use of org.keycloak.storage.ldap.idm.model.LDAPObject in project keycloak by keycloak.
the class LDAPTestUtils method removeAllLDAPGroups.
public static void removeAllLDAPGroups(KeycloakSession session, RealmModel appRealm, ComponentModel ldapModel, String mapperName) {
ComponentModel mapperModel = getSubcomponentByName(appRealm, ldapModel, mapperName);
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
LDAPQuery query = null;
if (GroupLDAPStorageMapperFactory.PROVIDER_ID.equals(mapperModel.getProviderId())) {
query = getGroupMapper(mapperModel, ldapProvider, appRealm).createGroupQuery(false);
} else {
query = getRoleMapper(mapperModel, ldapProvider, appRealm).createRoleQuery(false);
}
try (LDAPQuery roleQuery = query) {
List<LDAPObject> ldapRoles = roleQuery.getResultList();
for (LDAPObject ldapRole : ldapRoles) {
ldapProvider.getLdapIdentityStore().remove(ldapRole);
}
}
}
use of org.keycloak.storage.ldap.idm.model.LDAPObject in project keycloak by keycloak.
the class LDAPStorageProviderFactory method syncImpl.
protected SynchronizationResult syncImpl(KeycloakSessionFactory sessionFactory, LDAPQuery userQuery, final String realmId, final ComponentModel fedModel) {
final SynchronizationResult syncResult = new SynchronizationResult();
LDAPConfig ldapConfig = new LDAPConfig(fedModel.getConfig());
boolean pagination = ldapConfig.isPagination();
if (pagination) {
int pageSize = ldapConfig.getBatchSizeForSync();
boolean nextPage = true;
while (nextPage) {
userQuery.setLimit(pageSize);
final List<LDAPObject> users = userQuery.getResultList();
nextPage = userQuery.getPaginationContext().hasNextPage();
SynchronizationResult currentPageSync = importLdapUsers(sessionFactory, realmId, fedModel, users);
syncResult.add(currentPageSync);
}
} else {
// LDAP pagination not available. Do everything in single transaction
final List<LDAPObject> users = userQuery.getResultList();
SynchronizationResult currentSync = importLdapUsers(sessionFactory, realmId, fedModel, users);
syncResult.add(currentSync);
}
return syncResult;
}
use of org.keycloak.storage.ldap.idm.model.LDAPObject in project keycloak by keycloak.
the class LDAPUtils method createLDAPGroup.
// roles & groups
public static LDAPObject createLDAPGroup(LDAPStorageProvider ldapProvider, String groupName, String groupNameAttribute, Collection<String> objectClasses, String parentDn, Map<String, Set<String>> additionalAttributes, String membershipLdapAttribute) {
LDAPObject ldapObject = new LDAPObject();
ldapObject.setRdnAttributeName(groupNameAttribute);
ldapObject.setObjectClasses(objectClasses);
ldapObject.setSingleAttribute(groupNameAttribute, groupName);
for (String objectClassValue : objectClasses) {
// require empty member attribute if no members have joined yet
if ((objectClassValue.equalsIgnoreCase(LDAPConstants.GROUP_OF_NAMES) || objectClassValue.equalsIgnoreCase(LDAPConstants.GROUP_OF_ENTRIES) || objectClassValue.equalsIgnoreCase(LDAPConstants.GROUP_OF_UNIQUE_NAMES)) && additionalAttributes.get(membershipLdapAttribute) == null) {
ldapObject.setSingleAttribute(membershipLdapAttribute, LDAPConstants.EMPTY_MEMBER_ATTRIBUTE_VALUE);
}
}
LDAPDn roleDn = LDAPDn.fromString(parentDn);
roleDn.addFirst(groupNameAttribute, groupName);
ldapObject.setDn(roleDn);
for (Map.Entry<String, Set<String>> attrEntry : additionalAttributes.entrySet()) {
ldapObject.setAttribute(attrEntry.getKey(), attrEntry.getValue());
}
ldapProvider.getLdapIdentityStore().add(ldapObject);
return ldapObject;
}
use of org.keycloak.storage.ldap.idm.model.LDAPObject in project keycloak by keycloak.
the class LDAPUtils method fillRangedAttribute.
/**
* Performs iterative searches over an LDAPObject to return an attribute that is ranged.
* @param ldapProvider The provider to use
* @param ldapObject The current object with the ranged attribute not complete
* @param name The attribute name
*/
public static void fillRangedAttribute(LDAPStorageProvider ldapProvider, LDAPObject ldapObject, String name) {
LDAPObject newObject = ldapObject;
while (!newObject.isRangeComplete(name)) {
try (LDAPQuery q = createLdapQueryForRangeAttribute(ldapProvider, ldapObject, name)) {
newObject = q.getFirstResult();
ldapObject.populateRangedAttribute(newObject, name);
}
}
}
use of org.keycloak.storage.ldap.idm.model.LDAPObject in project keycloak by keycloak.
the class LDAPQuery method getResultList.
public List<LDAPObject> getResultList() {
// Apply mappers now
LDAPMappersComparator ldapMappersComparator = new LDAPMappersComparator(ldapFedProvider.getLdapIdentityStore().getConfig());
Collections.sort(mappers, ldapMappersComparator.sortAsc());
for (ComponentModel mapperModel : mappers) {
LDAPStorageMapper fedMapper = ldapFedProvider.getMapperManager().getMapper(mapperModel);
fedMapper.beforeLDAPQuery(this);
}
List<LDAPObject> result = new ArrayList<LDAPObject>();
try {
for (LDAPObject ldapObject : ldapFedProvider.getLdapIdentityStore().fetchQueryResults(this)) {
result.add(ldapObject);
}
} catch (Exception e) {
throw new ModelException("LDAP Query failed", e);
}
return result;
}
Aggregations