private static void importIdentityProviders(RealmRepresentation rep, RealmModel newRealm) { if (rep.getIdentityProviders() != null) { for (IdentityProviderRepresentation representation : rep.getIdentityProviders()) { newRealm.addIdentityProvider(toModel(newRealm, representation)); } } } private static void importIdentityProviderMappers(RealmRepresentation rep, RealmModel newRealm) {
private static void importUsers(KeycloakSession session, RealmProvider model, String realmName, List<UserRepresentation> userReps) { RealmModel realm = model.getRealmByName(realmName); Map<String, ClientModel> apps = realm.getClientNameMap(); for (UserRepresentation user : userReps) { RepresentationToModel.createUser(session, realm, user, apps); } }
private static Map<String, ClientModel> createClients(KeycloakSession session, RealmRepresentation rep, RealmModel realm) { Map<String, ClientModel> appMap = new HashMap<String, ClientModel>(); for (ClientRepresentation resourceRep : rep.getClients()) { ClientModel app = createClient(session, realm, resourceRep, false); appMap.put(app.getClientId(), app); } return appMap; }
public static void importRealm(KeycloakSession session, RealmRepresentation rep, RealmModel newRealm) { convertDeprecatedSocialProviders(rep); convertDeprecatedApplications(session, rep); if (rep.getOtpPolicyType() != null) newRealm.setOTPPolicy(toPolicy(rep)); else newRealm.setOTPPolicy(OTPPolicy.DEFAULT_POLICY); importAuthenticationFlows(newRealm, rep); if (rep.getRequiredActions() != null) { for (RequiredActionProviderRepresentation action : rep.getRequiredActions()) { RequiredActionProviderModel model = toModel(action); newRealm.addRequiredActionProvider(model); importIdentityProviders(rep, newRealm); importIdentityProviderMappers(rep, newRealm); createClientTemplates(session, rep, newRealm); createClients(session, rep, newRealm); importRoles(rep.getRoles(), newRealm); createClientScopeMappings(newRealm, app, entry.getValue()); providerModels = convertFederationProviders(rep.getUserFederationProviders()); newRealm.setUserFederationProviders(providerModels); newRealm.addUserFederationMapper(toModel(newRealm, representation)); importGroups(newRealm, rep);
public static UserModel createUser(KeycloakSession session, RealmModel newRealm, UserRepresentation userRep, Map<String, ClientModel> clientMap) { convertDeprecatedSocialProviders(userRep); createCredentials(userRep, user); if (userRep.getFederatedIdentities() != null) { for (FederatedIdentityRepresentation identity : userRep.getFederatedIdentities()) { createRoleMappings(userRep, user, newRealm); if (userRep.getClientConsents() != null) { for (UserConsentRepresentation consentRep : userRep.getClientConsents()) { UserConsentModel consentModel = toModel(newRealm, consentRep); user.addConsent(consentModel);
public static void updateRealm(RealmRepresentation rep, RealmModel realm) { if (rep.getRealm() != null) { renameRealm(realm, rep.getRealm()); if (rep.getOtpPolicyType() != null) realm.setOTPPolicy(toPolicy(rep)); List<UserFederationProviderModel> providerModels = convertFederationProviders(rep.getUserFederationProviders()); realm.setUserFederationProviders(providerModels);
createRole(realm, roleRep); for (RoleRepresentation roleRep : realmRoles.getRealm()) { RoleModel role = realm.getRole(roleRep.getName()); addComposites(role, roleRep, realm); addComposites(role, roleRep, realm);
public static void createRoleMappings(UserRepresentation userRep, UserModel user, RealmModel realm) { if (userRep.getRealmRoles() != null) { for (String roleString : userRep.getRealmRoles()) { RoleModel role = realm.getRole(roleString.trim()); if (role == null) { role = realm.addRole(roleString.trim()); } user.grantRole(role); } } if (userRep.getClientRoles() != null) { Map<String, ClientModel> clientMap = realm.getClientNameMap(); for (Map.Entry<String, List<String>> entry : userRep.getClientRoles().entrySet()) { ClientModel client = clientMap.get(entry.getKey()); if (client == null) { throw new RuntimeException("Unable to find client role mappings for client: " + entry.getKey()); } createClientRoleMappings(client, user, entry.getValue()); } } }
private static void updateCredential(UserModel user, CredentialRepresentation cred) { if (cred.getValue() != null) { UserCredentialModel plainTextCred = convertCredential(cred); user.updateCredential(plainTextCred); } else {
private static void importIdentityProviderMappers(RealmRepresentation rep, RealmModel newRealm) { if (rep.getIdentityProviderMappers() != null) { for (IdentityProviderMapperRepresentation representation : rep.getIdentityProviderMappers()) { newRealm.addIdentityProviderMapper(toModel(representation)); } } } public static IdentityProviderModel toModel(RealmModel realm, IdentityProviderRepresentation representation) {
private void updatePairwiseSubMappers(ClientModel clientModel, SubjectType subjectType, String sectorIdentifierUri) { Set<ProtocolMapperModel> protocolMappers = clientModel.getProtocolMappers(); if (subjectType == SubjectType.PAIRWISE) { // See if we have existing pairwise mapper and update it. Otherwise // create new AtomicBoolean foundPairwise = new AtomicBoolean(false); for (ProtocolMapperModel mapping : protocolMappers) { if (mapping.getProtocolMapper().endsWith(AbstractPairwiseSubMapper.PROVIDER_ID_SUFFIX)) { foundPairwise.set(true); PairwiseSubMapperHelper.setSectorIdentifierUri(mapping, sectorIdentifierUri); clientModel.updateProtocolMapper(mapping); } } // We don't have existing pairwise mapper. So create new if (!foundPairwise.get()) { ProtocolMapperRepresentation newPairwise = SHA256PairwiseSubMapper .createPairwiseMapper(sectorIdentifierUri, null); clientModel.addProtocolMapper(RepresentationToModel.toModel(newPairwise)); } } else { // Rather find and remove all pairwise mappers for (ProtocolMapperModel mapping : protocolMappers) { if (mapping.getProtocolMapper().endsWith(AbstractPairwiseSubMapper.PROVIDER_ID_SUFFIX)) { protocolMappers.remove(mapping); } } } }
policyStore.delete(associatedPolicy.getId()); } else { RepresentationToModel.toModel(rep, authorization, associatedPolicy); RepresentationToModel.toModel(rep, authorization, associatedPolicy); } else { policyStore.delete(associatedPolicy.getId()); policyStore.delete(associatedPolicy.getId()); } else { RepresentationToModel.toModel(rep, authorization, associatedPolicy); policyStore.delete(associatedPolicy.getId()); } else { RepresentationToModel.toModel(rep, authorization, associatedPolicy); policyStore.delete(associatedPolicy.getId()); } else { RepresentationToModel.toModel(rep, authorization, associatedPolicy);
public static ClientTemplateModel createClientTemplate(KeycloakSession session, RealmModel realm, ClientTemplateRepresentation resourceRep) { logger.debug("Create client template: {0}" + resourceRep.getName()); ClientTemplateModel client = resourceRep.getId()!=null ? realm.addClientTemplate(resourceRep.getId(), resourceRep.getName()) : realm.addClientTemplate(resourceRep.getName()); if (resourceRep.getName() != null) client.setName(resourceRep.getName()); if(resourceRep.getDescription() != null) client.setDescription(resourceRep.getDescription()); if (resourceRep.getProtocol() != null) client.setProtocol(resourceRep.getProtocol()); if (resourceRep.isFullScopeAllowed() != null) client.setFullScopeAllowed(resourceRep.isFullScopeAllowed()); if (resourceRep.getProtocolMappers() != null) { // first, remove all default/built in mappers Set<ProtocolMapperModel> mappers = client.getProtocolMappers(); for (ProtocolMapperModel mapper : mappers) client.removeProtocolMapper(mapper); for (ProtocolMapperRepresentation mapper : resourceRep.getProtocolMappers()) { client.addProtocolMapper(toModel(mapper)); } } if (resourceRep.isBearerOnly() != null) client.setBearerOnly(resourceRep.isBearerOnly()); if (resourceRep.isConsentRequired() != null) client.setConsentRequired(resourceRep.isConsentRequired()); if (resourceRep.isStandardFlowEnabled() != null) client.setStandardFlowEnabled(resourceRep.isStandardFlowEnabled()); if (resourceRep.isImplicitFlowEnabled() != null) client.setImplicitFlowEnabled(resourceRep.isImplicitFlowEnabled()); if (resourceRep.isDirectAccessGrantsEnabled() != null) client.setDirectAccessGrantsEnabled(resourceRep.isDirectAccessGrantsEnabled()); if (resourceRep.isServiceAccountsEnabled() != null) client.setServiceAccountsEnabled(resourceRep.isServiceAccountsEnabled()); if (resourceRep.isPublicClient() != null) client.setPublicClient(resourceRep.isPublicClient()); if (resourceRep.isFrontchannelLogout() != null) client.setFrontchannelLogout(resourceRep.isFrontchannelLogout()); if (resourceRep.getAttributes() != null) { for (Map.Entry<String, String> entry : resourceRep.getAttributes().entrySet()) { client.setAttribute(entry.getKey(), entry.getValue()); } } return client; }
} else { for (AuthenticatorConfigRepresentation configRep : rep.getAuthenticatorConfig()) { AuthenticatorConfigModel model = toModel(configRep); newRealm.addAuthenticatorConfig(model); AuthenticationFlowModel model = toModel(flowRep); model = newRealm.addAuthenticationFlow(model); AuthenticationFlowModel model = newRealm.getFlowByAlias(flowRep.getAlias()); for (AuthenticationExecutionRepresentation exeRep : flowRep.getAuthenticationExecutions()) { AuthenticationExecutionModel execution = toModel(newRealm, exeRep); execution.setParentFlow(model.getId()); newRealm.addAuthenticatorExecution(execution);
client.addProtocolMapper(toModel(mapper));