void federationLoad(RealmModel realm, Map<String, String> attributes) { for (UserFederationProviderModel federation : realm.getUserFederationProviders()) { UserFederationProvider fed = getFederationProvider(federation); fed.searchByAttributes(attributes, realm, 30); } }
@Override public List<UserModel> getGroupMembers(RealmModel realm, final GroupModel group, int firstResult, int maxResults) { // Not very effective. For the page X, it is loading also all previous pages 0..X-1 . Improve if needed... int maxTotal = firstResult + maxResults; List<UserModel> localMembers = query(new PaginatedQuery() { @Override public List<UserModel> query(RealmModel realm, int first, int max) { return session.userStorage().getGroupMembers(realm, group, first, max); } }, realm, 0, maxTotal); Set<UserModel> result = new LinkedHashSet<>(localMembers); for (UserFederationProviderModel federation : realm.getUserFederationProviders()) { if (result.size() >= maxTotal) { break; } int max = maxTotal - result.size(); UserFederationProvider fed = getFederationProvider(federation); List<UserModel> current = fed.getGroupMembers(realm, group, 0, max); if (current != null) { result.addAll(current); } } if (result.size() <= firstResult) { return Collections.emptyList(); } int max = Math.min(maxTotal, result.size()); return new ArrayList<>(result).subList(firstResult, max); }
protected UserFederationProvider getFederationLink(RealmModel realm, UserModel user) { if (user.getFederationLink() == null) return null; for (UserFederationProviderModel fed : realm.getUserFederationProviders()) { if (fed.getId().equals(user.getFederationLink())) { return getFederationProvider(fed); } } return null; }
@Override public void preRemove(RealmModel realm, RoleModel role) { for (UserFederationProviderModel federation : realm.getUserFederationProviders()) { UserFederationProvider fed = getFederationProvider(federation); fed.preRemove(realm, role); } session.userStorage().preRemove(realm, role); }
@Override public UserModel getUserByEmail(String email, RealmModel realm) { UserModel user = session.userStorage().getUserByEmail(email.toLowerCase(), realm); if (user != null) { user = validateAndProxyUser(realm, user); if (user != null) return user; } for (UserFederationProviderModel federation : realm.getUserFederationProviders()) { UserFederationProvider fed = getFederationProvider(federation); user = fed.getUserByEmail(realm, email); if (user != null) return user; } return user; }
@Override public void preRemove(RealmModel realm) { for (UserFederationProviderModel federation : realm.getUserFederationProviders()) { UserFederationProvider fed = getFederationProvider(federation); fed.preRemove(realm); } session.userStorage().preRemove(realm); }
@Override public void preRemove(RealmModel realm, GroupModel group) { for (UserFederationProviderModel federation : realm.getUserFederationProviders()) { UserFederationProvider fed = getFederationProvider(federation); fed.preRemove(realm, group); } session.userStorage().preRemove(realm, group); }
@Override public UserModel getUserByUsername(String username, RealmModel realm) { UserModel user = session.userStorage().getUserByUsername(username.toLowerCase(), realm); if (user != null) { user = validateAndProxyUser(realm, user); if (user != null) return user; } for (UserFederationProviderModel federation : realm.getUserFederationProviders()) { UserFederationProvider fed = getFederationProvider(federation); user = fed.getUserByUsername(realm, username); if (user != null) return user; } return user; }
protected UserModel registerWithFederation(RealmModel realm, UserModel user) { for (UserFederationProviderModel federation : realm.getUserFederationProviders()) { UserFederationProvider fed = getFederationProvider(federation); if (fed.synchronizeRegistrations()) { user.setFederationLink(federation.getId()); UserModel registered = fed.register(realm, user); managedUsers.put(registered.getId(), registered); return registered; } } return user; }
@Override public CredentialValidationOutput validCredentials(KeycloakSession session, RealmModel realm, UserCredentialModel... input) { List<UserFederationProviderModel> fedProviderModels = realm.getUserFederationProviders(); List<UserFederationProvider> fedProviders = new ArrayList<UserFederationProvider>(); for (UserFederationProviderModel fedProviderModel : fedProviderModels) { fedProviders.add(getFederationProvider(fedProviderModel)); } CredentialValidationOutput result = null; for (UserCredentialModel cred : input) { UserFederationProvider providerSupportingCreds = null; // Find first provider, which supports required credential type for (UserFederationProvider fedProvider : fedProviders) { if (fedProvider.getSupportedCredentialTypes().contains(cred.getType())) { providerSupportingCreds = fedProvider; break; } } if (providerSupportingCreds == null) { logger.warn("Don't have provider supporting credentials of type " + cred.getType()); return CredentialValidationOutput.failed(); } logger.debug("Found provider [" + providerSupportingCreds + "] supporting credentials of type " + cred.getType()); CredentialValidationOutput currentResult = providerSupportingCreds.validCredentials(realm, cred); result = (result == null) ? currentResult : result.merge(currentResult); } // For now, validCredentials(realm, input) is not supported for local userProviders return (result != null) ? result : CredentialValidationOutput.failed(); }