Examples with UserStorageProviderModel org.keycloak.storage.UserStorageProviderModel used on opensource projects

Search in sources :

Example 36 with UserStorageProviderModel

use of org.keycloak.storage.UserStorageProviderModel in project keycloak by keycloak.

the class RepresentationToModel method convertFedProviderToComponent.

// Basic realm stuff
public static ComponentModel convertFedProviderToComponent(String realmId, UserFederationProviderRepresentation fedModel) {
    UserStorageProviderModel model = new UserStorageProviderModel();
    model.setId(fedModel.getId());
    model.setName(fedModel.getDisplayName());
    model.setParentId(realmId);
    model.setProviderId(fedModel.getProviderName());
    model.setProviderType(UserStorageProvider.class.getName());
    model.setFullSyncPeriod(fedModel.getFullSyncPeriod());
    model.setPriority(fedModel.getPriority());
    model.setChangedSyncPeriod(fedModel.getChangedSyncPeriod());
    model.setLastSync(fedModel.getLastSync());
    if (fedModel.getConfig() != null) {
        for (Map.Entry<String, String> entry : fedModel.getConfig().entrySet()) {
            model.getConfig().putSingle(entry.getKey(), entry.getValue());
        }
    }
    return model;
}
Also used : UserStorageProvider(org.keycloak.storage.UserStorageProvider) UserStorageProviderModel(org.keycloak.storage.UserStorageProviderModel) ArtifactBindingUtils.computeArtifactBindingIdentifierString(org.keycloak.protocol.saml.util.ArtifactBindingUtils.computeArtifactBindingIdentifierString) Map(java.util.Map) MultivaluedHashMap(org.keycloak.common.util.MultivaluedHashMap) HashMap(java.util.HashMap)

Example 37 with UserStorageProviderModel

use of org.keycloak.storage.UserStorageProviderModel in project keycloak by keycloak.

the class LDAPTestContext method init.

public static LDAPTestContext init(KeycloakSession session) {
    RealmModel testRealm = session.realms().getRealm(AbstractLDAPTest.TEST_REALM_NAME);
    ComponentModel ldapCompModel = LDAPTestUtils.getLdapProviderModel(testRealm);
    UserStorageProviderModel ldapModel = new UserStorageProviderModel(ldapCompModel);
    LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
    return new LDAPTestContext(testRealm, ldapModel, ldapProvider);
}
Also used : RealmModel(org.keycloak.models.RealmModel) ComponentModel(org.keycloak.component.ComponentModel) LDAPStorageProvider(org.keycloak.storage.ldap.LDAPStorageProvider) UserStorageProviderModel(org.keycloak.storage.UserStorageProviderModel)

Example 38 with UserStorageProviderModel

use of org.keycloak.storage.UserStorageProviderModel in project keycloak by keycloak.

the class LDAPRoleMappingsTest method afterImportTestRealm.

@Override
protected void afterImportTestRealm() {
    // Disable pagination
    testingClient.server().run(session -> {
        LDAPTestContext ctx = LDAPTestContext.init(session);
        RealmModel appRealm = ctx.getRealm();
        ctx.getLdapModel().put(LDAPConstants.PAGINATION, "false");
        appRealm.updateComponent(ctx.getLdapModel());
    });
    testingClient.server().run(session -> {
        LDAPTestContext ctx = LDAPTestContext.init(session);
        RealmModel appRealm = ctx.getRealm();
        UserStorageProviderModel ldapModel = ctx.getLdapModel();
        LDAPTestUtils.addLocalUser(session, appRealm, "mary", "mary@test.com", "password-app");
        // Delete all LDAP users
        LDAPStorageProvider ldapFedProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
        LDAPTestUtils.removeAllLDAPUsers(ldapFedProvider, appRealm);
        // Add sample application
        ClientModel finance = appRealm.addClient("finance");
        // Delete all LDAP roles
        LDAPTestUtils.addOrUpdateRoleLDAPMappers(appRealm, ldapModel, LDAPGroupMapperMode.LDAP_ONLY);
        LDAPTestUtils.removeAllLDAPRoles(session, appRealm, ldapModel, "realmRolesMapper");
        LDAPTestUtils.removeAllLDAPRoles(session, appRealm, ldapModel, "financeRolesMapper");
        // Add some users for testing
        LDAPObject john = LDAPTestUtils.addLDAPUser(ldapFedProvider, appRealm, "johnkeycloak", "John", "Doe", "john@email.org", null, "1234");
        LDAPTestUtils.updateLDAPPassword(ldapFedProvider, john, "Password1");
        LDAPObject mary = LDAPTestUtils.addLDAPUser(ldapFedProvider, appRealm, "marykeycloak", "Mary", "Kelly", "mary@email.org", null, "5678");
        LDAPTestUtils.updateLDAPPassword(ldapFedProvider, mary, "Password1");
        LDAPObject rob = LDAPTestUtils.addLDAPUser(ldapFedProvider, appRealm, "robkeycloak", "Rob", "Brown", "rob@email.org", null, "8910");
        LDAPTestUtils.updateLDAPPassword(ldapFedProvider, rob, "Password1");
        // Add some roles for testing
        LDAPTestUtils.createLDAPRole(session, appRealm, ldapModel, "realmRolesMapper", "realmRole1");
        LDAPTestUtils.createLDAPRole(session, appRealm, ldapModel, "realmRolesMapper", "realmRole2");
        LDAPTestUtils.createLDAPRole(session, appRealm, ldapModel, "financeRolesMapper", "financeRole1");
        // Sync LDAP roles to Keycloak DB
        LDAPTestUtils.syncRolesFromLDAP(appRealm, ldapFedProvider, ldapModel);
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) ClientModel(org.keycloak.models.ClientModel) LDAPStorageProvider(org.keycloak.storage.ldap.LDAPStorageProvider) LDAPObject(org.keycloak.storage.ldap.idm.model.LDAPObject) UserStorageProviderModel(org.keycloak.storage.UserStorageProviderModel)

Example 39 with UserStorageProviderModel

use of org.keycloak.storage.UserStorageProviderModel in project keycloak by keycloak.

the class LDAPProvidersIntegrationTest method testUnsynced.

@Test
public void testUnsynced() throws Exception {
    testingClient.server().run(session -> {
        LDAPTestContext ctx = LDAPTestContext.init(session);
        RealmModel appRealm = ctx.getRealm();
        UserStorageProviderModel model = new UserStorageProviderModel(ctx.getLdapModel());
        model.getConfig().putSingle(LDAPConstants.EDIT_MODE, UserStorageProvider.EditMode.UNSYNCED.toString());
        appRealm.updateComponent(model);
    });
    testingClient.server().run(session -> {
        LDAPTestContext ctx = LDAPTestContext.init(session);
        RealmModel appRealm = ctx.getRealm();
        UserModel user = session.users().getUserByUsername(appRealm, "johnkeycloak");
        Assert.assertNotNull(user);
        Assert.assertNotNull(user.getFederationLink());
        Assert.assertEquals(user.getFederationLink(), ctx.getLdapModel().getId());
        UserCredentialModel cred = UserCredentialModel.password("Candycand1", true);
        session.userCredentialManager().updateCredential(appRealm, user, cred);
        CredentialModel userCredentialValueModel = session.userCredentialManager().getStoredCredentialsByTypeStream(appRealm, user, PasswordCredentialModel.TYPE).findFirst().orElse(null);
        Assert.assertNotNull(userCredentialValueModel);
        Assert.assertEquals(PasswordCredentialModel.TYPE, userCredentialValueModel.getType());
        Assert.assertTrue(session.userCredentialManager().isValid(appRealm, user, cred));
        // LDAP password is still unchanged
        try {
            LDAPObject ldapUser = ctx.getLdapProvider().loadLDAPUserByUsername(appRealm, "johnkeycloak");
            ctx.getLdapProvider().getLdapIdentityStore().validatePassword(ldapUser, "Password1");
        } catch (AuthenticationException ex) {
            throw new RuntimeException(ex);
        }
    });
    // Test admin REST endpoints
    UserResource userResource = ApiUtil.findUserByUsernameId(testRealm(), "johnkeycloak");
    // Assert password is stored locally
    List<String> storedCredentials = userResource.credentials().stream().map(CredentialRepresentation::getType).collect(Collectors.toList());
    Assert.assertTrue(storedCredentials.contains(PasswordCredentialModel.TYPE));
    // Assert password is supported in the LDAP too.
    List<String> userStorageCredentials = userResource.getConfiguredUserStorageCredentialTypes();
    Assert.assertTrue(userStorageCredentials.contains(PasswordCredentialModel.TYPE));
    testingClient.server().run(session -> {
        LDAPTestContext ctx = LDAPTestContext.init(session);
        RealmModel appRealm = ctx.getRealm();
        UserModel user = session.users().getUserByUsername(appRealm, "johnkeycloak");
        // User is deleted just locally
        Assert.assertTrue(session.users().removeUser(appRealm, user));
        // Assert user not available locally, but will be reimported from LDAP once searched
        Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "johnkeycloak"));
        Assert.assertNotNull(session.users().getUserByUsername(appRealm, "johnkeycloak"));
    });
    // Revert
    testingClient.server().run(session -> {
        LDAPTestContext ctx = LDAPTestContext.init(session);
        RealmModel appRealm = ctx.getRealm();
        ctx.getLdapModel().getConfig().putSingle(LDAPConstants.EDIT_MODE, UserStorageProvider.EditMode.WRITABLE.toString());
        appRealm.updateComponent(ctx.getLdapModel());
        Assert.assertEquals(UserStorageProvider.EditMode.WRITABLE.toString(), appRealm.getComponent(ctx.getLdapModel().getId()).getConfig().getFirst(LDAPConstants.EDIT_MODE));
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) CachedUserModel(org.keycloak.models.cache.CachedUserModel) UserModel(org.keycloak.models.UserModel) UserCredentialModel(org.keycloak.models.UserCredentialModel) CredentialModel(org.keycloak.credential.CredentialModel) PasswordCredentialModel(org.keycloak.models.credential.PasswordCredentialModel) AuthenticationException(javax.naming.AuthenticationException) UserResource(org.keycloak.admin.client.resource.UserResource) LDAPObject(org.keycloak.storage.ldap.idm.model.LDAPObject) UserStorageProviderModel(org.keycloak.storage.UserStorageProviderModel) UserCredentialModel(org.keycloak.models.UserCredentialModel) AbstractAuthTest(org.keycloak.testsuite.AbstractAuthTest) Test(org.junit.Test)

Example 40 with UserStorageProviderModel

use of org.keycloak.storage.UserStorageProviderModel in project keycloak by keycloak.

the class SyncFederationTest method test03ConcurrentSync.

@Test
public void test03ConcurrentSync() throws Exception {
    // Enable timer for SyncDummyUserFederationProvider
    testingClient.server().run(session -> {
        SyncDummyUserFederationProviderFactory.restartLatches();
        RealmModel appRealm = session.realms().getRealmByName(AuthRealm.TEST);
        UserStorageProviderModel model = new UserStorageProviderModel();
        model.setProviderId(SyncDummyUserFederationProviderFactory.SYNC_PROVIDER_ID);
        model.setPriority(1);
        model.setName("test-sync-dummy");
        model.setFullSyncPeriod(-1);
        model.setChangedSyncPeriod(1);
        model.setLastSync(0);
        model.getConfig().putSingle(SyncDummyUserFederationProviderFactory.WAIT_TIME, "2000");
        ComponentModel dummyModel = new UserStorageProviderModel(appRealm.addComponentModel(model));
    });
    testingClient.server().run(session -> {
        RealmModel appRealm = session.realms().getRealmByName(AuthRealm.TEST);
        UserStorageProviderModel dummyModel = findDummyProviderModel(appRealm);
        KeycloakSessionFactory sessionFactory = session.getKeycloakSessionFactory();
        // bootstrap periodic sync
        UserStorageSyncManager usersSyncManager = new UserStorageSyncManager();
        usersSyncManager.bootstrapPeriodic(sessionFactory, session.getProvider(TimerProvider.class));
        // Wait and then trigger sync manually. Assert it will be ignored
        sleep(1800);
        SynchronizationResult syncResult = usersSyncManager.syncChangedUsers(sessionFactory, appRealm.getId(), dummyModel);
        Assert.assertTrue(syncResult.isIgnored());
        // Cancel timer
        usersSyncManager.notifyToRefreshPeriodicSync(session, appRealm, dummyModel, true);
        // Signal to factory to finish waiting
        SyncDummyUserFederationProviderFactory.latch1.countDown();
        try {
            SyncDummyUserFederationProviderFactory.latch2.await(20000, TimeUnit.MILLISECONDS);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    });
    // remove provider
    testingClient.server().run(session -> {
        RealmModel appRealm = session.realms().getRealmByName(AuthRealm.TEST);
        UserStorageProviderModel dummyModel = findDummyProviderModel(appRealm);
        appRealm.removeComponent(dummyModel);
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) UserStorageSyncManager(org.keycloak.services.managers.UserStorageSyncManager) ComponentModel(org.keycloak.component.ComponentModel) TimerProvider(org.keycloak.timer.TimerProvider) UserStorageProviderModel(org.keycloak.storage.UserStorageProviderModel) SynchronizationResult(org.keycloak.storage.user.SynchronizationResult) KeycloakSessionFactory(org.keycloak.models.KeycloakSessionFactory) Test(org.junit.Test) AbstractAuthTest(org.keycloak.testsuite.AbstractAuthTest)

Aggregations

UserStorageProviderModel (org.keycloak.storage.UserStorageProviderModel)40 ComponentModel (org.keycloak.component.ComponentModel)19 RealmModel (org.keycloak.models.RealmModel)17 UserStorageProvider (org.keycloak.storage.UserStorageProvider)12 LDAPStorageProvider (org.keycloak.storage.ldap.LDAPStorageProvider)8 Test (org.junit.Test)7 UserStorageSyncManager (org.keycloak.services.managers.UserStorageSyncManager)7 SynchronizationResult (org.keycloak.storage.user.SynchronizationResult)6 LinkedList (java.util.LinkedList)5 UserModel (org.keycloak.models.UserModel)5 LDAPObject (org.keycloak.storage.ldap.idm.model.LDAPObject)5 HashMap (java.util.HashMap)4 KeycloakSession (org.keycloak.models.KeycloakSession)4 UserStorageProviderFactory (org.keycloak.storage.UserStorageProviderFactory)4 AbstractAuthTest (org.keycloak.testsuite.AbstractAuthTest)4 Path (javax.ws.rs.Path)3 CachedUserModel (org.keycloak.models.cache.CachedUserModel)3 ProviderConfigurationBuilder (org.keycloak.provider.ProviderConfigurationBuilder)3 Arrays (java.util.Arrays)2 List (java.util.List)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial