public String getApplicationsUrl() { return Urls.accountApplicationsPage(baseQueryURI, realm).toString(); }
public String getSocialUrl() { return Urls.accountFederatedIdentityPage(baseQueryURI, realm).toString(); }
public String getAccountUrl() { return Urls.accountPage(baseQueryURI, realm).toString(); }
@Override public void setUp() throws SetupException { this.kcSession = ThreadLocalSessionContext.getCurrentSession(); if (this.kcSession == null) { // Probably running Liquibase from maven plugin. Try to create kcSession programmatically logger.info("No KeycloakSession provided in ThreadLocal. Initializing KeycloakSessionFactory"); try { DefaultKeycloakSessionFactory factory = new DefaultKeycloakSessionFactory(); factory.init(); this.kcSession = factory.create(); } catch (Exception e) { throw new SetupException("Exception when initializing factory", e); } } }
@GET @NoCache public Response logout(@QueryParam(CASLoginProtocol.SERVICE_PARAM) String service) { checkClient(service); AuthenticationManager.AuthResult authResult = AuthenticationManager.authenticateIdentityCookie(session, realm, false); if (authResult != null) { UserSessionModel userSession = authResult.getSession(); userSession.setNote(AuthenticationManager.KEYCLOAK_LOGOUT_PROTOCOL, CASLoginProtocol.LOGIN_PROTOCOL); if (redirectUri != null) userSession.setNote(CASLoginProtocol.LOGOUT_REDIRECT_URI, redirectUri); logger.debug("Initiating CAS browser logout"); Response response = AuthenticationManager.browserLogout(session, realm, authResult.getSession(), session.getContext().getUri(), clientConnection, headers, null); logger.debug("finishing CAS browser logout"); return response; } return ErrorPage.error(session, null, Response.Status.BAD_REQUEST, Messages.FAILED_LOGOUT); }
@PUT @Path("{clientId}") @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) public Response updateOIDC(@PathParam("clientId") String clientId, OIDCClientRepresentationExtended clientOIDC) { try { ClientRepresentation client = DescriptionConverterExt.toInternal(session, clientOIDC); OIDCClientRegistrationContext oidcContext = new OIDCClientRegistrationContext(session, client, this, clientOIDC); client = update(clientId, oidcContext); ClientModel clientModel = session.getContext().getRealm().getClientByClientId(client.getClientId()); updatePairwiseSubMappers(clientModel, SubjectType.parse(clientOIDC.getSubjectType()), clientOIDC.getSectorIdentifierUri()); updateClientRepWithProtocolMappers(clientModel, client); URI uri = session.getContext().getUri().getAbsolutePathBuilder().path(client.getClientId()).build(); OIDCClientRepresentationExtended clientOIDCResponse = DescriptionConverterExt.toExternalResponse(session, client, uri); return Response.ok(clientOIDCResponse).build(); } catch (ClientRegistrationException cre) { ServicesLogger.LOGGER.clientRegistrationException(cre.getMessage()); throw new ErrorResponseException(ErrorCodes.INVALID_CLIENT_METADATA, "Client metadata invalid", Response.Status.BAD_REQUEST); } }
@GET @Path("logout_response") public Response logoutResponse(@Context UriInfo uriInfo, @QueryParam("state") String state) { UserSessionModel userSession = session.sessions().getUserSession(realm, state); if (userSession == null) { logger.error("no valid user session"); EventBuilder event = new EventBuilder(realm, session, clientConnection); event.event(EventType.LOGOUT); event.error(Errors.USER_SESSION_NOT_FOUND); return ErrorPage.error(session, Messages.IDENTITY_PROVIDER_UNEXPECTED_ERROR); } if (userSession.getState() != UserSessionModel.State.LOGGING_OUT) { logger.error("usersession in different state"); EventBuilder event = new EventBuilder(realm, session, clientConnection); event.event(EventType.LOGOUT); event.error(Errors.USER_SESSION_NOT_FOUND); return ErrorPage.error(session, Messages.SESSION_NOT_ACTIVE); } return AuthenticationManager.finishBrowserLogout(session, realm, userSession, uriInfo, clientConnection, headers); }
static OIDCClientRepresentationExtended toExternalResponse(KeycloakSession session, ClientRepresentation client, URI uri ) { String softStatement = client.getAttributes().get("software_statement"); OIDCClientRepresentation clientRep = DescriptionConverter.toExternalResponse(session, client, uri); OIDCClientRepresentationExtended response = new OIDCClientRepresentationExtended(); ObjectMapper mapper = new ObjectMapper(); try { String clientRepStr = mapper.writeValueAsString(clientRep); response = mapper.readValue(clientRepStr, OIDCClientRepresentationExtended.class); response.setSoftwareStatement(softStatement); return response; } catch (IOException e) { ServicesLogger.LOGGER.warn( "Failed to convert ClientRepresentation to OIDCClientRepresentationExtended. Exception: {}", e.getMessage(), e ); } return response; }
private AccessToken verifyRSAToken(RealmModel realm, String tokenString, URI baseUri, KeycloakSession keycloakSession) throws VerificationException { AccessToken token; RSATokenVerifier verifier = RSATokenVerifier.create(tokenString) .realmUrl(Urls.realmIssuer(baseUri, realm.getName())); String kid = verifier.getHeader().getKeyId(); verifier.publicKey(keycloakSession.keys().getRsaPublicKey(realm, kid)); token = verifier.verify().getToken(); return token; } }
public String getTotpUrl() { return Urls.accountTotpPage(baseQueryURI, realm).toString(); }
public String getLogUrl() { return Urls.accountLogPage(baseQueryURI, realm).toString(); }
public String getLogoutUrl() { return Urls.accountLogout(baseQueryURI, currentURI, realm).toString(); }
public String getSessionsUrl() { return Urls.accountSessionsPage(baseQueryURI, realm).toString(); }
public String getSessionsLogoutUrl() { return Urls.accountSessionsLogoutPage(baseQueryURI, realm, stateChecker).toString(); }
public String getTotpRemoveUrl() { return Urls.accountTotpRemove(baseQueryURI, realm, stateChecker).toString(); }
public String getPasswordUrl() { return Urls.accountPasswordPage(baseQueryURI, realm).toString(); }
public String getRevokeClientUrl() { return Urls.accountRevokeClientPage(baseQueryURI, realm).toString(); }
public String getResourcesPath() { URI uri = Urls.themeRoot(baseURI); return uri.getPath() + "/" + theme.getType().toString().toLowerCase() +"/" + theme.getName(); }
private KieContainer getContainer(RulePolicyRepresentation policy) { final String groupId = policy.getArtifactGroupId(); final String artifactId = policy.getArtifactId(); final String version = policy.getArtifactVersion(); try { return this.factory.getKieContainer(groupId, artifactId, version); } catch (RuntimeException re) { throw new WebApplicationException(ErrorResponse.error( "Unable to locate artifact " + groupId + ":" + artifactId + ":" + version, Response.Status.BAD_REQUEST)); } } }
@Override public void setUp() throws SetupException { this.kcSession = ThreadLocalSessionContext.getCurrentSession(); if (this.kcSession == null) { // Probably running Liquibase from maven plugin. Try to create kcSession programmatically logger.info("No KeycloakSession provided in ThreadLocal. Initializing KeycloakSessionFactory"); try { DefaultKeycloakSessionFactory factory = new DefaultKeycloakSessionFactory(); factory.init(); this.kcSession = factory.create(); } catch (Exception e) { throw new SetupException("Exception when initializing factory", e); } } }