!model.isEnabled()) {
            return delegate;
        }
        ClientStorageProviderModel.CachePolicy policy = model.getCachePolicy();
        if (policy != null && policy == ClientStorageProviderModel.CachePolicy.NO_CACHE) {
            return delegate;
        }
        cached = new CachedClient(revision, realm, delegate);
        adapter = new ClientAdapter(realm, cached, this);
        long lifespan = model.getLifespan();
        if (lifespan > 0) {
            cache.addRevisioned(cached, startupRevision, lifespan);
        } else {
            cache.addRevisioned(cached, startupRevision);
        }
    } else {
        cached = new CachedClient(revision, realm, delegate);
        adapter = new ClientAdapter(realm, cached, this);
        cache.addRevisioned(cached, startupRevision);
    }
    return adapter;
}

Example 19 with StorageId

use of org.keycloak.storage.StorageId in project keycloak by keycloak.

the class BackwardsCompatibilityUserStorageTest method addUserAndResetPassword.

private String addUserAndResetPassword(String username, String password) {
    // Save user and assert he is saved in the new storage
    UserRepresentation user = new UserRepresentation();
    user.setEnabled(true);
    user.setUsername(username);
    Response response = testRealmResource().users().create(user);
    String userId = ApiUtil.getCreatedId(response);
    Assert.assertEquals(backwardsCompProviderId, new StorageId(userId).getProviderId());
    // Update his password
    CredentialRepresentation passwordRep = new CredentialRepresentation();
    passwordRep.setType(CredentialModel.PASSWORD);
    passwordRep.setValue(password);
    passwordRep.setTemporary(false);
    testRealmResource().users().get(userId).resetPassword(passwordRep);
    return userId;
}

Example 20 with StorageId

use of org.keycloak.storage.StorageId in project keycloak by keycloak.

the class LDAPProvidersIntegrationNoImportTest method assertFederatedUserLink.

@Override
protected void assertFederatedUserLink(UserRepresentation user) {
    StorageId storageId = new StorageId(user.getId());
    Assert.assertFalse(storageId.isLocal());
    Assert.assertEquals(ldapModelId, storageId.getProviderId());
    // TODO: It should be possibly LDAP_ID (LDAP UUID) used as an externalId inside storageId...
    Assert.assertEquals(storageId.getExternalId(), user.getUsername());
    Assert.assertNull(user.getFederationLink());
}