Search in sources :

Example 1 with MASTER_REALM_ADMIN_USER

use of org.openremote.model.Constants.MASTER_REALM_ADMIN_USER in project openremote by openremote.

the class KeycloakInitSetup method onStart.

@Override
public void onStart() throws Exception {
    super.onStart();
    // Configure the master realm
    RealmRepresentation masterRealm = masterRealmResource.toRepresentation();
    masterRealm.setDisplayName("Master");
    // Set SMTP server, theme, timeouts, etc.
    keycloakProvider.configureRealm(masterRealm, emailConfig);
    masterRealmResource.update(masterRealm);
    // Create our client application with its default roles
    keycloakProvider.createClientApplication(new ClientRequestInfo(null, accessToken), masterRealm.getRealm());
    // Get the client application ID so we can assign roles to users at the client
    // level (we can only check realm _or_ client application roles in @RolesAllowed!)
    String clientObjectId = getClientObjectId(masterClientsResource);
    ClientResource clientResource = masterClientsResource.get(clientObjectId);
    RolesResource rolesResource = clientResource.roles();
    // Give admin all roles on application client level
    RoleRepresentation readRole = rolesResource.get(ClientRole.READ.getValue()).toRepresentation();
    RoleRepresentation writeRole = rolesResource.get(ClientRole.WRITE.getValue()).toRepresentation();
    masterUsersResource.search(MASTER_REALM_ADMIN_USER, null, null, null, null, null).stream().map(userRepresentation -> masterUsersResource.get(userRepresentation.getId())).forEach(adminUser -> {
        adminUser.roles().clientLevel(clientObjectId).add(Arrays.asList(readRole, writeRole));
        LOG.info("Assigned all application roles to 'admin' user");
        UserRepresentation adminRep = adminUser.toRepresentation();
        adminRep.setFirstName("System");
        adminRep.setLastName("Administrator");
        adminUser.update(adminRep);
    });
}
Also used : RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) Container(org.openremote.container.Container) ClientRequestInfo(org.openremote.container.web.ClientRequestInfo) Arrays(java.util.Arrays) MASTER_REALM_ADMIN_USER(org.openremote.model.Constants.MASTER_REALM_ADMIN_USER) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) ClientRole(org.openremote.model.security.ClientRole) AbstractKeycloakSetup(org.openremote.manager.setup.AbstractKeycloakSetup) RolesResource(org.keycloak.admin.client.resource.RolesResource) Logger(java.util.logging.Logger) ClientResource(org.keycloak.admin.client.resource.ClientResource) RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation) RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation) ClientRequestInfo(org.openremote.container.web.ClientRequestInfo) ClientResource(org.keycloak.admin.client.resource.ClientResource) RolesResource(org.keycloak.admin.client.resource.RolesResource) UserRepresentation(org.keycloak.representations.idm.UserRepresentation)

Aggregations

Arrays (java.util.Arrays)1 Logger (java.util.logging.Logger)1 ClientResource (org.keycloak.admin.client.resource.ClientResource)1 RolesResource (org.keycloak.admin.client.resource.RolesResource)1 RealmRepresentation (org.keycloak.representations.idm.RealmRepresentation)1 RoleRepresentation (org.keycloak.representations.idm.RoleRepresentation)1 UserRepresentation (org.keycloak.representations.idm.UserRepresentation)1 Container (org.openremote.container.Container)1 ClientRequestInfo (org.openremote.container.web.ClientRequestInfo)1 AbstractKeycloakSetup (org.openremote.manager.setup.AbstractKeycloakSetup)1 MASTER_REALM_ADMIN_USER (org.openremote.model.Constants.MASTER_REALM_ADMIN_USER)1 ClientRole (org.openremote.model.security.ClientRole)1