Examples with LDAPObject org.keycloak.storage.ldap.idm.model.LDAPObject used on opensource projects

Example 11 with LDAPObject

use of org.keycloak.storage.ldap.idm.model.LDAPObject in project keycloak by keycloak.

the class LDAPTestUtils method removeAllLDAPGroups.

public static void removeAllLDAPGroups(KeycloakSession session, RealmModel appRealm, ComponentModel ldapModel, String mapperName) {
    ComponentModel mapperModel = getSubcomponentByName(appRealm, ldapModel, mapperName);
    LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
    LDAPQuery query = null;
    if (GroupLDAPStorageMapperFactory.PROVIDER_ID.equals(mapperModel.getProviderId())) {
        query = getGroupMapper(mapperModel, ldapProvider, appRealm).createGroupQuery(false);
    } else {
        query = getRoleMapper(mapperModel, ldapProvider, appRealm).createRoleQuery(false);
    }
    try (LDAPQuery roleQuery = query) {
        List<LDAPObject> ldapRoles = roleQuery.getResultList();
        for (LDAPObject ldapRole : ldapRoles) {
            ldapProvider.getLdapIdentityStore().remove(ldapRole);
        }
    }
}

Example 12 with LDAPObject

use of org.keycloak.storage.ldap.idm.model.LDAPObject in project keycloak by keycloak.

the class LDAPStorageProviderFactory method syncImpl.

protected SynchronizationResult syncImpl(KeycloakSessionFactory sessionFactory, LDAPQuery userQuery, final String realmId, final ComponentModel fedModel) {
    final SynchronizationResult syncResult = new SynchronizationResult();
    LDAPConfig ldapConfig = new LDAPConfig(fedModel.getConfig());
    boolean pagination = ldapConfig.isPagination();
    if (pagination) {
        int pageSize = ldapConfig.getBatchSizeForSync();
        boolean nextPage = true;
        while (nextPage) {
            userQuery.setLimit(pageSize);
            final List<LDAPObject> users = userQuery.getResultList();
            nextPage = userQuery.getPaginationContext().hasNextPage();
            SynchronizationResult currentPageSync = importLdapUsers(sessionFactory, realmId, fedModel, users);
            syncResult.add(currentPageSync);
        }
    } else {
        // LDAP pagination not available. Do everything in single transaction
        final List<LDAPObject> users = userQuery.getResultList();
        SynchronizationResult currentSync = importLdapUsers(sessionFactory, realmId, fedModel, users);
        syncResult.add(currentSync);
    }
    return syncResult;
}

Example 13 with LDAPObject

use of org.keycloak.storage.ldap.idm.model.LDAPObject in project keycloak by keycloak.

the class LDAPUtils method createLDAPGroup.

// roles & groups
public static LDAPObject createLDAPGroup(LDAPStorageProvider ldapProvider, String groupName, String groupNameAttribute, Collection<String> objectClasses, String parentDn, Map<String, Set<String>> additionalAttributes, String membershipLdapAttribute) {
    LDAPObject ldapObject = new LDAPObject();
    ldapObject.setRdnAttributeName(groupNameAttribute);
    ldapObject.setObjectClasses(objectClasses);
    ldapObject.setSingleAttribute(groupNameAttribute, groupName);
    for (String objectClassValue : objectClasses) {
        // require empty member attribute if no members have joined yet
        if ((objectClassValue.equalsIgnoreCase(LDAPConstants.GROUP_OF_NAMES) || objectClassValue.equalsIgnoreCase(LDAPConstants.GROUP_OF_ENTRIES) || objectClassValue.equalsIgnoreCase(LDAPConstants.GROUP_OF_UNIQUE_NAMES)) && additionalAttributes.get(membershipLdapAttribute) == null) {
            ldapObject.setSingleAttribute(membershipLdapAttribute, LDAPConstants.EMPTY_MEMBER_ATTRIBUTE_VALUE);
        }
    }
    LDAPDn roleDn = LDAPDn.fromString(parentDn);
    roleDn.addFirst(groupNameAttribute, groupName);
    ldapObject.setDn(roleDn);
    for (Map.Entry<String, Set<String>> attrEntry : additionalAttributes.entrySet()) {
        ldapObject.setAttribute(attrEntry.getKey(), attrEntry.getValue());
    }
    ldapProvider.getLdapIdentityStore().add(ldapObject);
    return ldapObject;
}

Example 14 with LDAPObject

use of org.keycloak.storage.ldap.idm.model.LDAPObject in project keycloak by keycloak.

the class LDAPUtils method fillRangedAttribute.

/**
 * Performs iterative searches over an LDAPObject to return an attribute that is ranged.
 * @param ldapProvider The provider to use
 * @param ldapObject The current object with the ranged attribute not complete
 * @param name The attribute name
 */
public static void fillRangedAttribute(LDAPStorageProvider ldapProvider, LDAPObject ldapObject, String name) {
    LDAPObject newObject = ldapObject;
    while (!newObject.isRangeComplete(name)) {
        try (LDAPQuery q = createLdapQueryForRangeAttribute(ldapProvider, ldapObject, name)) {
            newObject = q.getFirstResult();
            ldapObject.populateRangedAttribute(newObject, name);
        }
    }
}

Example 15 with LDAPObject

use of org.keycloak.storage.ldap.idm.model.LDAPObject in project keycloak by keycloak.

the class LDAPQuery method getResultList.

public List<LDAPObject> getResultList() {
    // Apply mappers now
    LDAPMappersComparator ldapMappersComparator = new LDAPMappersComparator(ldapFedProvider.getLdapIdentityStore().getConfig());
    Collections.sort(mappers, ldapMappersComparator.sortAsc());
    for (ComponentModel mapperModel : mappers) {
        LDAPStorageMapper fedMapper = ldapFedProvider.getMapperManager().getMapper(mapperModel);
        fedMapper.beforeLDAPQuery(this);
    }
    List<LDAPObject> result = new ArrayList<LDAPObject>();
    try {
        for (LDAPObject ldapObject : ldapFedProvider.getLdapIdentityStore().fetchQueryResults(this)) {
            result.add(ldapObject);
        }
    } catch (Exception e) {
        throw new ModelException("LDAP Query failed", e);
    }
    return result;
}