Merge branch 'master' of https://github.com/girirajsharma/keycloak into girirajsharma-master
Conflicts: services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
This commit is contained in:
commit
0c7f63b2f3
46 changed files with 934 additions and 1005 deletions
|
@ -6,21 +6,16 @@
|
||||||
<constraints nullable="false"/>
|
<constraints nullable="false"/>
|
||||||
</column>
|
</column>
|
||||||
<column name="ADMIN_EVENT_TIME" type="BIGINT"/>
|
<column name="ADMIN_EVENT_TIME" type="BIGINT"/>
|
||||||
<column name="OPERATION_TYPE" type="VARCHAR(255)"/>
|
|
||||||
<column name="REALM_ID" type="VARCHAR(255)"/>
|
<column name="REALM_ID" type="VARCHAR(255)"/>
|
||||||
<column name="CLIENT_ID" type="VARCHAR(255)"/>
|
<column name="OPERATION_TYPE" type="VARCHAR(255)"/>
|
||||||
<column name="USER_ID" type="VARCHAR(255)"/>
|
<column name="AUTH_REALM_ID" type="VARCHAR(255)"/>
|
||||||
|
<column name="AUTH_CLIENT_ID" type="VARCHAR(255)"/>
|
||||||
|
<column name="AUTH_USER_ID" type="VARCHAR(255)"/>
|
||||||
<column name="IP_ADDRESS" type="VARCHAR(255)"/>
|
<column name="IP_ADDRESS" type="VARCHAR(255)"/>
|
||||||
<column name="RESOURCE_PATH" type="VARCHAR(255)"/>
|
<column name="RESOURCE_PATH" type="VARCHAR(2550)"/>
|
||||||
<column name="REPRESENTATION" type="VARCHAR(25500)"/>
|
<column name="REPRESENTATION" type="VARCHAR(25500)"/>
|
||||||
<column name="ERROR" type="VARCHAR(255)"/>
|
<column name="ERROR" type="VARCHAR(255)"/>
|
||||||
</createTable>
|
</createTable>
|
||||||
<createTable tableName="REALM_ENABLED_ADMIN_EVENT_OPERATIONS">
|
|
||||||
<column name="REALM_ID" type="VARCHAR(36)">
|
|
||||||
<constraints nullable="false"/>
|
|
||||||
</column>
|
|
||||||
<column name="VALUE" type="VARCHAR(255)"/>
|
|
||||||
</createTable>
|
|
||||||
<addColumn tableName="REALM">
|
<addColumn tableName="REALM">
|
||||||
<column name="ADMIN_EVENTS_ENABLED" type="BOOLEAN" defaultValueBoolean="false">
|
<column name="ADMIN_EVENTS_ENABLED" type="BOOLEAN" defaultValueBoolean="false">
|
||||||
<constraints nullable="false"/>
|
<constraints nullable="false"/>
|
||||||
|
@ -29,6 +24,5 @@
|
||||||
<constraints nullable="false"/>
|
<constraints nullable="false"/>
|
||||||
</column>
|
</column>
|
||||||
</addColumn>
|
</addColumn>
|
||||||
<addForeignKeyConstraint baseColumnNames="REALM_ID" baseTableName="REALM_ENABLED_ADMIN_EVENT_OPERATIONS" constraintName="FKF8459C8FAE5C3B34" referencedColumnNames="ID" referencedTableName="REALM"/>
|
|
||||||
</changeSet>
|
</changeSet>
|
||||||
</databaseChangeLog>
|
</databaseChangeLog>
|
|
@ -13,7 +13,6 @@ public class RealmEventsConfigRepresentation {
|
||||||
protected List<String> enabledEventTypes;
|
protected List<String> enabledEventTypes;
|
||||||
|
|
||||||
protected Boolean adminEventsEnabled;
|
protected Boolean adminEventsEnabled;
|
||||||
protected List<String> adminEnabledEventOperations;
|
|
||||||
protected Boolean adminEventsDetailsEnabled;
|
protected Boolean adminEventsDetailsEnabled;
|
||||||
|
|
||||||
public boolean isEventsEnabled() {
|
public boolean isEventsEnabled() {
|
||||||
|
@ -56,14 +55,6 @@ public class RealmEventsConfigRepresentation {
|
||||||
this.adminEventsEnabled = adminEventsEnabled;
|
this.adminEventsEnabled = adminEventsEnabled;
|
||||||
}
|
}
|
||||||
|
|
||||||
public List<String> getAdminEnabledEventOperations() {
|
|
||||||
return adminEnabledEventOperations;
|
|
||||||
}
|
|
||||||
|
|
||||||
public void setAdminEnabledEventOperations(List<String> adminEnabledEventOperations) {
|
|
||||||
this.adminEnabledEventOperations = adminEnabledEventOperations;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Boolean isAdminEventsDetailsEnabled() {
|
public Boolean isAdminEventsDetailsEnabled() {
|
||||||
return adminEventsDetailsEnabled;
|
return adminEventsDetailsEnabled;
|
||||||
}
|
}
|
||||||
|
|
|
@ -64,7 +64,6 @@ public class RealmRepresentation {
|
||||||
protected List<String> enabledEventTypes;
|
protected List<String> enabledEventTypes;
|
||||||
|
|
||||||
protected Boolean adminEventsEnabled;
|
protected Boolean adminEventsEnabled;
|
||||||
protected List<String> adminEnabledEventOperations;
|
|
||||||
protected Boolean adminEventsDetailsEnabled;
|
protected Boolean adminEventsDetailsEnabled;
|
||||||
|
|
||||||
private List<IdentityProviderRepresentation> identityProviders;
|
private List<IdentityProviderRepresentation> identityProviders;
|
||||||
|
@ -521,14 +520,6 @@ public class RealmRepresentation {
|
||||||
this.adminEventsEnabled = adminEventsEnabled;
|
this.adminEventsEnabled = adminEventsEnabled;
|
||||||
}
|
}
|
||||||
|
|
||||||
public List<String> getAdminEnabledEventOperations() {
|
|
||||||
return adminEnabledEventOperations;
|
|
||||||
}
|
|
||||||
|
|
||||||
public void setAdminEnabledEventOperations(List<String> adminEnabledEventOperations) {
|
|
||||||
this.adminEnabledEventOperations = adminEnabledEventOperations;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Boolean isAdminEventsDetailsEnabled() {
|
public Boolean isAdminEventsDetailsEnabled() {
|
||||||
return adminEventsDetailsEnabled;
|
return adminEventsDetailsEnabled;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,13 +1,13 @@
|
||||||
package org.keycloak.events.admin;
|
package org.keycloak.events.admin;
|
||||||
|
|
||||||
import java.util.Map;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||||
*/
|
*/
|
||||||
public class AdminEvent {
|
public class AdminEvent {
|
||||||
|
|
||||||
private long time;
|
private long time;
|
||||||
|
|
||||||
|
private String realmId;
|
||||||
|
|
||||||
private AuthDetails authDetails;
|
private AuthDetails authDetails;
|
||||||
|
|
||||||
|
@ -31,6 +31,19 @@ public class AdminEvent {
|
||||||
public void setTime(long time) {
|
public void setTime(long time) {
|
||||||
this.time = time;
|
this.time = time;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the id of the realm
|
||||||
|
*
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
public String getRealmId() {
|
||||||
|
return realmId;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setRealmId(String realmId) {
|
||||||
|
this.realmId = realmId;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns authentication details
|
* Returns authentication details
|
||||||
|
|
|
@ -8,28 +8,36 @@ import java.util.List;
|
||||||
public interface AdminEventQuery {
|
public interface AdminEventQuery {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Search by authentication realm
|
* Search by resource realm
|
||||||
*
|
*
|
||||||
* @param realm realm name
|
* @param realmId realm id
|
||||||
* @return Associated <code>AdminEventQuery</code> for method chaining
|
* @return Associated <code>AdminEventQuery</code> for method chaining
|
||||||
*/
|
*/
|
||||||
AdminEventQuery authRealm(String realm);
|
AdminEventQuery realm(String realmId);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Search by authentication realm
|
||||||
|
*
|
||||||
|
* @param realmId realm name
|
||||||
|
* @return Associated <code>AdminEventQuery</code> for method chaining
|
||||||
|
*/
|
||||||
|
AdminEventQuery authRealm(String realmId);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Search by authenticated client
|
* Search by authenticated client
|
||||||
*
|
*
|
||||||
* @param client client uuid
|
* @param clientId client uuid
|
||||||
* @return Associated <code>AdminEventQuery</code> for method chaining
|
* @return Associated <code>AdminEventQuery</code> for method chaining
|
||||||
*/
|
*/
|
||||||
AdminEventQuery authClient(String client);
|
AdminEventQuery authClient(String clientId);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Search by authenticated user
|
* Search by authenticated user
|
||||||
*
|
*
|
||||||
* @param user user uuid
|
* @param userId user uuid
|
||||||
* @return Associated <code>AdminEventQuery</code> for method chaining
|
* @return Associated <code>AdminEventQuery</code> for method chaining
|
||||||
*/
|
*/
|
||||||
AdminEventQuery authUser(String user);
|
AdminEventQuery authUser(String userId);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Search by request ip address
|
* Search by request ip address
|
||||||
|
|
|
@ -5,20 +5,9 @@ package org.keycloak.events.admin;
|
||||||
*/
|
*/
|
||||||
public enum OperationType {
|
public enum OperationType {
|
||||||
|
|
||||||
VIEW(false),
|
CREATE,
|
||||||
CREATE(true),
|
UPDATE,
|
||||||
UPDATE(true),
|
DELETE,
|
||||||
DELETE(true),
|
ACTION;
|
||||||
ACTION(false);
|
|
||||||
|
|
||||||
private boolean saveByDefault;
|
|
||||||
|
|
||||||
OperationType(boolean saveByDefault) {
|
|
||||||
this.saveByDefault = saveByDefault;
|
|
||||||
}
|
|
||||||
|
|
||||||
public boolean isSaveByDefault() {
|
|
||||||
return saveByDefault;
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -19,16 +19,19 @@ public class AdminEventEntity {
|
||||||
@Column(name="ADMIN_EVENT_TIME")
|
@Column(name="ADMIN_EVENT_TIME")
|
||||||
private long time;
|
private long time;
|
||||||
|
|
||||||
|
@Column(name="REALM_ID")
|
||||||
|
private String realmId;
|
||||||
|
|
||||||
@Column(name="OPERATION_TYPE")
|
@Column(name="OPERATION_TYPE")
|
||||||
private String operationType;
|
private String operationType;
|
||||||
|
|
||||||
@Column(name="REALM_ID")
|
@Column(name="AUTH_REALM_ID")
|
||||||
private String authRealmId;
|
private String authRealmId;
|
||||||
|
|
||||||
@Column(name="CLIENT_ID")
|
@Column(name="AUTH_CLIENT_ID")
|
||||||
private String authClientId;
|
private String authClientId;
|
||||||
|
|
||||||
@Column(name="USER_ID")
|
@Column(name="AUTH_USER_ID")
|
||||||
private String authUserId;
|
private String authUserId;
|
||||||
|
|
||||||
@Column(name="IP_ADDRESS")
|
@Column(name="IP_ADDRESS")
|
||||||
|
@ -59,6 +62,14 @@ public class AdminEventEntity {
|
||||||
this.time = time;
|
this.time = time;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public String getRealmId() {
|
||||||
|
return realmId;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setRealmId(String realmId) {
|
||||||
|
this.realmId = realmId;
|
||||||
|
}
|
||||||
|
|
||||||
public String getOperationType() {
|
public String getOperationType() {
|
||||||
return operationType;
|
return operationType;
|
||||||
}
|
}
|
||||||
|
|
|
@ -39,6 +39,12 @@ public class JpaAdminEventQuery implements AdminEventQuery {
|
||||||
root = cq.from(AdminEventEntity.class);
|
root = cq.from(AdminEventEntity.class);
|
||||||
predicates = new ArrayList<Predicate>();
|
predicates = new ArrayList<Predicate>();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public AdminEventQuery realm(String realmId) {
|
||||||
|
predicates.add(cb.equal(root.get("realmId"), realmId));
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public AdminEventQuery operation(OperationType... operations) {
|
public AdminEventQuery operation(OperationType... operations) {
|
||||||
|
@ -51,20 +57,20 @@ public class JpaAdminEventQuery implements AdminEventQuery {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public AdminEventQuery authRealm(String realmId) {
|
public AdminEventQuery authRealm(String authRealmId) {
|
||||||
predicates.add(cb.equal(root.get("authRealmId"), realmId));
|
predicates.add(cb.equal(root.get("authRealmId"), authRealmId));
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public AdminEventQuery authClient(String clientId) {
|
public AdminEventQuery authClient(String authClientId) {
|
||||||
predicates.add(cb.equal(root.get("authClientId"), clientId));
|
predicates.add(cb.equal(root.get("authClientId"), authClientId));
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public AdminEventQuery authUser(String userId) {
|
public AdminEventQuery authUser(String authUserId) {
|
||||||
predicates.add(cb.equal(root.get("authUserId"), userId));
|
predicates.add(cb.equal(root.get("authUserId"), authUserId));
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -144,5 +150,5 @@ public class JpaAdminEventQuery implements AdminEventQuery {
|
||||||
|
|
||||||
return events;
|
return events;
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -70,13 +70,13 @@ public class JpaEventStoreProvider implements EventStoreProvider {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void clearAdmin(String authRealmId) {
|
public void clearAdmin(String realmId) {
|
||||||
em.createQuery("delete from AdminEventEntity where authRealmId = :authRealmId").setParameter("authRealmId", authRealmId).executeUpdate();
|
em.createQuery("delete from AdminEventEntity where realmId = :realmId").setParameter("realmId", realmId).executeUpdate();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void clearAdmin(String authRealmId, long olderThan) {
|
public void clearAdmin(String realmId, long olderThan) {
|
||||||
em.createQuery("delete from AdminEventEntity where authRealmId = :authRealmId and time < :time").setParameter("authRealmId", authRealmId).setParameter("time", olderThan).executeUpdate();
|
em.createQuery("delete from AdminEventEntity where realmId = :realmId and time < :time").setParameter("realmId", realmId).setParameter("time", olderThan).executeUpdate();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
@ -130,6 +130,7 @@ public class JpaEventStoreProvider implements EventStoreProvider {
|
||||||
AdminEventEntity adminEventEntity = new AdminEventEntity();
|
AdminEventEntity adminEventEntity = new AdminEventEntity();
|
||||||
adminEventEntity.setId(UUID.randomUUID().toString());
|
adminEventEntity.setId(UUID.randomUUID().toString());
|
||||||
adminEventEntity.setTime(adminEvent.getTime());
|
adminEventEntity.setTime(adminEvent.getTime());
|
||||||
|
adminEventEntity.setRealmId(adminEvent.getRealmId());
|
||||||
setAuthDetails(adminEventEntity, adminEvent.getAuthDetails());
|
setAuthDetails(adminEventEntity, adminEvent.getAuthDetails());
|
||||||
adminEventEntity.setOperationType(adminEvent.getOperationType().toString());
|
adminEventEntity.setOperationType(adminEvent.getOperationType().toString());
|
||||||
adminEventEntity.setResourcePath(adminEvent.getResourcePath());
|
adminEventEntity.setResourcePath(adminEvent.getResourcePath());
|
||||||
|
@ -144,6 +145,7 @@ public class JpaEventStoreProvider implements EventStoreProvider {
|
||||||
static AdminEvent convertAdminEvent(AdminEventEntity adminEventEntity) {
|
static AdminEvent convertAdminEvent(AdminEventEntity adminEventEntity) {
|
||||||
AdminEvent adminEvent = new AdminEvent();
|
AdminEvent adminEvent = new AdminEvent();
|
||||||
adminEvent.setTime(adminEventEntity.getTime());
|
adminEvent.setTime(adminEventEntity.getTime());
|
||||||
|
adminEvent.setRealmId(adminEventEntity.getRealmId());
|
||||||
setAuthDetails(adminEvent, adminEventEntity);
|
setAuthDetails(adminEvent, adminEventEntity);
|
||||||
adminEvent.setOperationType(OperationType.valueOf(adminEventEntity.getOperationType()));
|
adminEvent.setOperationType(OperationType.valueOf(adminEventEntity.getOperationType()));
|
||||||
adminEvent.setResourcePath(adminEventEntity.getResourcePath());
|
adminEvent.setResourcePath(adminEventEntity.getResourcePath());
|
||||||
|
|
|
@ -26,6 +26,12 @@ public class MongoAdminEventQuery implements AdminEventQuery{
|
||||||
this.audit = audit;
|
this.audit = audit;
|
||||||
query = new BasicDBObject();
|
query = new BasicDBObject();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public AdminEventQuery realm(String realmId) {
|
||||||
|
query.put("realmId", realmId);
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public AdminEventQuery operation(OperationType... operations) {
|
public AdminEventQuery operation(OperationType... operations) {
|
||||||
|
@ -38,26 +44,26 @@ public class MongoAdminEventQuery implements AdminEventQuery{
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public AdminEventQuery authRealm(String realmId) {
|
public AdminEventQuery authRealm(String authRealmId) {
|
||||||
query.put("realmId", realmId);
|
query.put("authRealmId", authRealmId);
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public AdminEventQuery authClient(String clientId) {
|
public AdminEventQuery authClient(String authClientId) {
|
||||||
query.put("clientId", clientId);
|
query.put("authClientId", authClientId);
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public AdminEventQuery authUser(String userId) {
|
public AdminEventQuery authUser(String authUserId) {
|
||||||
query.put("userId", userId);
|
query.put("authUserId", authUserId);
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public AdminEventQuery authIpAddress(String ipAddress) {
|
public AdminEventQuery authIpAddress(String ipAddress) {
|
||||||
query.put("ipAddress", ipAddress);
|
query.put("authIpAddress", ipAddress);
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -122,5 +128,5 @@ public class MongoAdminEventQuery implements AdminEventQuery{
|
||||||
|
|
||||||
return events;
|
return events;
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -137,6 +137,7 @@ public class MongoEventStoreProvider implements EventStoreProvider {
|
||||||
private static DBObject convertAdminEvent(AdminEvent adminEvent, boolean includeRepresentation) {
|
private static DBObject convertAdminEvent(AdminEvent adminEvent, boolean includeRepresentation) {
|
||||||
BasicDBObject e = new BasicDBObject();
|
BasicDBObject e = new BasicDBObject();
|
||||||
e.put("time", adminEvent.getTime());
|
e.put("time", adminEvent.getTime());
|
||||||
|
e.put("realmId", adminEvent.getRealmId());
|
||||||
e.put("operationType", adminEvent.getOperationType().toString());
|
e.put("operationType", adminEvent.getOperationType().toString());
|
||||||
setAuthDetails(e, adminEvent.getAuthDetails());
|
setAuthDetails(e, adminEvent.getAuthDetails());
|
||||||
e.put("resourcePath", adminEvent.getResourcePath());
|
e.put("resourcePath", adminEvent.getResourcePath());
|
||||||
|
@ -152,6 +153,7 @@ public class MongoEventStoreProvider implements EventStoreProvider {
|
||||||
static AdminEvent convertAdminEvent(BasicDBObject o) {
|
static AdminEvent convertAdminEvent(BasicDBObject o) {
|
||||||
AdminEvent adminEvent = new AdminEvent();
|
AdminEvent adminEvent = new AdminEvent();
|
||||||
adminEvent.setTime(o.getLong("time"));
|
adminEvent.setTime(o.getLong("time"));
|
||||||
|
adminEvent.setRealmId(o.getString("realmId"));
|
||||||
adminEvent.setOperationType(OperationType.valueOf(o.getString("operationType")));
|
adminEvent.setOperationType(OperationType.valueOf(o.getString("operationType")));
|
||||||
setAuthDetails(adminEvent, o);
|
setAuthDetails(adminEvent, o);
|
||||||
adminEvent.setResourcePath(o.getString("resourcePath"));
|
adminEvent.setResourcePath(o.getString("resourcePath"));
|
||||||
|
@ -164,18 +166,18 @@ public class MongoEventStoreProvider implements EventStoreProvider {
|
||||||
}
|
}
|
||||||
|
|
||||||
private static void setAuthDetails(BasicDBObject e, AuthDetails authDetails) {
|
private static void setAuthDetails(BasicDBObject e, AuthDetails authDetails) {
|
||||||
e.put("realmId", authDetails.getRealmId());
|
e.put("authRealmId", authDetails.getRealmId());
|
||||||
e.put("clientId", authDetails.getClientId());
|
e.put("authClientId", authDetails.getClientId());
|
||||||
e.put("userId", authDetails.getUserId());
|
e.put("authUserId", authDetails.getUserId());
|
||||||
e.put("ipAddress", authDetails.getIpAddress());
|
e.put("authIpAddress", authDetails.getIpAddress());
|
||||||
}
|
}
|
||||||
|
|
||||||
private static void setAuthDetails(AdminEvent adminEvent, BasicDBObject o) {
|
private static void setAuthDetails(AdminEvent adminEvent, BasicDBObject o) {
|
||||||
AuthDetails authDetails = new AuthDetails();
|
AuthDetails authDetails = new AuthDetails();
|
||||||
authDetails.setRealmId(o.getString("realmId"));
|
authDetails.setRealmId(o.getString("authRealmId"));
|
||||||
authDetails.setClientId(o.getString("clientId"));
|
authDetails.setClientId(o.getString("authClientId"));
|
||||||
authDetails.setUserId(o.getString("userId"));
|
authDetails.setUserId(o.getString("authUserId"));
|
||||||
authDetails.setIpAddress(o.getString("ipAddress"));
|
authDetails.setIpAddress(o.getString("authIpAddress"));
|
||||||
adminEvent.setAuthDetails(authDetails);
|
adminEvent.setAuthDetails(authDetails);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -25,6 +25,18 @@ public class MemAdminEventQuery implements AdminEventQuery {
|
||||||
this.adminEvents = events;
|
this.adminEvents = events;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public AdminEventQuery realm(String realmId) {
|
||||||
|
Iterator<AdminEvent> itr = adminEvents.iterator();
|
||||||
|
while (itr.hasNext()) {
|
||||||
|
if (!itr.next().getRealmId().equals(realmId)) {
|
||||||
|
itr.remove();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public AdminEventQuery operation(OperationType... operations) {
|
public AdminEventQuery operation(OperationType... operations) {
|
||||||
Iterator<AdminEvent> itr = this.adminEvents.iterator();
|
Iterator<AdminEvent> itr = this.adminEvents.iterator();
|
||||||
|
@ -45,10 +57,10 @@ public class MemAdminEventQuery implements AdminEventQuery {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public AdminEventQuery authRealm(String realmId) {
|
public AdminEventQuery authRealm(String authRealmId) {
|
||||||
Iterator<AdminEvent> itr = adminEvents.iterator();
|
Iterator<AdminEvent> itr = adminEvents.iterator();
|
||||||
while (itr.hasNext()) {
|
while (itr.hasNext()) {
|
||||||
if (!itr.next().getAuthDetails().getRealmId().equals(realmId)) {
|
if (!itr.next().getAuthDetails().getRealmId().equals(authRealmId)) {
|
||||||
itr.remove();
|
itr.remove();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -56,10 +68,10 @@ public class MemAdminEventQuery implements AdminEventQuery {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public AdminEventQuery authClient(String clientId) {
|
public AdminEventQuery authClient(String authClientId) {
|
||||||
Iterator<AdminEvent> itr = adminEvents.iterator();
|
Iterator<AdminEvent> itr = adminEvents.iterator();
|
||||||
while (itr.hasNext()) {
|
while (itr.hasNext()) {
|
||||||
if (!itr.next().getAuthDetails().getClientId().equals(clientId)) {
|
if (!itr.next().getAuthDetails().getClientId().equals(authClientId)) {
|
||||||
itr.remove();
|
itr.remove();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -67,10 +79,10 @@ public class MemAdminEventQuery implements AdminEventQuery {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public AdminEventQuery authUser(String userId) {
|
public AdminEventQuery authUser(String authUserId) {
|
||||||
Iterator<AdminEvent> itr = adminEvents.iterator();
|
Iterator<AdminEvent> itr = adminEvents.iterator();
|
||||||
while (itr.hasNext()) {
|
while (itr.hasNext()) {
|
||||||
if (!itr.next().getAuthDetails().getUserId().equals(userId)) {
|
if (!itr.next().getAuthDetails().getUserId().equals(authUserId)) {
|
||||||
itr.remove();
|
itr.remove();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -88,7 +88,7 @@ public class MemEventStoreProvider implements EventStoreProvider {
|
||||||
synchronized(adminEvents) {
|
synchronized(adminEvents) {
|
||||||
Iterator<AdminEvent> itr = adminEvents.iterator();
|
Iterator<AdminEvent> itr = adminEvents.iterator();
|
||||||
while (itr.hasNext()) {
|
while (itr.hasNext()) {
|
||||||
if (itr.next().getAuthDetails().getRealmId().equals(realmId)) {
|
if (itr.next().getRealmId().equals(realmId)) {
|
||||||
itr.remove();
|
itr.remove();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -101,7 +101,7 @@ public class MemEventStoreProvider implements EventStoreProvider {
|
||||||
Iterator<AdminEvent> itr = adminEvents.iterator();
|
Iterator<AdminEvent> itr = adminEvents.iterator();
|
||||||
while (itr.hasNext()) {
|
while (itr.hasNext()) {
|
||||||
AdminEvent e = itr.next();
|
AdminEvent e = itr.next();
|
||||||
if (e.getAuthDetails().getRealmId().equals(realmId) && e.getTime() < olderThan) {
|
if (e.getRealmId().equals(realmId) && e.getTime() < olderThan) {
|
||||||
itr.remove();
|
itr.remove();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1197,12 +1197,6 @@ module.controller('RealmEventsConfigCtrl', function($scope, eventsConfig, RealmE
|
||||||
'tags': serverInfo.enums['eventType']
|
'tags': serverInfo.enums['eventType']
|
||||||
};
|
};
|
||||||
|
|
||||||
$scope.adminEnabledEventOperationsOptions = {
|
|
||||||
'multiple': true,
|
|
||||||
'simple_tags': true,
|
|
||||||
'tags': serverInfo.enums['operationType']
|
|
||||||
};
|
|
||||||
|
|
||||||
var oldCopy = angular.copy($scope.eventsConfig);
|
var oldCopy = angular.copy($scope.eventsConfig);
|
||||||
$scope.changed = false;
|
$scope.changed = false;
|
||||||
|
|
||||||
|
@ -1327,7 +1321,6 @@ module.controller('RealmAdminEventsCtrl', function($scope, RealmAdminEvents, rea
|
||||||
max : 5,
|
max : 5,
|
||||||
first : 0
|
first : 0
|
||||||
}
|
}
|
||||||
$scope.query.authRealm = 'master';
|
|
||||||
|
|
||||||
$scope.adminEnabledEventOperationsOptions = {
|
$scope.adminEnabledEventOperationsOptions = {
|
||||||
'multiple': true,
|
'multiple': true,
|
||||||
|
@ -1350,7 +1343,7 @@ module.controller('RealmAdminEventsCtrl', function($scope, RealmAdminEvents, rea
|
||||||
$scope.query.max = 5;
|
$scope.query.max = 5;
|
||||||
$scope.query.operationTypes = '';
|
$scope.query.operationTypes = '';
|
||||||
$scope.query.resourcePath = '';
|
$scope.query.resourcePath = '';
|
||||||
$scope.query.authRealm = 'master';
|
$scope.query.authRealm = '';
|
||||||
$scope.query.authClient = '';
|
$scope.query.authClient = '';
|
||||||
$scope.query.authUser = '';
|
$scope.query.authUser = '';
|
||||||
$scope.query.authIpAddress = '';
|
$scope.query.authIpAddress = '';
|
||||||
|
|
|
@ -61,12 +61,11 @@
|
||||||
<fieldset>
|
<fieldset>
|
||||||
<legend><span class="text">Authentication Details</span></legend>
|
<legend><span class="text">Authentication Details</span></legend>
|
||||||
|
|
||||||
<div class="form-group" data-ng-show="'master' === realm.realm">
|
<div class="form-group">
|
||||||
<label class="col-sm-2 control-label" for="realm">Realm</label>
|
<label class="col-sm-2 control-label" for="realm">Realm</label>
|
||||||
<div class="col-sm-4">
|
<div class="col-sm-4">
|
||||||
<input class="form-control" type="text" id="realm" name="realm" data-ng-model="query.authRealm">
|
<input class="form-control" type="text" id="realm" name="realm" data-ng-model="query.authRealm">
|
||||||
</div>
|
</div>
|
||||||
<span tooltip-placement="right" tooltip="Filter by realm Id. This filter is supported only for master realm." class="fa fa-info-circle"></span>
|
|
||||||
</div>
|
</div>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label class="col-sm-2 control-label" for="client">Client</label>
|
<label class="col-sm-2 control-label" for="client">Client</label>
|
||||||
|
|
|
@ -1,5 +1,8 @@
|
||||||
<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
|
<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
|
||||||
<h1><strong>Events</strong> {{realm.realm|capitalize}}</span> Events</h1>
|
<h1>
|
||||||
|
<span><strong>Events Config</strong> {{realm.realm|capitalize}}</span>
|
||||||
|
<kc-tooltip>Displays configuration options to enable persistence of user and admin events.</kc-tooltip>
|
||||||
|
</h1>
|
||||||
|
|
||||||
<ul class="nav nav-tabs">
|
<ul class="nav nav-tabs">
|
||||||
<li data-ng-class="(path[2] == 'events') && 'active'"><a href="#/realms/{{realm.realm}}/events">Login Events</a></li>
|
<li data-ng-class="(path[2] == 'events') && 'active'"><a href="#/realms/{{realm.realm}}/events">Login Events</a></li>
|
||||||
|
@ -82,16 +85,6 @@
|
||||||
<span tooltip-placement="right" tooltip="If enabled admin events are saved to the database which makes events available to the admin console." class="fa fa-info-circle"></span>
|
<span tooltip-placement="right" tooltip="If enabled admin events are saved to the database which makes events available to the admin console." class="fa fa-info-circle"></span>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div class="form-group" data-ng-show="eventsConfig.adminEventsEnabled">
|
|
||||||
<label class="col-md-2 control-label" for="adminEnabledEventOperations" class="control-label">Saved Operations</label>
|
|
||||||
|
|
||||||
<div class="col-md-6">
|
|
||||||
<input ui-select2="adminEnabledEventOperationsOptions" id="adminEnabledEventOperations" ng-model="eventsConfig.adminEnabledEventOperations" data-placeholder="Select operations..."/>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<span tooltip-placement="right" tooltip="Configure what operations are saved." class="fa fa-info-circle"></span>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="form-group" data-ng-show="eventsConfig.adminEventsEnabled">
|
<div class="form-group" data-ng-show="eventsConfig.adminEventsEnabled">
|
||||||
<label class="col-md-2 control-label" for="adminEventsDetailsEnabled">Include Representation</label>
|
<label class="col-md-2 control-label" for="adminEventsDetailsEnabled">Include Representation</label>
|
||||||
<div class="col-md-6">
|
<div class="col-md-6">
|
||||||
|
|
|
@ -237,10 +237,6 @@ public interface RealmModel extends RoleContainerModel {
|
||||||
|
|
||||||
void setAdminEventsEnabled(boolean enabled);
|
void setAdminEventsEnabled(boolean enabled);
|
||||||
|
|
||||||
Set<String> getAdminEnabledEventOperations();
|
|
||||||
|
|
||||||
void setAdminEnabledEventOperations(Set<String> adminEnabledEventOperations);
|
|
||||||
|
|
||||||
boolean isAdminEventsDetailsEnabled();
|
boolean isAdminEventsDetailsEnabled();
|
||||||
|
|
||||||
void setAdminEventsDetailsEnabled(boolean enabled);
|
void setAdminEventsDetailsEnabled(boolean enabled);
|
||||||
|
|
|
@ -65,7 +65,6 @@ public class RealmEntity extends AbstractIdentifiableEntity {
|
||||||
private List<String> enabledEventTypes = new ArrayList<String>();
|
private List<String> enabledEventTypes = new ArrayList<String>();
|
||||||
|
|
||||||
protected boolean adminEventsEnabled;
|
protected boolean adminEventsEnabled;
|
||||||
protected List<String> adminEnabledEventOperations = new ArrayList<String>();;
|
|
||||||
protected boolean adminEventsDetailsEnabled;
|
protected boolean adminEventsDetailsEnabled;
|
||||||
|
|
||||||
private String masterAdminClient;
|
private String masterAdminClient;
|
||||||
|
@ -403,14 +402,6 @@ public class RealmEntity extends AbstractIdentifiableEntity {
|
||||||
this.adminEventsEnabled = adminEventsEnabled;
|
this.adminEventsEnabled = adminEventsEnabled;
|
||||||
}
|
}
|
||||||
|
|
||||||
public List<String> getAdminEnabledEventOperations() {
|
|
||||||
return adminEnabledEventOperations;
|
|
||||||
}
|
|
||||||
|
|
||||||
public void setAdminEnabledEventOperations(List<String> adminEnabledEventOperations) {
|
|
||||||
this.adminEnabledEventOperations = adminEnabledEventOperations;
|
|
||||||
}
|
|
||||||
|
|
||||||
public boolean isAdminEventsDetailsEnabled() {
|
public boolean isAdminEventsDetailsEnabled() {
|
||||||
return adminEventsDetailsEnabled;
|
return adminEventsDetailsEnabled;
|
||||||
}
|
}
|
||||||
|
|
|
@ -195,10 +195,6 @@ public class ModelToRepresentation {
|
||||||
|
|
||||||
rep.setAdminEventsEnabled(realm.isAdminEventsEnabled());
|
rep.setAdminEventsEnabled(realm.isAdminEventsEnabled());
|
||||||
|
|
||||||
if(realm.getAdminEnabledEventOperations() != null) {
|
|
||||||
rep.setAdminEnabledEventOperations(new LinkedList<String>(realm.getAdminEnabledEventOperations()));
|
|
||||||
}
|
|
||||||
|
|
||||||
rep.setAdminEventsDetailsEnabled(realm.isAdminEventsDetailsEnabled());
|
rep.setAdminEventsDetailsEnabled(realm.isAdminEventsDetailsEnabled());
|
||||||
|
|
||||||
return rep;
|
return rep;
|
||||||
|
|
|
@ -417,7 +417,6 @@ public class RepresentationToModel {
|
||||||
if (rep.getEnabledEventTypes() != null) realm.setEnabledEventTypes(new HashSet<>(rep.getEnabledEventTypes()));
|
if (rep.getEnabledEventTypes() != null) realm.setEnabledEventTypes(new HashSet<>(rep.getEnabledEventTypes()));
|
||||||
|
|
||||||
if (rep.isAdminEventsEnabled() != null) realm.setAdminEventsEnabled(rep.isAdminEventsEnabled());
|
if (rep.isAdminEventsEnabled() != null) realm.setAdminEventsEnabled(rep.isAdminEventsEnabled());
|
||||||
if (rep.getAdminEnabledEventOperations() != null) realm.setAdminEnabledEventOperations(new HashSet<>(rep.getAdminEnabledEventOperations()));
|
|
||||||
if (rep.isAdminEventsDetailsEnabled() != null) realm.setAdminEventsDetailsEnabled(rep.isAdminEventsDetailsEnabled());
|
if (rep.isAdminEventsDetailsEnabled() != null) realm.setAdminEventsDetailsEnabled(rep.isAdminEventsDetailsEnabled());
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -968,20 +968,6 @@ public class RealmAdapter implements RealmModel {
|
||||||
realm.setAdminEventsEnabled(enabled);
|
realm.setAdminEventsEnabled(enabled);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
|
||||||
public Set<String> getAdminEnabledEventOperations() {
|
|
||||||
return new HashSet<String>(realm.getAdminEnabledEventOperations());
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void setAdminEnabledEventOperations(Set<String> adminEnabledEventOperations) {
|
|
||||||
if (adminEnabledEventOperations != null) {
|
|
||||||
realm.setAdminEnabledEventOperations(new ArrayList<String>(adminEnabledEventOperations));
|
|
||||||
} else {
|
|
||||||
realm.setAdminEnabledEventOperations(Collections.EMPTY_LIST);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean isAdminEventsDetailsEnabled() {
|
public boolean isAdminEventsDetailsEnabled() {
|
||||||
return realm.isAdminEventsDetailsEnabled();
|
return realm.isAdminEventsDetailsEnabled();
|
||||||
|
|
|
@ -762,18 +762,6 @@ public class RealmAdapter implements RealmModel {
|
||||||
updated.setAdminEventsEnabled(enabled);
|
updated.setAdminEventsEnabled(enabled);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
|
||||||
public Set<String> getAdminEnabledEventOperations() {
|
|
||||||
if (updated != null) return updated.getAdminEnabledEventOperations();
|
|
||||||
return cached.getAdminEnabledEventOperations();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void setAdminEnabledEventOperations(Set<String> adminEnabledEventOperations) {
|
|
||||||
getDelegateForUpdate();
|
|
||||||
updated.setAdminEnabledEventOperations(adminEnabledEventOperations);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean isAdminEventsDetailsEnabled() {
|
public boolean isAdminEventsDetailsEnabled() {
|
||||||
if (updated != null) return updated.isAdminEventsDetailsEnabled();
|
if (updated != null) return updated.isAdminEventsDetailsEnabled();
|
||||||
|
|
|
@ -158,7 +158,6 @@ public class CachedRealm {
|
||||||
enabledEventTypes.addAll(model.getEnabledEventTypes());
|
enabledEventTypes.addAll(model.getEnabledEventTypes());
|
||||||
|
|
||||||
adminEventsEnabled = model.isAdminEventsEnabled();
|
adminEventsEnabled = model.isAdminEventsEnabled();
|
||||||
adminEnabledEventOperations.addAll(model.getAdminEnabledEventOperations());
|
|
||||||
adminEventsDetailsEnabled = model.isAdminEventsDetailsEnabled();
|
adminEventsDetailsEnabled = model.isAdminEventsDetailsEnabled();
|
||||||
|
|
||||||
defaultRoles.addAll(model.getDefaultRoles());
|
defaultRoles.addAll(model.getDefaultRoles());
|
||||||
|
|
|
@ -1078,18 +1078,6 @@ public class RealmAdapter implements RealmModel {
|
||||||
em.flush();
|
em.flush();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
|
||||||
public Set<String> getAdminEnabledEventOperations() {
|
|
||||||
return realm.getAdminEnabledEventOperations();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void setAdminEnabledEventOperations(Set<String> adminEnabledEventOperations) {
|
|
||||||
realm.setAdminEnabledEventOperations(adminEnabledEventOperations);
|
|
||||||
em.flush();
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean isAdminEventsDetailsEnabled() {
|
public boolean isAdminEventsDetailsEnabled() {
|
||||||
return realm.isAdminEventsDetailsEnabled();
|
return realm.isAdminEventsDetailsEnabled();
|
||||||
|
|
|
@ -138,11 +138,6 @@ public class RealmEntity {
|
||||||
@Column(name="ADMIN_EVENTS_ENABLED")
|
@Column(name="ADMIN_EVENTS_ENABLED")
|
||||||
protected boolean adminEventsEnabled;
|
protected boolean adminEventsEnabled;
|
||||||
|
|
||||||
@ElementCollection
|
|
||||||
@Column(name="VALUE")
|
|
||||||
@CollectionTable(name="REALM_ENABLED_ADMIN_EVENT_OPERATIONS", joinColumns={ @JoinColumn(name="REALM_ID") })
|
|
||||||
protected Set<String> adminEnabledEventOperations = new HashSet<String>();
|
|
||||||
|
|
||||||
@Column(name="ADMIN_EVENTS_DETAILS_ENABLED")
|
@Column(name="ADMIN_EVENTS_DETAILS_ENABLED")
|
||||||
protected boolean adminEventsDetailsEnabled;
|
protected boolean adminEventsDetailsEnabled;
|
||||||
|
|
||||||
|
@ -456,14 +451,6 @@ public class RealmEntity {
|
||||||
this.adminEventsEnabled = adminEventsEnabled;
|
this.adminEventsEnabled = adminEventsEnabled;
|
||||||
}
|
}
|
||||||
|
|
||||||
public Set<String> getAdminEnabledEventOperations() {
|
|
||||||
return adminEnabledEventOperations;
|
|
||||||
}
|
|
||||||
|
|
||||||
public void setAdminEnabledEventOperations(Set<String> adminEnabledEventOperations) {
|
|
||||||
this.adminEnabledEventOperations = adminEnabledEventOperations;
|
|
||||||
}
|
|
||||||
|
|
||||||
public boolean isAdminEventsDetailsEnabled() {
|
public boolean isAdminEventsDetailsEnabled() {
|
||||||
return adminEventsDetailsEnabled;
|
return adminEventsDetailsEnabled;
|
||||||
}
|
}
|
||||||
|
|
|
@ -999,21 +999,6 @@ public class RealmAdapter extends AbstractMongoAdapter<MongoRealmEntity> impleme
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
|
||||||
public Set<String> getAdminEnabledEventOperations() {
|
|
||||||
return new HashSet<String>(realm.getAdminEnabledEventOperations());
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void setAdminEnabledEventOperations(Set<String> adminEnabledEventOperations) {
|
|
||||||
if (adminEnabledEventOperations != null) {
|
|
||||||
realm.setAdminEnabledEventOperations(new ArrayList<String>(adminEnabledEventOperations));
|
|
||||||
} else {
|
|
||||||
realm.setAdminEnabledEventOperations(Collections.EMPTY_LIST);
|
|
||||||
}
|
|
||||||
updateRealm();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean isAdminEventsDetailsEnabled() {
|
public boolean isAdminEventsDetailsEnabled() {
|
||||||
return realm.isAdminEventsDetailsEnabled();
|
return realm.isAdminEventsDetailsEnabled();
|
||||||
|
|
|
@ -170,9 +170,6 @@ public class RealmManager {
|
||||||
}
|
}
|
||||||
|
|
||||||
realm.setAdminEventsEnabled(rep.isAdminEventsEnabled());
|
realm.setAdminEventsEnabled(rep.isAdminEventsEnabled());
|
||||||
if(rep.getAdminEnabledEventOperations() != null) {
|
|
||||||
realm.setAdminEnabledEventOperations(new HashSet<String>(rep.getAdminEnabledEventOperations()));
|
|
||||||
}
|
|
||||||
realm.setAdminEventsDetailsEnabled(rep.isAdminEventsDetailsEnabled());
|
realm.setAdminEventsDetailsEnabled(rep.isAdminEventsDetailsEnabled());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
package org.keycloak.events;
|
package org.keycloak.services.resources.admin;
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.util.LinkedList;
|
import java.util.LinkedList;
|
||||||
|
@ -6,13 +6,22 @@ import java.util.List;
|
||||||
|
|
||||||
import org.jboss.logging.Logger;
|
import org.jboss.logging.Logger;
|
||||||
import org.keycloak.ClientConnection;
|
import org.keycloak.ClientConnection;
|
||||||
|
import org.keycloak.broker.provider.IdentityProviderFactory;
|
||||||
|
import org.keycloak.events.EventListenerProvider;
|
||||||
|
import org.keycloak.events.EventStoreProvider;
|
||||||
import org.keycloak.events.admin.AdminEvent;
|
import org.keycloak.events.admin.AdminEvent;
|
||||||
import org.keycloak.events.admin.AuthDetails;
|
import org.keycloak.events.admin.AuthDetails;
|
||||||
import org.keycloak.events.admin.OperationType;
|
import org.keycloak.events.admin.OperationType;
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
|
import org.keycloak.models.IdentityProviderMapperModel;
|
||||||
|
import org.keycloak.models.IdentityProviderModel;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
|
import org.keycloak.models.ProtocolMapperModel;
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
|
import org.keycloak.models.RoleModel;
|
||||||
|
import org.keycloak.models.UserFederationProviderModel;
|
||||||
import org.keycloak.models.UserModel;
|
import org.keycloak.models.UserModel;
|
||||||
|
import org.keycloak.representations.idm.IdentityProviderRepresentation;
|
||||||
import org.keycloak.util.JsonSerialization;
|
import org.keycloak.util.JsonSerialization;
|
||||||
import org.keycloak.util.Time;
|
import org.keycloak.util.Time;
|
||||||
|
|
||||||
|
@ -25,9 +34,8 @@ public class AdminEventBuilder {
|
||||||
private RealmModel realm;
|
private RealmModel realm;
|
||||||
private AdminEvent adminEvent;
|
private AdminEvent adminEvent;
|
||||||
|
|
||||||
public AdminEventBuilder(RealmModel realm, KeycloakSession session, ClientConnection clientConnection) {
|
public AdminEventBuilder(RealmModel realm, AdminAuth auth, KeycloakSession session, ClientConnection clientConnection) {
|
||||||
this.realm = realm;
|
this.realm = realm;
|
||||||
|
|
||||||
adminEvent = new AdminEvent();
|
adminEvent = new AdminEvent();
|
||||||
|
|
||||||
if (realm.isAdminEventsEnabled()) {
|
if (realm.isAdminEventsEnabled()) {
|
||||||
|
@ -51,8 +59,20 @@ public class AdminEventBuilder {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
realm(realm);
|
authRealm(auth.getRealm());
|
||||||
ipAddress(clientConnection.getRemoteAddr());
|
authClient(auth.getClient());
|
||||||
|
authUser(auth.getUser());
|
||||||
|
authIpAddress(clientConnection.getRemoteAddr());
|
||||||
|
}
|
||||||
|
|
||||||
|
public AdminEventBuilder realm(RealmModel realm) {
|
||||||
|
adminEvent.setRealmId(realm.getId());
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
public AdminEventBuilder realm(String realmId) {
|
||||||
|
adminEvent.setRealmId(realmId);
|
||||||
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
public AdminEventBuilder operation(OperationType e) {
|
public AdminEventBuilder operation(OperationType e) {
|
||||||
|
@ -60,7 +80,7 @@ public class AdminEventBuilder {
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
public AdminEventBuilder realm(RealmModel realm) {
|
public AdminEventBuilder authRealm(RealmModel realm) {
|
||||||
AuthDetails authDetails = adminEvent.getAuthDetails();
|
AuthDetails authDetails = adminEvent.getAuthDetails();
|
||||||
if(authDetails == null) {
|
if(authDetails == null) {
|
||||||
authDetails = new AuthDetails();
|
authDetails = new AuthDetails();
|
||||||
|
@ -72,7 +92,7 @@ public class AdminEventBuilder {
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
public AdminEventBuilder realm(String realmId) {
|
public AdminEventBuilder authRealm(String realmId) {
|
||||||
AuthDetails authDetails = adminEvent.getAuthDetails();
|
AuthDetails authDetails = adminEvent.getAuthDetails();
|
||||||
if(authDetails == null) {
|
if(authDetails == null) {
|
||||||
authDetails = new AuthDetails();
|
authDetails = new AuthDetails();
|
||||||
|
@ -84,7 +104,7 @@ public class AdminEventBuilder {
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
public AdminEventBuilder client(ClientModel client) {
|
public AdminEventBuilder authClient(ClientModel client) {
|
||||||
AuthDetails authDetails = adminEvent.getAuthDetails();
|
AuthDetails authDetails = adminEvent.getAuthDetails();
|
||||||
if(authDetails == null) {
|
if(authDetails == null) {
|
||||||
authDetails = new AuthDetails();
|
authDetails = new AuthDetails();
|
||||||
|
@ -96,7 +116,7 @@ public class AdminEventBuilder {
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
public AdminEventBuilder client(String clientId) {
|
public AdminEventBuilder authClient(String clientId) {
|
||||||
AuthDetails authDetails = adminEvent.getAuthDetails();
|
AuthDetails authDetails = adminEvent.getAuthDetails();
|
||||||
if(authDetails == null) {
|
if(authDetails == null) {
|
||||||
authDetails = new AuthDetails();
|
authDetails = new AuthDetails();
|
||||||
|
@ -108,7 +128,7 @@ public class AdminEventBuilder {
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
public AdminEventBuilder user(UserModel user) {
|
public AdminEventBuilder authUser(UserModel user) {
|
||||||
AuthDetails authDetails = adminEvent.getAuthDetails();
|
AuthDetails authDetails = adminEvent.getAuthDetails();
|
||||||
if(authDetails == null) {
|
if(authDetails == null) {
|
||||||
authDetails = new AuthDetails();
|
authDetails = new AuthDetails();
|
||||||
|
@ -120,7 +140,7 @@ public class AdminEventBuilder {
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
public AdminEventBuilder user(String userId) {
|
public AdminEventBuilder authUser(String userId) {
|
||||||
AuthDetails authDetails = adminEvent.getAuthDetails();
|
AuthDetails authDetails = adminEvent.getAuthDetails();
|
||||||
if(authDetails == null) {
|
if(authDetails == null) {
|
||||||
authDetails = new AuthDetails();
|
authDetails = new AuthDetails();
|
||||||
|
@ -132,7 +152,7 @@ public class AdminEventBuilder {
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
public AdminEventBuilder ipAddress(String ipAddress) {
|
public AdminEventBuilder authIpAddress(String ipAddress) {
|
||||||
AuthDetails authDetails = adminEvent.getAuthDetails();
|
AuthDetails authDetails = adminEvent.getAuthDetails();
|
||||||
if(authDetails == null) {
|
if(authDetails == null) {
|
||||||
authDetails = new AuthDetails();
|
authDetails = new AuthDetails();
|
||||||
|
@ -148,6 +168,54 @@ public class AdminEventBuilder {
|
||||||
adminEvent.setResourcePath(resourcePath);
|
adminEvent.setResourcePath(resourcePath);
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public AdminEventBuilder resourcePath(String resourcePath, boolean segment) {
|
||||||
|
if(segment) {
|
||||||
|
int index = resourcePath.lastIndexOf('/');
|
||||||
|
int subIndex = resourcePath.lastIndexOf('/', index - 1);
|
||||||
|
adminEvent.setResourcePath(resourcePath.substring(subIndex));
|
||||||
|
} else {
|
||||||
|
adminEvent.setResourcePath(resourcePath.substring(resourcePath.lastIndexOf('/')));
|
||||||
|
}
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
public AdminEventBuilder resourcePath(Object model) {
|
||||||
|
StringBuilder sb = new StringBuilder();
|
||||||
|
sb.append(getResourcePath(model));
|
||||||
|
adminEvent.setResourcePath(sb.toString());
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
public AdminEventBuilder resourcePath(Object model, String resourcePath) {
|
||||||
|
StringBuilder sb = new StringBuilder();
|
||||||
|
sb.append(getResourcePath(model));
|
||||||
|
sb.append(resourcePath.substring(resourcePath.lastIndexOf('/')));
|
||||||
|
adminEvent.setResourcePath(sb.toString());
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
public AdminEventBuilder resourcePath(Object model, String resourcePath, boolean segment) {
|
||||||
|
StringBuilder sb = new StringBuilder();
|
||||||
|
sb.append(getResourcePath(model));
|
||||||
|
int index = resourcePath.lastIndexOf('/');
|
||||||
|
int subIndex = resourcePath.lastIndexOf('/', index - 1);
|
||||||
|
sb.append(resourcePath.substring(subIndex));
|
||||||
|
adminEvent.setResourcePath(sb.toString());
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
public AdminEventBuilder resourcePath(Object model, Object subModel, String resourcePath) {
|
||||||
|
StringBuilder sb = new StringBuilder();
|
||||||
|
sb.append(getResourcePath(model));
|
||||||
|
int index = resourcePath.lastIndexOf('/');
|
||||||
|
int subIndex = resourcePath.lastIndexOf('/', index - 1);
|
||||||
|
sb.append(resourcePath.substring(subIndex, index+1));
|
||||||
|
sb.append(getResourcePath(subModel));
|
||||||
|
adminEvent.setResourcePath(sb.toString());
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
public void error(String error) {
|
public void error(String error) {
|
||||||
adminEvent.setOperationType(OperationType.valueOf(adminEvent.getOperationType().name() + "_ERROR"));
|
adminEvent.setOperationType(OperationType.valueOf(adminEvent.getOperationType().name() + "_ERROR"));
|
||||||
|
@ -183,12 +251,10 @@ public class AdminEventBuilder {
|
||||||
adminEvent.setTime(Time.toMillis(Time.currentTime()));
|
adminEvent.setTime(Time.toMillis(Time.currentTime()));
|
||||||
|
|
||||||
if (store != null) {
|
if (store != null) {
|
||||||
if (realm.getAdminEnabledEventOperations() != null && !realm.getAdminEnabledEventOperations().isEmpty() ? realm.getAdminEnabledEventOperations().contains(adminEvent.getOperationType().name()) : adminEvent.getOperationType().isSaveByDefault()) {
|
try {
|
||||||
try {
|
store.onEvent(adminEvent, includeRepresentation);
|
||||||
store.onEvent(adminEvent, includeRepresentation);
|
} catch (Throwable t) {
|
||||||
} catch (Throwable t) {
|
log.error("Failed to save event", t);
|
||||||
log.error("Failed to save event", t);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -202,4 +268,47 @@ public class AdminEventBuilder {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private String getResourcePath(Object model) {
|
||||||
|
|
||||||
|
StringBuilder sb = new StringBuilder();
|
||||||
|
|
||||||
|
if (model instanceof RealmModel) {
|
||||||
|
RealmModel realm = (RealmModel) model;
|
||||||
|
sb.append("realms/" + realm.getId());
|
||||||
|
} else if (model instanceof ClientModel) {
|
||||||
|
ClientModel client = (ClientModel) model;
|
||||||
|
sb.append("clients/" + client.getId());
|
||||||
|
} else if (model instanceof UserModel) {
|
||||||
|
UserModel user = (UserModel) model;
|
||||||
|
sb.append("users/" + user.getId());
|
||||||
|
|
||||||
|
} else if (model instanceof IdentityProviderModel) {
|
||||||
|
IdentityProviderModel provider = (IdentityProviderModel) model;
|
||||||
|
sb.append("identity-Providers/" + provider.getProviderId());
|
||||||
|
} else if (model instanceof IdentityProviderRepresentation) {
|
||||||
|
IdentityProviderRepresentation provider = (IdentityProviderRepresentation) model;
|
||||||
|
sb.append("identity-Providers/" + provider.getProviderId());
|
||||||
|
} else if (model instanceof IdentityProviderMapperModel) {
|
||||||
|
IdentityProviderMapperModel provider = (IdentityProviderMapperModel) model;
|
||||||
|
sb.append("identity-Provider-Mappers/" + provider.getId());
|
||||||
|
} else if (model instanceof IdentityProviderFactory) {
|
||||||
|
IdentityProviderFactory provider = (IdentityProviderFactory) model;
|
||||||
|
sb.append("identity-Provider-Factory/" + provider.getId());
|
||||||
|
|
||||||
|
} else if (model instanceof ProtocolMapperModel) {
|
||||||
|
ProtocolMapperModel mapper = (ProtocolMapperModel) model;
|
||||||
|
sb.append("protocol-Mappers/" + mapper.getId());
|
||||||
|
|
||||||
|
} else if (model instanceof UserFederationProviderModel) {
|
||||||
|
UserFederationProviderModel provider = (UserFederationProviderModel) model;
|
||||||
|
sb.append("user-Federation-Providers/" + provider.getId());
|
||||||
|
|
||||||
|
} else if (model instanceof RoleModel) {
|
||||||
|
RoleModel role = (RoleModel) model;
|
||||||
|
sb.append("roles/" + role.getId());
|
||||||
|
}
|
||||||
|
|
||||||
|
return sb.toString();
|
||||||
|
}
|
||||||
}
|
}
|
|
@ -8,7 +8,6 @@ import org.jboss.resteasy.spi.NotFoundException;
|
||||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||||
import org.jboss.resteasy.spi.UnauthorizedException;
|
import org.jboss.resteasy.spi.UnauthorizedException;
|
||||||
import org.keycloak.ClientConnection;
|
import org.keycloak.ClientConnection;
|
||||||
import org.keycloak.events.AdminEventBuilder;
|
|
||||||
import org.keycloak.jose.jws.JWSInput;
|
import org.keycloak.jose.jws.JWSInput;
|
||||||
import org.keycloak.models.AdminRoles;
|
import org.keycloak.models.AdminRoles;
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
|
@ -188,10 +187,7 @@ public class AdminRoot {
|
||||||
|
|
||||||
Cors.add(request).allowedOrigins(auth.getToken()).allowedMethods("GET", "PUT", "POST", "DELETE").auth().build(response);
|
Cors.add(request).allowedOrigins(auth.getToken()).allowedMethods("GET", "PUT", "POST", "DELETE").auth().build(response);
|
||||||
|
|
||||||
AdminEventBuilder adminEvent = new AdminEventBuilder(auth.getRealm(), session, clientConnection);
|
RealmsAdminResource adminResource = new RealmsAdminResource(auth, tokenManager);
|
||||||
adminEvent.user(auth.getUser()).client(auth.getClient());
|
|
||||||
|
|
||||||
RealmsAdminResource adminResource = new RealmsAdminResource(auth, tokenManager, adminEvent);
|
|
||||||
ResteasyProviderFactory.getInstance().injectProperties(adminResource);
|
ResteasyProviderFactory.getInstance().injectProperties(adminResource);
|
||||||
return adminResource;
|
return adminResource;
|
||||||
}
|
}
|
||||||
|
|
|
@ -6,7 +6,6 @@ import org.jboss.resteasy.plugins.providers.multipart.MultipartFormDataInput;
|
||||||
import org.jboss.resteasy.spi.BadRequestException;
|
import org.jboss.resteasy.spi.BadRequestException;
|
||||||
import org.jboss.resteasy.spi.NotAcceptableException;
|
import org.jboss.resteasy.spi.NotAcceptableException;
|
||||||
import org.jboss.resteasy.spi.NotFoundException;
|
import org.jboss.resteasy.spi.NotFoundException;
|
||||||
import org.keycloak.events.AdminEventBuilder;
|
|
||||||
import org.keycloak.events.admin.OperationType;
|
import org.keycloak.events.admin.OperationType;
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
|
@ -99,7 +98,6 @@ public class ClientAttributeCertificateResource {
|
||||||
ClientKeyPairInfo info = new ClientKeyPairInfo();
|
ClientKeyPairInfo info = new ClientKeyPairInfo();
|
||||||
info.setCertificate(client.getAttribute(certificateAttribute));
|
info.setCertificate(client.getAttribute(certificateAttribute));
|
||||||
info.setPrivateKey(client.getAttribute(privateAttribute));
|
info.setPrivateKey(client.getAttribute(privateAttribute));
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
return info;
|
return info;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -135,12 +133,14 @@ public class ClientAttributeCertificateResource {
|
||||||
client.setAttribute(privateAttribute, privateKeyPem);
|
client.setAttribute(privateAttribute, privateKeyPem);
|
||||||
client.setAttribute(certificateAttribute, certPem);
|
client.setAttribute(certificateAttribute, certPem);
|
||||||
|
|
||||||
|
|
||||||
KeycloakModelUtils.generateClientKeyPairCertificate(client);
|
KeycloakModelUtils.generateClientKeyPairCertificate(client);
|
||||||
ClientKeyPairInfo info = new ClientKeyPairInfo();
|
ClientKeyPairInfo info = new ClientKeyPairInfo();
|
||||||
info.setCertificate(client.getAttribute(certificateAttribute));
|
info.setCertificate(client.getAttribute(certificateAttribute));
|
||||||
info.setPrivateKey(client.getAttribute(privateAttribute));
|
info.setPrivateKey(client.getAttribute(privateAttribute));
|
||||||
adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri().getPath()).representation(info).success();
|
|
||||||
|
adminEvent.operation(OperationType.ACTION)
|
||||||
|
.resourcePath(client, session.getContext().getUri().getPath()).representation(info).success();
|
||||||
|
|
||||||
return info;
|
return info;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -198,7 +198,7 @@ public class ClientAttributeCertificateResource {
|
||||||
info.setCertificate(certPem);
|
info.setCertificate(certPem);
|
||||||
}
|
}
|
||||||
|
|
||||||
adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo.getPath()).representation(info).success();
|
adminEvent.operation(OperationType.ACTION).resourcePath(client, uriInfo.getPath()).representation(info).success();
|
||||||
return info;
|
return info;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -325,7 +325,8 @@ public class ClientAttributeCertificateResource {
|
||||||
stream.close();
|
stream.close();
|
||||||
byte[] rtn = stream.toByteArray();
|
byte[] rtn = stream.toByteArray();
|
||||||
|
|
||||||
adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri().getPath()).success();
|
adminEvent.operation(OperationType.ACTION)
|
||||||
|
.resourcePath(client, session.getContext().getUri().getPath()).success();
|
||||||
|
|
||||||
return rtn;
|
return rtn;
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
|
|
|
@ -5,7 +5,6 @@ import org.jboss.resteasy.annotations.cache.NoCache;
|
||||||
import org.jboss.resteasy.spi.BadRequestException;
|
import org.jboss.resteasy.spi.BadRequestException;
|
||||||
import org.jboss.resteasy.spi.NotFoundException;
|
import org.jboss.resteasy.spi.NotFoundException;
|
||||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||||
import org.keycloak.events.AdminEventBuilder;
|
|
||||||
import org.keycloak.events.admin.OperationType;
|
import org.keycloak.events.admin.OperationType;
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
|
@ -88,7 +87,6 @@ public class ClientResource {
|
||||||
public ProtocolMappersResource getProtocolMappers() {
|
public ProtocolMappersResource getProtocolMappers() {
|
||||||
ProtocolMappersResource mappers = new ProtocolMappersResource(client, auth, adminEvent);
|
ProtocolMappersResource mappers = new ProtocolMappersResource(client, auth, adminEvent);
|
||||||
ResteasyProviderFactory.getInstance().injectProperties(mappers);
|
ResteasyProviderFactory.getInstance().injectProperties(mappers);
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return mappers;
|
return mappers;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -104,7 +102,7 @@ public class ClientResource {
|
||||||
|
|
||||||
try {
|
try {
|
||||||
RepresentationToModel.updateClient(rep, client);
|
RepresentationToModel.updateClient(rep, client);
|
||||||
adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo.getPath()).representation(rep).success();
|
adminEvent.operation(OperationType.UPDATE).resourcePath(client).representation(rep).success();
|
||||||
return Response.noContent().build();
|
return Response.noContent().build();
|
||||||
} catch (ModelDuplicateException e) {
|
} catch (ModelDuplicateException e) {
|
||||||
return ErrorResponse.exists("Client " + rep.getClientId() + " already exists");
|
return ErrorResponse.exists("Client " + rep.getClientId() + " already exists");
|
||||||
|
@ -122,7 +120,6 @@ public class ClientResource {
|
||||||
@Produces(MediaType.APPLICATION_JSON)
|
@Produces(MediaType.APPLICATION_JSON)
|
||||||
public ClientRepresentation getClient() {
|
public ClientRepresentation getClient() {
|
||||||
auth.requireView();
|
auth.requireView();
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return ModelToRepresentation.toRepresentation(client);
|
return ModelToRepresentation.toRepresentation(client);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -153,7 +150,7 @@ public class ClientResource {
|
||||||
ClientManager clientManager = new ClientManager(new RealmManager(session));
|
ClientManager clientManager = new ClientManager(new RealmManager(session));
|
||||||
Object rep = clientManager.toInstallationRepresentation(realm, client, getKeycloakApplication().getBaseUri(uriInfo));
|
Object rep = clientManager.toInstallationRepresentation(realm, client, getKeycloakApplication().getBaseUri(uriInfo));
|
||||||
|
|
||||||
adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.ACTION).resourcePath(client, uriInfo.getPath(), true).success();
|
||||||
|
|
||||||
// TODO Temporary solution to pretty-print
|
// TODO Temporary solution to pretty-print
|
||||||
return JsonSerialization.mapper.writerWithDefaultPrettyPrinter().writeValueAsString(rep);
|
return JsonSerialization.mapper.writerWithDefaultPrettyPrinter().writeValueAsString(rep);
|
||||||
|
@ -174,7 +171,7 @@ public class ClientResource {
|
||||||
|
|
||||||
ClientManager clientManager = new ClientManager(new RealmManager(session));
|
ClientManager clientManager = new ClientManager(new RealmManager(session));
|
||||||
|
|
||||||
adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.ACTION).resourcePath(client, uriInfo.getPath(), true).success();
|
||||||
|
|
||||||
return clientManager.toJBossSubsystemConfig(realm, client, getKeycloakApplication().getBaseUri(uriInfo));
|
return clientManager.toJBossSubsystemConfig(realm, client, getKeycloakApplication().getBaseUri(uriInfo));
|
||||||
}
|
}
|
||||||
|
@ -188,7 +185,7 @@ public class ClientResource {
|
||||||
public void deleteClient() {
|
public void deleteClient() {
|
||||||
auth.requireManage();
|
auth.requireManage();
|
||||||
new ClientManager(new RealmManager(session)).removeClient(realm, client);
|
new ClientManager(new RealmManager(session)).removeClient(realm, client);
|
||||||
adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.DELETE).resourcePath(client).success();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -207,7 +204,7 @@ public class ClientResource {
|
||||||
logger.debug("regenerateSecret");
|
logger.debug("regenerateSecret");
|
||||||
UserCredentialModel cred = KeycloakModelUtils.generateSecret(client);
|
UserCredentialModel cred = KeycloakModelUtils.generateSecret(client);
|
||||||
CredentialRepresentation rep = ModelToRepresentation.toRepresentation(cred);
|
CredentialRepresentation rep = ModelToRepresentation.toRepresentation(cred);
|
||||||
adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo.getPath()).representation(rep).success();
|
adminEvent.operation(OperationType.ACTION).resourcePath(client, uriInfo.getPath()).representation(rep).success();
|
||||||
return rep;
|
return rep;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -226,7 +223,6 @@ public class ClientResource {
|
||||||
logger.debug("getClientSecret");
|
logger.debug("getClientSecret");
|
||||||
UserCredentialModel model = UserCredentialModel.secret(client.getSecret());
|
UserCredentialModel model = UserCredentialModel.secret(client.getSecret());
|
||||||
if (model == null) throw new NotFoundException("Client does not have a secret");
|
if (model == null) throw new NotFoundException("Client does not have a secret");
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return ModelToRepresentation.toRepresentation(model);
|
return ModelToRepresentation.toRepresentation(model);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -258,7 +254,6 @@ public class ClientResource {
|
||||||
public Set<String> getAllowedOrigins()
|
public Set<String> getAllowedOrigins()
|
||||||
{
|
{
|
||||||
auth.requireView();
|
auth.requireView();
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return client.getWebOrigins();
|
return client.getWebOrigins();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -276,7 +271,7 @@ public class ClientResource {
|
||||||
auth.requireManage();
|
auth.requireManage();
|
||||||
|
|
||||||
client.setWebOrigins(allowedOrigins);
|
client.setWebOrigins(allowedOrigins);
|
||||||
adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo.getPath()).representation(client).success();
|
adminEvent.operation(OperationType.UPDATE).resourcePath(client, uriInfo.getPath()).representation(client).success();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -295,7 +290,7 @@ public class ClientResource {
|
||||||
for (String origin : allowedOrigins) {
|
for (String origin : allowedOrigins) {
|
||||||
client.removeWebOrigin(origin);
|
client.removeWebOrigin(origin);
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.DELETE).resourcePath(client, uriInfo.getPath()).success();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -306,7 +301,7 @@ public class ClientResource {
|
||||||
@POST
|
@POST
|
||||||
public GlobalRequestResult pushRevocation() {
|
public GlobalRequestResult pushRevocation() {
|
||||||
auth.requireManage();
|
auth.requireManage();
|
||||||
adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.ACTION).resourcePath(client, uriInfo.getPath()).success();
|
||||||
return new ResourceAdminManager(session).pushClientRevocationPolicy(uriInfo.getRequestUri(), realm, client);
|
return new ResourceAdminManager(session).pushClientRevocationPolicy(uriInfo.getRequestUri(), realm, client);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -328,7 +323,6 @@ public class ClientResource {
|
||||||
auth.requireView();
|
auth.requireView();
|
||||||
Map<String, Integer> map = new HashMap<String, Integer>();
|
Map<String, Integer> map = new HashMap<String, Integer>();
|
||||||
map.put("count", session.sessions().getActiveUserSessions(client.getRealm(), client));
|
map.put("count", session.sessions().getActiveUserSessions(client.getRealm(), client));
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return map;
|
return map;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -350,7 +344,6 @@ public class ClientResource {
|
||||||
UserSessionRepresentation rep = ModelToRepresentation.toRepresentation(userSession);
|
UserSessionRepresentation rep = ModelToRepresentation.toRepresentation(userSession);
|
||||||
sessions.add(rep);
|
sessions.add(rep);
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return sessions;
|
return sessions;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -362,7 +355,7 @@ public class ClientResource {
|
||||||
@POST
|
@POST
|
||||||
public GlobalRequestResult logoutAll() {
|
public GlobalRequestResult logoutAll() {
|
||||||
auth.requireManage();
|
auth.requireManage();
|
||||||
adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.ACTION).resourcePath(client, uriInfo.getPath()).success();
|
||||||
return new ResourceAdminManager(session).logoutClient(uriInfo.getRequestUri(), realm, client);
|
return new ResourceAdminManager(session).logoutClient(uriInfo.getRequestUri(), realm, client);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -379,7 +372,7 @@ public class ClientResource {
|
||||||
if (user == null) {
|
if (user == null) {
|
||||||
throw new NotFoundException("User not found");
|
throw new NotFoundException("User not found");
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.ACTION).resourcePath(client, uriInfo.getPath(), true).success();
|
||||||
new ResourceAdminManager(session).logoutUserFromClient(uriInfo.getRequestUri(), realm, client, user);
|
new ResourceAdminManager(session).logoutUserFromClient(uriInfo.getRequestUri(), realm, client, user);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -401,7 +394,7 @@ public class ClientResource {
|
||||||
}
|
}
|
||||||
if (logger.isDebugEnabled()) logger.debug("Register node: " + node);
|
if (logger.isDebugEnabled()) logger.debug("Register node: " + node);
|
||||||
client.registerNode(node, Time.currentTime());
|
client.registerNode(node, Time.currentTime());
|
||||||
adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.ACTION).resourcePath(client, uriInfo.getPath()).success();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -421,7 +414,7 @@ public class ClientResource {
|
||||||
throw new NotFoundException("Client does not have a node " + node);
|
throw new NotFoundException("Client does not have a node " + node);
|
||||||
}
|
}
|
||||||
client.unregisterNode(node);
|
client.unregisterNode(node);
|
||||||
adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.DELETE).resourcePath(client, uriInfo.getPath(), true).success();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -435,7 +428,7 @@ public class ClientResource {
|
||||||
public GlobalRequestResult testNodesAvailable() {
|
public GlobalRequestResult testNodesAvailable() {
|
||||||
auth.requireManage();
|
auth.requireManage();
|
||||||
logger.debug("Test availability of cluster nodes");
|
logger.debug("Test availability of cluster nodes");
|
||||||
adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.ACTION).resourcePath(client, uriInfo.getPath()).success();
|
||||||
return new ResourceAdminManager(session).testNodesAvailability(uriInfo.getRequestUri(), realm, client);
|
return new ResourceAdminManager(session).testNodesAvailability(uriInfo.getRequestUri(), realm, client);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
package org.keycloak.services.resources.admin;
|
package org.keycloak.services.resources.admin;
|
||||||
|
|
||||||
import org.keycloak.events.AdminEventBuilder;
|
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
|
|
||||||
|
|
|
@ -4,7 +4,6 @@ import org.jboss.logging.Logger;
|
||||||
import org.jboss.resteasy.annotations.cache.NoCache;
|
import org.jboss.resteasy.annotations.cache.NoCache;
|
||||||
import org.jboss.resteasy.spi.NotFoundException;
|
import org.jboss.resteasy.spi.NotFoundException;
|
||||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||||
import org.keycloak.events.AdminEventBuilder;
|
|
||||||
import org.keycloak.events.admin.OperationType;
|
import org.keycloak.events.admin.OperationType;
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
|
@ -77,7 +76,6 @@ public class ClientsResource {
|
||||||
rep.add(client);
|
rep.add(client);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
return rep;
|
return rep;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -95,9 +93,9 @@ public class ClientsResource {
|
||||||
|
|
||||||
try {
|
try {
|
||||||
ClientModel clientModel = RepresentationToModel.createClient(session, realm, rep, true);
|
ClientModel clientModel = RepresentationToModel.createClient(session, realm, rep, true);
|
||||||
adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo.getAbsolutePathBuilder()
|
|
||||||
.path(getClientPath(clientModel)).build().toString().substring(uriInfo.getBaseUri().toString().length()))
|
adminEvent.operation(OperationType.CREATE).resourcePath(clientModel).representation(rep).success();
|
||||||
.representation(rep).success();
|
|
||||||
return Response.created(uriInfo.getAbsolutePathBuilder().path(getClientPath(clientModel)).build()).build();
|
return Response.created(uriInfo.getAbsolutePathBuilder().path(getClientPath(clientModel)).build()).build();
|
||||||
} catch (ModelDuplicateException e) {
|
} catch (ModelDuplicateException e) {
|
||||||
return ErrorResponse.exists("Client " + rep.getClientId() + " already exists");
|
return ErrorResponse.exists("Client " + rep.getClientId() + " already exists");
|
||||||
|
@ -122,7 +120,6 @@ public class ClientsResource {
|
||||||
}
|
}
|
||||||
ClientResource clientResource = new ClientResource(realm, auth, clientModel, session, adminEvent);
|
ClientResource clientResource = new ClientResource(realm, auth, clientModel, session, adminEvent);
|
||||||
ResteasyProviderFactory.getInstance().injectProperties(clientResource);
|
ResteasyProviderFactory.getInstance().injectProperties(clientResource);
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
return clientResource;
|
return clientResource;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -6,7 +6,6 @@ import org.jboss.resteasy.spi.NotFoundException;
|
||||||
import org.keycloak.broker.provider.IdentityProvider;
|
import org.keycloak.broker.provider.IdentityProvider;
|
||||||
import org.keycloak.broker.provider.IdentityProviderFactory;
|
import org.keycloak.broker.provider.IdentityProviderFactory;
|
||||||
import org.keycloak.broker.provider.IdentityProviderMapper;
|
import org.keycloak.broker.provider.IdentityProviderMapper;
|
||||||
import org.keycloak.events.AdminEventBuilder;
|
|
||||||
import org.keycloak.events.admin.OperationType;
|
import org.keycloak.events.admin.OperationType;
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.models.FederatedIdentityModel;
|
import org.keycloak.models.FederatedIdentityModel;
|
||||||
|
@ -77,9 +76,6 @@ public class IdentityProviderResource {
|
||||||
public IdentityProviderRepresentation getIdentityProvider() {
|
public IdentityProviderRepresentation getIdentityProvider() {
|
||||||
this.auth.requireView();
|
this.auth.requireView();
|
||||||
IdentityProviderRepresentation rep = ModelToRepresentation.toRepresentation(this.identityProviderModel);
|
IdentityProviderRepresentation rep = ModelToRepresentation.toRepresentation(this.identityProviderModel);
|
||||||
|
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
|
|
||||||
return rep;
|
return rep;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -90,7 +86,7 @@ public class IdentityProviderResource {
|
||||||
|
|
||||||
this.realm.removeIdentityProviderByAlias(this.identityProviderModel.getAlias());
|
this.realm.removeIdentityProviderByAlias(this.identityProviderModel.getAlias());
|
||||||
|
|
||||||
adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.DELETE).resourcePath(identityProviderModel).success();
|
||||||
|
|
||||||
return Response.noContent().build();
|
return Response.noContent().build();
|
||||||
}
|
}
|
||||||
|
@ -116,7 +112,7 @@ public class IdentityProviderResource {
|
||||||
updateUsersAfterProviderAliasChange(this.session.users().getUsers(this.realm), oldProviderId, newProviderId);
|
updateUsersAfterProviderAliasChange(this.session.users().getUsers(this.realm), oldProviderId, newProviderId);
|
||||||
}
|
}
|
||||||
|
|
||||||
adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo.getPath()).representation(providerRep).success();
|
adminEvent.operation(OperationType.UPDATE).resourcePath(providerRep).representation(providerRep).success();
|
||||||
|
|
||||||
return Response.noContent().build();
|
return Response.noContent().build();
|
||||||
} catch (ModelDuplicateException e) {
|
} catch (ModelDuplicateException e) {
|
||||||
|
@ -173,7 +169,7 @@ public class IdentityProviderResource {
|
||||||
try {
|
try {
|
||||||
this.auth.requireView();
|
this.auth.requireView();
|
||||||
IdentityProviderFactory factory = getIdentityProviderFactory();
|
IdentityProviderFactory factory = getIdentityProviderFactory();
|
||||||
adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.ACTION).resourcePath(identityProviderModel, uriInfo.getPath()).success();
|
||||||
return factory.create(identityProviderModel).export(uriInfo, realm, format);
|
return factory.create(identityProviderModel).export(uriInfo, realm, format);
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
return ErrorResponse.error("Could not export public broker configuration for identity provider [" + identityProviderModel.getProviderId() + "].", Response.Status.NOT_FOUND);
|
return ErrorResponse.error("Could not export public broker configuration for identity provider [" + identityProviderModel.getProviderId() + "].", Response.Status.NOT_FOUND);
|
||||||
|
@ -212,7 +208,6 @@ public class IdentityProviderResource {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return types;
|
return types;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -226,7 +221,6 @@ public class IdentityProviderResource {
|
||||||
for (IdentityProviderMapperModel model : realm.getIdentityProviderMappersByAlias(identityProviderModel.getAlias())) {
|
for (IdentityProviderMapperModel model : realm.getIdentityProviderMappersByAlias(identityProviderModel.getAlias())) {
|
||||||
mappers.add(ModelToRepresentation.toRepresentation(model));
|
mappers.add(ModelToRepresentation.toRepresentation(model));
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return mappers;
|
return mappers;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -237,9 +231,10 @@ public class IdentityProviderResource {
|
||||||
auth.requireManage();
|
auth.requireManage();
|
||||||
IdentityProviderMapperModel model = RepresentationToModel.toModel(mapper);
|
IdentityProviderMapperModel model = RepresentationToModel.toModel(mapper);
|
||||||
model = realm.addIdentityProviderMapper(model);
|
model = realm.addIdentityProviderMapper(model);
|
||||||
adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo.getAbsolutePathBuilder()
|
|
||||||
.path(model.getId()).build().toString().substring(uriInfo.getBaseUri().toString().length()))
|
adminEvent.operation(OperationType.CREATE).resourcePath(model, uriInfo.getPath())
|
||||||
.representation(mapper).success();
|
.representation(mapper).success();
|
||||||
|
|
||||||
return Response.created(uriInfo.getAbsolutePathBuilder().path(model.getId()).build()).build();
|
return Response.created(uriInfo.getAbsolutePathBuilder().path(model.getId()).build()).build();
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -252,7 +247,6 @@ public class IdentityProviderResource {
|
||||||
auth.requireView();
|
auth.requireView();
|
||||||
IdentityProviderMapperModel model = realm.getIdentityProviderMapperById(id);
|
IdentityProviderMapperModel model = realm.getIdentityProviderMapperById(id);
|
||||||
if (model == null) throw new NotFoundException("Model not found");
|
if (model == null) throw new NotFoundException("Model not found");
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return ModelToRepresentation.toRepresentation(model);
|
return ModelToRepresentation.toRepresentation(model);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -266,7 +260,7 @@ public class IdentityProviderResource {
|
||||||
if (model == null) throw new NotFoundException("Model not found");
|
if (model == null) throw new NotFoundException("Model not found");
|
||||||
model = RepresentationToModel.toModel(rep);
|
model = RepresentationToModel.toModel(rep);
|
||||||
realm.updateIdentityProviderMapper(model);
|
realm.updateIdentityProviderMapper(model);
|
||||||
adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo.getPath()).representation(rep).success();
|
adminEvent.operation(OperationType.UPDATE).resourcePath(model).representation(rep).success();
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -278,7 +272,7 @@ public class IdentityProviderResource {
|
||||||
IdentityProviderMapperModel model = realm.getIdentityProviderMapperById(id);
|
IdentityProviderMapperModel model = realm.getIdentityProviderMapperById(id);
|
||||||
if (model == null) throw new NotFoundException("Model not found");
|
if (model == null) throw new NotFoundException("Model not found");
|
||||||
realm.removeIdentityProviderMapper(model);
|
realm.removeIdentityProviderMapper(model);
|
||||||
adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.DELETE).resourcePath(model).success();
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -8,7 +8,6 @@ import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||||
import org.keycloak.broker.provider.IdentityProvider;
|
import org.keycloak.broker.provider.IdentityProvider;
|
||||||
import org.keycloak.broker.provider.IdentityProviderFactory;
|
import org.keycloak.broker.provider.IdentityProviderFactory;
|
||||||
import org.keycloak.connections.httpclient.HttpClientProvider;
|
import org.keycloak.connections.httpclient.HttpClientProvider;
|
||||||
import org.keycloak.events.AdminEventBuilder;
|
|
||||||
import org.keycloak.events.admin.OperationType;
|
import org.keycloak.events.admin.OperationType;
|
||||||
import org.keycloak.models.IdentityProviderModel;
|
import org.keycloak.models.IdentityProviderModel;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
|
@ -65,12 +64,9 @@ public class IdentityProvidersResource {
|
||||||
public Response getIdentityProviders(@PathParam("provider_id") String providerId) {
|
public Response getIdentityProviders(@PathParam("provider_id") String providerId) {
|
||||||
this.auth.requireView();
|
this.auth.requireView();
|
||||||
IdentityProviderFactory providerFactory = getProviderFactorytById(providerId);
|
IdentityProviderFactory providerFactory = getProviderFactorytById(providerId);
|
||||||
|
|
||||||
if (providerFactory != null) {
|
if (providerFactory != null) {
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
return Response.ok(providerFactory).build();
|
return Response.ok(providerFactory).build();
|
||||||
}
|
}
|
||||||
|
|
||||||
return Response.status(BAD_REQUEST).build();
|
return Response.status(BAD_REQUEST).build();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -87,7 +83,7 @@ public class IdentityProvidersResource {
|
||||||
IdentityProviderFactory providerFactory = getProviderFactorytById(providerId);
|
IdentityProviderFactory providerFactory = getProviderFactorytById(providerId);
|
||||||
Map<String, String> config = providerFactory.parseConfig(inputStream);
|
Map<String, String> config = providerFactory.parseConfig(inputStream);
|
||||||
|
|
||||||
adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo.getPath()).representation(config).success();
|
adminEvent.operation(OperationType.CREATE).resourcePath(providerFactory, uriInfo.getPath()).representation(config).success();
|
||||||
|
|
||||||
return config;
|
return config;
|
||||||
}
|
}
|
||||||
|
@ -106,7 +102,7 @@ public class IdentityProvidersResource {
|
||||||
IdentityProviderFactory providerFactory = getProviderFactorytById(providerId);
|
IdentityProviderFactory providerFactory = getProviderFactorytById(providerId);
|
||||||
Map<String, String> config;
|
Map<String, String> config;
|
||||||
config = providerFactory.parseConfig(inputStream);
|
config = providerFactory.parseConfig(inputStream);
|
||||||
adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo.getPath()).representation(config).success();
|
adminEvent.operation(OperationType.CREATE).resourcePath(providerFactory, uriInfo.getPath()).representation(config).success();
|
||||||
return config;
|
return config;
|
||||||
} finally {
|
} finally {
|
||||||
try {
|
try {
|
||||||
|
@ -128,7 +124,6 @@ public class IdentityProvidersResource {
|
||||||
for (IdentityProviderModel identityProviderModel : realm.getIdentityProviders()) {
|
for (IdentityProviderModel identityProviderModel : realm.getIdentityProviders()) {
|
||||||
representations.add(ModelToRepresentation.toRepresentation(identityProviderModel));
|
representations.add(ModelToRepresentation.toRepresentation(identityProviderModel));
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
return representations;
|
return representations;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -142,8 +137,7 @@ public class IdentityProvidersResource {
|
||||||
IdentityProviderModel identityProvider = RepresentationToModel.toModel(representation);
|
IdentityProviderModel identityProvider = RepresentationToModel.toModel(representation);
|
||||||
this.realm.addIdentityProvider(identityProvider);
|
this.realm.addIdentityProvider(identityProvider);
|
||||||
|
|
||||||
adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo.getAbsolutePathBuilder()
|
adminEvent.operation(OperationType.CREATE).resourcePath(identityProvider)
|
||||||
.path(representation.getProviderId()).build().toString().substring(uriInfo.getBaseUri().toString().length()))
|
|
||||||
.representation(representation).success();
|
.representation(representation).success();
|
||||||
|
|
||||||
return Response.created(uriInfo.getAbsolutePathBuilder().path(representation.getProviderId()).build()).build();
|
return Response.created(uriInfo.getAbsolutePathBuilder().path(representation.getProviderId()).build()).build();
|
||||||
|
@ -171,7 +165,6 @@ public class IdentityProvidersResource {
|
||||||
IdentityProviderResource identityProviderResource = new IdentityProviderResource(this.auth, realm, session, identityProviderModel, adminEvent);
|
IdentityProviderResource identityProviderResource = new IdentityProviderResource(this.auth, realm, session, identityProviderModel, adminEvent);
|
||||||
ResteasyProviderFactory.getInstance().injectProperties(identityProviderResource);
|
ResteasyProviderFactory.getInstance().injectProperties(identityProviderResource);
|
||||||
|
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
return identityProviderResource;
|
return identityProviderResource;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -3,11 +3,11 @@ package org.keycloak.services.resources.admin;
|
||||||
import org.jboss.logging.Logger;
|
import org.jboss.logging.Logger;
|
||||||
import org.jboss.resteasy.annotations.cache.NoCache;
|
import org.jboss.resteasy.annotations.cache.NoCache;
|
||||||
import org.jboss.resteasy.spi.NotFoundException;
|
import org.jboss.resteasy.spi.NotFoundException;
|
||||||
import org.keycloak.events.AdminEventBuilder;
|
|
||||||
import org.keycloak.events.admin.OperationType;
|
import org.keycloak.events.admin.OperationType;
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.ProtocolMapperModel;
|
import org.keycloak.models.ProtocolMapperModel;
|
||||||
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.models.utils.ModelToRepresentation;
|
import org.keycloak.models.utils.ModelToRepresentation;
|
||||||
import org.keycloak.models.utils.RepresentationToModel;
|
import org.keycloak.models.utils.RepresentationToModel;
|
||||||
import org.keycloak.representations.idm.ProtocolMapperRepresentation;
|
import org.keycloak.representations.idm.ProtocolMapperRepresentation;
|
||||||
|
@ -36,7 +36,7 @@ import java.util.List;
|
||||||
*/
|
*/
|
||||||
public class ProtocolMappersResource {
|
public class ProtocolMappersResource {
|
||||||
protected static final Logger logger = Logger.getLogger(ProtocolMappersResource.class);
|
protected static final Logger logger = Logger.getLogger(ProtocolMappersResource.class);
|
||||||
|
|
||||||
protected ClientModel client;
|
protected ClientModel client;
|
||||||
|
|
||||||
protected RealmAuth auth;
|
protected RealmAuth auth;
|
||||||
|
@ -73,7 +73,6 @@ public class ProtocolMappersResource {
|
||||||
for (ProtocolMapperModel mapper : client.getProtocolMappers()) {
|
for (ProtocolMapperModel mapper : client.getProtocolMappers()) {
|
||||||
if (mapper.getProtocol().equals(protocol)) mappers.add(ModelToRepresentation.toRepresentation(mapper));
|
if (mapper.getProtocol().equals(protocol)) mappers.add(ModelToRepresentation.toRepresentation(mapper));
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return mappers;
|
return mappers;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -90,9 +89,7 @@ public class ProtocolMappersResource {
|
||||||
auth.requireManage();
|
auth.requireManage();
|
||||||
ProtocolMapperModel model = RepresentationToModel.toModel(rep);
|
ProtocolMapperModel model = RepresentationToModel.toModel(rep);
|
||||||
model = client.addProtocolMapper(model);
|
model = client.addProtocolMapper(model);
|
||||||
adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo.getAbsolutePathBuilder()
|
adminEvent.operation(OperationType.CREATE).resourcePath(model).representation(rep).success();
|
||||||
.path(model.getId()).build().toString().substring(uriInfo.getBaseUri().toString().length()))
|
|
||||||
.representation(rep).success();
|
|
||||||
return Response.created(uriInfo.getAbsolutePathBuilder().path(model.getId()).build()).build();
|
return Response.created(uriInfo.getAbsolutePathBuilder().path(model.getId()).build()).build();
|
||||||
}
|
}
|
||||||
/**
|
/**
|
||||||
|
@ -110,7 +107,7 @@ public class ProtocolMappersResource {
|
||||||
model = RepresentationToModel.toModel(rep);
|
model = RepresentationToModel.toModel(rep);
|
||||||
model = client.addProtocolMapper(model);
|
model = client.addProtocolMapper(model);
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo.getPath()).representation(reps).success();
|
adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo.getPath(), false).representation(reps).success();
|
||||||
}
|
}
|
||||||
|
|
||||||
@GET
|
@GET
|
||||||
|
@ -123,7 +120,6 @@ public class ProtocolMappersResource {
|
||||||
for (ProtocolMapperModel mapper : client.getProtocolMappers()) {
|
for (ProtocolMapperModel mapper : client.getProtocolMappers()) {
|
||||||
mappers.add(ModelToRepresentation.toRepresentation(mapper));
|
mappers.add(ModelToRepresentation.toRepresentation(mapper));
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return mappers;
|
return mappers;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -135,7 +131,6 @@ public class ProtocolMappersResource {
|
||||||
auth.requireView();
|
auth.requireView();
|
||||||
ProtocolMapperModel model = client.getProtocolMapperById(id);
|
ProtocolMapperModel model = client.getProtocolMapperById(id);
|
||||||
if (model == null) throw new NotFoundException("Model not found");
|
if (model == null) throw new NotFoundException("Model not found");
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return ModelToRepresentation.toRepresentation(model);
|
return ModelToRepresentation.toRepresentation(model);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -149,7 +144,7 @@ public class ProtocolMappersResource {
|
||||||
if (model == null) throw new NotFoundException("Model not found");
|
if (model == null) throw new NotFoundException("Model not found");
|
||||||
model = RepresentationToModel.toModel(rep);
|
model = RepresentationToModel.toModel(rep);
|
||||||
client.updateProtocolMapper(model);
|
client.updateProtocolMapper(model);
|
||||||
adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo.getPath()).representation(rep).success();
|
adminEvent.operation(OperationType.UPDATE).resourcePath(model).representation(rep).success();
|
||||||
}
|
}
|
||||||
|
|
||||||
@DELETE
|
@DELETE
|
||||||
|
@ -160,7 +155,7 @@ public class ProtocolMappersResource {
|
||||||
ProtocolMapperModel model = client.getProtocolMapperById(id);
|
ProtocolMapperModel model = client.getProtocolMapperById(id);
|
||||||
if (model == null) throw new NotFoundException("Model not found");
|
if (model == null) throw new NotFoundException("Model not found");
|
||||||
client.removeProtocolMapper(model);
|
client.removeProtocolMapper(model);
|
||||||
adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.DELETE).resourcePath(model).success();
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -6,8 +6,7 @@ import org.jboss.resteasy.plugins.providers.multipart.InputPart;
|
||||||
import org.jboss.resteasy.plugins.providers.multipart.MultipartFormDataInput;
|
import org.jboss.resteasy.plugins.providers.multipart.MultipartFormDataInput;
|
||||||
import org.jboss.resteasy.spi.NotFoundException;
|
import org.jboss.resteasy.spi.NotFoundException;
|
||||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||||
import org.keycloak.events.AdminEventBuilder;
|
import org.keycloak.ClientConnection;
|
||||||
import org.keycloak.events.admin.OperationType;
|
|
||||||
import org.keycloak.models.AdminRoles;
|
import org.keycloak.models.AdminRoles;
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
|
@ -52,18 +51,19 @@ public class RealmsAdminResource {
|
||||||
protected static final Logger logger = Logger.getLogger(RealmsAdminResource.class);
|
protected static final Logger logger = Logger.getLogger(RealmsAdminResource.class);
|
||||||
protected AdminAuth auth;
|
protected AdminAuth auth;
|
||||||
protected TokenManager tokenManager;
|
protected TokenManager tokenManager;
|
||||||
protected AdminEventBuilder adminEvent;
|
|
||||||
|
|
||||||
@Context
|
@Context
|
||||||
protected KeycloakSession session;
|
protected KeycloakSession session;
|
||||||
|
|
||||||
@Context
|
@Context
|
||||||
protected KeycloakApplication keycloak;
|
protected KeycloakApplication keycloak;
|
||||||
|
|
||||||
|
@Context
|
||||||
|
protected ClientConnection clientConnection;
|
||||||
|
|
||||||
public RealmsAdminResource(AdminAuth auth, TokenManager tokenManager, AdminEventBuilder adminEvent) {
|
public RealmsAdminResource(AdminAuth auth, TokenManager tokenManager) {
|
||||||
this.auth = auth;
|
this.auth = auth;
|
||||||
this.tokenManager = tokenManager;
|
this.tokenManager = tokenManager;
|
||||||
this.adminEvent = adminEvent;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public static final CacheControl noCache = new CacheControl();
|
public static final CacheControl noCache = new CacheControl();
|
||||||
|
@ -92,7 +92,6 @@ public class RealmsAdminResource {
|
||||||
ClientModel adminApp = auth.getRealm().getClientByClientId(realmManager.getRealmAdminClientId(auth.getRealm()));
|
ClientModel adminApp = auth.getRealm().getClientByClientId(realmManager.getRealmAdminClientId(auth.getRealm()));
|
||||||
addRealmRep(reps, auth.getRealm(), adminApp);
|
addRealmRep(reps, auth.getRealm(), adminApp);
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
logger.debug(("getRealms()"));
|
logger.debug(("getRealms()"));
|
||||||
return reps;
|
return reps;
|
||||||
}
|
}
|
||||||
|
@ -135,8 +134,6 @@ public class RealmsAdminResource {
|
||||||
URI location = AdminRoot.realmsUrl(uriInfo).path(realm.getName()).build();
|
URI location = AdminRoot.realmsUrl(uriInfo).path(realm.getName()).build();
|
||||||
logger.debugv("imported realm success, sending back: {0}", location.toString());
|
logger.debugv("imported realm success, sending back: {0}", location.toString());
|
||||||
|
|
||||||
adminEvent.operation(OperationType.CREATE).resourcePath(location.toString()).representation(rep).success();
|
|
||||||
|
|
||||||
return Response.created(location).build();
|
return Response.created(location).build();
|
||||||
} catch (ModelDuplicateException e) {
|
} catch (ModelDuplicateException e) {
|
||||||
return ErrorResponse.exists("Realm " + rep.getRealm() + " already exists");
|
return ErrorResponse.exists("Realm " + rep.getRealm() + " already exists");
|
||||||
|
@ -183,7 +180,6 @@ public class RealmsAdminResource {
|
||||||
URI location = null;
|
URI location = null;
|
||||||
if (inputParts.size() == 1) {
|
if (inputParts.size() == 1) {
|
||||||
location = AdminRoot.realmsUrl(uriInfo).path(realm.getName()).build();
|
location = AdminRoot.realmsUrl(uriInfo).path(realm.getName()).build();
|
||||||
adminEvent.operation(OperationType.CREATE).resourcePath(location.toString()).representation(rep).success();
|
|
||||||
return Response.created(location).build();
|
return Response.created(location).build();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -229,7 +225,9 @@ public class RealmsAdminResource {
|
||||||
} else {
|
} else {
|
||||||
realmAuth = new RealmAuth(auth, realm.getClientByClientId(realmManager.getRealmAdminClientId(auth.getRealm())));
|
realmAuth = new RealmAuth(auth, realm.getClientByClientId(realmManager.getRealmAdminClientId(auth.getRealm())));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
AdminEventBuilder adminEvent = new AdminEventBuilder(realm, auth, session, clientConnection);
|
||||||
|
|
||||||
RealmAdminResource adminResource = new RealmAdminResource(realmAuth, realm, tokenManager, adminEvent);
|
RealmAdminResource adminResource = new RealmAdminResource(realmAuth, realm, tokenManager, adminEvent);
|
||||||
ResteasyProviderFactory.getInstance().injectProperties(adminResource);
|
ResteasyProviderFactory.getInstance().injectProperties(adminResource);
|
||||||
//resourceContext.initResource(adminResource);
|
//resourceContext.initResource(adminResource);
|
||||||
|
|
|
@ -3,7 +3,6 @@ package org.keycloak.services.resources.admin;
|
||||||
import org.jboss.logging.Logger;
|
import org.jboss.logging.Logger;
|
||||||
import org.jboss.resteasy.annotations.cache.NoCache;
|
import org.jboss.resteasy.annotations.cache.NoCache;
|
||||||
import org.jboss.resteasy.spi.NotFoundException;
|
import org.jboss.resteasy.spi.NotFoundException;
|
||||||
import org.keycloak.events.AdminEventBuilder;
|
|
||||||
import org.keycloak.events.admin.OperationType;
|
import org.keycloak.events.admin.OperationType;
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
|
@ -63,9 +62,6 @@ public class RoleByIdResource extends RoleResource {
|
||||||
public RoleRepresentation getRole(final @PathParam("role-id") String id) {
|
public RoleRepresentation getRole(final @PathParam("role-id") String id) {
|
||||||
RoleModel roleModel = getRoleModel(id);
|
RoleModel roleModel = getRoleModel(id);
|
||||||
auth.requireView();
|
auth.requireView();
|
||||||
|
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
|
|
||||||
return getRole(roleModel);
|
return getRole(roleModel);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -84,9 +80,6 @@ public class RoleByIdResource extends RoleResource {
|
||||||
r = RealmAuth.Resource.USER;
|
r = RealmAuth.Resource.USER;
|
||||||
}
|
}
|
||||||
auth.init(r);
|
auth.init(r);
|
||||||
|
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
|
|
||||||
return roleModel;
|
return roleModel;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -102,7 +95,7 @@ public class RoleByIdResource extends RoleResource {
|
||||||
RoleModel role = getRoleModel(id);
|
RoleModel role = getRoleModel(id);
|
||||||
auth.requireManage();
|
auth.requireManage();
|
||||||
deleteRole(role);
|
deleteRole(role);
|
||||||
adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri().getPath()).success();
|
adminEvent.operation(OperationType.DELETE).resourcePath(role).success();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -118,7 +111,7 @@ public class RoleByIdResource extends RoleResource {
|
||||||
RoleModel role = getRoleModel(id);
|
RoleModel role = getRoleModel(id);
|
||||||
auth.requireManage();
|
auth.requireManage();
|
||||||
updateRole(rep, role);
|
updateRole(rep, role);
|
||||||
adminEvent.operation(OperationType.UPDATE).resourcePath(session.getContext().getUri().getPath()).representation(rep).success();
|
adminEvent.operation(OperationType.UPDATE).resourcePath(role).representation(rep).success();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -134,7 +127,9 @@ public class RoleByIdResource extends RoleResource {
|
||||||
RoleModel role = getRoleModel(id);
|
RoleModel role = getRoleModel(id);
|
||||||
auth.requireManage();
|
auth.requireManage();
|
||||||
addComposites(roles, role);
|
addComposites(roles, role);
|
||||||
adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri().getPath()).representation(roles).success();
|
|
||||||
|
adminEvent.operation(OperationType.ACTION)
|
||||||
|
.resourcePath(role, session.getContext().getUri().getPath()).representation(roles).success();
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -153,7 +148,6 @@ public class RoleByIdResource extends RoleResource {
|
||||||
if (logger.isDebugEnabled()) logger.debug("*** getRoleComposites: '" + id + "'");
|
if (logger.isDebugEnabled()) logger.debug("*** getRoleComposites: '" + id + "'");
|
||||||
RoleModel role = getRoleModel(id);
|
RoleModel role = getRoleModel(id);
|
||||||
auth.requireView();
|
auth.requireView();
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
return getRoleComposites(role);
|
return getRoleComposites(role);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -170,7 +164,6 @@ public class RoleByIdResource extends RoleResource {
|
||||||
public Set<RoleRepresentation> getRealmRoleComposites(final @PathParam("role-id") String id) {
|
public Set<RoleRepresentation> getRealmRoleComposites(final @PathParam("role-id") String id) {
|
||||||
RoleModel role = getRoleModel(id);
|
RoleModel role = getRoleModel(id);
|
||||||
auth.requireView();
|
auth.requireView();
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
return getRealmRoleComposites(role);
|
return getRealmRoleComposites(role);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -194,7 +187,6 @@ public class RoleByIdResource extends RoleResource {
|
||||||
throw new NotFoundException("Could not find client: " + appName);
|
throw new NotFoundException("Could not find client: " + appName);
|
||||||
|
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
return getClientRoleComposites(app, role);
|
return getClientRoleComposites(app, role);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -218,7 +210,6 @@ public class RoleByIdResource extends RoleResource {
|
||||||
throw new NotFoundException("Could not find client: " + appId);
|
throw new NotFoundException("Could not find client: " + appId);
|
||||||
|
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
return getClientRoleComposites(app, role);
|
return getClientRoleComposites(app, role);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -235,7 +226,9 @@ public class RoleByIdResource extends RoleResource {
|
||||||
RoleModel role = getRoleModel(id);
|
RoleModel role = getRoleModel(id);
|
||||||
auth.requireManage();
|
auth.requireManage();
|
||||||
deleteComposites(roles, role);
|
deleteComposites(roles, role);
|
||||||
adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
|
adminEvent.operation(OperationType.DELETE)
|
||||||
|
.resourcePath(role, session.getContext().getUri().getPath()).representation(roles).success();
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,7 +2,6 @@ package org.keycloak.services.resources.admin;
|
||||||
|
|
||||||
import org.jboss.resteasy.annotations.cache.NoCache;
|
import org.jboss.resteasy.annotations.cache.NoCache;
|
||||||
import org.jboss.resteasy.spi.NotFoundException;
|
import org.jboss.resteasy.spi.NotFoundException;
|
||||||
import org.keycloak.events.AdminEventBuilder;
|
|
||||||
import org.keycloak.events.admin.OperationType;
|
import org.keycloak.events.admin.OperationType;
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
|
@ -65,7 +64,6 @@ public class RoleContainerResource extends RoleResource {
|
||||||
for (RoleModel roleModel : roleModels) {
|
for (RoleModel roleModel : roleModels) {
|
||||||
roles.add(ModelToRepresentation.toRepresentation(roleModel));
|
roles.add(ModelToRepresentation.toRepresentation(roleModel));
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return roles;
|
return roles;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -85,9 +83,7 @@ public class RoleContainerResource extends RoleResource {
|
||||||
RoleModel role = roleContainer.addRole(rep.getName());
|
RoleModel role = roleContainer.addRole(rep.getName());
|
||||||
role.setDescription(rep.getDescription());
|
role.setDescription(rep.getDescription());
|
||||||
|
|
||||||
adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo.getAbsolutePathBuilder()
|
adminEvent.operation(OperationType.CREATE).resourcePath(role).representation(rep).success();
|
||||||
.path(role.getName()).build().toString().substring(uriInfo.getBaseUri().toString().length()))
|
|
||||||
.representation(rep).success();
|
|
||||||
|
|
||||||
return Response.created(uriInfo.getAbsolutePathBuilder().path(role.getName()).build()).build();
|
return Response.created(uriInfo.getAbsolutePathBuilder().path(role.getName()).build()).build();
|
||||||
} catch (ModelDuplicateException e) {
|
} catch (ModelDuplicateException e) {
|
||||||
|
@ -113,8 +109,6 @@ public class RoleContainerResource extends RoleResource {
|
||||||
throw new NotFoundException("Could not find role: " + roleName);
|
throw new NotFoundException("Could not find role: " + roleName);
|
||||||
}
|
}
|
||||||
|
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
|
|
||||||
return getRole(roleModel);
|
return getRole(roleModel);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -136,7 +130,7 @@ public class RoleContainerResource extends RoleResource {
|
||||||
}
|
}
|
||||||
deleteRole(role);
|
deleteRole(role);
|
||||||
|
|
||||||
adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.DELETE).resourcePath(role).success();
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -160,7 +154,7 @@ public class RoleContainerResource extends RoleResource {
|
||||||
try {
|
try {
|
||||||
updateRole(rep, role);
|
updateRole(rep, role);
|
||||||
|
|
||||||
adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo.getPath()).representation(rep).success();
|
adminEvent.operation(OperationType.UPDATE).resourcePath(role).representation(rep).success();
|
||||||
|
|
||||||
return Response.noContent().build();
|
return Response.noContent().build();
|
||||||
} catch (ModelDuplicateException e) {
|
} catch (ModelDuplicateException e) {
|
||||||
|
@ -185,7 +179,7 @@ public class RoleContainerResource extends RoleResource {
|
||||||
throw new NotFoundException("Could not find role: " + roleName);
|
throw new NotFoundException("Could not find role: " + roleName);
|
||||||
}
|
}
|
||||||
addComposites(roles, role);
|
addComposites(roles, role);
|
||||||
adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo.getPath()).representation(roles).success();
|
adminEvent.operation(OperationType.ACTION).resourcePath(role, uriInfo.getPath()).representation(roles).success();
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -206,7 +200,6 @@ public class RoleContainerResource extends RoleResource {
|
||||||
if (role == null) {
|
if (role == null) {
|
||||||
throw new NotFoundException("Could not find role: " + roleName);
|
throw new NotFoundException("Could not find role: " + roleName);
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return getRoleComposites(role);
|
return getRoleComposites(role);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -227,7 +220,6 @@ public class RoleContainerResource extends RoleResource {
|
||||||
if (role == null) {
|
if (role == null) {
|
||||||
throw new NotFoundException("Could not find role: " + roleName);
|
throw new NotFoundException("Could not find role: " + roleName);
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return getRealmRoleComposites(role);
|
return getRealmRoleComposites(role);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -256,7 +248,6 @@ public class RoleContainerResource extends RoleResource {
|
||||||
throw new NotFoundException("Could not find client: " + clientId);
|
throw new NotFoundException("Could not find client: " + clientId);
|
||||||
|
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return getClientRoleComposites(app, role);
|
return getClientRoleComposites(app, role);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -286,7 +277,6 @@ public class RoleContainerResource extends RoleResource {
|
||||||
throw new NotFoundException("Could not find client: " + id);
|
throw new NotFoundException("Could not find client: " + id);
|
||||||
|
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return getClientRoleComposites(client, role);
|
return getClientRoleComposites(client, role);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -310,8 +300,7 @@ public class RoleContainerResource extends RoleResource {
|
||||||
throw new NotFoundException("Could not find role: " + roleName);
|
throw new NotFoundException("Could not find role: " + roleName);
|
||||||
}
|
}
|
||||||
deleteComposites(roles, role);
|
deleteComposites(roles, role);
|
||||||
adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.DELETE).resourcePath(role, uriInfo.getPath()).success();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,7 +2,6 @@ package org.keycloak.services.resources.admin;
|
||||||
|
|
||||||
import org.jboss.resteasy.annotations.cache.NoCache;
|
import org.jboss.resteasy.annotations.cache.NoCache;
|
||||||
import org.jboss.resteasy.spi.NotFoundException;
|
import org.jboss.resteasy.spi.NotFoundException;
|
||||||
import org.keycloak.events.AdminEventBuilder;
|
|
||||||
import org.keycloak.events.admin.OperationType;
|
import org.keycloak.events.admin.OperationType;
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
|
@ -17,9 +16,7 @@ import javax.ws.rs.GET;
|
||||||
import javax.ws.rs.POST;
|
import javax.ws.rs.POST;
|
||||||
import javax.ws.rs.Path;
|
import javax.ws.rs.Path;
|
||||||
import javax.ws.rs.Produces;
|
import javax.ws.rs.Produces;
|
||||||
import javax.ws.rs.core.Context;
|
|
||||||
import javax.ws.rs.core.MediaType;
|
import javax.ws.rs.core.MediaType;
|
||||||
import javax.ws.rs.core.UriInfo;
|
|
||||||
|
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
@ -62,7 +59,6 @@ public class ScopeMappedClientResource {
|
||||||
for (RoleModel roleModel : mappings) {
|
for (RoleModel roleModel : mappings) {
|
||||||
mapRep.add(ModelToRepresentation.toRepresentation(roleModel));
|
mapRep.add(ModelToRepresentation.toRepresentation(roleModel));
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
return mapRep;
|
return mapRep;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -79,7 +75,6 @@ public class ScopeMappedClientResource {
|
||||||
auth.requireView();
|
auth.requireView();
|
||||||
|
|
||||||
Set<RoleModel> roles = scopedClient.getRoles();
|
Set<RoleModel> roles = scopedClient.getRoles();
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
return ScopeMappedResource.getAvailable(client, roles);
|
return ScopeMappedResource.getAvailable(client, roles);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -96,7 +91,6 @@ public class ScopeMappedClientResource {
|
||||||
auth.requireView();
|
auth.requireView();
|
||||||
|
|
||||||
Set<RoleModel> roles = scopedClient.getRoles();
|
Set<RoleModel> roles = scopedClient.getRoles();
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
return ScopeMappedResource.getComposite(client, roles);
|
return ScopeMappedResource.getComposite(client, roles);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -116,9 +110,8 @@ public class ScopeMappedClientResource {
|
||||||
throw new NotFoundException("Role not found");
|
throw new NotFoundException("Role not found");
|
||||||
}
|
}
|
||||||
client.addScopeMapping(roleModel);
|
client.addScopeMapping(roleModel);
|
||||||
|
adminEvent.operation(OperationType.CREATE).resourcePath(client, "/roles").representation(roles).success();
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri().getPath()).representation(roles).success();
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -146,6 +139,6 @@ public class ScopeMappedClientResource {
|
||||||
client.deleteScopeMapping(roleModel);
|
client.deleteScopeMapping(roleModel);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri().getPath()).success();
|
adminEvent.operation(OperationType.DELETE).resourcePath(client, "/roles").representation(roles).success();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,7 +2,6 @@ package org.keycloak.services.resources.admin;
|
||||||
|
|
||||||
import org.jboss.resteasy.annotations.cache.NoCache;
|
import org.jboss.resteasy.annotations.cache.NoCache;
|
||||||
import org.jboss.resteasy.spi.NotFoundException;
|
import org.jboss.resteasy.spi.NotFoundException;
|
||||||
import org.keycloak.events.AdminEventBuilder;
|
|
||||||
import org.keycloak.events.admin.OperationType;
|
import org.keycloak.events.admin.OperationType;
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
|
@ -91,7 +90,6 @@ public class ScopeMappedResource {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
return all;
|
return all;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -112,7 +110,6 @@ public class ScopeMappedResource {
|
||||||
for (RoleModel roleModel : realmMappings) {
|
for (RoleModel roleModel : realmMappings) {
|
||||||
realmMappingsRep.add(ModelToRepresentation.toRepresentation(roleModel));
|
realmMappingsRep.add(ModelToRepresentation.toRepresentation(roleModel));
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
return realmMappingsRep;
|
return realmMappingsRep;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -129,7 +126,6 @@ public class ScopeMappedResource {
|
||||||
auth.requireView();
|
auth.requireView();
|
||||||
|
|
||||||
Set<RoleModel> roles = realm.getRoles();
|
Set<RoleModel> roles = realm.getRoles();
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
return getAvailable(client, roles);
|
return getAvailable(client, roles);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -157,7 +153,6 @@ public class ScopeMappedResource {
|
||||||
auth.requireView();
|
auth.requireView();
|
||||||
|
|
||||||
Set<RoleModel> roles = realm.getRoles();
|
Set<RoleModel> roles = realm.getRoles();
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
return getComposite(client, roles);
|
return getComposite(client, roles);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -187,7 +182,7 @@ public class ScopeMappedResource {
|
||||||
}
|
}
|
||||||
client.addScopeMapping(roleModel);
|
client.addScopeMapping(roleModel);
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri().getPath()).representation(roles).success();
|
adminEvent.operation(OperationType.CREATE).resourcePath(client, "/roles").representation(roles).success();
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -217,7 +212,7 @@ public class ScopeMappedResource {
|
||||||
client.deleteScopeMapping(roleModel);
|
client.deleteScopeMapping(roleModel);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri().getPath()).success();
|
adminEvent.operation(OperationType.DELETE).resourcePath(client, "/roles").representation(roles).success();
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -228,7 +223,6 @@ public class ScopeMappedResource {
|
||||||
if (app == null) {
|
if (app == null) {
|
||||||
throw new NotFoundException("Role not found");
|
throw new NotFoundException("Role not found");
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
return new ScopeMappedClientResource(realm, auth, client, session, app, adminEvent);
|
return new ScopeMappedClientResource(realm, auth, client, session, app, adminEvent);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -239,7 +233,6 @@ public class ScopeMappedResource {
|
||||||
if (app == null) {
|
if (app == null) {
|
||||||
throw new NotFoundException("Client not found");
|
throw new NotFoundException("Client not found");
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
return new ScopeMappedClientResource(realm, auth, client, session, app, adminEvent);
|
return new ScopeMappedClientResource(realm, auth, client, session, app, adminEvent);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,7 +3,6 @@ package org.keycloak.services.resources.admin;
|
||||||
import org.jboss.logging.Logger;
|
import org.jboss.logging.Logger;
|
||||||
import org.jboss.resteasy.annotations.cache.NoCache;
|
import org.jboss.resteasy.annotations.cache.NoCache;
|
||||||
import org.jboss.resteasy.spi.NotFoundException;
|
import org.jboss.resteasy.spi.NotFoundException;
|
||||||
import org.keycloak.events.AdminEventBuilder;
|
|
||||||
import org.keycloak.events.admin.OperationType;
|
import org.keycloak.events.admin.OperationType;
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
|
@ -69,7 +68,6 @@ public class UserClientRoleMappingsResource {
|
||||||
for (RoleModel roleModel : mappings) {
|
for (RoleModel roleModel : mappings) {
|
||||||
mapRep.add(ModelToRepresentation.toRepresentation(roleModel));
|
mapRep.add(ModelToRepresentation.toRepresentation(roleModel));
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
return mapRep;
|
return mapRep;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -90,7 +88,6 @@ public class UserClientRoleMappingsResource {
|
||||||
for (RoleModel roleModel : roles) {
|
for (RoleModel roleModel : roles) {
|
||||||
if (user.hasRole(roleModel)) mapRep.add(ModelToRepresentation.toRepresentation(roleModel));
|
if (user.hasRole(roleModel)) mapRep.add(ModelToRepresentation.toRepresentation(roleModel));
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
return mapRep;
|
return mapRep;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -107,7 +104,6 @@ public class UserClientRoleMappingsResource {
|
||||||
auth.requireView();
|
auth.requireView();
|
||||||
|
|
||||||
Set<RoleModel> available = client.getRoles();
|
Set<RoleModel> available = client.getRoles();
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(session.getContext().getUri().getPath()).success();
|
|
||||||
return getAvailableRoles(user, available);
|
return getAvailableRoles(user, available);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -142,7 +138,7 @@ public class UserClientRoleMappingsResource {
|
||||||
}
|
}
|
||||||
user.grantRole(roleModel);
|
user.grantRole(roleModel);
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri().getPath()).representation(roles).success();
|
adminEvent.operation(OperationType.CREATE).resourcePath(client, user, "/roles/").representation(roles).success();
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -175,6 +171,6 @@ public class UserClientRoleMappingsResource {
|
||||||
user.deleteRoleMapping(roleModel);
|
user.deleteRoleMapping(roleModel);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri().getPath()).success();
|
adminEvent.operation(OperationType.DELETE).resourcePath(client, user, "/roles/").representation(roles).success();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,7 +4,6 @@ import org.jboss.logging.Logger;
|
||||||
import org.jboss.resteasy.annotations.cache.NoCache;
|
import org.jboss.resteasy.annotations.cache.NoCache;
|
||||||
import org.jboss.resteasy.spi.NotFoundException;
|
import org.jboss.resteasy.spi.NotFoundException;
|
||||||
import org.keycloak.constants.KerberosConstants;
|
import org.keycloak.constants.KerberosConstants;
|
||||||
import org.keycloak.events.AdminEventBuilder;
|
|
||||||
import org.keycloak.events.admin.OperationType;
|
import org.keycloak.events.admin.OperationType;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
|
@ -84,7 +83,6 @@ public class UserFederationResource {
|
||||||
rep.setOptions(((UserFederationProviderFactory)factory).getConfigurationOptions());
|
rep.setOptions(((UserFederationProviderFactory)factory).getConfigurationOptions());
|
||||||
providers.add(rep);
|
providers.add(rep);
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return providers;
|
return providers;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -107,7 +105,6 @@ public class UserFederationResource {
|
||||||
rep.setId(factory.getId());
|
rep.setId(factory.getId());
|
||||||
rep.setOptions(((UserFederationProviderFactory)factory).getConfigurationOptions());
|
rep.setOptions(((UserFederationProviderFactory)factory).getConfigurationOptions());
|
||||||
|
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
|
|
||||||
return rep;
|
return rep;
|
||||||
}
|
}
|
||||||
|
@ -134,9 +131,7 @@ public class UserFederationResource {
|
||||||
new UsersSyncManager().refreshPeriodicSyncForProvider(session.getKeycloakSessionFactory(), session.getProvider(TimerProvider.class), model, realm.getId());
|
new UsersSyncManager().refreshPeriodicSyncForProvider(session.getKeycloakSessionFactory(), session.getProvider(TimerProvider.class), model, realm.getId());
|
||||||
checkKerberosCredential(model);
|
checkKerberosCredential(model);
|
||||||
|
|
||||||
adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo.getAbsolutePathBuilder()
|
adminEvent.operation(OperationType.CREATE).resourcePath(model).representation(rep).success();
|
||||||
.path(model.getId()).build().toString().substring(uriInfo.getBaseUri().toString().length()))
|
|
||||||
.representation(rep).success();
|
|
||||||
|
|
||||||
return Response.created(uriInfo.getAbsolutePathBuilder().path(model.getId()).build()).build();
|
return Response.created(uriInfo.getAbsolutePathBuilder().path(model.getId()).build()).build();
|
||||||
}
|
}
|
||||||
|
@ -162,7 +157,7 @@ public class UserFederationResource {
|
||||||
new UsersSyncManager().refreshPeriodicSyncForProvider(session.getKeycloakSessionFactory(), session.getProvider(TimerProvider.class), model, realm.getId());
|
new UsersSyncManager().refreshPeriodicSyncForProvider(session.getKeycloakSessionFactory(), session.getProvider(TimerProvider.class), model, realm.getId());
|
||||||
checkKerberosCredential(model);
|
checkKerberosCredential(model);
|
||||||
|
|
||||||
adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo.getPath()).representation(rep).success();
|
adminEvent.operation(OperationType.UPDATE).resourcePath(model).representation(rep).success();
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -179,7 +174,6 @@ public class UserFederationResource {
|
||||||
auth.requireView();
|
auth.requireView();
|
||||||
for (UserFederationProviderModel model : realm.getUserFederationProviders()) {
|
for (UserFederationProviderModel model : realm.getUserFederationProviders()) {
|
||||||
if (model.getId().equals(id)) {
|
if (model.getId().equals(id)) {
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return ModelToRepresentation.toRepresentation(model);
|
return ModelToRepresentation.toRepresentation(model);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -201,7 +195,7 @@ public class UserFederationResource {
|
||||||
realm.removeUserFederationProvider(model);
|
realm.removeUserFederationProvider(model);
|
||||||
new UsersSyncManager().removePeriodicSyncForProvider(session.getProvider(TimerProvider.class), model);
|
new UsersSyncManager().removePeriodicSyncForProvider(session.getProvider(TimerProvider.class), model);
|
||||||
|
|
||||||
adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.DELETE).resourcePath(model).success();
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -222,7 +216,6 @@ public class UserFederationResource {
|
||||||
UserFederationProviderRepresentation rep = ModelToRepresentation.toRepresentation(model);
|
UserFederationProviderRepresentation rep = ModelToRepresentation.toRepresentation(model);
|
||||||
reps.add(rep);
|
reps.add(rep);
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return reps;
|
return reps;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -246,7 +239,7 @@ public class UserFederationResource {
|
||||||
} else if ("triggerChangedUsersSync".equals(action)) {
|
} else if ("triggerChangedUsersSync".equals(action)) {
|
||||||
syncManager.syncChangedUsers(session.getKeycloakSessionFactory(), realm.getId(), model);
|
syncManager.syncChangedUsers(session.getKeycloakSessionFactory(), realm.getId(), model);
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.ACTION).resourcePath(model, "/sync").success();
|
||||||
return Response.noContent().build();
|
return Response.noContent().build();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -7,7 +7,6 @@ import org.jboss.resteasy.spi.NotFoundException;
|
||||||
import org.keycloak.ClientConnection;
|
import org.keycloak.ClientConnection;
|
||||||
import org.keycloak.email.EmailException;
|
import org.keycloak.email.EmailException;
|
||||||
import org.keycloak.email.EmailProvider;
|
import org.keycloak.email.EmailProvider;
|
||||||
import org.keycloak.events.AdminEventBuilder;
|
|
||||||
import org.keycloak.events.admin.OperationType;
|
import org.keycloak.events.admin.OperationType;
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.models.ClientSessionModel;
|
import org.keycloak.models.ClientSessionModel;
|
||||||
|
@ -122,7 +121,7 @@ public class UsersResource {
|
||||||
throw new NotFoundException("User not found");
|
throw new NotFoundException("User not found");
|
||||||
}
|
}
|
||||||
updateUserFromRep(user, rep);
|
updateUserFromRep(user, rep);
|
||||||
adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo.getPath()).representation(rep).success();
|
adminEvent.operation(OperationType.UPDATE).resourcePath(user).representation(rep).success();
|
||||||
|
|
||||||
if (session.getTransaction().isActive()) {
|
if (session.getTransaction().isActive()) {
|
||||||
session.getTransaction().commit();
|
session.getTransaction().commit();
|
||||||
|
@ -159,9 +158,7 @@ public class UsersResource {
|
||||||
UserModel user = session.users().addUser(realm, rep.getUsername());
|
UserModel user = session.users().addUser(realm, rep.getUsername());
|
||||||
updateUserFromRep(user, rep);
|
updateUserFromRep(user, rep);
|
||||||
|
|
||||||
adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo.getAbsolutePathBuilder()
|
adminEvent.operation(OperationType.CREATE).resourcePath(user).representation(rep).success();
|
||||||
.path(user.getUsername()).build().toString().substring(uriInfo.getBaseUri().toString().length()))
|
|
||||||
.representation(rep).success();
|
|
||||||
|
|
||||||
if (session.getTransaction().isActive()) {
|
if (session.getTransaction().isActive()) {
|
||||||
session.getTransaction().commit();
|
session.getTransaction().commit();
|
||||||
|
@ -228,8 +225,6 @@ public class UsersResource {
|
||||||
throw new NotFoundException("User not found");
|
throw new NotFoundException("User not found");
|
||||||
}
|
}
|
||||||
|
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
|
|
||||||
UserRepresentation rep = ModelToRepresentation.toRepresentation(user);
|
UserRepresentation rep = ModelToRepresentation.toRepresentation(user);
|
||||||
|
|
||||||
if (realm.isIdentityFederationEnabled()) {
|
if (realm.isIdentityFederationEnabled()) {
|
||||||
|
@ -268,7 +263,6 @@ public class UsersResource {
|
||||||
UserSessionRepresentation rep = ModelToRepresentation.toRepresentation(session);
|
UserSessionRepresentation rep = ModelToRepresentation.toRepresentation(session);
|
||||||
reps.add(rep);
|
reps.add(rep);
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return reps;
|
return reps;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -300,7 +294,6 @@ public class UsersResource {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -319,7 +312,7 @@ public class UsersResource {
|
||||||
|
|
||||||
FederatedIdentityModel socialLink = new FederatedIdentityModel(provider, rep.getUserId(), rep.getUserName());
|
FederatedIdentityModel socialLink = new FederatedIdentityModel(provider, rep.getUserId(), rep.getUserName());
|
||||||
session.users().addFederatedIdentity(realm, user, socialLink);
|
session.users().addFederatedIdentity(realm, user, socialLink);
|
||||||
adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo.getPath()).representation(rep).success();
|
adminEvent.operation(OperationType.CREATE).resourcePath(user, uriInfo.getPath(), true).representation(rep).success();
|
||||||
return Response.noContent().build();
|
return Response.noContent().build();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -335,7 +328,7 @@ public class UsersResource {
|
||||||
if (!session.users().removeFederatedIdentity(realm, user, provider)) {
|
if (!session.users().removeFederatedIdentity(realm, user, provider)) {
|
||||||
throw new NotFoundException("Link not found");
|
throw new NotFoundException("Link not found");
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.DELETE).resourcePath(user, uriInfo.getPath(), true).success();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -362,7 +355,6 @@ public class UsersResource {
|
||||||
UserConsentRepresentation rep = ModelToRepresentation.toRepresentation(consent);
|
UserConsentRepresentation rep = ModelToRepresentation.toRepresentation(consent);
|
||||||
result.add(rep);
|
result.add(rep);
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -390,7 +382,7 @@ public class UsersResource {
|
||||||
} else {
|
} else {
|
||||||
throw new NotFoundException("Consent not found for user " + username + " and client " + clientId);
|
throw new NotFoundException("Consent not found for user " + username + " and client " + clientId);
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.ACTION).resourcePath(user, client, uriInfo.getPath()).success();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -412,7 +404,7 @@ public class UsersResource {
|
||||||
for (UserSessionModel userSession : userSessions) {
|
for (UserSessionModel userSession : userSessions) {
|
||||||
AuthenticationManager.backchannelLogout(session, realm, userSession, uriInfo, clientConnection, headers, true);
|
AuthenticationManager.backchannelLogout(session, realm, userSession, uriInfo, clientConnection, headers, true);
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.ACTION).resourcePath(user, uriInfo.getPath()).success();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -434,7 +426,7 @@ public class UsersResource {
|
||||||
|
|
||||||
boolean removed = new UserManager(session).removeUser(realm, user);
|
boolean removed = new UserManager(session).removeUser(realm, user);
|
||||||
if (removed) {
|
if (removed) {
|
||||||
adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.DELETE).resourcePath(user).success();
|
||||||
return Response.noContent().build();
|
return Response.noContent().build();
|
||||||
} else {
|
} else {
|
||||||
return ErrorResponse.error("User couldn't be deleted", Response.Status.BAD_REQUEST);
|
return ErrorResponse.error("User couldn't be deleted", Response.Status.BAD_REQUEST);
|
||||||
|
@ -543,7 +535,6 @@ public class UsersResource {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return all;
|
return all;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -570,7 +561,6 @@ public class UsersResource {
|
||||||
for (RoleModel roleModel : realmMappings) {
|
for (RoleModel roleModel : realmMappings) {
|
||||||
realmMappingsRep.add(ModelToRepresentation.toRepresentation(roleModel));
|
realmMappingsRep.add(ModelToRepresentation.toRepresentation(roleModel));
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return realmMappingsRep;
|
return realmMappingsRep;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -599,7 +589,6 @@ public class UsersResource {
|
||||||
realmMappingsRep.add(ModelToRepresentation.toRepresentation(roleModel));
|
realmMappingsRep.add(ModelToRepresentation.toRepresentation(roleModel));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return realmMappingsRep;
|
return realmMappingsRep;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -622,7 +611,6 @@ public class UsersResource {
|
||||||
}
|
}
|
||||||
|
|
||||||
Set<RoleModel> available = realm.getRoles();
|
Set<RoleModel> available = realm.getRoles();
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return UserClientRoleMappingsResource.getAvailableRoles(user, available);
|
return UserClientRoleMappingsResource.getAvailableRoles(user, available);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -652,7 +640,7 @@ public class UsersResource {
|
||||||
user.grantRole(roleModel);
|
user.grantRole(roleModel);
|
||||||
}
|
}
|
||||||
|
|
||||||
adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo.getPath()).representation(roles).success();
|
adminEvent.operation(OperationType.CREATE).resourcePath(user, realm, uriInfo.getPath()).representation(roles).success();
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -690,7 +678,7 @@ public class UsersResource {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.DELETE).resourcePath(user, realm, uriInfo.getPath()).representation(roles).success();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Path("{username}/role-mappings/clients/{clientId}")
|
@Path("{username}/role-mappings/clients/{clientId}")
|
||||||
|
@ -705,7 +693,6 @@ public class UsersResource {
|
||||||
if (client == null) {
|
if (client == null) {
|
||||||
throw new NotFoundException("Client not found");
|
throw new NotFoundException("Client not found");
|
||||||
}
|
}
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return new UserClientRoleMappingsResource(realm, auth, user, client, adminEvent);
|
return new UserClientRoleMappingsResource(realm, auth, user, client, adminEvent);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -722,7 +709,6 @@ public class UsersResource {
|
||||||
throw new NotFoundException("Client not found");
|
throw new NotFoundException("Client not found");
|
||||||
}
|
}
|
||||||
|
|
||||||
adminEvent.operation(OperationType.VIEW).resourcePath(uriInfo.getPath()).success();
|
|
||||||
return new UserClientRoleMappingsResource(realm, auth, user, client, adminEvent);
|
return new UserClientRoleMappingsResource(realm, auth, user, client, adminEvent);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -757,7 +743,7 @@ public class UsersResource {
|
||||||
}
|
}
|
||||||
if (pass.isTemporary()) user.addRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD);
|
if (pass.isTemporary()) user.addRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD);
|
||||||
|
|
||||||
adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.ACTION).resourcePath(user, uriInfo.getPath()).success();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -777,7 +763,7 @@ public class UsersResource {
|
||||||
}
|
}
|
||||||
|
|
||||||
user.setTotp(false);
|
user.setTotp(false);
|
||||||
adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.ACTION).resourcePath(user, uriInfo.getPath()).success();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -854,7 +840,7 @@ public class UsersResource {
|
||||||
|
|
||||||
//audit.user(user).detail(Details.EMAIL, user.getEmail()).detail(Details.CODE_ID, accessCode.getCodeId()).success();
|
//audit.user(user).detail(Details.EMAIL, user.getEmail()).detail(Details.CODE_ID, accessCode.getCodeId()).success();
|
||||||
|
|
||||||
adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo.getPath()).success();
|
adminEvent.operation(OperationType.ACTION).resourcePath(user, uriInfo.getPath()).success();
|
||||||
|
|
||||||
return Response.ok().build();
|
return Response.ok().build();
|
||||||
} catch (EmailException e) {
|
} catch (EmailException e) {
|
||||||
|
|
|
@ -42,7 +42,7 @@ public class AdminEventStoreProviderTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void save() {
|
public void save() {
|
||||||
eventStore.onEvent(create(OperationType.VIEW, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create("realmId", OperationType.CREATE, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@ -50,19 +50,19 @@ public class AdminEventStoreProviderTest {
|
||||||
long oldest = System.currentTimeMillis() - 30000;
|
long oldest = System.currentTimeMillis() - 30000;
|
||||||
long newest = System.currentTimeMillis() + 30000;
|
long newest = System.currentTimeMillis() + 30000;
|
||||||
|
|
||||||
eventStore.onEvent(create(OperationType.VIEW, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create("realmId", OperationType.CREATE, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(newest, OperationType.ACTION, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create(newest, "realmId", OperationType.ACTION, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(newest, OperationType.ACTION, "realmId", "clientId", "userId2", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create(newest, "realmId", OperationType.ACTION, "realmId", "clientId", "userId2", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(OperationType.VIEW, "realmId2", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create("realmId2", OperationType.CREATE, "realmId2", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(oldest, OperationType.VIEW, "realmId", "clientId2", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create(oldest, "realmId", OperationType.CREATE, "realmId", "clientId2", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(OperationType.VIEW, "realmId", "clientId", "userId2", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create("realmId", OperationType.CREATE, "realmId", "clientId", "userId2", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
|
|
||||||
resetSession();
|
resetSession();
|
||||||
|
|
||||||
Assert.assertEquals(5, eventStore.createAdminQuery().authClient("clientId").getResultList().size());
|
Assert.assertEquals(5, eventStore.createAdminQuery().authClient("clientId").getResultList().size());
|
||||||
Assert.assertEquals(5, eventStore.createAdminQuery().authRealm("realmId").getResultList().size());
|
Assert.assertEquals(5, eventStore.createAdminQuery().authRealm("realmId").getResultList().size());
|
||||||
Assert.assertEquals(4, eventStore.createAdminQuery().operation(OperationType.VIEW).getResultList().size());
|
Assert.assertEquals(4, eventStore.createAdminQuery().operation(OperationType.CREATE).getResultList().size());
|
||||||
Assert.assertEquals(6, eventStore.createAdminQuery().operation(OperationType.VIEW, OperationType.ACTION).getResultList().size());
|
Assert.assertEquals(6, eventStore.createAdminQuery().operation(OperationType.CREATE, OperationType.ACTION).getResultList().size());
|
||||||
Assert.assertEquals(4, eventStore.createAdminQuery().authUser("userId").getResultList().size());
|
Assert.assertEquals(4, eventStore.createAdminQuery().authUser("userId").getResultList().size());
|
||||||
|
|
||||||
Assert.assertEquals(1, eventStore.createAdminQuery().authUser("userId").operation(OperationType.ACTION).getResultList().size());
|
Assert.assertEquals(1, eventStore.createAdminQuery().authUser("userId").operation(OperationType.ACTION).getResultList().size());
|
||||||
|
@ -95,14 +95,14 @@ public class AdminEventStoreProviderTest {
|
||||||
e.printStackTrace();
|
e.printStackTrace();
|
||||||
}
|
}
|
||||||
|
|
||||||
eventStore.onEvent(create(date1, OperationType.VIEW, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create(date1, "realmId", OperationType.CREATE, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(date1, OperationType.VIEW, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create(date1, "realmId", OperationType.CREATE, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(date2, OperationType.ACTION, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create(date2, "realmId", OperationType.ACTION, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(date2, OperationType.ACTION, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create(date2, "realmId", OperationType.ACTION, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(date3, OperationType.UPDATE, "realmId", "clientId", "userId2", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create(date3, "realmId", OperationType.UPDATE, "realmId", "clientId", "userId2", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(date3, OperationType.DELETE, "realmId", "clientId", "userId2", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create(date3, "realmId", OperationType.DELETE, "realmId", "clientId", "userId2", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(date4, OperationType.CREATE, "realmId2", "clientId2", "userId2", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create(date4, "realmId2", OperationType.CREATE, "realmId2", "clientId2", "userId2", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(date4, OperationType.CREATE, "realmId2", "clientId2", "userId2", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create(date4, "realmId2", OperationType.CREATE, "realmId2", "clientId2", "userId2", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
|
|
||||||
resetSession();
|
resetSession();
|
||||||
|
|
||||||
|
@ -115,12 +115,11 @@ public class AdminEventStoreProviderTest {
|
||||||
Assert.assertEquals(4, eventStore.createAdminQuery().authUser("userId").getResultList().size());
|
Assert.assertEquals(4, eventStore.createAdminQuery().authUser("userId").getResultList().size());
|
||||||
Assert.assertEquals(4, eventStore.createAdminQuery().authUser("userId2").getResultList().size());
|
Assert.assertEquals(4, eventStore.createAdminQuery().authUser("userId2").getResultList().size());
|
||||||
|
|
||||||
Assert.assertEquals(2, eventStore.createAdminQuery().operation(OperationType.VIEW).getResultList().size());
|
|
||||||
Assert.assertEquals(2, eventStore.createAdminQuery().operation(OperationType.ACTION).getResultList().size());
|
Assert.assertEquals(2, eventStore.createAdminQuery().operation(OperationType.ACTION).getResultList().size());
|
||||||
Assert.assertEquals(4, eventStore.createAdminQuery().operation(OperationType.VIEW, OperationType.ACTION).getResultList().size());
|
Assert.assertEquals(6, eventStore.createAdminQuery().operation(OperationType.CREATE, OperationType.ACTION).getResultList().size());
|
||||||
Assert.assertEquals(1, eventStore.createAdminQuery().operation(OperationType.UPDATE).getResultList().size());
|
Assert.assertEquals(1, eventStore.createAdminQuery().operation(OperationType.UPDATE).getResultList().size());
|
||||||
Assert.assertEquals(1, eventStore.createAdminQuery().operation(OperationType.DELETE).getResultList().size());
|
Assert.assertEquals(1, eventStore.createAdminQuery().operation(OperationType.DELETE).getResultList().size());
|
||||||
Assert.assertEquals(2, eventStore.createAdminQuery().operation(OperationType.CREATE).getResultList().size());
|
Assert.assertEquals(4, eventStore.createAdminQuery().operation(OperationType.CREATE).getResultList().size());
|
||||||
|
|
||||||
Assert.assertEquals(8, eventStore.createAdminQuery().fromTime("2015-03-04").getResultList().size());
|
Assert.assertEquals(8, eventStore.createAdminQuery().fromTime("2015-03-04").getResultList().size());
|
||||||
Assert.assertEquals(8, eventStore.createAdminQuery().toTime("2015-03-07").getResultList().size());
|
Assert.assertEquals(8, eventStore.createAdminQuery().toTime("2015-03-07").getResultList().size());
|
||||||
|
@ -146,12 +145,12 @@ public class AdminEventStoreProviderTest {
|
||||||
long oldest = System.currentTimeMillis() - 30000;
|
long oldest = System.currentTimeMillis() - 30000;
|
||||||
long newest = System.currentTimeMillis() + 30000;
|
long newest = System.currentTimeMillis() + 30000;
|
||||||
|
|
||||||
eventStore.onEvent(create(OperationType.VIEW, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create("realmId", OperationType.CREATE, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(newest, OperationType.ACTION, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create(newest, "realmId", OperationType.ACTION, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(newest, OperationType.ACTION, "realmId", "clientId", "userId2", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create(newest, "realmId", OperationType.ACTION, "realmId", "clientId", "userId2", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(OperationType.VIEW, "realmId2", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create("realmId2", OperationType.CREATE, "realmId2", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(oldest, OperationType.VIEW, "realmId", "clientId2", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create(oldest, "realmId", OperationType.CREATE, "realmId", "clientId2", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(OperationType.VIEW, "realmId", "clientId", "userId2", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create("realmId", OperationType.CREATE, "realmId", "clientId", "userId2", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
|
|
||||||
resetSession();
|
resetSession();
|
||||||
|
|
||||||
|
@ -165,11 +164,11 @@ public class AdminEventStoreProviderTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void clear() {
|
public void clear() {
|
||||||
eventStore.onEvent(create(System.currentTimeMillis() - 30000, OperationType.VIEW, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create(System.currentTimeMillis() - 30000, "realmId", OperationType.CREATE, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(System.currentTimeMillis() - 20000, OperationType.VIEW, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create(System.currentTimeMillis() - 20000, "realmId", OperationType.CREATE, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(System.currentTimeMillis(), OperationType.VIEW, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create(System.currentTimeMillis(), "realmId", OperationType.CREATE, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(System.currentTimeMillis(), OperationType.VIEW, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create(System.currentTimeMillis(), "realmId", OperationType.CREATE, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(System.currentTimeMillis() - 30000, OperationType.VIEW, "realmId2", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create(System.currentTimeMillis() - 30000, "realmId2", OperationType.CREATE, "realmId2", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
|
|
||||||
resetSession();
|
resetSession();
|
||||||
|
|
||||||
|
@ -180,36 +179,37 @@ public class AdminEventStoreProviderTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void clearOld() {
|
public void clearOld() {
|
||||||
eventStore.onEvent(create(System.currentTimeMillis() - 30000, OperationType.VIEW, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create(System.currentTimeMillis() - 30000, "realmId", OperationType.CREATE, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(System.currentTimeMillis() - 20000, OperationType.VIEW, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create(System.currentTimeMillis() - 20000, "realmId", OperationType.CREATE, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(System.currentTimeMillis(), OperationType.VIEW, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create(System.currentTimeMillis(), "realmId", OperationType.CREATE, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(System.currentTimeMillis(), OperationType.VIEW, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create(System.currentTimeMillis(), "realmId", OperationType.CREATE, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
eventStore.onEvent(create(System.currentTimeMillis() - 30000, OperationType.VIEW, "realmId2", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
eventStore.onEvent(create(System.currentTimeMillis() - 30000, "realmId", OperationType.CREATE, "realmId", "clientId", "userId", "127.0.0.1", "/admin/realms/master", "error"), false);
|
||||||
|
|
||||||
resetSession();
|
resetSession();
|
||||||
|
|
||||||
eventStore.clearAdmin("realmId", System.currentTimeMillis() - 10000);
|
eventStore.clearAdmin("realmId", System.currentTimeMillis() - 10000);
|
||||||
|
|
||||||
Assert.assertEquals(3, eventStore.createAdminQuery().getResultList().size());
|
Assert.assertEquals(2, eventStore.createAdminQuery().getResultList().size());
|
||||||
}
|
}
|
||||||
|
|
||||||
private AdminEvent create(OperationType operation, String realmId, String clientId, String userId, String ipAddress, String resourcePath, String error) {
|
private AdminEvent create(String realmId, OperationType operation, String authRealmId, String authClientId, String authUserId, String authIpAddress, String resourcePath, String error) {
|
||||||
return create(System.currentTimeMillis(), operation, realmId, clientId, userId, ipAddress, resourcePath, error);
|
return create(System.currentTimeMillis(), realmId, operation, authRealmId, authClientId, authUserId, authIpAddress, resourcePath, error);
|
||||||
}
|
}
|
||||||
|
|
||||||
private AdminEvent create(Date date, OperationType operation, String realmId, String clientId, String userId, String ipAddress, String resourcePath, String error) {
|
private AdminEvent create(Date date, String realmId, OperationType operation, String authRealmId, String authClientId, String authUserId, String authIpAddress, String resourcePath, String error) {
|
||||||
return create(date.getTime(), operation, realmId, clientId, userId, ipAddress, resourcePath, error);
|
return create(date.getTime(), realmId, operation, authRealmId, authClientId, authUserId, authIpAddress, resourcePath, error);
|
||||||
}
|
}
|
||||||
|
|
||||||
private AdminEvent create(long time, OperationType operation, String realmId, String clientId, String userId, String ipAddress, String resourcePath, String error) {
|
private AdminEvent create(long time, String realmId, OperationType operation, String authRealmId, String authClientId, String authUserId, String authIpAddress, String resourcePath, String error) {
|
||||||
AdminEvent e = new AdminEvent();
|
AdminEvent e = new AdminEvent();
|
||||||
e.setTime(time);
|
e.setTime(time);
|
||||||
|
e.setRealmId(realmId);
|
||||||
e.setOperationType(operation);
|
e.setOperationType(operation);
|
||||||
AuthDetails authDetails = new AuthDetails();
|
AuthDetails authDetails = new AuthDetails();
|
||||||
authDetails.setRealmId(realmId);
|
authDetails.setRealmId(authRealmId);
|
||||||
authDetails.setClientId(clientId);
|
authDetails.setClientId(authClientId);
|
||||||
authDetails.setUserId(userId);
|
authDetails.setUserId(authUserId);
|
||||||
authDetails.setIpAddress(ipAddress);
|
authDetails.setIpAddress(authIpAddress);
|
||||||
e.setAuthDetails(authDetails);
|
e.setAuthDetails(authDetails);
|
||||||
e.setResourcePath(resourcePath);
|
e.setResourcePath(resourcePath);
|
||||||
e.setError(error);
|
e.setError(error);
|
||||||
|
|
Loading…
Reference in a new issue