private List<EventRepresentation> toEventListRep(List<Event> events) { List<EventRepresentation> reps = new ArrayList<>(); for (Event event : events) { reps.add(ModelToRepresentation.toRepresentation(event)); } return reps; }
public static String buildGroupPath(GroupModel group) { StringBuilder sb = new StringBuilder(); buildGroupPath(sb, group); return sb.toString(); }
public static GroupRepresentation toGroupHierarchy(GroupModel group, boolean full) { GroupRepresentation rep = toRepresentation(group, full); List<GroupRepresentation> subGroups = new LinkedList<>(); for (GroupModel subGroup : group.getSubGroups()) { subGroups.add(toGroupHierarchy(subGroup, full)); } rep.setSubGroups(subGroups); return rep; }
UserRepresentation userRep = ModelToRepresentation.toRepresentation(user); LinkedList<UserConsentRepresentation> consentReps = new LinkedList<UserConsentRepresentation>(); for (UserConsentModel consent : consents) { UserConsentRepresentation consentRep = ModelToRepresentation.toRepresentation(consent); consentReps.add(consentRep); groups.add(ModelToRepresentation.buildGroupPath(group));
List<String> groupPaths = new LinkedList<>(); for (GroupModel group : defaultGroups) { groupPaths.add(ModelToRepresentation.buildGroupPath(group)); List<UserFederationProviderRepresentation> fedProviderReps = new ArrayList<UserFederationProviderRepresentation>(); for (UserFederationProviderModel model : fedProviderModels) { UserFederationProviderRepresentation fedProvRep = toRepresentation(model); fedProviderReps.add(fedProvRep); rep.addUserFederationMapper(toRepresentation(realm, mapper)); rep.addIdentityProvider(toRepresentation(realm, provider)); rep.addIdentityProviderMapper(toRepresentation(mapper)); exportAuthenticationFlows(realm, rep); exportRequiredActions(realm, rep); exportGroups(realm, rep);
public static List<GroupRepresentation> toGroupHierarchy(RealmModel realm, boolean full) { List<GroupRepresentation> hierarchy = new LinkedList<>(); List<GroupModel> groups = realm.getTopLevelGroups(); if (groups == null) return hierarchy; for (GroupModel group : groups) { GroupRepresentation rep = toGroupHierarchy(group, full); hierarchy.add(rep); } return hierarchy; }
AbstractPolicyRepresentation associatedRep = ModelToRepresentation.toRepresentation(associatedPolicy, authorization, false, false); RealmModel realm = authorization.getRealm(); representation.addGroup(ModelToRepresentation.buildGroupPath(realm.getGroupById(definition.getId())));
public static void exportGroups(RealmModel realm, RealmRepresentation rep) { List<GroupRepresentation> groups = toGroupHierarchy(realm, true); rep.setGroups(groups); }
private List<AdminEventRepresentation> toAdminEventRep(List<AdminEvent> events) { List<AdminEventRepresentation> reps = new ArrayList<>(); for (AdminEvent event : events) { reps.add(ModelToRepresentation.toRepresentation(event)); } return reps; }
public static void buildGroupPath(StringBuilder sb, GroupModel group) { if (group.getParent() != null) { buildGroupPath(sb, group.getParent()); } sb.append('/').append(group.getName()); }
@POST @Path("/poll-admin-event-queue") @Produces(MediaType.APPLICATION_JSON) public AdminEventRepresentation getAdminEvent() { AdminEvent adminEvent = EventsListenerProvider.pollAdminEvent(); if (adminEvent != null) { return ModelToRepresentation.toRepresentation(adminEvent); } else { return null; } }
@Override public void setAttribute(Map<String, Object> attributes, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession session, ClientSessionContext clientSessionCt) { List<String> membership = new LinkedList<>(); boolean fullPath = useFullPath(mappingModel); for (GroupModel group : userSession.getUser().getGroups()) { if (fullPath) { membership.add(ModelToRepresentation.buildGroupPath(group)); } else { membership.add(group.getName()); } } setPlainAttribute(attributes, mappingModel, membership); }
@POST @Path("/poll-event-queue") @Produces(MediaType.APPLICATION_JSON) public EventRepresentation getEvent() { Event event = EventsListenerProvider.poll(); if (event != null) { return ModelToRepresentation.toRepresentation(event); } else { return null; } }
@Override public void onExport(Policy policy, PolicyRepresentation representation, AuthorizationProvider authorization) { Map<String, String> config = new HashMap<>(); GroupPolicyRepresentation groupPolicy = toRepresentation(policy, authorization); Set<GroupPolicyRepresentation.GroupDefinition> groups = groupPolicy.getGroups(); for (GroupPolicyRepresentation.GroupDefinition definition: groups) { GroupModel group = authorization.getRealm().getGroupById(definition.getId()); definition.setId(null); definition.setPath(ModelToRepresentation.buildGroupPath(group)); } try { String groupsClaim = groupPolicy.getGroupsClaim(); if (groupsClaim != null) { config.put("groupsClaim", groupsClaim); } config.put("groups", JsonSerialization.writeValueAsString(groups)); } catch (IOException cause) { throw new RuntimeException("Failed to export group policy [" + policy.getName() + "]", cause); } representation.setConfig(config); }
@GET @Path("/get-client-auth-flow") @Produces(MediaType.APPLICATION_JSON) public AuthenticationFlowRepresentation getClientAuthFlow(@QueryParam("realmName") String realmName) { RealmModel realm = getRealmByName(realmName); AuthenticationFlowModel flow = realm.getClientAuthenticationFlow(); if (flow == null) return null; return ModelToRepresentation.toRepresentation(realm, flow); }
public static GroupRepresentation toRepresentation(GroupModel group, boolean full) { GroupRepresentation rep = new GroupRepresentation(); rep.setId(group.getId()); rep.setName(group.getName()); rep.setPath(buildGroupPath(group)); if (!full) return rep; // Role mappings Set<RoleModel> roles = group.getRoleMappings(); List<String> realmRoleNames = new ArrayList<>(); Map<String, List<String>> clientRoleNames = new HashMap<>(); for (RoleModel role : roles) { if (role.getContainer() instanceof RealmModel) { realmRoleNames.add(role.getName()); } else { ClientModel client = (ClientModel)role.getContainer(); String clientId = client.getClientId(); List<String> currentClientRoles = clientRoleNames.get(clientId); if (currentClientRoles == null) { currentClientRoles = new ArrayList<>(); clientRoleNames.put(clientId, currentClientRoles); } currentClientRoles.add(role.getName()); } } rep.setRealmRoles(realmRoleNames); rep.setClientRoles(clientRoleNames); Map<String, List<String>> attributes = group.getAttributes(); rep.setAttributes(attributes); return rep; }
@GET @Path("/get-reset-cred-flow") @Produces(MediaType.APPLICATION_JSON) public AuthenticationFlowRepresentation getResetCredFlow(@QueryParam("realmName") String realmName) { RealmModel realm = getRealmByName(realmName); AuthenticationFlowModel flow = realm.getResetCredentialsFlow(); if (flow == null) return null; return ModelToRepresentation.toRepresentation(realm, flow); }
@Override public void evaluate(Evaluation evaluation) { AuthorizationProvider authorizationProvider = evaluation.getAuthorizationProvider(); GroupPolicyRepresentation policy = representationFunction.apply(evaluation.getPolicy(), authorizationProvider); RealmModel realm = authorizationProvider.getRealm(); Attributes.Entry groupsClaim = evaluation.getContext().getIdentity().getAttributes().getValue(policy.getGroupsClaim()); if (groupsClaim == null || groupsClaim.isEmpty()) { List<String> userGroups = evaluation.getRealm().getUserGroups(evaluation.getContext().getIdentity().getId()); groupsClaim = new Entry(policy.getGroupsClaim(), userGroups); } for (GroupPolicyRepresentation.GroupDefinition definition : policy.getGroups()) { GroupModel allowedGroup = realm.getGroupById(definition.getId()); for (int i = 0; i < groupsClaim.size(); i++) { String group = groupsClaim.asString(i); if (group.indexOf('/') != -1) { String allowedGroupPath = buildGroupPath(allowedGroup); if (group.equals(allowedGroupPath) || (definition.isExtendChildren() && group.startsWith(allowedGroupPath))) { evaluation.grant(); return; } } // in case the group from the claim does not represent a path, we just check an exact name match if (group.equals(allowedGroup.getName())) { evaluation.grant(); return; } } } }
private void updateClientRepWithProtocolMappers(ClientModel clientModel, ClientRepresentation rep) { List<ProtocolMapperRepresentation> mappings = new LinkedList<>(); for (ProtocolMapperModel model : clientModel.getProtocolMappers()) { mappings.add(ModelToRepresentation.toRepresentation(model)); } rep.setProtocolMappers(mappings); }
@GET @Path("/user-by-federated-identity") @Produces(MediaType.APPLICATION_JSON) public UserRepresentation getUserByFederatedIdentity(@QueryParam("realmName") String realmName, @QueryParam("identityProvider") String identityProvider, @QueryParam("userId") String userId, @QueryParam("userName") String userName) { RealmModel realm = getRealmByName(realmName); UserModel foundFederatedUser = session.users().getUserByFederatedIdentity(new FederatedIdentityModel(identityProvider, userId, userName), realm); if (foundFederatedUser == null) return null; return ModelToRepresentation.toRepresentation(foundFederatedUser); }