Stefan Guilhen
Michal Hajas
parent
4950f7bebe
commit
2252b09949
11 changed files with 60 additions and 317 deletions
|
|
@ -463,31 +463,6 @@ public class ClientAdapter implements ClientModel, CachedObject {
|
|||
updated.setBaseUrl(url);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated
|
||||
public Stream<String> getDefaultRolesStream() {
|
||||
if (isUpdated()) return updated.getDefaultRolesStream();
|
||||
return getRealm().getDefaultRole().getCompositesStream().filter(this::isClientRole).map(RoleModel::getName);
|
||||
}
|
||||
|
||||
private boolean isClientRole(RoleModel role) {
|
||||
return role.isClientRole() && Objects.equals(role.getContainerId(), this.getId());
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated
|
||||
public void addDefaultRole(String name) {
|
||||
getDelegateForUpdate();
|
||||
updated.addDefaultRole(name);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated
|
||||
public void removeDefaultRoles(String... defaultRoles) {
|
||||
getDelegateForUpdate();
|
||||
updated.removeDefaultRoles(defaultRoles);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isBearerOnly() {
|
||||
if (isUpdated()) return updated.isBearerOnly();
|
||||
|
|
|
|||
|
|
@ -747,32 +747,6 @@ public class RealmAdapter implements CachedRealmModel {
|
|||
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated
|
||||
public Stream<String> getDefaultRolesStream() {
|
||||
if (isUpdated()) return updated.getDefaultRolesStream();
|
||||
return getDefaultRole().getCompositesStream().filter(this::isRealmRole).map(RoleModel::getName);
|
||||
}
|
||||
|
||||
private boolean isRealmRole(RoleModel role) {
|
||||
return ! role.isClientRole();
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated
|
||||
public void addDefaultRole(String name) {
|
||||
getDelegateForUpdate();
|
||||
updated.addDefaultRole(name);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated
|
||||
public void removeDefaultRoles(String... defaultRoles) {
|
||||
getDelegateForUpdate();
|
||||
updated.removeDefaultRoles(defaultRoles);
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public void addToDefaultRoles(RoleModel role) {
|
||||
getDelegateForUpdate();
|
||||
|
|
|
|||
|
|
@ -655,38 +655,6 @@ public class ClientAdapter implements ClientModel, JpaModel<ClientEntity> {
|
|||
return RoleUtils.hasRole(getRolesStream(), role);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated
|
||||
public Stream<String> getDefaultRolesStream() {
|
||||
return realm.getDefaultRole().getCompositesStream().filter(this::isClientRole).map(RoleModel::getName);
|
||||
}
|
||||
|
||||
private boolean isClientRole(RoleModel role) {
|
||||
return role.isClientRole() && Objects.equals(role.getContainerId(), this.getId());
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated
|
||||
public void addDefaultRole(String name) {
|
||||
realm.getDefaultRole().addCompositeRole(getOrAddRoleId(name));
|
||||
}
|
||||
|
||||
private RoleModel getOrAddRoleId(String name) {
|
||||
RoleModel role = getRole(name);
|
||||
if (role == null) {
|
||||
role = addRole(name);
|
||||
}
|
||||
return role;
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated
|
||||
public void removeDefaultRoles(String... defaultRoles) {
|
||||
for (String defaultRole : defaultRoles) {
|
||||
realm.getDefaultRole().removeCompositeRole(getRole(defaultRole));
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public int getNodeReRegistrationTimeout() {
|
||||
return entity.getNodeReRegistrationTimeout();
|
||||
|
|
|
|||
|
|
@ -688,38 +688,6 @@ public class RealmAdapter implements LegacyRealmModel, JpaModel<RealmEntity> {
|
|||
return realm.getRequiredCredentials().stream().map(this::toRequiredCredentialModel);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated
|
||||
public Stream<String> getDefaultRolesStream() {
|
||||
return getDefaultRole().getCompositesStream().filter(this::isRealmRole).map(RoleModel::getName);
|
||||
}
|
||||
|
||||
private boolean isRealmRole(RoleModel role) {
|
||||
return ! role.isClientRole();
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated
|
||||
public void addDefaultRole(String name) {
|
||||
getDefaultRole().addCompositeRole(getOrAddRoleId(name));
|
||||
}
|
||||
|
||||
private RoleModel getOrAddRoleId(String name) {
|
||||
RoleModel role = getRole(name);
|
||||
if (role == null) {
|
||||
role = addRole(name);
|
||||
}
|
||||
return role;
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated
|
||||
public void removeDefaultRoles(String... defaultRoles) {
|
||||
for (String defaultRole : defaultRoles) {
|
||||
getDefaultRole().removeCompositeRole(getRole(defaultRole));
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public Stream<GroupModel> getDefaultGroupsStream() {
|
||||
return realm.getDefaultGroupIds().stream().map(this::getGroupById);
|
||||
|
|
|
|||
|
|
@ -64,27 +64,4 @@ public abstract class UnsupportedOperationsClientStorageAdapter implements Clien
|
|||
return Stream.empty();
|
||||
}
|
||||
|
||||
@Override
|
||||
public final Stream<String> getDefaultRolesStream() {
|
||||
return Stream.empty();
|
||||
}
|
||||
|
||||
@Override
|
||||
public final void addDefaultRole(String name) {
|
||||
throw new ModelException("Unsupported operation");
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public final void updateDefaultRoles(String... defaultRoles) {
|
||||
throw new ModelException("Unsupported operation");
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public final void removeDefaultRoles(String... defaultRoles) {
|
||||
throw new ModelException("Unsupported operation");
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -482,40 +482,6 @@ public abstract class MapClientAdapter extends AbstractClientModel<MapClientEnti
|
|||
return getRolesStream().anyMatch(r -> (Objects.equals(r, role) || r.hasRole(role)));
|
||||
}
|
||||
|
||||
/*************** Default roles ****************/
|
||||
|
||||
@Override
|
||||
@Deprecated
|
||||
public Stream<String> getDefaultRolesStream() {
|
||||
return realm.getDefaultRole().getCompositesStream().filter(this::isClientRole).map(RoleModel::getName);
|
||||
}
|
||||
|
||||
private boolean isClientRole(RoleModel role) {
|
||||
return role.isClientRole() && Objects.equals(role.getContainerId(), this.getId());
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated
|
||||
public void addDefaultRole(String name) {
|
||||
realm.getDefaultRole().addCompositeRole(getOrAddRoleId(name));
|
||||
}
|
||||
|
||||
private RoleModel getOrAddRoleId(String name) {
|
||||
RoleModel role = getRole(name);
|
||||
if (role == null) {
|
||||
role = addRole(name);
|
||||
}
|
||||
return role;
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated
|
||||
public void removeDefaultRoles(String... defaultRoles) {
|
||||
for (String defaultRole : defaultRoles) {
|
||||
realm.getDefaultRole().removeCompositeRole(getRole(defaultRole));
|
||||
}
|
||||
}
|
||||
|
||||
/*************** Protocol mappers ****************/
|
||||
|
||||
private String safeGetProtocol() {
|
||||
|
|
|
|||
|
|
@ -1554,38 +1554,6 @@ public class MapRealmAdapter extends AbstractRealmModel<MapRealmEntity> implemen
|
|||
return session.roles().searchForRolesStream(this, search, first, max);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated
|
||||
public Stream<String> getDefaultRolesStream() {
|
||||
return getDefaultRole().getCompositesStream().filter(this::isRealmRole).map(RoleModel::getName);
|
||||
}
|
||||
|
||||
private boolean isRealmRole(RoleModel role) {
|
||||
return ! role.isClientRole();
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated
|
||||
public void addDefaultRole(String name) {
|
||||
getDefaultRole().addCompositeRole(getOrAddRoleId(name));
|
||||
}
|
||||
|
||||
private RoleModel getOrAddRoleId(String name) {
|
||||
RoleModel role = getRole(name);
|
||||
if (role == null) {
|
||||
role = addRole(name);
|
||||
}
|
||||
return role;
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated
|
||||
public void removeDefaultRoles(String... defaultRoles) {
|
||||
for (String defaultRole : defaultRoles) {
|
||||
getDefaultRole().removeCompositeRole(getRole(defaultRole));
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isBruteForceProtected() {
|
||||
return getAttribute(BRUTE_FORCE_PROTECTED, false);
|
||||
|
|
|
|||
|
|
@ -589,26 +589,6 @@ public class ClientModelLazyDelegate implements ClientModel {
|
|||
return getDelegate().searchForRolesStream(search, first, max);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Stream<String> getDefaultRolesStream() {
|
||||
return getDelegate().getDefaultRolesStream();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void addDefaultRole(String name) {
|
||||
getDelegate().addDefaultRole(name);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void updateDefaultRoles(String... defaultRoles) {
|
||||
getDelegate().updateDefaultRoles(defaultRoles);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void removeDefaultRoles(String... defaultRoles) {
|
||||
getDelegate().removeDefaultRoles(defaultRoles);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Stream<ProtocolMapperModel> getProtocolMappersStream() {
|
||||
return getDelegate().getProtocolMappersStream();
|
||||
|
|
|
|||
|
|
@ -67,21 +67,6 @@ public class IdentityBrokerStateTestHelpers {
|
|||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Stream<String> getDefaultRolesStream() {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void addDefaultRole(String name) {
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public void removeDefaultRoles(String... defaultRoles) {
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getClientId() {
|
||||
return clientId;
|
||||
|
|
@ -553,21 +538,6 @@ public class IdentityBrokerStateTestHelpers {
|
|||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Stream<String> getDefaultRolesStream() {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void addDefaultRole(String name) {
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public void removeDefaultRoles(String... defaultRoles) {
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return null;
|
||||
|
|
|
|||
|
|
@ -73,62 +73,4 @@ public interface RoleContainerModel {
|
|||
*/
|
||||
Stream<RoleModel> searchForRolesStream(String search, Integer first, Integer max);
|
||||
|
||||
/**
|
||||
* @deprecated Default roles are now managed by {@link org.keycloak.models.RealmModel#getDefaultRole()}. This method will be removed.
|
||||
* @return List of default roles names or empty list if there are none. Never returns {@code null}.
|
||||
*/
|
||||
@Deprecated
|
||||
default List<String> getDefaultRoles() {
|
||||
Stream<String> defaultRolesStream = getDefaultRolesStream();
|
||||
if (defaultRolesStream != null) {
|
||||
return defaultRolesStream.collect(Collectors.toList());
|
||||
} else {
|
||||
return Collections.emptyList();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @deprecated Default roles are now managed by {@link org.keycloak.models.RealmModel#getDefaultRole()}. This method will be removed.
|
||||
* @return Stream of default roles names or empty stream if there are none. Never returns {@code null}.
|
||||
*/
|
||||
@Deprecated
|
||||
Stream<String> getDefaultRolesStream();
|
||||
|
||||
/**
|
||||
* @deprecated Default roles are now managed by {@link org.keycloak.models.RealmModel#getDefaultRole()}. This method will be removed.
|
||||
*/
|
||||
@Deprecated
|
||||
void addDefaultRole(String name);
|
||||
|
||||
/**
|
||||
* @deprecated Default roles are now managed by {@link org.keycloak.models.RealmModel#getDefaultRole()}. This method will be removed.
|
||||
*/
|
||||
@Deprecated
|
||||
default void updateDefaultRoles(String... defaultRoles) {
|
||||
List<String> defaultRolesArray = Arrays.asList(defaultRoles);
|
||||
Collection<String> entities = getDefaultRolesStream().collect(Collectors.toList());
|
||||
Set<String> already = new HashSet<>();
|
||||
ArrayList<String> remove = new ArrayList<>();
|
||||
for (String rel : entities) {
|
||||
if (! defaultRolesArray.contains(rel)) {
|
||||
remove.add(rel);
|
||||
} else {
|
||||
already.add(rel);
|
||||
}
|
||||
}
|
||||
removeDefaultRoles(remove.toArray(new String[] {}));
|
||||
|
||||
for (String roleName : defaultRoles) {
|
||||
if (!already.contains(roleName)) {
|
||||
addDefaultRole(roleName);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @deprecated Default roles are now managed by {@link org.keycloak.models.RealmModel#getDefaultRole()}. This method will be removed.
|
||||
*/
|
||||
@Deprecated
|
||||
void removeDefaultRoles(String... defaultRoles);
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -17,6 +17,14 @@
|
|||
|
||||
package org.keycloak.services.clientregistration;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Objects;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
import java.util.stream.Stream;
|
||||
import org.keycloak.events.EventBuilder;
|
||||
import org.keycloak.events.EventType;
|
||||
|
|
@ -26,6 +34,7 @@ import org.keycloak.models.ClientRegistrationAccessTokenConstants;
|
|||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.ModelDuplicateException;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.models.RoleModel;
|
||||
import org.keycloak.models.utils.ModelToRepresentation;
|
||||
import org.keycloak.models.utils.RepresentationToModel;
|
||||
import org.keycloak.representations.idm.ClientRepresentation;
|
||||
|
|
@ -69,7 +78,7 @@ public abstract class AbstractClientRegistrationProvider implements ClientRegist
|
|||
|
||||
if (client.getDefaultRoles() != null) {
|
||||
for (String name : client.getDefaultRoles()) {
|
||||
clientModel.addDefaultRole(name);
|
||||
addDefaultRole(clientModel, name);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -99,7 +108,7 @@ public abstract class AbstractClientRegistrationProvider implements ClientRegist
|
|||
|
||||
client.setDirectAccessGrantsEnabled(false);
|
||||
|
||||
Stream<String> defaultRolesNames = clientModel.getDefaultRolesStream();
|
||||
Stream<String> defaultRolesNames = getDefaultRolesStream(clientModel);
|
||||
if (defaultRolesNames != null) {
|
||||
client.setDefaultRoles(defaultRolesNames.toArray(String[]::new));
|
||||
}
|
||||
|
|
@ -128,7 +137,7 @@ public abstract class AbstractClientRegistrationProvider implements ClientRegist
|
|||
rep.setRegistrationAccessToken(registrationAccessToken);
|
||||
}
|
||||
|
||||
Stream<String> defaultRolesNames = client.getDefaultRolesStream();
|
||||
Stream<String> defaultRolesNames = getDefaultRolesStream(client);
|
||||
if (defaultRolesNames != null) {
|
||||
rep.setDefaultRoles(defaultRolesNames.toArray(String[]::new));
|
||||
}
|
||||
|
|
@ -154,14 +163,14 @@ public abstract class AbstractClientRegistrationProvider implements ClientRegist
|
|||
RepresentationToModel.updateClientProtocolMappers(rep, client);
|
||||
|
||||
if (rep.getDefaultRoles() != null) {
|
||||
client.updateDefaultRoles(rep.getDefaultRoles());
|
||||
updateDefaultRoles(client, rep.getDefaultRoles());
|
||||
}
|
||||
|
||||
rep = ModelToRepresentation.toRepresentation(client, session);
|
||||
|
||||
rep.setSecret(client.getSecret());
|
||||
|
||||
Stream<String> defaultRolesNames = client.getDefaultRolesStream();
|
||||
Stream<String> defaultRolesNames = getDefaultRolesStream(client);
|
||||
if (defaultRolesNames != null) {
|
||||
rep.setDefaultRoles(defaultRolesNames.toArray(String[]::new));
|
||||
}
|
||||
|
|
@ -239,4 +248,50 @@ public abstract class AbstractClientRegistrationProvider implements ClientRegist
|
|||
public void close() {
|
||||
}
|
||||
|
||||
/* =========== default roles =========== */
|
||||
|
||||
private void addDefaultRole(ClientModel client, String name) {
|
||||
client.getRealm().getDefaultRole().addCompositeRole(getOrAddRoleId(client, name));
|
||||
}
|
||||
|
||||
private RoleModel getOrAddRoleId(ClientModel client, String name) {
|
||||
RoleModel role = client.getRole(name);
|
||||
if (role == null) {
|
||||
role = client.addRole(name);
|
||||
}
|
||||
return role;
|
||||
}
|
||||
|
||||
private Stream<String> getDefaultRolesStream(ClientModel client) {
|
||||
return client.getRealm().getDefaultRole().getCompositesStream()
|
||||
.filter(role -> role.isClientRole() && Objects.equals(role.getContainerId(), client.getId()))
|
||||
.map(RoleModel::getName);
|
||||
}
|
||||
|
||||
private void updateDefaultRoles(ClientModel client, String... defaultRoles) {
|
||||
List<String> defaultRolesArray = Arrays.asList(String.valueOf(defaultRoles));
|
||||
Collection<String> entities = getDefaultRolesStream(client).collect(Collectors.toList());
|
||||
Set<String> already = new HashSet<>();
|
||||
ArrayList<String> remove = new ArrayList<>();
|
||||
for (String rel : entities) {
|
||||
if (! defaultRolesArray.contains(rel)) {
|
||||
remove.add(rel);
|
||||
} else {
|
||||
already.add(rel);
|
||||
}
|
||||
}
|
||||
removeDefaultRoles(client, remove.toArray(new String[] {}));
|
||||
|
||||
for (String roleName : defaultRoles) {
|
||||
if (!already.contains(roleName)) {
|
||||
addDefaultRole(client, roleName);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private void removeDefaultRoles(ClientModel client, String... defaultRoles) {
|
||||
for (String defaultRole : defaultRoles) {
|
||||
client.getRealm().getDefaultRole().removeCompositeRole(client.getRole(defaultRole));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue