Example 11 with UserStorageProviderModel
use of org.keycloak.storage.UserStorageProviderModel in project keycloak by keycloak.
the class TestsuiteUserFileStorage method getParameters.
@Override
public <T> Stream<T> getParameters(Class<T> clazz) {
if (UserStorageProviderModel.class.isAssignableFrom(clazz)) {
UserStorageProviderModel propProviderRO = new UserStorageProviderModel();
propProviderRO.setName("read-only-user-props");
propProviderRO.setProviderId(UserPropertyFileStorageFactory.PROVIDER_ID);
propProviderRO.setProviderType(UserStorageProvider.class.getName());
propProviderRO.setConfig(new MultivaluedHashMap<>());
propProviderRO.getConfig().putSingle("priority", Integer.toString(1));
propProviderRO.getConfig().putSingle("propertyFile", CONFIG_DIR.getAbsolutePath() + File.separator + "read-only-user-password.properties");
UserStorageProviderModel propProviderRW = new UserStorageProviderModel();
propProviderRW.setName("user-props");
propProviderRW.setProviderId(UserPropertyFileStorageFactory.PROVIDER_ID);
propProviderRW.setProviderType(UserStorageProvider.class.getName());
propProviderRW.setConfig(new MultivaluedHashMap<>());
propProviderRW.getConfig().putSingle("priority", Integer.toString(2));
propProviderRW.getConfig().putSingle("propertyFile", CONFIG_DIR.getAbsolutePath() + File.separator + "user-password.properties");
propProviderRW.getConfig().putSingle("federatedStorage", "true");
return Stream.of((T) propProviderRO, (T) propProviderRW);
} else {
return super.getParameters(clazz);
}
}
Also used :
UserStorageProvider(org.keycloak.storage.UserStorageProvider)
UserStorageProviderModel(org.keycloak.storage.UserStorageProviderModel)
Example 12 with UserStorageProviderModel
use of org.keycloak.storage.UserStorageProviderModel in project keycloak by keycloak.
the class LdapUserStorage method getParameters.
@Override
public <T> Stream<T> getParameters(Class<T> clazz) {
if (UserStorageProviderModel.class.isAssignableFrom(clazz)) {
MultivaluedHashMap<String, String> config = new MultivaluedHashMap<>();
for (java.util.Map.Entry<String, String> entry : ldapRule.getConfig().entrySet()) {
config.add(entry.getKey(), entry.getValue());
}
config.putSingle(LDAPConstants.SYNC_REGISTRATIONS, "true");
config.putSingle(LDAPConstants.EDIT_MODE, UserStorageProvider.EditMode.WRITABLE.toString());
UserStorageProviderModel federatedStorage = new UserStorageProviderModel();
federatedStorage.setName(LDAPStorageProviderFactory.PROVIDER_NAME + ":" + counter.getAndIncrement());
federatedStorage.setProviderId(LDAPStorageProviderFactory.PROVIDER_NAME);
federatedStorage.setProviderType(UserStorageProvider.class.getName());
federatedStorage.setLastSync(0);
federatedStorage.setChangedSyncPeriod(-1);
federatedStorage.setFullSyncPeriod(-1);
federatedStorage.setPriority(0);
federatedStorage.setConfig(config);
return Stream.of((T) federatedStorage);
} else {
return super.getParameters(clazz);
}
}
Also used :
MultivaluedHashMap(org.keycloak.common.util.MultivaluedHashMap)
UserStorageProvider(org.keycloak.storage.UserStorageProvider)
UserStorageProviderModel(org.keycloak.storage.UserStorageProviderModel)
MultivaluedHashMap(org.keycloak.common.util.MultivaluedHashMap)
Example 13 with UserStorageProviderModel
use of org.keycloak.storage.UserStorageProviderModel in project keycloak by keycloak.
the class UserConsentWithUserStorageModelTest method setupEnv.
public static void setupEnv(KeycloakSession session) {
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionSetUpEnv) -> {
KeycloakSession currentSession = sessionSetUpEnv;
RealmManager realmManager = new RealmManager(currentSession);
RealmModel realm = realmManager.createRealm("original");
UserStorageProviderModel model = new UserStorageProviderModel();
model.setName("memory");
model.setPriority(0);
model.setProviderId(UserMapStorageFactory.PROVIDER_ID);
model.setParentId(realm.getId());
model.getConfig().putSingle(IMPORT_ENABLED, Boolean.toString(false));
realm.addComponentModel(model);
ClientModel fooClient = realm.addClient("foo-client");
ClientModel barClient = realm.addClient("bar-client");
ClientScopeModel fooScope = realm.addClientScope("foo");
fooScope.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
ClientScopeModel barScope = realm.addClientScope("bar");
fooScope.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
UserModel john = currentSession.users().addUser(realm, "john");
UserModel mary = currentSession.users().addUser(realm, "mary");
UserConsentModel johnFooGrant = new UserConsentModel(fooClient);
johnFooGrant.addGrantedClientScope(fooScope);
realmManager.getSession().users().addConsent(realm, john.getId(), johnFooGrant);
UserConsentModel johnBarGrant = new UserConsentModel(barClient);
johnBarGrant.addGrantedClientScope(barScope);
// Update should fail as grant doesn't yet exists
try {
currentSession.users().updateConsent(realm, john.getId(), johnBarGrant);
Assert.fail("Not expected to end here");
} catch (ModelException expected) {
}
realmManager.getSession().users().addConsent(realm, john.getId(), johnBarGrant);
UserConsentModel maryFooGrant = new UserConsentModel(fooClient);
maryFooGrant.addGrantedClientScope(fooScope);
realmManager.getSession().users().addConsent(realm, mary.getId(), maryFooGrant);
ClientStorageProviderModel clientStorage = new ClientStorageProviderModel();
clientStorage.setProviderId(HardcodedClientStorageProviderFactory.PROVIDER_ID);
clientStorage.getConfig().putSingle(HardcodedClientStorageProviderFactory.CLIENT_ID, "hardcoded-client");
clientStorage.getConfig().putSingle(HardcodedClientStorageProviderFactory.REDIRECT_URI, "http://localhost:8081/*");
clientStorage.getConfig().putSingle(HardcodedClientStorageProviderFactory.CONSENT, "true");
clientStorage.setParentId(realm.getId());
clientStorageComponent = realm.addComponentModel(clientStorage);
ClientModel hardcodedClient = currentSession.clients().getClientByClientId(realm, "hardcoded-client");
Assert.assertNotNull(hardcodedClient);
UserConsentModel maryHardcodedGrant = new UserConsentModel(hardcodedClient);
realmManager.getSession().users().addConsent(realm, mary.getId(), maryHardcodedGrant);
});
}
Also used :
RealmModel(org.keycloak.models.RealmModel)
UserModel(org.keycloak.models.UserModel)
ClientModel(org.keycloak.models.ClientModel)
ModelException(org.keycloak.models.ModelException)
KeycloakSession(org.keycloak.models.KeycloakSession)
ClientScopeModel(org.keycloak.models.ClientScopeModel)
RealmManager(org.keycloak.services.managers.RealmManager)
UserStorageProviderModel(org.keycloak.storage.UserStorageProviderModel)
ClientStorageProviderModel(org.keycloak.storage.client.ClientStorageProviderModel)
UserConsentModel(org.keycloak.models.UserConsentModel)
Example 14 with UserStorageProviderModel
use of org.keycloak.storage.UserStorageProviderModel in project keycloak by keycloak.
the class AbstractKerberosTest method getUserStorageConfiguration.
protected ComponentRepresentation getUserStorageConfiguration(String providerName, String providerId) {
Map<String, String> kerberosConfig = getKerberosRule().getConfig();
MultivaluedHashMap<String, String> config = toComponentConfig(kerberosConfig);
UserStorageProviderModel model = new UserStorageProviderModel();
model.setLastSync(0);
model.setChangedSyncPeriod(-1);
model.setFullSyncPeriod(-1);
model.setName(providerName);
model.setPriority(0);
model.setProviderId(providerId);
model.setConfig(config);
ComponentRepresentation rep = ModelToRepresentation.toRepresentationWithoutConfig(model);
return rep;
}
Also used :
ComponentRepresentation(org.keycloak.representations.idm.ComponentRepresentation)
UserStorageProviderModel(org.keycloak.storage.UserStorageProviderModel)
Example 15 with UserStorageProviderModel
use of org.keycloak.storage.UserStorageProviderModel in project keycloak by keycloak.
the class LDAPRoleMappingsTest method test04_syncRoleMappings.
/**
* KEYCLOAK-5698
*/
@Test
public void test04_syncRoleMappings() {
testingClient.server().run(session -> {
LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel appRealm = ctx.getRealm();
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ctx.getLdapModel());
LDAPObject john = LDAPTestUtils.addLDAPUser(ldapProvider, appRealm, "johnrolemapper", "John", "RoleMapper", "johnrolemapper@email.org", null, "1234");
LDAPTestUtils.updateLDAPPassword(ldapProvider, john, "Password1");
LDAPTestUtils.addOrUpdateRoleLDAPMappers(appRealm, ctx.getLdapModel(), LDAPGroupMapperMode.LDAP_ONLY);
UserStorageSyncManager usersSyncManager = new UserStorageSyncManager();
SynchronizationResult syncResult = usersSyncManager.syncChangedUsers(session.getKeycloakSessionFactory(), appRealm.getId(), new UserStorageProviderModel(ctx.getLdapModel()));
syncResult.getAdded();
});
testingClient.server().run(session -> {
LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel appRealm = ctx.getRealm();
// make sure user is cached.
UserModel johnRoleMapper = session.users().getUserByUsername(appRealm, "johnrolemapper");
Assert.assertNotNull(johnRoleMapper);
Assert.assertEquals(0, johnRoleMapper.getRealmRoleMappingsStream().count());
});
testingClient.server().run(session -> {
LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel appRealm = ctx.getRealm();
// Add some role mappings directly in LDAP
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ctx.getLdapModel());
ComponentModel roleMapperModel = LDAPTestUtils.getSubcomponentByName(appRealm, ctx.getLdapModel(), "realmRolesMapper");
RoleLDAPStorageMapper roleMapper = LDAPTestUtils.getRoleMapper(roleMapperModel, ldapProvider, appRealm);
LDAPObject johnLdap = ldapProvider.loadLDAPUserByUsername(appRealm, "johnrolemapper");
roleMapper.addRoleMappingInLDAP("realmRole1", johnLdap);
roleMapper.addRoleMappingInLDAP("realmRole2", johnLdap);
// Get user and check that he has requested roles from LDAP
UserModel johnRoleMapper = session.users().getUserByUsername(appRealm, "johnrolemapper");
RoleModel realmRole1 = appRealm.getRole("realmRole1");
RoleModel realmRole2 = appRealm.getRole("realmRole2");
Set<RoleModel> johnRoles = johnRoleMapper.getRealmRoleMappingsStream().collect(Collectors.toSet());
Assert.assertFalse(johnRoles.contains(realmRole1));
Assert.assertFalse(johnRoles.contains(realmRole2));
});
testingClient.server().run(session -> {
LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel appRealm = ctx.getRealm();
// Add some role mappings directly in LDAP
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ctx.getLdapModel());
ComponentModel roleMapperModel = LDAPTestUtils.getSubcomponentByName(appRealm, ctx.getLdapModel(), "realmRolesMapper");
RoleLDAPStorageMapper roleMapper = LDAPTestUtils.getRoleMapper(roleMapperModel, ldapProvider, appRealm);
LDAPObject johnLdap = ldapProvider.loadLDAPUserByUsername(appRealm, "johnrolemapper");
// not sure why it is here for second time, but it is failing for Active directory - mapping already exists
if (!ctx.getLdapProvider().getLdapIdentityStore().getConfig().isActiveDirectory()) {
roleMapper.addRoleMappingInLDAP("realmRole1", johnLdap);
roleMapper.addRoleMappingInLDAP("realmRole2", johnLdap);
}
UserStorageSyncManager usersSyncManager = new UserStorageSyncManager();
SynchronizationResult syncResult = usersSyncManager.syncChangedUsers(session.getKeycloakSessionFactory(), appRealm.getId(), new UserStorageProviderModel(ctx.getLdapModel()));
});
testingClient.server().run(session -> {
LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel appRealm = ctx.getRealm();
// Get user and check that he has requested roles from LDAP
UserModel johnRoleMapper = session.users().getUserByUsername(appRealm, "johnrolemapper");
RoleModel realmRole1 = appRealm.getRole("realmRole1");
RoleModel realmRole2 = appRealm.getRole("realmRole2");
Set<RoleModel> johnRoles = johnRoleMapper.getRealmRoleMappingsStream().collect(Collectors.toSet());
Assert.assertTrue(johnRoles.contains(realmRole1));
Assert.assertTrue(johnRoles.contains(realmRole2));
});
}
Also used :
RealmModel(org.keycloak.models.RealmModel)
UserModel(org.keycloak.models.UserModel)
UserStorageSyncManager(org.keycloak.services.managers.UserStorageSyncManager)
ComponentModel(org.keycloak.component.ComponentModel)
LDAPStorageProvider(org.keycloak.storage.ldap.LDAPStorageProvider)
LDAPObject(org.keycloak.storage.ldap.idm.model.LDAPObject)
RoleModel(org.keycloak.models.RoleModel)
SynchronizationResult(org.keycloak.storage.user.SynchronizationResult)
UserStorageProviderModel(org.keycloak.storage.UserStorageProviderModel)
RoleLDAPStorageMapper(org.keycloak.storage.ldap.mappers.membership.role.RoleLDAPStorageMapper)
Test(org.junit.Test)
Aggregations
UserStorageProviderModel (org.keycloak.storage.UserStorageProviderModel)40
ComponentModel (org.keycloak.component.ComponentModel)19
RealmModel (org.keycloak.models.RealmModel)17
UserStorageProvider (org.keycloak.storage.UserStorageProvider)12
LDAPStorageProvider (org.keycloak.storage.ldap.LDAPStorageProvider)8
Test (org.junit.Test)7
UserStorageSyncManager (org.keycloak.services.managers.UserStorageSyncManager)7
SynchronizationResult (org.keycloak.storage.user.SynchronizationResult)6
LinkedList (java.util.LinkedList)5
UserModel (org.keycloak.models.UserModel)5
LDAPObject (org.keycloak.storage.ldap.idm.model.LDAPObject)5
HashMap (java.util.HashMap)4
KeycloakSession (org.keycloak.models.KeycloakSession)4
UserStorageProviderFactory (org.keycloak.storage.UserStorageProviderFactory)4
AbstractAuthTest (org.keycloak.testsuite.AbstractAuthTest)4
Path (javax.ws.rs.Path)3
CachedUserModel (org.keycloak.models.cache.CachedUserModel)3
ProviderConfigurationBuilder (org.keycloak.provider.ProviderConfigurationBuilder)3
Arrays (java.util.Arrays)2
List (java.util.List)2
