@Override public RealmModel getRealm(String id) { RealmEntity realm = em.find(RealmEntity.class, id); if (realm == null) return null; RealmAdapter adapter = new RealmAdapter(session, em, realm); return adapter; }
@Override public void addRequiredCredential(String type) { RequiredCredentialModel model = initRequiredCredentialModel(type); addRequiredCredential(model); em.flush(); }
@Override public RequiredActionProviderModel getRequiredActionProviderById(String id) { RequiredActionProviderEntity entity = em.find(RequiredActionProviderEntity.class, id); if (entity == null) return null; return entityToModel(entity); }
@Override public IdentityProviderMapperModel getIdentityProviderMapperById(String id) { IdentityProviderMapperEntity entity = getIdentityProviderMapperEntity(id); if (entity == null) return null; return entityToModel(entity); }
@Override public IdentityProviderMapperModel getIdentityProviderMapperByName(String alias, String name) { IdentityProviderMapperEntity entity = getIdentityProviderMapperEntityByName(alias, name); if (entity == null) return null; return entityToModel(entity); }
@Override public int getActionTokenGeneratedByUserLifespan() { return getAttribute(RealmAttributes.ACTION_TOKEN_GENERATED_BY_USER_LIFESPAN, getAccessCodeLifespanUserAction()); }
final RealmAdapter adapter = new RealmAdapter(session, em, realm); session.users().preRemove(adapter); adapter.removeClientScope(a.getId()); for (RoleModel role : adapter.getRoles()) { for (GroupModel group : adapter.getGroups()) { session.realms().removeGroup(adapter, group);
@Override public String getDefaultSignatureAlgorithm() { return getAttribute("defaultSignatureAlgorithm"); }
@Override public void updateDefaultRoles(String[] defaultRoles) { Collection<RoleEntity> entities = realm.getDefaultRoles(); Set<String> already = new HashSet<String>(); List<RoleEntity> remove = new ArrayList<RoleEntity>(); for (RoleEntity rel : entities) { if (!contains(rel.getName(), defaultRoles)) { remove.add(rel); } else { already.add(rel.getName()); } } for (RoleEntity entity : remove) { entities.remove(entity); } em.flush(); for (String roleName : defaultRoles) { if (!already.contains(roleName)) { addDefaultRole(roleName); } } em.flush(); }
@Override public void addDefaultRole(String name) { RoleModel role = getRole(name); if (role == null) { role = addRole(name); } Collection<RoleEntity> entities = realm.getDefaultRoles(); for (RoleEntity entity : entities) { if (entity.getId().equals(role.getId())) { return; } } RoleEntity roleEntity = RoleAdapter.toRoleEntity(role, em); entities.add(roleEntity); em.flush(); }
@Override public IdentityProviderMapperModel addIdentityProviderMapper(IdentityProviderMapperModel model) { if (getIdentityProviderMapperByName(model.getIdentityProviderAlias(), model.getName()) != null) { throw new RuntimeException("identity provider mapper name must be unique per identity provider"); } String id = KeycloakModelUtils.generateId(); IdentityProviderMapperEntity entity = new IdentityProviderMapperEntity(); entity.setId(id); entity.setName(model.getName()); entity.setIdentityProviderAlias(model.getIdentityProviderAlias()); entity.setIdentityProviderMapper(model.getIdentityProviderMapper()); entity.setRealm(this.realm); entity.setConfig(model.getConfig()); em.persist(entity); this.realm.getIdentityProviderMappers().add(entity); return entityToModel(entity); }
@Override public void updateComponent(ComponentModel component) { ComponentUtil.getComponentFactory(session, component).validateConfiguration(session, this, component); ComponentEntity c = em.find(ComponentEntity.class, component.getId()); if (c == null) return; ComponentModel old = entityToModel(c); c.setName(component.getName()); c.setProviderId(component.getProviderId()); c.setProviderType(component.getProviderType()); c.setParentId(component.getParentId()); c.setSubType(component.getSubType()); setConfig(component, c); ComponentUtil.notifyUpdated(session, this, old, component); }
@Override public Map<String, String> getBrowserSecurityHeaders() { Map<String, String> attributes = getAttributes(); if (attributes.isEmpty()) return Collections.EMPTY_MAP; Map<String, String> headers = new HashMap<String, String>(); for (Map.Entry<String, String> entry : attributes.entrySet()) { if (entry.getKey().startsWith(BROWSER_HEADER_PREFIX)) { headers.put(entry.getKey().substring(BROWSER_HEADER_PREFIX.length()), entry.getValue()); } } return Collections.unmodifiableMap(headers); }
@Override public ClientScopeModel addClientScope(String name) { return this.addClientScope(KeycloakModelUtils.generateId(), name); }
@Override public void removeDefaultRoles(String... defaultRoles) { Collection<RoleEntity> entities = realm.getDefaultRoles(); List<RoleEntity> remove = new ArrayList<RoleEntity>(); for (RoleEntity rel : entities) { if (contains(rel.getName(), defaultRoles)) { remove.add(rel); } } for (RoleEntity entity : remove) { entities.remove(entity); } em.flush(); }
@Override public void updateRequiredCredentials(Set<String> creds) { Collection<RequiredCredentialEntity> relationships = realm.getRequiredCredentials(); if (relationships == null) relationships = new ArrayList<RequiredCredentialEntity>(); Set<String> already = new HashSet<String>(); List<RequiredCredentialEntity> remove = new ArrayList<RequiredCredentialEntity>(); for (RequiredCredentialEntity rel : relationships) { if (!creds.contains(rel.getType())) { remove.add(rel); } else { already.add(rel.getType()); } } for (RequiredCredentialEntity entity : remove) { relationships.remove(entity); em.remove(entity); } for (String cred : creds) { if (!already.contains(cred)) { addRequiredCredential(cred); } } em.flush(); }
@Override public boolean isBruteForceProtected() { return getAttribute("bruteForceProtected", false); }
@Override public int getActionTokenGeneratedByUserLifespan(String actionTokenId) { return getAttribute(RealmAttributes.ACTION_TOKEN_GENERATED_BY_USER_LIFESPAN + "." + actionTokenId, getAccessCodeLifespanUserAction()); }
@Override public Map<String, Integer> getUserActionTokenLifespans() { Map<String, Integer> userActionTokens = new HashMap<>(); getAttributes().entrySet().stream() .filter(Objects::nonNull) .filter(entry -> nonNull(entry.getValue())) .filter(entry -> entry.getKey().startsWith(RealmAttributes.ACTION_TOKEN_GENERATED_BY_USER_LIFESPAN + ".")) .forEach(entry -> userActionTokens.put(entry.getKey().substring(RealmAttributes.ACTION_TOKEN_GENERATED_BY_USER_LIFESPAN.length() + 1), Integer.valueOf(entry.getValue()))); return Collections.unmodifiableMap(userActionTokens); }
@Override public boolean isPermanentLockout() { return getAttribute("permanentLockout", false); }