protected RealmModel getRealm() { return session.getContext().getRealm(); }
private static List<String> userRoles(String userName, KeycloakSession keycloakSession) { List<String> userRoles = new ArrayList<>(); for (RoleModel roleMapping : keycloakSession.users() .getUserByUsername(userName, keycloakSession.getContext().getRealm()) .getRoleMappings()) userRoles.add(roleMapping.getName()); return userRoles; }
public BeerManager(KeycloakSession session) { this.session = session; this.em = session.getProvider(JpaConnectionProvider.class).getEntityManager(); realm = session.getContext().getRealm(); }
private static List<String> userRoles(String userName, KeycloakSession keycloakSession) { List<String> userRoles = new ArrayList<>(); for (RoleModel roleMapping : keycloakSession.users() .getUserByUsername(userName, keycloakSession.getContext().getRealm()) .getRoleMappings()) userRoles.add(roleMapping.getName()); return userRoles; }
public ExampleRestResource(KeycloakSession session) { this.session = session; this.auth = new AppAuthManager().authenticateBearerToken(session, session.getContext().getRealm()); }
@Override public Object getResource() { RealmModel realm = session.getContext().getRealm(); BeerResource beer = new BeerResource(realm, em); ResteasyProviderFactory.getInstance().injectProperties(beer); beer.setup(); return beer; }
AuthInfo (Event event, KeycloakSession keycloakSession) { fields = new String[] { event.getDetails() != null ? event.getDetails().get("username") : keycloakSession.users().getUserById(event.getUserId(), keycloakSession.getContext().getRealm()) .getUsername(), event.getIpAddress() }; } AuthInfo(String s) {
AuthInfo (Event event, KeycloakSession keycloakSession) { fields = new String[] { event.getDetails() != null ? event.getDetails().get("username") : keycloakSession.users().getUserById(event.getUserId(), keycloakSession.getContext().getRealm()) .getUsername(), event.getIpAddress() }; } AuthInfo(String s) {
@PUT @Path("{clientId}") @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) public Response updateOIDC(@PathParam("clientId") String clientId, OIDCClientRepresentationExtended clientOIDC) { try { ClientRepresentation client = DescriptionConverterExt.toInternal(session, clientOIDC); OIDCClientRegistrationContext oidcContext = new OIDCClientRegistrationContext(session, client, this, clientOIDC); client = update(clientId, oidcContext); ClientModel clientModel = session.getContext().getRealm().getClientByClientId(client.getClientId()); updatePairwiseSubMappers(clientModel, SubjectType.parse(clientOIDC.getSubjectType()), clientOIDC.getSectorIdentifierUri()); updateClientRepWithProtocolMappers(clientModel, client); URI uri = session.getContext().getUri().getAbsolutePathBuilder().path(client.getClientId()).build(); OIDCClientRepresentationExtended clientOIDCResponse = DescriptionConverterExt.toExternalResponse(session, client, uri); return Response.ok(clientOIDCResponse).build(); } catch (ClientRegistrationException cre) { ServicesLogger.LOGGER.clientRegistrationException(cre.getMessage()); throw new ErrorResponseException(ErrorCodes.INVALID_CLIENT_METADATA, "Client metadata invalid", Response.Status.BAD_REQUEST); } }
client = create(oidcContext); ClientModel clientModel = session.getContext().getRealm().getClientByClientId(client.getClientId()); updatePairwiseSubMappers(clientModel, SubjectType.parse(clientOIDC.getSubjectType()), clientOIDC.getSectorIdentifierUri());
@Override public void evaluate(Evaluation evaluation) { ClientPolicyRepresentation representation = representationFunction.apply(evaluation.getPolicy(), evaluation.getAuthorizationProvider()); AuthorizationProvider authorizationProvider = evaluation.getAuthorizationProvider(); RealmModel realm = authorizationProvider.getKeycloakSession().getContext().getRealm(); EvaluationContext context = evaluation.getContext(); for (String client : representation.getClients()) { ClientModel clientModel = realm.getClientById(client); if (context.getAttributes().containsValue("kc.client.id", clientModel.getClientId())) { evaluation.grant(); return; } } }
AuthInfo (AdminEvent adminEvent, KeycloakSession keycloakSession) { AuthDetails authDetails = adminEvent.getAuthDetails(); fields = new String[] { keycloakSession.users().getUserById(authDetails.getUserId(), keycloakSession.getContext().getRealm()) .getUsername(), authDetails.getIpAddress(), adminEvent.getResourceType().name(), adminEvent.getResourcePath(), adminEvent.getRepresentation() }; } AuthInfo(String s) {
AuthInfo (AdminEvent adminEvent, KeycloakSession keycloakSession) { AuthDetails authDetails = adminEvent.getAuthDetails(); fields = new String[] { keycloakSession.users().getUserById(authDetails.getUserId(), keycloakSession.getContext().getRealm()) .getUsername(), authDetails.getIpAddress(), adminEvent.getOperationType().name() + " " + adminEvent.getResourceType().name(), adminEvent.getResourcePath(), adminEvent.getRepresentation() }; } AuthInfo(String s) {
@Override public void evaluate(Evaluation evaluation) { Policy policy = evaluation.getPolicy(); Set<RolePolicyRepresentation.RoleDefinition> roleIds = representationFunction.apply(policy, evaluation.getAuthorizationProvider()).getRoles(); AuthorizationProvider authorizationProvider = evaluation.getAuthorizationProvider(); RealmModel realm = authorizationProvider.getKeycloakSession().getContext().getRealm(); Identity identity = evaluation.getContext().getIdentity(); for (RolePolicyRepresentation.RoleDefinition roleDefinition : roleIds) { RoleModel role = realm.getRoleById(roleDefinition.getId()); if (role != null) { boolean hasRole = hasRole(identity, role, realm); if (!hasRole && roleDefinition.isRequired()) { evaluation.deny(); return; } else if (hasRole) { evaluation.grant(); } } } }