protected void checkKerberosServerAvailable(LoginException le) { String message = le.getMessage().toUpperCase(); if (message.contains("PORT UNREACHABLE") || message.contains("CANNOT LOCATE") || message.contains("CANNOT CONTACT") || message.contains("CANNOT FIND") || message.contains("UNKNOWN ERROR")) { throw new ModelException("Kerberos unreachable", le); } }
public static ModelException convertException(MongoException e) { if (e instanceof DuplicateKeyException) { return new ModelDuplicateException(e); } else { return new ModelException(e); } }
@Override public void removeAuthenticationFlow(AuthenticationFlowModel model) { if (KeycloakModelUtils.isFlowUsed(this, model)) { throw new ModelException("Cannot remove authentication flow, it is currently in use"); } AuthenticationFlowEntity entity = em.find(AuthenticationFlowEntity.class, model.getId()); em.remove(entity); em.flush(); }
public static ModelException convert(Throwable t) { if (t.getCause() != null && t.getCause() instanceof ConstraintViolationException) { throw new ModelDuplicateException(t); } if (t instanceof EntityExistsException || t instanceof ConstraintViolationException) { throw new ModelDuplicateException(t); } else { throw new ModelException(t); } }
public static ModelException convert(Throwable t) { if (t.getCause() != null && t.getCause() instanceof ConstraintViolationException) { throw new ModelDuplicateException(t); } if (t instanceof EntityExistsException) { throw new ModelDuplicateException(t); } else { throw new ModelException(t); } }
public static ModelException convert(Throwable t) { if (t.getCause() != null && t.getCause() instanceof ConstraintViolationException) { throw new ModelDuplicateException(t); } if (t instanceof EntityExistsException) { throw new ModelDuplicateException(t); } else { throw new ModelException(t); } }
public static ModelException convert(Throwable t) { if (t.getCause() != null && t.getCause() instanceof ConstraintViolationException) { throw new ModelDuplicateException(t); } if (t instanceof EntityExistsException) { throw new ModelDuplicateException(t); } else { throw new ModelException(t); } }
private PersistentUserSessionData getData() { if (data == null) { try { data = JsonSerialization.readValue(model.getData(), PersistentUserSessionData.class); } catch (IOException ioe) { throw new ModelException(ioe); } } return data; }
private PersistentClientSessionData getData() { if (data == null) { try { data = JsonSerialization.readValue(model.getData(), PersistentClientSessionData.class); } catch (IOException ioe) { throw new ModelException(ioe); } } return data; }
@Override public Set<RoleModel> getRoleMappings() { if (group.getRoleIds() == null || group.getRoleIds().isEmpty()) return Collections.EMPTY_SET; Set<RoleModel> roles = new HashSet<>(); for (String id : group.getRoleIds()) { RoleModel roleById = realm.getRoleById(id); if (roleById == null) { throw new ModelException("role does not exist in group role mappings"); } roles.add(roleById); } return roles; }
private FederatedUserConsentEntity getGrantedConsentEntity(String userId, String clientId) { StorageId clientStorageId = new StorageId(clientId); String queryName = clientStorageId.isLocal() ? "userFederatedConsentByUserAndClient" : "userFederatedConsentByUserAndExternalClient"; TypedQuery<FederatedUserConsentEntity> query = em.createNamedQuery(queryName, FederatedUserConsentEntity.class); query.setParameter("userId", userId); if (clientStorageId.isLocal()) { query.setParameter("clientId", clientId); } else { query.setParameter("clientStorageProvider", clientStorageId.getProviderId()); query.setParameter("externalClientId", clientStorageId.getExternalId()); } List<FederatedUserConsentEntity> results = query.getResultList(); if (results.size() > 1) { throw new ModelException("More results found for user [" + userId + "] and client [" + clientId + "]"); } else if (results.size() == 1) { return results.get(0); } else { return null; } }
public PasswordPolicy build(KeycloakSession session) { Map<String, Object> config = new HashMap<>(); for (Map.Entry<String, String> e : map.entrySet()) { PasswordPolicyProvider provider = session.getProvider(PasswordPolicyProvider.class, e.getKey()); if (provider == null) { throw new PasswordPolicyConfigException("Password policy not found"); } Object o; try { o = provider.parseConfig(e.getValue()); } catch (PasswordPolicyConfigException ex) { throw new ModelException("Invalid config for " + e.getKey() + ": " + ex.getMessage()); } config.put(e.getKey(), o); } return new PasswordPolicy(this, config); }
private UserConsentEntity getGrantedConsentEntity(String userId, String clientId) { StorageId clientStorageId = new StorageId(clientId); String queryName = clientStorageId.isLocal() ? "userConsentByUserAndClient" : "userConsentByUserAndExternalClient"; TypedQuery<UserConsentEntity> query = em.createNamedQuery(queryName, UserConsentEntity.class); query.setParameter("userId", userId); if (clientStorageId.isLocal()) { query.setParameter("clientId", clientId); } else { query.setParameter("clientStorageProvider", clientStorageId.getProviderId()); query.setParameter("externalClientId", clientStorageId.getExternalId()); } List<UserConsentEntity> results = query.getResultList(); if (results.size() > 1) { throw new ModelException("More results found for user [" + userId + "] and client [" + clientId + "]"); } else if (results.size() == 1) { return results.get(0); } else { return null; } }
@Override public boolean removeClientScope(String id) { if (id == null) return false; ClientScopeModel clientScope = getClientScopeById(id); if (clientScope == null) return false; if (KeycloakModelUtils.isClientScopeUsed(this, clientScope)) { throw new ModelException("Cannot remove client scope, it is currently in use"); } ClientScopeEntity clientScopeEntity = null; Iterator<ClientScopeEntity> it = realm.getClientScopes().iterator(); while (it.hasNext()) { ClientScopeEntity ae = it.next(); if (ae.getId().equals(id)) { clientScopeEntity = ae; it.remove(); break; } } if (clientScope == null) { return false; } session.users().preRemove(clientScope); em.createNamedQuery("deleteClientScopeRoleMappingByClientScope").setParameter("clientScope", clientScopeEntity).executeUpdate(); em.flush(); em.remove(clientScopeEntity); em.flush(); return true; }
public PersistentUserSessionModel getUpdatedModel() { try { String updatedData = JsonSerialization.writeValueAsString(getData()); this.model.setData(updatedData); } catch (IOException ioe) { throw new ModelException(ioe); } return this.model; }
public PersistentClientSessionModel getUpdatedModel() { try { String updatedData = JsonSerialization.writeValueAsString(getData()); this.model.setData(updatedData); } catch (IOException ioe) { throw new ModelException(ioe); } return this.model; }
@Override public ResourceServer create(String clientId) { if (!StorageId.isLocalStorage(clientId)) { throw new ModelException("Creating resource server from federated ClientModel not supported"); } ResourceServerEntity entity = new ResourceServerEntity(); entity.setId(clientId); this.entityManager.persist(entity); return new ResourceServerAdapter(entity, entityManager, provider.getStoreFactory()); }
@Override public boolean removeClientTemplate(String id) { if (id == null) return false; ClientTemplateModel client = getClientTemplateById(id); if (client == null) return false; if (KeycloakModelUtils.isClientTemplateUsed(this, client)) { throw new ModelException("Cannot remove client template, it is currently in use"); } return getMongoStore().removeEntity(MongoClientTemplateEntity.class, id, invocationContext); }
@Override public void updateConsent(RealmModel realm, String userId, UserConsentModel consent) { String clientId = consent.getClient().getId(); UserConsentEntity consentEntity = getGrantedConsentEntity(userId, clientId); if (consentEntity == null) { throw new ModelException("Consent not found for client [" + clientId + "] and user [" + userId + "]"); } updateGrantedConsentEntity(consentEntity, consent); }
@Override public void removeAuthenticationFlow(AuthenticationFlowModel model) { if (KeycloakModelUtils.isFlowUsed(this, model)) { throw new ModelException("Cannot remove authentication flow, it is currently in use"); } AuthenticationFlowEntity toDelete = getFlowEntity(model.getId()); if (toDelete == null) return; getMongoEntity().getAuthenticationFlows().remove(toDelete); updateMongoEntity(); }