public CrossDCLastSessionRefreshListener(KeycloakSession session, Cache<String, SessionEntityWrapper<UserSessionEntity>> cache, boolean offline) { this.sessionFactory = session.getKeycloakSessionFactory(); this.cache = cache; this.offline = offline; this.topologyInfo = InfinispanUtil.getTopologyInfo(session); }
@Override public void updateClient() { em.flush(); session.getKeycloakSessionFactory().publish(new RealmModel.ClientUpdatedEvent() { @Override public ClientModel getUpdatedClient() { return ClientAdapter.this; } @Override public KeycloakSession getKeycloakSession() { return session; } }); }
@Override public void close() { KeycloakModelUtils.suspendJtaTransaction(session.getKeycloakSessionFactory(), () -> { safeCloseConnection(); }); }
@GET @Path("/user-by-username-from-fed-factory") @Produces(MediaType.APPLICATION_JSON) public UserRepresentation getUserByUsernameFromFedProviderFactory(@QueryParam("realmName") String realmName, @QueryParam("userName") String userName) { RealmModel realm = getRealmByName(realmName); UserFederationProviderFactory factory = (UserFederationProviderFactory)session.getKeycloakSessionFactory().getProviderFactory(UserFederationProvider.class, "dummy"); UserModel user = factory.getInstance(session, null).getUserByUsername(realm, userName); if (user == null) return null; return ModelToRepresentation.toRepresentation(user); }
@Override public void updateClient() { updateMongoEntity(); session.getKeycloakSessionFactory().publish(new RealmModel.ClientUpdatedEvent() { @Override public ClientModel getUpdatedClient() { return ClientAdapter.this; } @Override public KeycloakSession getKeycloakSession() { return session; } }); }
@Override public void destroyLockInfo() { KeycloakModelUtils.suspendJtaTransaction(session.getKeycloakSessionFactory(), () -> { lazyInit(); try { this.lockService.destroy(); dbConnection.commit(); logger.debug("Destroyed lock table"); } catch (DatabaseException | SQLException de) { logger.error("Failed to destroy lock table"); safeRollbackConnection(); } }); }
@Override protected void generateStatementsImpl() throws CustomChangeException { List<ProviderFactory> factories = kcSession.getKeycloakSessionFactory().getProviderFactories(UserStorageProvider.class); for (ProviderFactory factory : factories) { if (!factory.getId().equals(LDAPConstants.LDAP_PROVIDER)) { convertFedProviderToComponent(factory.getId(), null); } } }
protected void registerClusterListeners(KeycloakSession session) { KeycloakSessionFactory sessionFactory = session.getKeycloakSessionFactory(); ClusterProvider cluster = session.getProvider(ClusterProvider.class); cluster.registerListener(REALM_REMOVED_AUTHSESSION_EVENT, new AbstractAuthSessionClusterListener<RealmRemovedSessionEvent>(sessionFactory) { @Override protected void eventReceived(KeycloakSession session, InfinispanAuthenticationSessionProvider provider, RealmRemovedSessionEvent sessionEvent) { provider.onRealmRemovedEvent(sessionEvent.getRealmId()); } }); cluster.registerListener(CLIENT_REMOVED_AUTHSESSION_EVENT, new AbstractAuthSessionClusterListener<ClientRemovedSessionEvent>(sessionFactory) { @Override protected void eventReceived(KeycloakSession session, InfinispanAuthenticationSessionProvider provider, ClientRemovedSessionEvent sessionEvent) { provider.onClientRemovedEvent(sessionEvent.getRealmId(), sessionEvent.getClientUuid()); } }); log.debug("Registered cluster listeners"); }
@Override public MongoDBLockProvider create(KeycloakSession session) { MongoConnectionProviderFactory mongoConnectionFactory = (MongoConnectionProviderFactory) session.getKeycloakSessionFactory().getProviderFactory(MongoConnectionProvider.class); DB db = mongoConnectionFactory.getDBBeforeUpdate(); return new MongoDBLockProvider(this, db); }
protected UserFederationProvider getFederationProvider(UserFederationProviderModel model) { UserFederationProviderFactory factory = (UserFederationProviderFactory)session.getKeycloakSessionFactory().getProviderFactory(UserFederationProvider.class, model.getProviderName()); return factory.getInstance(session, model); }
@Override public RealmModel createRealm(String id, String name) { RealmEntity realm = new RealmEntity(); realm.setName(name); realm.setId(id); em.persist(realm); em.flush(); final RealmModel adapter = new RealmAdapter(session, em, realm); session.getKeycloakSessionFactory().publish(new RealmModel.RealmCreationEvent() { @Override public RealmModel getCreatedRealm() { return adapter; } }); return adapter; }
private void loadSessionsFromRemoteCaches(KeycloakSession session) { for (String cacheName : remoteCacheInvoker.getRemoteCacheNames()) { loadSessionsFromRemoteCache(session.getKeycloakSessionFactory(), cacheName, getSessionsPerSegment(), getMaxErrors()); } }
@Override public void releaseLock() { KeycloakModelUtils.suspendJtaTransaction(session.getKeycloakSessionFactory(), () -> { lazyInit(); lockService.releaseLock(); lockService.reset(); factory.setHasLock(false); }); }
protected Map<String, Object> getUserAttributes() { UserSessionModel userSession = clientSession.getUserSession(); // CAS protocol does not support scopes, so pass null scopeParam ClientSessionContext clientSessionCtx = DefaultClientSessionContext.fromClientSessionAndScopeParameter(clientSession, null); Set<ProtocolMapperModel> mappings = clientSessionCtx.getProtocolMappers(); KeycloakSessionFactory sessionFactory = session.getKeycloakSessionFactory(); Map<String, Object> attributes = new HashMap<>(); for (ProtocolMapperModel mapping : mappings) { ProtocolMapper mapper = (ProtocolMapper) sessionFactory.getProviderFactory(ProtocolMapper.class, mapping.getProtocolMapper()); if (mapper instanceof CASAttributeMapper) { ((CASAttributeMapper) mapper).setAttribute(attributes, mapping, userSession, session, clientSessionCtx); } } return attributes; } }
@Override public void init(KeycloakSession session) { UserSessionPersisterProvider persister = session.getProvider(UserSessionPersisterProvider.class); int startTime = (int)(session.getKeycloakSessionFactory().getServerStartupTimestamp() / 1000); log.debugf("Clearing detached sessions from persistent storage and updating timestamps to %d", startTime); persister.clearDetachedUserSessions(); persister.updateAllTimestamps(startTime); }
protected int initClusterStartupTime(KeycloakSession session) { Integer existingClusterStartTime = (Integer) crossDCAwareCacheFactory.getCache().get(InfinispanClusterProvider.CLUSTER_STARTUP_TIME_KEY); if (existingClusterStartTime != null) { logger.debugf("Loaded cluster startup time: %s", Time.toDate(existingClusterStartTime).toString()); return existingClusterStartTime; } else { // clusterStartTime not yet initialized. Let's try to put our startupTime int serverStartTime = (int) (session.getKeycloakSessionFactory().getServerStartupTimestamp() / 1000); existingClusterStartTime = putIfAbsentWithRetries(crossDCAwareCacheFactory, InfinispanClusterProvider.CLUSTER_STARTUP_TIME_KEY, serverStartTime, -1); if (existingClusterStartTime == null) { logger.debugf("Initialized cluster startup time to %s", Time.toDate(serverStartTime).toString()); return serverStartTime; } else { logger.debugf("Loaded cluster startup time: %s", Time.toDate(existingClusterStartTime).toString()); return existingClusterStartTime; } } }
@Override public RealmModel createRealm(String id, String name) { MongoRealmEntity newRealm = new MongoRealmEntity(); newRealm.setId(id); newRealm.setName(name); getMongoStore().insertEntity(newRealm, invocationContext); final RealmModel model = new RealmAdapter(session, newRealm, invocationContext); session.getKeycloakSessionFactory().publish(new RealmModel.RealmCreationEvent() { @Override public RealmModel getCreatedRealm() { return model; } }); return model; }
private void lazyInit() { if (!initialized) { LiquibaseConnectionProvider liquibaseProvider = session.getProvider(LiquibaseConnectionProvider.class); JpaConnectionProviderFactory jpaProviderFactory = (JpaConnectionProviderFactory) session.getKeycloakSessionFactory().getProviderFactory(JpaConnectionProvider.class); this.dbConnection = jpaProviderFactory.getConnection(); String defaultSchema = jpaProviderFactory.getSchema(); try { Liquibase liquibase = liquibaseProvider.getLiquibase(dbConnection, defaultSchema); this.lockService = new CustomLockService(); lockService.setChangeLogLockWaitTime(factory.getLockWaitTimeoutMillis()); lockService.setDatabase(liquibase.getDatabase()); initialized = true; } catch (LiquibaseException exception) { safeRollbackConnection(); safeCloseConnection(); throw new IllegalStateException(exception); } } }
@Override public void update(KeycloakSession session) { List<ProviderFactory> factories = session.getKeycloakSessionFactory().getProviderFactories(UserStorageProvider.class); for (ProviderFactory factory : factories) { portUserFedToComponent(factory.getId()); } DBCollection realms = db.getCollection("realms"); try (DBCursor realmsCursor = realms.find()) { while (realmsCursor.hasNext()) { BasicDBObject realm = (BasicDBObject) realmsCursor.next(); realm.append("loginWithEmailAllowed", true); realm.append("duplicateEmailsAllowed", false); realms.save(realm); } } }
protected void deleteInvalidUser(RealmModel realm, UserModel user) { KeycloakSession tx = session.getKeycloakSessionFactory().create(); try { tx.getTransaction().begin(); RealmModel realmModel = tx.realms().getRealm(realm.getId()); if (realmModel == null) return; UserModel deletedUser = tx.userStorage().getUserById(user.getId(), realmModel); tx.userStorage().removeUser(realmModel, deletedUser); logger.debugf("Removed invalid user '%s'", user.getUsername()); tx.getTransaction().commit(); } finally { tx.close(); } }