@Override public void run(KeycloakSession session) { List<RealmModel> realms = session.realms().getRealms(); holder.realms = realms; }
@Override protected void runExportImportTask(KeycloakSession session) throws IOException { List<RealmModel> realms = session.realms().getRealms(); List<RealmRepresentation> reps = new ArrayList<RealmRepresentation>(); for (RealmModel realm : realms) { reps.add(ExportUtils.exportRealm(session, realm, true)); } writeToFile(reps); }
public void migrate(KeycloakSession session) { List<RealmModel> realms = session.realms().getRealms(); for (RealmModel realm : realms) { migrateLDAPProviders(session, realm); } }
@Override public List<RealmModel> getRealms() { // Retrieve realms from backend List<RealmModel> backendRealms = getRealmDelegate().getRealms(); return getRealms(backendRealms); }
@Override public List<RealmModel> getRealms() { // Retrieve realms from backend List<RealmModel> backendRealms = getDelegate().getRealms(); // Return cache delegates to ensure cache invalidated during write operations List<RealmModel> cachedRealms = new LinkedList<RealmModel>(); for (RealmModel realm : backendRealms) { RealmModel cached = getRealm(realm.getId()); cachedRealms.add(cached); } return cachedRealms; }
public void migrate(KeycloakSession session) { List<RealmModel> realms = session.realms().getRealms(); for (RealmModel realm : realms) { setupBrokerService(realm); setupClientNames(realm); } } }
public void migrate(KeycloakSession session) { List<RealmModel> realms = session.realms().getRealms(); for (RealmModel realm : realms) { if (realm.getAuthenticationFlows().size() == 0) { DefaultAuthenticationFlows.migrateFlows(realm); DefaultRequiredActions.addActions(realm); } ImpersonationConstants.setupImpersonationService(session, realm); migrateLDAPMappers(session, realm); migrateUsers(session, realm); } }
private Set<String> getPasswordHashAlgorithms() { Set<String> hashAlgos = new HashSet<>(); boolean enmasseRealmsFound = false; KeycloakSession keycloakSession = keycloakSessionFactory.create(); KeycloakTransactionManager transactionManager = keycloakSession.getTransactionManager(); transactionManager.begin(); try { List<RealmModel> realms = keycloakSession.realms().getRealms(); for(RealmModel realm : realms) { if(realm.getAttribute("enmasse-realm",Boolean.FALSE)) { enmasseRealmsFound = true; hashAlgos.add(realm.getPasswordPolicy().getHashAlgorithm()); } } } finally { transactionManager.commit(); keycloakSession.close(); } if(!enmasseRealmsFound) { LOG.warn("No realms with attribute \"enmasse-realm\" found, only universally accepted SASL mechanisms will be offered"); } return hashAlgos; }
public void migrate(KeycloakSession session) { List<RealmModel> realms = session.realms().getRealms(); for (RealmModel realm : realms) { List<UserFederationProviderModel> federationProviders = realm.getUserFederationProviders(); for (UserFederationProviderModel fedProvider : federationProviders) { if (fedProvider.getProviderName().equals(LDAPConstants.LDAP_PROVIDER)) { Map<String, String> config = fedProvider.getConfig(); if (isActiveDirectory(config)) { // Create mapper for MSAD account controls if (realm.getUserFederationMapperByName(fedProvider.getId(), "MSAD account controls") == null) { UserFederationMapperModel mapperModel = KeycloakModelUtils.createUserFederationMapperModel("MSAD account controls", fedProvider.getId(), LDAPConstants.MSAD_USER_ACCOUNT_CONTROL_MAPPER); realm.addUserFederationMapper(mapperModel); } } } } } }
private void initRoles(KeycloakSession session) { LOG.debug("BeerResourceProviderFactory::initRoles"); ClientModel client; List<RealmModel> realms = session.realms().getRealms(); RealmManager manager = new RealmManager(session); for (RealmModel realm : realms) { client = realm.getMasterAdminClient(); if (client.getRole(ROLE_VIEW_BEER) == null && client.getRole(ROLE_MANAGE_BEER) == null) { addMasterAdminRoles(manager, realm); } if (!realm.getName().equals(Config.getAdminRealm())) { client = realm.getClientByClientId(manager.getRealmAdminClientId(realm)); if (client.getRole(ROLE_VIEW_BEER) == null && client.getRole(ROLE_MANAGE_BEER) == null) { addRealmAdminRoles(manager, realm); } } } }
if (Config.getAdminRealm().equals(realm.getId())) { for (RealmModel currRealm : model.getRealms()) { currRealm.setMasterAdminClient(null);
public void migrate(KeycloakSession session) { List<RealmModel> realms = session.realms().getRealms(); for (RealmModel realm : realms) { // Set default accessToken timeout for implicit flow realm.setAccessTokenLifespanForImplicitFlow(Constants.DEFAULT_ACCESS_TOKEN_LIFESPAN_FOR_IMPLICIT_FLOW_TIMEOUT); // Add 'admin-cli' builtin client MigrationProvider migrationProvider = session.getProvider(MigrationProvider.class); migrationProvider.setupAdminCli(realm); // add firstBrokerLogin flow and set it to all identityProviders DefaultAuthenticationFlows.migrateFlows(realm); AuthenticationFlowModel firstBrokerLoginFlow = realm.getFlowByAlias(DefaultAuthenticationFlows.FIRST_BROKER_LOGIN_FLOW); List<IdentityProviderModel> identityProviders = realm.getIdentityProviders(); for (IdentityProviderModel identityProvider : identityProviders) { if (identityProvider.getFirstBrokerLoginFlowId() == null) { identityProvider.setFirstBrokerLoginFlowId(firstBrokerLoginFlow.getId()); realm.updateIdentityProvider(identityProvider); } } } } }
public void migrate(KeycloakSession session) { List<RealmModel> realms = session.realms().getRealms(); for (RealmModel realm : realms) { DefaultAuthenticationFlows.migrateFlows(realm); // add reset credentials flo realm.setOTPPolicy(OTPPolicy.DEFAULT_POLICY); realm.setBrowserFlow(realm.getFlowByAlias(DefaultAuthenticationFlows.BROWSER_FLOW)); realm.setRegistrationFlow(realm.getFlowByAlias(DefaultAuthenticationFlows.REGISTRATION_FLOW)); realm.setDirectGrantFlow(realm.getFlowByAlias(DefaultAuthenticationFlows.DIRECT_GRANT_FLOW)); AuthenticationFlowModel resetFlow = realm.getFlowByAlias(DefaultAuthenticationFlows.RESET_CREDENTIALS_FLOW); if (resetFlow == null) { DefaultAuthenticationFlows.resetCredentialsFlow(realm); } else { realm.setResetCredentialsFlow(resetFlow); } AuthenticationFlowModel clientAuthFlow = realm.getFlowByAlias(DefaultAuthenticationFlows.CLIENT_AUTHENTICATION_FLOW); if (clientAuthFlow == null) { DefaultAuthenticationFlows.clientAuthFlow(realm); } else { realm.setClientAuthenticationFlow(clientAuthFlow); } for (ClientModel client : realm.getClients()) { client.setClientAuthenticatorType(KeycloakModelUtils.getDefaultClientAuthenticatorType()); } } } }
List<RealmModel> realms = session.realms().getRealms(); for (RealmModel realm : realms) { realm.setOfflineSessionIdleTimeout(Constants.DEFAULT_OFFLINE_SESSION_IDLE_TIMEOUT);