@Override public String getKey() { return KeycloakModelUtils.generateId(); } }
public void loadPersistentSessions() { // Rather use separate transactions for update and loading KeycloakModelUtils.runJobInTransaction(sessionFactory, new KeycloakSessionTask() { @Override public void run(KeycloakSession session) { sessionLoader.init(session); } }); KeycloakModelUtils.runJobInTransaction(sessionFactory, new KeycloakSessionTask() { @Override public void run(KeycloakSession session) { int count = sessionLoader.getSessionsCount(session); for (int i=0 ; i<count ; i+=sessionsPerSegment) { sessionLoader.loadSessions(session, i, sessionsPerSegment); } } }); } }
@Override public boolean hasRole(RoleModel role) { return this.equals(role) || KeycloakModelUtils.searchFor(role, this, new HashSet<>()); }
public static CertificateRepresentation generateKeyPairCertificate(String subject) { KeyPair keyPair = null; try { KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA"); generator.initialize(2048); keyPair = generator.generateKeyPair(); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } X509Certificate certificate = null; try { certificate = CertificateUtils.generateV1SelfSignedCertificate(keyPair, subject); } catch (Exception e) { throw new RuntimeException(e); } String privateKeyPem = KeycloakModelUtils.getPemFromKey(keyPair.getPrivate()); String certPem = KeycloakModelUtils.getPemFromCertificate(certificate); CertificateRepresentation rep = new CertificateRepresentation(); rep.setPrivateKey(privateKeyPem); rep.setCertificate(certPem); return rep; }
@Override public void setUsername(String username) { username = KeycloakModelUtils.toLowerCaseSafe(username); user.setUsername(username); }
public static void generateRealmKeys(RealmModel realm) { KeyPair keyPair = null; try { KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA"); generator.initialize(2048); keyPair = generator.generateKeyPair(); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } realm.setPrivateKey(keyPair.getPrivate()); realm.setPublicKey(keyPair.getPublic()); X509Certificate certificate = null; try { certificate = CertificateUtils.generateV1SelfSignedCertificate(keyPair, realm.getName()); } catch (Exception e) { throw new RuntimeException(e); } realm.setCertificate(certificate); realm.setCodeSecret(generateCodeSecret()); }
if (rep.isEditUsernameAllowed() != null) newRealm.setEditUsernameAllowed(rep.isEditUsernameAllowed()); if (rep.getPrivateKey() == null || rep.getPublicKey() == null) { KeycloakModelUtils.generateRealmKeys(newRealm); } else { newRealm.setPrivateKeyPem(rep.getPrivateKey()); KeycloakModelUtils.generateRealmCertificate(newRealm); } else { newRealm.setCertificatePem(rep.getCertificate()); newRealm.setCodeSecret(KeycloakModelUtils.generateCodeSecret()); } else { newRealm.setCodeSecret(rep.getCodeSecret()); if (rep.getDefaultGroups() != null) { for (String path : rep.getDefaultGroups()) { GroupModel found = KeycloakModelUtils.findGroupByPath(newRealm, path); if (found == null) throw new RuntimeException("default group in realm rep doesn't exist: " + path); newRealm.addDefaultGroup(found);
@Override public void setPrivateKey(PrivateKey privateKey) { this.privateKey = privateKey; String privateKeyPem = KeycloakModelUtils.getPemFromKey(privateKey); setPrivateKeyPem(privateKeyPem); }
@Override public void setUsername(String username) { getDelegateForUpdate(); username = KeycloakModelUtils.toLowerCaseSafe(username); updated.setUsername(username); }
@Override public SqlStatement[] generateStatements(Database database) throws CustomChangeException { try { StringBuilder sb = new StringBuilder(); sb.append("Generated codeSecret for realms: "); Connection connection = ((JdbcConnection) (database.getConnection())).getWrappedConnection(); ArrayList<SqlStatement> statements = new ArrayList<SqlStatement>(); String correctedTableName = database.correctObjectName("REALM", Table.class); if (SnapshotGeneratorFactory.getInstance().has(new Table().setName(correctedTableName), database)) { ResultSet resultSet = connection.createStatement().executeQuery("SELECT ID FROM " + LiquibaseJpaUpdaterProvider.getTable(correctedTableName, database.getDefaultSchemaName()) + " WHERE CODE_SECRET IS NULL"); while (resultSet.next()) { String id = resultSet.getString(1); UpdateStatement statement = new UpdateStatement(null, null, correctedTableName) .addNewColumnValue("CODE_SECRET", KeycloakModelUtils.generateCodeSecret()) .setWhereClause("ID='" + id + "'"); statements.add(statement); if (!resultSet.isFirst()) { sb.append(", "); } sb.append(id); } if (!statements.isEmpty()) { confirmationMessage = sb.toString(); } } return statements.toArray(new SqlStatement[statements.size()]); } catch (Exception e) { throw new CustomChangeException("Failed to add realm code secret", e); } }
@Override public void setPublicKey(PublicKey publicKey) { this.publicKey = publicKey; String publicKeyPem = KeycloakModelUtils.getPemFromKey(publicKey); setPublicKeyPem(publicKeyPem); }
public void setEmail(String email, boolean allowDuplicate) { this.email = email; this.emailConstraint = email == null || allowDuplicate ? KeycloakModelUtils.generateId() : email; }
@Override public void loadPersistentSessions(final KeycloakSessionFactory sessionFactory, final int maxErrors, final int sessionsPerSegment) { log.debug("Start pre-loading userSessions from persistent storage"); KeycloakModelUtils.runJobInTransaction(sessionFactory, new KeycloakSessionTask() { @Override public void run(KeycloakSession session) { InfinispanConnectionProvider connections = session.getProvider(InfinispanConnectionProvider.class); Cache<String, Serializable> workCache = connections.getCache(InfinispanConnectionProvider.WORK_CACHE_NAME); InfinispanCacheInitializer ispnInitializer = new InfinispanCacheInitializer(sessionFactory, workCache, new OfflinePersistentUserSessionLoader(sessionsPerSegment), "offlineUserSessions", sessionsPerSegment, maxErrors); // DB-lock to ensure that persistent sessions are loaded from DB just on one DC. The other DCs will load them from remote cache. CacheInitializer initializer = new DBLockBasedCacheInitializer(session, ispnInitializer); initializer.initCache(); initializer.loadSessions(); // Initialize persister for periodically doing bulk DB updates of lastSessionRefresh timestamps of refreshed sessions persisterLastSessionRefreshStore = new PersisterLastSessionRefreshStoreFactory().createAndInit(session, true); } }); log.debug("Pre-loading userSessions from persistent storage finished"); }
@Override public void setUsername(String username) { username = KeycloakModelUtils.toLowerCaseSafe(username); user.setUsername(username); updateUser(); }
@Override public boolean hasRole(RoleModel role) { return this.equals(role) || KeycloakModelUtils.searchFor(role, this, new HashSet<>()); }
.addNewColumnValue("CODE_SECRET", KeycloakModelUtils.generateCodeSecret()) .setWhereClause("ID=?").addWhereParameters(id); statements.add(statement);
if (parse.getJwk().getPublicKeyUse().equals(JWK.SIG_USE) && keyTypeSupported(jwk.getKeyType())) { PublicKey key = parse.toPublicKey(); config.setPublicKeySignatureVerifier(KeycloakModelUtils.getPemFromKey(key)); config.setValidateSignature(true); break;
@Override public GroupModel createGroup(RealmModel realm, String name) { String id = KeycloakModelUtils.generateId(); return createGroup(realm, id, name); }
@Override public void exportRealm(KeycloakSessionFactory factory, final String realmName) throws IOException { logger.infof("Exporting realm '%s' into file %s", realmName, this.file.getAbsolutePath()); KeycloakModelUtils.runJobInTransaction(factory, new ExportImportSessionTask() { @Override protected void runExportImportTask(KeycloakSession session) throws IOException { RealmModel realm = session.realms().getRealmByName(realmName); RealmRepresentation realmRep = ExportUtils.exportRealm(session, realm, true); writeToFile(realmRep); } }); }
@Override public void setUsername(String username) { getDelegateForUpdate(); username = KeycloakModelUtils.toLowerCaseSafe(username); updated.setUsername(username); }