@Override public ClientModel getClientByClientId(String clientId) { if (updated != null) return updated.getClientByClientId(clientId); String id = cached.getClients().get(clientId); if (id == null) return null; return getClientById(id); }
@GET @Path("/get-user-by-service-account-client") @Produces(MediaType.APPLICATION_JSON) public UserRepresentation getUserByServiceAccountClient(@QueryParam("realmName") String realmName, @QueryParam("clientId") String clientId) { RealmModel realm = getRealmByName(realmName); ClientModel client = realm.getClientByClientId(clientId); UserModel user = session.users().getServiceAccount(client); if (user == null) return null; return ModelToRepresentation.toRepresentation(user); }
public static void createClientScopeMappings(RealmModel realm, ClientModel clientModel, List<ScopeMappingRepresentation> mappings) { for (ScopeMappingRepresentation mapping : mappings) { ClientModel client = realm.getClientByClientId(mapping.getClient()); if (client == null) { throw new RuntimeException("Unknown client specified in client scope mappings"); } for (String roleString : mapping.getRoles()) { RoleModel role = clientModel.getRole(roleString.trim()); if (role == null) { role = clientModel.addRole(roleString.trim()); } client.addScopeMapping(role); } } }
private void addRealmAdminRoles(RealmManager manager, RealmModel realm) { ClientModel client = realm.getClientByClientId(manager.getRealmAdminClientId(realm)); RoleModel admin = client.getRole(AdminRoles.REALM_ADMIN); addRoles(client, admin); }
public static RoleModel getRoleFromString(RealmModel realm, String roleName) { String[] parsedRole = parseRole(roleName); RoleModel role = null; if (parsedRole[0] == null) { role = realm.getRole(parsedRole[1]); } else { ClientModel client = realm.getClientByClientId(parsedRole[0]); if (client != null) { role = client.getRole(parsedRole[1]); } } return role; }
private void updateClients(Policy policy, Set<String> clients, AuthorizationProvider authorization) { RealmModel realm = authorization.getRealm(); if (clients == null || clients.isEmpty()) { throw new RuntimeException("No client provided."); } Set<String> updatedClients = new HashSet<>(); for (String id : clients) { ClientModel client = realm.getClientByClientId(id); if (client == null) { client = realm.getClientById(id); } if (client == null) { throw new RuntimeException("Error while updating policy [" + policy.getName() + "]. Client [" + id + "] could not be found."); } updatedClients.add(client.getId()); } try { policy.putConfig("clients", JsonSerialization.writeValueAsString(updatedClients)); } catch (IOException cause) { throw new RuntimeException("Failed to serialize clients", cause); } }
ClientModel client = realm.getClientByClientId(clientId);
public static UserConsentModel toModel(RealmModel newRealm, UserConsentRepresentation consentRep) { ClientModel client = newRealm.getClientByClientId(consentRep.getClientId()); if (client == null) { throw new RuntimeException("Unable to find client consent mappings for client: " + consentRep.getClientId()); for (Map.Entry<String, List<String>> entry : consentRep.getGrantedClientRoles().entrySet()) { String clientId2 = entry.getKey(); ClientModel client2 = newRealm.getClientByClientId(clientId2); if (client2 == null) { throw new RuntimeException("Unable to find client referenced in consent mappings. Client ID: " + clientId2);
public static void setupRealmRole(RealmModel realm) { if (realm.getName().equals(Config.getAdminRealm())) { return; } // don't need to do this for master realm String realmAdminApplicationClientId = Constants.REALM_MANAGEMENT_CLIENT_ID; ClientModel realmAdminApp = realm.getClientByClientId(realmAdminApplicationClientId); if (realmAdminApp.getRole(IMPERSONATION_ROLE) != null) return; RoleModel impersonationRole = realmAdminApp.addRole(IMPERSONATION_ROLE); impersonationRole.setDescription("${role_" + IMPERSONATION_ROLE + "}"); impersonationRole.setScopeParamRequired(false); RoleModel adminRole = realmAdminApp.getRole(AdminRoles.REALM_ADMIN); adminRole.addCompositeRole(impersonationRole); }
@PUT @Path("{clientId}") @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) public Response updateOIDC(@PathParam("clientId") String clientId, OIDCClientRepresentationExtended clientOIDC) { try { ClientRepresentation client = DescriptionConverterExt.toInternal(session, clientOIDC); OIDCClientRegistrationContext oidcContext = new OIDCClientRegistrationContext(session, client, this, clientOIDC); client = update(clientId, oidcContext); ClientModel clientModel = session.getContext().getRealm().getClientByClientId(client.getClientId()); updatePairwiseSubMappers(clientModel, SubjectType.parse(clientOIDC.getSubjectType()), clientOIDC.getSectorIdentifierUri()); updateClientRepWithProtocolMappers(clientModel, client); URI uri = session.getContext().getUri().getAbsolutePathBuilder().path(client.getClientId()).build(); OIDCClientRepresentationExtended clientOIDCResponse = DescriptionConverterExt.toExternalResponse(session, client, uri); return Response.ok(clientOIDCResponse).build(); } catch (ClientRegistrationException cre) { ServicesLogger.LOGGER.clientRegistrationException(cre.getMessage()); throw new ErrorResponseException(ErrorCodes.INVALID_CLIENT_METADATA, "Client metadata invalid", Response.Status.BAD_REQUEST); } }
private static void addComposites(RoleModel role, RoleRepresentation roleRep, RealmModel realm) { if (roleRep.getComposites() == null) return; if (roleRep.getComposites().getRealm() != null) { for (String roleStr : roleRep.getComposites().getRealm()) { RoleModel realmRole = realm.getRole(roleStr); if (realmRole == null) throw new RuntimeException("Unable to find composite realm role: " + roleStr); role.addCompositeRole(realmRole); } } if (roleRep.getComposites().getClient() != null) { for (Map.Entry<String, List<String>> entry : roleRep.getComposites().getClient().entrySet()) { ClientModel client = realm.getClientByClientId(entry.getKey()); if (client == null) { throw new RuntimeException("App doesn't exist in role definitions: " + roleRep.getName()); } for (String roleStr : entry.getValue()) { RoleModel clientRole = client.getRole(roleStr); if (clientRole == null) throw new RuntimeException("Unable to find composite client role: " + roleStr); role.addCompositeRole(clientRole); } } } }
@Override public void authenticateClient(ClientAuthenticationFlowContext context) { ClientModel client = context.getRealm().getClientByClientId(clientId); if (client == null) { context.failure(AuthenticationFlowError.CLIENT_NOT_FOUND, null); return; } context.getEvent().client(client); context.setClient(client); context.success(); }
ClientModel clientModel = realm.getClientByClientId(token.getIssuedFor());
ClientModel client = realm.getClientByClientId(entry.getKey()); if (client == null) { throw new RuntimeException("App doesn't exist in role definitions: " + entry.getKey()); ClientModel client = realm.getClientByClientId(entry.getKey()); if (client == null) { throw new RuntimeException("App doesn't exist in role definitions: " + entry.getKey());
= realm.getName().equals(Config.getAdminRealm()) ? this.realm.getMasterAdminClient() : this.realm.getClientByClientId(realmManager.getRealmAdminClientId(this.realm));
private void initRoles(KeycloakSession session) { LOG.debug("BeerResourceProviderFactory::initRoles"); ClientModel client; List<RealmModel> realms = session.realms().getRealms(); RealmManager manager = new RealmManager(session); for (RealmModel realm : realms) { client = realm.getMasterAdminClient(); if (client.getRole(ROLE_VIEW_BEER) == null && client.getRole(ROLE_MANAGE_BEER) == null) { addMasterAdminRoles(manager, realm); } if (!realm.getName().equals(Config.getAdminRealm())) { client = realm.getClientByClientId(manager.getRealmAdminClientId(realm)); if (client.getRole(ROLE_VIEW_BEER) == null && client.getRole(ROLE_MANAGE_BEER) == null) { addRealmAdminRoles(manager, realm); } } } }
client = create(oidcContext); ClientModel clientModel = session.getContext().getRealm().getClientByClientId(client.getClientId()); updatePairwiseSubMappers(clientModel, SubjectType.parse(clientOIDC.getSubjectType()), clientOIDC.getSectorIdentifierUri());
public static void setupMasterRealmRole(RealmProvider model, RealmModel realm) { RealmModel adminRealm; RoleModel adminRole; if (realm.getName().equals(Config.getAdminRealm())) { adminRealm = realm; adminRole = realm.getRole(AdminRoles.ADMIN); } else { adminRealm = model.getRealmByName(Config.getAdminRealm()); adminRole = adminRealm.getRole(AdminRoles.ADMIN); } ClientModel realmAdminApp = adminRealm.getClientByClientId(KeycloakModelUtils.getMasterRealmAdminApplicationClientId(realm.getName())); if (realmAdminApp.getRole(IMPERSONATION_ROLE) != null) return; RoleModel impersonationRole = realmAdminApp.addRole(IMPERSONATION_ROLE); impersonationRole.setDescription("${role_" + IMPERSONATION_ROLE + "}"); impersonationRole.setScopeParamRequired(false); adminRole.addCompositeRole(impersonationRole); }
ClientModel adminConsoleClient = realm.getClientByClientId(Constants.ADMIN_CONSOLE_CLIENT_ID); if ((adminConsoleClient != null) && !localeMapperAdded(adminConsoleClient)) { adminConsoleClient.addProtocolMapper(localeMapper); client = realm.getClientByClientId(Constants.REALM_MANAGEMENT_CLIENT_ID); if (client.getRole(AdminRoles.CREATE_CLIENT) == null) { RoleModel role = client.addRole(AdminRoles.CREATE_CLIENT);
for (ClientRepresentation resourceRep : rep.getClients()) { if (resourceRep.getDefaultRoles() != null) { ClientModel clientModel = newRealm.getClientByClientId(resourceRep.getClientId()); clientModel.updateDefaultRoles(resourceRep.getDefaultRoles()); ClientModel client = newRealm.getClientByClientId(scope.getClient()); if (client == null) { throw new RuntimeException("Unknown client specification in realm scope mappings");