libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

refactor mappers

Browse source
This commit is contained in:
Bill Burke 2015-03-03 20:38:28 -05:00
parent 4430d8efac
commit 396e0c6171
59 changed files with 640 additions and 1583 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-1.2.0.Beta1.xml
View file

@ -17,7 +17,7 @@
<column name="APPLIED_BY_DEFAULT" type="BOOLEAN(1)"/> <column name="APPLIED_BY_DEFAULT" type="BOOLEAN(1)"/>
<column name="CONSENT_REQUIRED" type="BOOLEAN(1)"/> <column name="CONSENT_REQUIRED" type="BOOLEAN(1)"/>
<column name="CONSENT_TEXT" type="VARCHAR(255)"/> <column name="CONSENT_TEXT" type="VARCHAR(255)"/>
<column name="REALM_ID" type="VARCHAR(36)"> <column name="CLIENT_ID" type="VARCHAR(36)">
<constraints nullable="false"/> <constraints nullable="false"/>
</column> </column>
</createTable> </createTable>
@ -30,15 +30,6 @@
<constraints nullable="false"/> <constraints nullable="false"/>
</column> </column>
</createTable> </createTable>
<createTable tableName="CLAIM_TYPE">
<column name="ID" type="VARCHAR(36)">
<constraints nullable="false"/>
</column>
<column name="NAME" type="VARCHAR(255)"/>
<column name="BUILT_IN" type="BOOLEAN(1)"/>
<column name="VALUE_TYPE" type="VARCHAR(255)"/>
<column name="REALM_ID" type="VARCHAR(36)"/>
</createTable>
<createTable tableName="FEDERATED_IDENTITY"> <createTable tableName="FEDERATED_IDENTITY">
<column name="IDENTITY_PROVIDER" type="VARCHAR(255)"> <column name="IDENTITY_PROVIDER" type="VARCHAR(255)">
<constraints nullable="false"/> <constraints nullable="false"/>
@ -82,33 +73,21 @@
</column> </column>
<column name="RETRIEVE_TOKEN" type="BOOLEAN(1)"/> <column name="RETRIEVE_TOKEN" type="BOOLEAN(1)"/>
</createTable> </createTable>
<createTable tableName="CLIENT_PROTOCOL_MAPPER">
<column name="CLIENT_ID" type="VARCHAR(36)">
<constraints nullable="false"/>
</column>
<column name="MAPPING_ID" type="VARCHAR(36)">
<constraints nullable="false"/>
</column>
</createTable>
<addColumn tableName="CLIENT"> <addColumn tableName="CLIENT">
<column name="FRONTCHANNEL_LOGOUT" type="BOOLEAN" defaultValueBoolean="false"/> <column name="FRONTCHANNEL_LOGOUT" type="BOOLEAN" defaultValueBoolean="false"/>
</addColumn> </addColumn>
<addPrimaryKey columnNames="ID" constraintName="CONSTRAINT_CT" tableName="CLAIM_TYPE"/>
<addPrimaryKey columnNames="ID" constraintName="CONSTRAINT_PCM" tableName="PROTOCOL_MAPPER"/> <addPrimaryKey columnNames="ID" constraintName="CONSTRAINT_PCM" tableName="PROTOCOL_MAPPER"/>
<addPrimaryKey columnNames="INTERNAL_ID" constraintName="CONSTRAINT_2B" tableName="IDENTITY_PROVIDER"/> <addPrimaryKey columnNames="INTERNAL_ID" constraintName="CONSTRAINT_2B" tableName="IDENTITY_PROVIDER"/>
<addPrimaryKey columnNames="IDENTITY_PROVIDER, USER_ID" constraintName="CONSTRAINT_40" tableName="FEDERATED_IDENTITY"/> <addPrimaryKey columnNames="IDENTITY_PROVIDER, USER_ID" constraintName="CONSTRAINT_40" tableName="FEDERATED_IDENTITY"/>
<addPrimaryKey columnNames="IDENTITY_PROVIDER_ID, NAME" constraintName="CONSTRAINT_D" tableName="IDENTITY_PROVIDER_CONFIG"/> <addPrimaryKey columnNames="IDENTITY_PROVIDER_ID, NAME" constraintName="CONSTRAINT_D" tableName="IDENTITY_PROVIDER_CONFIG"/>
<addPrimaryKey columnNames="PROTOCOL_MAPPER_ID, NAME" constraintName="CONSTRAINT_PMConfig" tableName="PROTOCOL_MAPPER_CONFIG"/> <addPrimaryKey columnNames="PROTOCOL_MAPPER_ID, NAME" constraintName="CONSTRAINT_PMConfig" tableName="PROTOCOL_MAPPER_CONFIG"/>
<addForeignKeyConstraint baseColumnNames="REALM_ID" baseTableName="IDENTITY_PROVIDER" constraintName="FK2B4EBC52AE5C3B34" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="ID" referencedTableName="REALM"/> <addForeignKeyConstraint baseColumnNames="REALM_ID" baseTableName="IDENTITY_PROVIDER" constraintName="FK2B4EBC52AE5C3B34" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="ID" referencedTableName="REALM"/>
<addForeignKeyConstraint baseColumnNames="REALM_ID" baseTableName="CLAIM_TYPE" constraintName="FK_CT_REALM" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="ID" referencedTableName="REALM"/> <addForeignKeyConstraint baseColumnNames="CLIENT_ID" baseTableName="PROTOCOL_MAPPER" constraintName="FK_PCM_REALM" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="ID" referencedTableName="CLIENT"/>
<addForeignKeyConstraint baseColumnNames="REALM_ID" baseTableName="PROTOCOL_MAPPER" constraintName="FK_PCM_REALM" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="ID" referencedTableName="REALM"/>
<addForeignKeyConstraint baseColumnNames="USER_ID" baseTableName="FEDERATED_IDENTITY" constraintName="FK404288B92EF007A6" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="ID" referencedTableName="USER_ENTITY"/> <addForeignKeyConstraint baseColumnNames="USER_ID" baseTableName="FEDERATED_IDENTITY" constraintName="FK404288B92EF007A6" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="ID" referencedTableName="USER_ENTITY"/>
<addForeignKeyConstraint baseColumnNames="IDENTITY_PROVIDER_ID" baseTableName="IDENTITY_PROVIDER_CONFIG" constraintName="FKDC4897CF864C4E43" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="INTERNAL_ID" referencedTableName="IDENTITY_PROVIDER"/> <addForeignKeyConstraint baseColumnNames="IDENTITY_PROVIDER_ID" baseTableName="IDENTITY_PROVIDER_CONFIG" constraintName="FKDC4897CF864C4E43" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="INTERNAL_ID" referencedTableName="IDENTITY_PROVIDER"/>
<addForeignKeyConstraint baseColumnNames="PROTOCOL_MAPPER_ID" baseTableName="PROTOCOL_MAPPER_CONFIG" constraintName="FK_PMConfig" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="ID" referencedTableName="PROTOCOL_MAPPER"/> <addForeignKeyConstraint baseColumnNames="PROTOCOL_MAPPER_ID" baseTableName="PROTOCOL_MAPPER_CONFIG" constraintName="FK_PMConfig" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="ID" referencedTableName="PROTOCOL_MAPPER"/>
<addForeignKeyConstraint baseColumnNames="IDENTITY_PROVIDER_ID" baseTableName="CLIENT_IDENTITY_PROVIDER_MAPPING" constraintName="FK_7CELWNIBJI49AVXSRTUF6XJ12" referencedColumnNames="INTERNAL_ID" referencedTableName="IDENTITY_PROVIDER"/> <addForeignKeyConstraint baseColumnNames="IDENTITY_PROVIDER_ID" baseTableName="CLIENT_IDENTITY_PROVIDER_MAPPING" constraintName="FK_7CELWNIBJI49AVXSRTUF6XJ12" referencedColumnNames="INTERNAL_ID" referencedTableName="IDENTITY_PROVIDER"/>
<addForeignKeyConstraint baseColumnNames="CLIENT_ID" baseTableName="CLIENT_IDENTITY_PROVIDER_MAPPING" constraintName="FK_56ELWNIBJI49AVXSRTUF6XJ23" referencedColumnNames="ID" referencedTableName="CLIENT"/> <addForeignKeyConstraint baseColumnNames="CLIENT_ID" baseTableName="CLIENT_IDENTITY_PROVIDER_MAPPING" constraintName="FK_56ELWNIBJI49AVXSRTUF6XJ23" referencedColumnNames="ID" referencedTableName="CLIENT"/>
<addForeignKeyConstraint baseColumnNames="MAPPING_ID" baseTableName="CLIENT_PROTOCOL_MAPPER" constraintName="FK_CPCM" referencedColumnNames="ID" referencedTableName="PROTOCOL_MAPPER"/>
<addUniqueConstraint columnNames="CLIENT_ID,MAPPING_ID" constraintName="UK_CPCM" tableName="CLIENT_PROTOCOL_MAPPER"/>
<addUniqueConstraint columnNames="PROVIDER_NONIMAL_ID" constraintName="UK_2DAELWNIBJI49AVXSRTUF6XJ33" tableName="IDENTITY_PROVIDER"/> <addUniqueConstraint columnNames="PROVIDER_NONIMAL_ID" constraintName="UK_2DAELWNIBJI49AVXSRTUF6XJ33" tableName="IDENTITY_PROVIDER"/>
<addUniqueConstraint columnNames="IDENTITY_PROVIDER_ID,CLIENT_ID" constraintName="UK_7CAELWNIBJI49AVXSRTUF6XJ12" tableName="CLIENT_IDENTITY_PROVIDER_MAPPING"/> <addUniqueConstraint columnNames="IDENTITY_PROVIDER_ID,CLIENT_ID" constraintName="UK_7CAELWNIBJI49AVXSRTUF6XJ12" tableName="CLIENT_IDENTITY_PROVIDER_MAPPING"/>
</changeSet> </changeSet>

1
connections/jpa/src/main/resources/META-INF/persistence.xml
View file

@ -19,7 +19,6 @@
<class>org.keycloak.models.jpa.entities.ScopeMappingEntity</class> <class>org.keycloak.models.jpa.entities.ScopeMappingEntity</class>
<class>org.keycloak.models.jpa.entities.IdentityProviderEntity</class> <class>org.keycloak.models.jpa.entities.IdentityProviderEntity</class>
<class>org.keycloak.models.jpa.entities.ClientIdentityProviderMappingEntity</class> <class>org.keycloak.models.jpa.entities.ClientIdentityProviderMappingEntity</class>
<class>org.keycloak.models.jpa.entities.ClaimTypeEntity</class>
<class>org.keycloak.models.jpa.entities.ProtocolMapperEntity</class> <class>org.keycloak.models.jpa.entities.ProtocolMapperEntity</class>
<!-- JpaUserSessionProvider --> <!-- JpaUserSessionProvider -->

6
core/src/main/java/org/keycloak/representations/idm/ApplicationRepresentation.java
View file

@ -29,7 +29,7 @@ public class ApplicationRepresentation {
protected Integer nodeReRegistrationTimeout; protected Integer nodeReRegistrationTimeout;
protected Map<String, Integer> registeredNodes; protected Map<String, Integer> registeredNodes;
protected List<ClientIdentityProviderMappingRepresentation> identityProviders; protected List<ClientIdentityProviderMappingRepresentation> identityProviders;
protected List<ClientProtocolMappingRepresentation> protocolMappers; protected List<ProtocolMapperRepresentation> protocolMappers;
public String getId() { public String getId() {
return id; return id;
@ -199,11 +199,11 @@ public class ApplicationRepresentation {
this.identityProviders = identityProviders; this.identityProviders = identityProviders;
} }
public List<ClientProtocolMappingRepresentation> getProtocolMappers() { public List<ProtocolMapperRepresentation> getProtocolMappers() {
return protocolMappers; return protocolMappers;
} }
public void setProtocolMappers(List<ClientProtocolMappingRepresentation> protocolMappers) { public void setProtocolMappers(List<ProtocolMapperRepresentation> protocolMappers) {
this.protocolMappers = protocolMappers; this.protocolMappers = protocolMappers;
} }
} }

45
core/src/main/java/org/keycloak/representations/idm/ClaimTypeRepresentation.java
View file

@ -1,45 +0,0 @@
package org.keycloak.representations.idm;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class ClaimTypeRepresentation {
private String id;
private String name;
private Boolean builtIn;
private String type;
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public Boolean isBuiltIn() {
return builtIn;
}
public void setBuiltIn(Boolean builtIn) {
this.builtIn = builtIn;
}
public String getType() {
return type;
}
public void setType(String type) {
this.type = type;
}
}

26
core/src/main/java/org/keycloak/representations/idm/ClientProtocolMappingRepresentation.java
View file

@ -1,26 +0,0 @@
package org.keycloak.representations.idm;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class ClientProtocolMappingRepresentation {
protected String protocol;
protected String name;
public String getProtocol() {
return protocol;
}
public void setProtocol(String protocol) {
this.protocol = protocol;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
}

6
core/src/main/java/org/keycloak/representations/idm/OAuthClientRepresentation.java
View file

@ -22,7 +22,7 @@ public class OAuthClientRepresentation {
protected Boolean directGrantsOnly; protected Boolean directGrantsOnly;
protected Boolean fullScopeAllowed; protected Boolean fullScopeAllowed;
protected Boolean frontchannelLogout; protected Boolean frontchannelLogout;
protected List<ClientProtocolMappingRepresentation> protocolMappers; protected List<ProtocolMapperRepresentation> protocolMappers;
private List<ClientIdentityProviderMappingRepresentation> identityProviders; private List<ClientIdentityProviderMappingRepresentation> identityProviders;
@ -146,11 +146,11 @@ public class OAuthClientRepresentation {
this.identityProviders = identityProviders; this.identityProviders = identityProviders;
} }
public List<ClientProtocolMappingRepresentation> getProtocolMappers() { public List<ProtocolMapperRepresentation> getProtocolMappers() {
return protocolMappers; return protocolMappers;
} }
public void setProtocolMappers(List<ClientProtocolMappingRepresentation> protocolMappers) { public void setProtocolMappers(List<ProtocolMapperRepresentation> protocolMappers) {
this.protocolMappers = protocolMappers; this.protocolMappers = protocolMappers;
} }
} }

9
core/src/main/java/org/keycloak/representations/idm/ProtocolMapperRepresentation.java
View file

@ -12,7 +12,6 @@ public class ProtocolMapperRepresentation {
protected String name; protected String name;
protected String protocol; protected String protocol;
protected String protocolMapper; protected String protocolMapper;
protected boolean appliedByDefault;
protected boolean consentRequired; protected boolean consentRequired;
protected String consentText; protected String consentText;
protected Map<String, String> config = new HashMap<String, String>(); protected Map<String, String> config = new HashMap<String, String>();
@ -42,14 +41,6 @@ public class ProtocolMapperRepresentation {
this.protocol = protocol; this.protocol = protocol;
} }
public boolean isAppliedByDefault() {
return appliedByDefault;
}
public void setAppliedByDefault(boolean appliedByDefault) {
this.appliedByDefault = appliedByDefault;
}
public String getProtocolMapper() { public String getProtocolMapper() {
return protocolMapper; return protocolMapper;
} }

10
core/src/main/java/org/keycloak/representations/idm/RealmRepresentation.java
View file

@ -64,7 +64,6 @@ public class RealmRepresentation {
protected Long eventsExpiration; protected Long eventsExpiration;
protected List<String> eventsListeners; protected List<String> eventsListeners;
private List<IdentityProviderRepresentation> identityProviders; private List<IdentityProviderRepresentation> identityProviders;
private List<ClaimTypeRepresentation> claimTypes;
private List<ProtocolMapperRepresentation> protocolMappers; private List<ProtocolMapperRepresentation> protocolMappers;
private Boolean identityFederationEnabled; private Boolean identityFederationEnabled;
@ -484,15 +483,6 @@ public class RealmRepresentation {
return !getIdentityProviders().isEmpty(); return !getIdentityProviders().isEmpty();
} }
public List<ClaimTypeRepresentation> getClaimTypes() {
if (claimTypes == null) claimTypes = new ArrayList<ClaimTypeRepresentation>();
return claimTypes;
}
public void setClaimTypes(List<ClaimTypeRepresentation> claimTypes) {
this.claimTypes = claimTypes;
}
public List<ProtocolMapperRepresentation> getProtocolMappers() { public List<ProtocolMapperRepresentation> getProtocolMappers() {
return protocolMappers; return protocolMappers;
} }

1
forms/common-themes/src/main/resources/theme/admin/base/index.ftl
View file

@ -33,7 +33,6 @@
<script src="${resourceUrl}/js/controllers/applications.js" type="text/javascript"></script> <script src="${resourceUrl}/js/controllers/applications.js" type="text/javascript"></script>
<script src="${resourceUrl}/js/controllers/oauth-clients.js" type="text/javascript"></script> <script src="${resourceUrl}/js/controllers/oauth-clients.js" type="text/javascript"></script>
<script src="${resourceUrl}/js/controllers/users.js" type="text/javascript"></script> <script src="${resourceUrl}/js/controllers/users.js" type="text/javascript"></script>
<script src="${resourceUrl}/js/controllers/protocols.js" type="text/javascript"></script>
<script src="${resourceUrl}/js/loaders.js" type="text/javascript"></script> <script src="${resourceUrl}/js/loaders.js" type="text/javascript"></script>
<script src="${resourceUrl}/js/services.js" type="text/javascript"></script> <script src="${resourceUrl}/js/services.js" type="text/javascript"></script>

90
forms/common-themes/src/main/resources/theme/admin/base/resources/js/app.js
View file

@ -440,7 +440,7 @@ module.config([ '$routeProvider', function($routeProvider) {
return ServerInfoLoader(); return ServerInfoLoader();
} }
}, },
controller : 'ApplicationProtocolMapperCtrl' controller : 'ApplicationProtocolMapperListCtrl'
}) })
.when('/realms/:realm/applications/:application/add-mappers', { .when('/realms/:realm/applications/:application/add-mappers', {
templateUrl : resourceUrl + '/partials/application-mappers-add.html', templateUrl : resourceUrl + '/partials/application-mappers-add.html',
@ -455,7 +455,41 @@ module.config([ '$routeProvider', function($routeProvider) {
return ServerInfoLoader(); return ServerInfoLoader();
} }
}, },
controller : 'AddApplicationProtocolMapperCtrl' controller : 'AddBuiltinProtocolMapperCtrl'
})
.when('/realms/:realm/applications/:application/mappers/:id', {
templateUrl : resourceUrl + '/partials/protocol-mapper-detail.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
application : function(ApplicationLoader) {
return ApplicationLoader();
},
serverInfo : function(ServerInfoLoader) {
return ServerInfoLoader();
},
mapper : function(ApplicationProtocolMapperLoader) {
return ApplicationProtocolMapperLoader();
}
},
controller : 'ApplicationProtocolMapperCtrl'
})
.when('/create/application/:realm/:application/mappers', {
templateUrl : resourceUrl + '/partials/protocol-mapper-detail.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
serverInfo : function(ServerInfoLoader) {
return ServerInfoLoader();
},
application : function(ApplicationLoader) {
return ApplicationLoader();
}
},
controller : 'ApplicationProtocolMapperCreateCtrl'
}) })
.when('/realms/:realm/applications/:application/sessions', { .when('/realms/:realm/applications/:application/sessions', {
templateUrl : resourceUrl + '/partials/application-sessions.html', templateUrl : resourceUrl + '/partials/application-sessions.html',
@ -974,59 +1008,7 @@ module.config([ '$routeProvider', function($routeProvider) {
}, },
controller : 'ProtocolListCtrl' controller : 'ProtocolListCtrl'
}) })
.when('/realms/:realm/protocols/:protocol/mappers', {
templateUrl : resourceUrl + '/partials/protocol-mapper-list.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
serverInfo : function(ServerInfoLoader) {
return ServerInfoLoader();
},
protocol : function($route) {
return $route.current.params.protocol;
},
mappers : function(RealmProtocolMappersByProtocolLoader) {
return RealmProtocolMappersByProtocolLoader();
}
},
controller : 'ProtocolMapperListCtrl'
})
.when('/realms/:realm/protocols/:protocol/mappers/:id', {
templateUrl : resourceUrl + '/partials/protocol-mapper-detail.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
serverInfo : function(ServerInfoLoader) {
return ServerInfoLoader();
},
protocol : function($route) {
return $route.current.params.protocol;
},
mapper : function(RealmProtocolMapperLoader) {
return RealmProtocolMapperLoader();
}
},
controller : 'ProtocolMapperCtrl'
})
.when('/create/protocols/:protocol/realms/:realm/mappers', {
templateUrl : resourceUrl + '/partials/protocol-mapper-detail.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
serverInfo : function(ServerInfoLoader) {
return ServerInfoLoader();
},
protocol : function($route) {
return $route.current.params.protocol;
}
},
controller : 'ProtocolMapperCreateCtrl'
})
.when('/server-info', { .when('/server-info', {
templateUrl : resourceUrl + '/partials/server-info.html' templateUrl : resourceUrl + '/partials/server-info.html'

169
forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/applications.js
View file

@ -1086,7 +1086,7 @@ module.controller('ApplicationClusteringNodeCtrl', function($scope, application,
} }
}); });
module.controller('ApplicationProtocolMapperCtrl', function($scope, realm, application, serverInfo, module.controller('ApplicationProtocolMapperListCtrl', function($scope, realm, application, serverInfo,
ApplicationProtocolMappersByProtocol, ApplicationProtocolMappersByProtocol,
$http, $location, Dialog, Notifications) { $http, $location, Dialog, Notifications) {
$scope.realm = realm; $scope.realm = realm;
@ -1105,35 +1105,12 @@ module.controller('ApplicationProtocolMapperCtrl', function($scope, realm, appli
var updateMappers = function() { var updateMappers = function() {
$scope.mappers = ApplicationProtocolMappersByProtocol.query({realm : realm.realm, application : application.id, protocol : application.protocol}); $scope.mappers = ApplicationProtocolMappersByProtocol.query({realm : realm.realm, application : application.id, protocol : application.protocol});
for (var i = 0; i < $scope.mappers.length; i++) {
$scope.mappers[i].isChecked = false;
}
}; };
updateMappers(); updateMappers();
$scope.remove = function() {
var toDelete = [];
for (var i = 0; i < $scope.mappers.length; i++) {
if ($scope.mappers[i].isChecked) {
toDelete.push($scope.mappers[i].id);
}
}
$http.delete(authUrl + '/admin/realms/' + realm.realm + '/applications-by-id/' + application.id + '/protocol-mappers/models',
{data : toDelete, headers : {"content-type" : "application/json"}}).success(function() {
Notifications.success("Mappers removed");
updateMappers();
}).error(function() {
updateMappers();
Notifications.error("Error removing mappers");
});
};
}); });
module.controller('AddApplicationProtocolMapperCtrl', function($scope, realm, application, serverInfo, module.controller('AddBuiltinProtocolMapperCtrl', function($scope, realm, application, serverInfo,
RealmProtocolMappersByProtocol,
ApplicationProtocolMappersByProtocol, ApplicationProtocolMappersByProtocol,
$http, $location, Dialog, Notifications) { $http, $location, Dialog, Notifications) {
$scope.realm = realm; $scope.realm = realm;
@ -1150,27 +1127,31 @@ module.controller('AddApplicationProtocolMapperCtrl', function($scope, realm, ap
$scope.mapperTypes = mapperTypes; $scope.mapperTypes = mapperTypes;
var updateMappers = function() { var updateMappers = function() {
var mappers = RealmProtocolMappersByProtocol.query({realm : realm.realm, protocol : application.protocol}, function() { var appMappers = ApplicationProtocolMappersByProtocol.query({realm : realm.realm, application : application.id, protocol : application.protocol}, function() {
var appMappers = ApplicationProtocolMappersByProtocol.query({realm : realm.realm, application : application.id, protocol : application.protocol}, function() { var builtinMappers = serverInfo.builtinProtocolMappers[application.protocol];
for (var i = 0; i < appMappers.length; i++) { for (var i = 0; i < appMappers.length; i++) {
for (var j = 0; j < mappers.length; j++) { for (var j = 0; j < builtinMappers.length; j++) {
if (mappers[j].id == appMappers[i].id) { if (builtinMappers[j].name == appMappers[i].name
mappers.remove(j); && builtinMappers[j].protocolMapper == appMappers[i].protocolMapper) {
break; console.log('removing: ' + builtinMappers[j].name);
} builtinMappers.splice(j, 1);
break;
} }
} }
$scope.mappers = mappers; }
for (var i = 0; i < $scope.mappers.length; i++) { for (var j = 0; j < builtinMappers.length; j++) {
$scope.mappers[i].isChecked = false; console.log('builtin left: ' + builtinMappers[j].name);
} }
$scope.mappers = builtinMappers;
for (var i = 0; i < $scope.mappers.length; i++) {
$scope.mappers[i].isChecked = false;
}
}) });
})
}; };
updateMappers(); updateMappers();
@ -1179,10 +1160,11 @@ module.controller('AddApplicationProtocolMapperCtrl', function($scope, realm, ap
var toAdd = []; var toAdd = [];
for (var i = 0; i < $scope.mappers.length; i++) { for (var i = 0; i < $scope.mappers.length; i++) {
if ($scope.mappers[i].isChecked) { if ($scope.mappers[i].isChecked) {
toAdd.push($scope.mappers[i].id); delete $scope.mappers[i].isChecked;
toAdd.push($scope.mappers[i]);
} }
} }
$http.post(authUrl + '/admin/realms/' + realm.realm + '/applications-by-id/' + application.id + '/protocol-mappers/models', $http.post(authUrl + '/admin/realms/' + realm.realm + '/applications-by-id/' + application.id + '/protocol-mappers/add-models',
toAdd).success(function() { toAdd).success(function() {
Notifications.success("Mappers added"); Notifications.success("Mappers added");
$location.url('/realms/' + realm.realm + '/applications/' + application.id + '/mappers'); $location.url('/realms/' + realm.realm + '/applications/' + application.id + '/mappers');
@ -1194,5 +1176,106 @@ module.controller('AddApplicationProtocolMapperCtrl', function($scope, realm, ap
}); });
module.controller('ApplicationProtocolMapperCtrl', function($scope, realm, serverInfo, application, mapper, ApplicationProtocolMapper, Notifications, Dialog, $location) {
$scope.realm = realm;
$scope.application = application;
$scope.create = false;
var protocol = application.protocol;
$scope.protocol = application.protocol;
$scope.mapper = angular.copy(mapper);
var oldCopy = angular.copy($scope.realm);
$scope.changed = false;
$scope.boolval = true;
$scope.boolvalId = 'boolval';
console.log('protocol: ' + protocol);
var protocolMappers = serverInfo.protocolMapperTypes[protocol];
for (var i = 0; i < protocolMappers.length; i++) {
if (protocolMappers[i].id == mapper.protocolMapper) {
$scope.mapperType = protocolMappers[i];
}
}
$scope.$watch(function() {
return $location.path();
}, function() {
$scope.path = $location.path().substring(1).split("/");
});
$scope.$watch('mapper', function() {
if (!angular.equals($scope.mapper, mapper)) {
$scope.changed = true;
}
}, true);
$scope.save = function() {
ApplicationProtocolMapper.update({
realm : realm.realm,
application: application.id,
id : mapper.id
}, $scope.mapper, function() {
$scope.changed = false;
mapper = angular.copy($scope.mapper);
$location.url("/realms/" + realm.realm + '/applications/' + application.id + "/mappers/" + mapper.id);
Notifications.success("Your changes have been saved.");
});
};
$scope.reset = function() {
$scope.mapper = angular.copy(mapper);
$scope.changed = false;
};
$scope.cancel = function() {
//$location.url("/realms");
window.history.back();
};
$scope.remove = function() {
Dialog.confirmDelete($scope.mapper.name, 'mapper', function() {
ApplicationProtocolMapper.remove({ realm: realm.realm, application: application.id, id : $scope.mapper.id }, function() {
Notifications.success("The mapper has been deleted.");
$location.url("/realms/" + realm.realm + '/applications/' + application.id + "/mappers");
});
});
};
});
module.controller('ApplicationProtocolMapperCreateCtrl', function($scope, realm, serverInfo, application, ApplicationProtocolMapper, Notifications, Dialog, $location) {
$scope.realm = realm;
$scope.application = application;
$scope.create = true;
var protocol = application.protocol;
$scope.protocol = protocol;
$scope.mapper = { protocol : application.protocol, config: {}};
$scope.mapperTypes = serverInfo.protocolMapperTypes[protocol];
$scope.$watch(function() {
return $location.path();
}, function() {
$scope.path = $location.path().substring(1).split("/");
});
$scope.save = function() {
$scope.mapper.protocolMapper = $scope.mapperType.id;
ApplicationProtocolMapper.save({
realm : realm.realm, application: application.id
}, $scope.mapper, function(data, headers) {
var l = headers().location;
var id = l.substring(l.lastIndexOf("/") + 1);
$location.url("/realms/" + realm.realm + '/applications/' + application.id + "/mappers/" + id);
Notifications.success("Mapper has been created.");
});
};
$scope.cancel = function() {
//$location.url("/realms");
window.history.back();
};
});

125
forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/protocols.js
View file

@ -1,125 +0,0 @@
module.controller('ProtocolListCtrl', function($scope, realm, serverInfo, $location) {
$scope.realm = realm;
$scope.protocols = serverInfo.protocols;
$scope.$watch(function() {
return $location.path();
}, function() {
$scope.path = $location.path().substring(1).split("/");
});
});
module.controller('ProtocolMapperListCtrl', function($scope, realm, serverInfo, protocol, mappers, $location) {
$scope.realm = realm;
$scope.protocol = protocol;
var protocolMappers = serverInfo.protocolMapperTypes[protocol];
var mapperTypes = {};
for (var i = 0; i < protocolMappers.length; i++) {
mapperTypes[protocolMappers[i].id] = protocolMappers[i];
}
$scope.mapperTypes = mapperTypes;
$scope.mappers = mappers;
$scope.$watch(function() {
return $location.path();
}, function() {
$scope.path = $location.path().substring(1).split("/");
});
});
module.controller('ProtocolMapperCtrl', function($scope, realm, serverInfo, protocol, mapper, RealmProtocolMapper, Notifications, Dialog, $location) {
$scope.realm = realm;
$scope.create = false;
$scope.protocol = protocol;
$scope.mapper = angular.copy(mapper);
var oldCopy = angular.copy($scope.realm);
$scope.changed = false;
$scope.boolval = true;
$scope.boolvalId = 'boolval';
console.log('protocol: ' + protocol);
var protocolMappers = serverInfo.protocolMapperTypes[protocol];
for (var i = 0; i < protocolMappers.length; i++) {
if (protocolMappers[i].id == mapper.protocolMapper) {
$scope.mapperType = protocolMappers[i];
}
}
$scope.$watch(function() {
return $location.path();
}, function() {
$scope.path = $location.path().substring(1).split("/");
});
$scope.$watch('mapper', function() {
if (!angular.equals($scope.mapper, mapper)) {
$scope.changed = true;
}
}, true);
$scope.save = function() {
RealmProtocolMapper.update({
realm : realm.realm,
id : mapper.id
}, $scope.mapper, function() {
$scope.changed = false;
mapper = angular.copy($scope.mapper);
$location.url("/realms/" + realm.realm + "/protocols/" + protocol + "/mappers/" + mapper.id);
Notifications.success("Your changes have been saved.");
});
};
$scope.reset = function() {
$scope.mapper = angular.copy(mapper);
$scope.changed = false;
};
$scope.cancel = function() {
//$location.url("/realms");
window.history.back();
};
$scope.remove = function() {
Dialog.confirmDelete($scope.mapper.name, 'mapper', function() {
RealmProtocolMapper.remove({ realm: realm.realm, id : $scope.mapper.id }, function() {
Notifications.success("The mapper has been deleted.");
$location.url("/realms/" + realm.realm + "/protocols/" + protocol + "/mappers");
});
});
};
});
module.controller('ProtocolMapperCreateCtrl', function($scope, realm, serverInfo, protocol, RealmProtocolMapper, Notifications, Dialog, $location) {
$scope.realm = realm;
$scope.create = true;
$scope.protocol = protocol;
$scope.mapper = { protocol : protocol, config: {}};
$scope.mapperTypes = serverInfo.protocolMapperTypes[protocol];
$scope.$watch(function() {
return $location.path();
}, function() {
$scope.path = $location.path().substring(1).split("/");
});
$scope.save = function() {
$scope.mapper.protocolMapper = $scope.mapperType.id;
RealmProtocolMapper.save({
realm : realm.realm
}, $scope.mapper, function(data, headers) {
var l = headers().location;
var id = l.substring(l.lastIndexOf("/") + 1);
$location.url("/realms/" + realm.realm + "/protocols/" + protocol + "/mappers/" + id);
Notifications.success("Mapper has been created.");
});
};
$scope.cancel = function() {
//$location.url("/realms");
window.history.back();
};
});

14
forms/common-themes/src/main/resources/theme/admin/base/resources/js/loaders.js
View file

@ -79,19 +79,11 @@ module.factory('RealmApplicationSessionStatsLoader', function(Loader, RealmAppli
}); });
}); });
module.factory('RealmProtocolMappersByProtocolLoader', function(Loader, RealmProtocolMappersByProtocol, $route, $q) { module.factory('ApplicationProtocolMapperLoader', function(Loader, ApplicationProtocolMapper, $route, $q) {
return Loader.query(RealmProtocolMappersByProtocol, function() { return Loader.get(ApplicationProtocolMapper, function() {
return {
realm : $route.current.params.realm,
protocol: $route.current.params.protocol
}
});
});
module.factory('RealmProtocolMapperLoader', function(Loader, RealmProtocolMapper, $route, $q) {
return Loader.get(RealmProtocolMapper, function() {
return { return {
realm : $route.current.params.realm, realm : $route.current.params.realm,
application : $route.current.params.application,
id: $route.current.params.id id: $route.current.params.id
} }
}); });

11
forms/common-themes/src/main/resources/theme/admin/base/resources/js/services.js
View file

@ -188,15 +188,10 @@ module.factory('ServerInfo', function($resource) {
return $resource(authUrl + '/admin/serverinfo'); return $resource(authUrl + '/admin/serverinfo');
}); });
module.factory('RealmProtocolMappersByProtocol', function($resource) { module.factory('ApplicationProtocolMapper', function($resource) {
return $resource(authUrl + '/admin/realms/:realm/protocol-mappers/protocol/:protocol', { return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/protocol-mappers/models/:id', {
realm : '@realm',
protocol : "@protocol"
});
});
module.factory('RealmProtocolMapper', function($resource) {
return $resource(authUrl + '/admin/realms/:realm/protocol-mappers/models/:id', {
realm : '@realm', realm : '@realm',
application: '@application',
id : "@id" id : "@id"
}, { }, {
update : { update : {

4
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-mappers-add.html
View file

@ -6,9 +6,9 @@
<li><a href="#/realms/{{realm.realm}}/applications">Applications</a></li> <li><a href="#/realms/{{realm.realm}}/applications">Applications</a></li>
<li><a href="#/realms/{{realm.realm}}/applications/{{application.id}}">{{application.name}}</a></li> <li><a href="#/realms/{{realm.realm}}/applications/{{application.id}}">{{application.name}}</a></li>
<li><a href="#/realms/{{realm.realm}}/applications/{{application.id}}/mappers">{{application.name}} Mappers</a></li> <li><a href="#/realms/{{realm.realm}}/applications/{{application.id}}/mappers">{{application.name}} Mappers</a></li>
<li class="active">Add Protocol Mappers</li> <li class="active">Add Builtin Protocol Mappers</li>
</ol> </ol>
<h2><span>{{realm.realm}} </span>Add {{application.name}} {{application.protocol}} Protocol Mappers <span tooltip-placement="right" tooltip="Protocol mappers perform transformation on tokens and documents. They an do things like map user data into protocol claims, or just transform any requests going between the application and auth server." class="fa fa-info-circle"></span></h2> <h2><span>{{realm.realm}} </span>Add Builtin Protocol Mappers <span tooltip-placement="right" tooltip="Protocol mappers perform transformation on tokens and documents. They an do things like map user data into protocol claims, or just transform any requests going between the application and auth server." class="fa fa-info-circle"></span></h2>
<table class="table table-striped table-bordered"> <table class="table table-striped table-bordered">
<thead> <thead>
<tr> <tr>

7
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-mappers.html
View file

@ -21,9 +21,8 @@
</button> </button>
</div> </div>
<div class="pull-right"> <div class="pull-right">
<a class="btn btn-primary" href="#/create/protocols/{{application.protocol}}/realms/{{realm.realm}}/mappers">Create</a> <a class="btn btn-primary" href="#/create/application/{{realm.realm}}/{{application.id}}/mappers">Create</a>
<a class="btn btn-primary" href="#/realms/{{realm.realm}}/applications/{{application.id}}/add-mappers">Add Builtin</a> <a class="btn btn-primary" href="#/realms/{{realm.realm}}/applications/{{application.id}}/add-mappers">Add Builtin</a>
<button class="btn btn-primary" data-ng-click="remove()">Remove Selected</button>
</div> </div>
</th> </th>
</tr> </tr>
@ -31,15 +30,13 @@
<th>Name</th> <th>Name</th>
<th>Category</th> <th>Category</th>
<th>Type</th> <th>Type</th>
<th>Remove</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<tr ng-repeat="mapper in mappers | filter:search"> <tr ng-repeat="mapper in mappers | filter:search">
<td><a href="#/realms/{{realm.realm}}/protocols/{{application.protocol}}/mappers/{{mapper.id}}">{{mapper.name}}</a></td> <td><a href="#/realms/{{realm.realm}}/applications/{{application.id}}/mappers/{{mapper.id}}">{{mapper.name}}</a></td>
<td>{{mapperTypes[mapper.protocolMapper].category}}</td> <td>{{mapperTypes[mapper.protocolMapper].category}}</td>
<td>{{mapperTypes[mapper.protocolMapper].name}}</td> <td>{{mapperTypes[mapper.protocolMapper].name}}</td>
<td><input type="checkbox" ng-model="mapper.isChecked"></td>
</tr> </tr>
<tr data-ng-show="mappers.length == 0"> <tr data-ng-show="mappers.length == 0">
<td>No mappers available</td> <td>No mappers available</td>

22
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/protocol-list.html
View file

@ -1,22 +0,0 @@
<div class="bs-sidebar col-md-3 clearfix" data-ng-include data-src="resourceUrl + '/partials/realm-menu.html'"></div>
<div id="content-area" class="col-md-9" role="main">
<h2></h2>
<div id="content">
<h2><span>{{realm.realm}}</span> Client Protocols <span tooltip-placement="right" tooltip="This section allows you to manage settings for the protocols clients and applications use to login and interact with the auth server.." class="fa fa-info-circle"></span></h2>
<table class="table table-striped table-bordered">
<thead>
<tr data-ng-hide="applications.length == 0">
<th>Protocol Name</th>
</tr>
</thead>
<tbody>
<tr ng-repeat="protocol in protocols">
<td><a href="#/realms/{{realm.realm}}/protocols/{{protocol}}/mappers">{{protocol}}</a></td>
</tr>
<tr data-ng-show="applications.length == 0">
<td>No protocols available</td>
</tr>
</tbody>
</table>
</div>
</div>

26
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/protocol-mapper-detail.html
View file

@ -1,20 +1,22 @@
<div class="bs-sidebar col-sm-3 " data-ng-include data-src="resourceUrl + '/partials/realm-menu.html'"></div> <div class="bs-sidebar col-sm-3 " data-ng-include data-src="resourceUrl + '/partials/realm-menu.html'"></div>
<div id="content-area" class="col-sm-9" role="main"> <div id="content-area" class="col-sm-9" role="main">
<ul class="nav nav-tabs nav-tabs-pf"> <kc-navigation-application></kc-navigation-application>
<li><a href="#/realms/{{realm.realm}}/protocols/{{protocol}}/mappers">Mappers</a></li>
</ul>
<div id="content"> <div id="content">
<ol class="breadcrumb" data-ng-hide="create">
<li><a href="#/realms/{{realm.realm}}/protocols/{{protocol}}/mappers">Protocol Mappers</a></li>
<li><a href="#/realms/{{realm.realm}}/protocols/{{protocol}}/mappers/{{mapper.id}}">{{mapper.name}}</a></li>
<li class="active">Protocol Mapper</li>
</ol>
<ol class="breadcrumb" data-ng-show="create"> <ol class="breadcrumb" data-ng-show="create">
<li><a href="#/realms/{{realm.realm}}/protocols/{{protocol}}/mappers">Protocol Mappers</a></li> <li><a href="#/realms/{{realm.realm}}/applications">Applications</a></li>
<li class="active">Add Protocol Mapper</li> <li><a href="#/realms/{{realm.realm}}/applications/{{application.id}}">{{application.name}}</a></li>
<li><a href="#/realms/{{realm.realm}}/applications/{{application.id}}/mappers">Protocol Mappers</a></li>
<li class="active">Create Protocol Mapper</li>
</ol> </ol>
<h2 class="pull-left" data-ng-hide="create">Protocol Mapper Settings</h2>
<h2 class="pull-left" data-ng-show="create">Add Protocol Mapper</h2> <ol class="breadcrumb" data-ng-hide="create">
<li><a href="#/realms/{{realm.realm}}/applications">Applications</a></li>
<li><a href="#/realms/{{realm.realm}}/applications/{{application.id}}">{{application.name}}</a></li>
<li><a href="#/realms/{{realm.realm}}/applications/{{application.id}}/mappers">Protocol Mappers</a></li>
<li class="active">{{mapper.name}}</li>
</ol>
<h2 class="pull-left" data-ng-hide="create">{{mapper.name}} Protocol Mapper</h2>
<h2 class="pull-left" data-ng-show="create">Create Protocol Mapper</h2>
<p class="subtitle"><span class="required">*</span> Required fields</p> <p class="subtitle"><span class="required">*</span> Required fields</p>
<form class="form-horizontal" name="realmForm" novalidate kc-read-only="!access.manageRealm"> <form class="form-horizontal" name="realmForm" novalidate kc-read-only="!access.manageRealm">

41
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/protocol-mapper-list.html
View file

@ -1,41 +0,0 @@
<div class="bs-sidebar col-md-3 clearfix" data-ng-include data-src="resourceUrl + '/partials/realm-menu.html'"></div>
<div id="content-area" class="col-md-9" role="main">
<h2></h2>
<div id="content">
<h2><span>{{realm.realm}} </span> {{protocol}} Protocol Mappers <span tooltip-placement="right" tooltip="Protocol mappers perform transformation on tokens and documents. They an do things like map user data into protocol claims, or just transform any requests going between the application and auth server." class="fa fa-info-circle"></span></h2>
<table class="table table-striped table-bordered">
<thead>
<tr>
<th class="kc-table-actions" colspan="3">
<div class="search-comp clearfix">
<input type="text" placeholder="Search..." class="form-control search" data-ng-model="search.name"
onkeyup="if(event.keyCode == 13){$(this).next('button').click();}">
<button type="submit" class="kc-icon-search" tooltip-placement="right"
tooltip="Search by mapper name.">
Icon: search
</button>
</div>
<div class="pull-right">
<a class="btn btn-primary" href="#/create/protocols/{{protocol}}/realms/{{realm.realm}}/mappers">Create</a>
</div>
</th>
</tr>
<tr data-ng-hide="mappers.length == 0">
<th>Name</th>
<th>Category</th>
<th>Type</th>
</tr>
</thead>
<tbody>
<tr ng-repeat="mapper in mappers | filter:search">
<td><a href="#/realms/{{realm.realm}}/protocols/{{protocol}}/mappers/{{mapper.id}}">{{mapper.name}}</a></td>
<td>{{mapperTypes[mapper.protocolMapper].category}}</td>
<td>{{mapperTypes[mapper.protocolMapper].name}}</td>
</tr>
<tr data-ng-show="mappers.length == 0">
<td>No mappers available</td>
</tr>
</tbody>
</table>
</div>
</div>

1
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/realm-menu.html
View file

@ -14,7 +14,6 @@
<li data-ng-show="access.viewApplications" data-ng-class="(path[2] == 'applications' || path[1] == 'application' || path[3] == 'applications') && 'active'"><a href="#/realms/{{realm.realm}}/applications">Applications</a></li> <li data-ng-show="access.viewApplications" data-ng-class="(path[2] == 'applications' || path[1] == 'application' || path[3] == 'applications') && 'active'"><a href="#/realms/{{realm.realm}}/applications">Applications</a></li>
<li data-ng-show="access.viewClients" data-ng-class="(path[2] == 'oauth-clients' || path[1] == 'oauth-client') && 'active'"><a href="#/realms/{{realm.realm}}/oauth-clients">OAuth Clients</a></li> <li data-ng-show="access.viewClients" data-ng-class="(path[2] == 'oauth-clients' || path[1] == 'oauth-client') && 'active'"><a href="#/realms/{{realm.realm}}/oauth-clients">OAuth Clients</a></li>
<li data-ng-show="access.viewRealm" data-ng-class="(path[2] == 'sessions' || path[2] == 'token-settings') && 'active'"><a href="#/realms/{{realm.realm}}/sessions/realm">Sessions and Tokens</a></li> <li data-ng-show="access.viewRealm" data-ng-class="(path[2] == 'sessions' || path[2] == 'token-settings') && 'active'"><a href="#/realms/{{realm.realm}}/sessions/realm">Sessions and Tokens</a></li>
<li data-ng-show="access.viewRealm" data-ng-class="(path[2] == 'protocols') && 'active'"><a href="#/realms/{{realm.realm}}/protocols">Protocol Settings</a></li>
<li data-ng-show="access.viewRealm" data-ng-class="(path[2] == 'defense') && 'active'"><a href="#/realms/{{realm.realm}}/defense/headers">Security Defenses</a></li> <li data-ng-show="access.viewRealm" data-ng-class="(path[2] == 'defense') && 'active'"><a href="#/realms/{{realm.realm}}/defense/headers">Security Defenses</a></li>
<li data-ng-show="access.viewEvents" data-ng-class="(path[2] == 'events' || path[2] == 'events-settings') && 'active'"><a href="#/realms/{{realm.realm}}/events">Events</a></li> <li data-ng-show="access.viewEvents" data-ng-class="(path[2] == 'events' || path[2] == 'events-settings') && 'active'"><a href="#/realms/{{realm.realm}}/events">Events</a></li>
</ul> </ul>

8
model/api/src/main/java/org/keycloak/models/ClientModel.java
View file

@ -104,7 +104,9 @@ public interface ClientModel {
boolean isAllowedRetrieveTokenFromIdentityProvider(String providerId); boolean isAllowedRetrieveTokenFromIdentityProvider(String providerId);
Set<ProtocolMapperModel> getProtocolMappers(); Set<ProtocolMapperModel> getProtocolMappers();
void addProtocolMappers(Set<String> mapperIds); ProtocolMapperModel addProtocolMapper(ProtocolMapperModel model);
void removeProtocolMappers(Set<String> mapperIds); void removeProtocolMapper(ProtocolMapperModel mapping);
void setProtocolMappers(Set<String> mapperIds); void updateProtocolMapper(ProtocolMapperModel mapping);
public ProtocolMapperModel getProtocolMapperById(String id);
public ProtocolMapperModel getProtocolMapperByName(String protocol, String name);
} }

9
model/api/src/main/java/org/keycloak/models/ProtocolMapperModel.java
View file

@ -18,7 +18,6 @@ public class ProtocolMapperModel {
protected String protocolMapper; protected String protocolMapper;
protected boolean consentRequired; protected boolean consentRequired;
protected String consentText; protected String consentText;
protected boolean appliedByDefault;
protected Map<String, String> config; protected Map<String, String> config;
@ -46,14 +45,6 @@ public class ProtocolMapperModel {
this.protocol = protocol; this.protocol = protocol;
} }
public boolean isAppliedByDefault() {
return appliedByDefault;
}
public void setAppliedByDefault(boolean appliedByDefault) {
this.appliedByDefault = appliedByDefault;
}
public String getProtocolMapper() { public String getProtocolMapper() {
return protocolMapper; return protocolMapper;
} }

16
model/api/src/main/java/org/keycloak/models/RealmModel.java
View file

@ -20,7 +20,6 @@ public interface RealmModel extends RoleContainerModel {
RealmModel getCreatedRealm(); RealmModel getCreatedRealm();
} }
interface ClientCreationEvent extends ProviderEvent { interface ClientCreationEvent extends ProviderEvent {
RealmModel getCreatedRealm();
ClientModel getCreatedClient(); ClientModel getCreatedClient();
} }
interface ApplicationCreationEvent extends ClientCreationEvent { interface ApplicationCreationEvent extends ClientCreationEvent {
@ -237,19 +236,4 @@ public interface RealmModel extends RoleContainerModel {
ClientModel findClientById(String id); ClientModel findClientById(String id);
boolean isIdentityFederationEnabled(); boolean isIdentityFederationEnabled();
Set<ClaimTypeModel> getClaimTypes();
ClaimTypeModel addClaimType(ClaimTypeModel model);
void removeClaimType(ClaimTypeModel claimType);
ClaimTypeModel getClaimType(String name);
void updateClaimType(ClaimTypeModel claimType);
Set<ProtocolMapperModel> getProtocolMappers();
ProtocolMapperModel addProtocolMapper(ProtocolMapperModel model);
void removeProtocolMapper(ProtocolMapperModel mapping);
void updateProtocolMapper(ProtocolMapperModel mapping);
public ProtocolMapperModel getProtocolMapperById(String id);
public ProtocolMapperModel getProtocolMapperByName(String protocol, String name);
} }

53
model/api/src/main/java/org/keycloak/models/entities/ClaimTypeEntity.java
View file

@ -1,53 +0,0 @@
package org.keycloak.models.entities;
import org.keycloak.models.ClaimTypeModel;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class ClaimTypeEntity {
protected String id;
private String name;
protected boolean builtIn;
protected ClaimTypeModel.ValueType type;
private String realmId;
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public boolean isBuiltIn() {
return builtIn;
}
public void setBuiltIn(boolean builtIn) {
this.builtIn = builtIn;
}
public ClaimTypeModel.ValueType getType() {
return type;
}
public void setType(ClaimTypeModel.ValueType type) {
this.type = type;
}
}

6
model/api/src/main/java/org/keycloak/models/entities/ClientEntity.java
View file

@ -30,7 +30,7 @@ public class ClientEntity extends AbstractIdentifiableEntity {
private List<String> redirectUris = new ArrayList<String>(); private List<String> redirectUris = new ArrayList<String>();
private List<String> scopeIds = new ArrayList<String>(); private List<String> scopeIds = new ArrayList<String>();
private List<ClientIdentityProviderMappingEntity> identityProviders = new ArrayList<ClientIdentityProviderMappingEntity>(); private List<ClientIdentityProviderMappingEntity> identityProviders = new ArrayList<ClientIdentityProviderMappingEntity>();
private Set<String> protocolMappers = new HashSet<String>(); private List<ProtocolMapperEntity> protocolMappers = new ArrayList<ProtocolMapperEntity>();
public String getName() { public String getName() {
return name; return name;
@ -152,11 +152,11 @@ public class ClientEntity extends AbstractIdentifiableEntity {
this.identityProviders = identityProviders; this.identityProviders = identityProviders;
} }
public Set<String> getProtocolMappers() { public List<ProtocolMapperEntity> getProtocolMappers() {
return protocolMappers; return protocolMappers;
} }
public void setProtocolMappers(Set<String> protocolMappers) { public void setProtocolMappers(List<ProtocolMapperEntity> protocolMappers) {
this.protocolMappers = protocolMappers; this.protocolMappers = protocolMappers;
} }
} }

9
model/api/src/main/java/org/keycloak/models/entities/ProtocolMapperEntity.java
View file

@ -13,7 +13,6 @@ public class ProtocolMapperEntity {
protected String name; protected String name;
protected String protocol; protected String protocol;
protected String protocolMapper; protected String protocolMapper;
protected boolean appliedByDefault;
protected boolean consentRequired; protected boolean consentRequired;
protected String consentText; protected String consentText;
protected Map<String, String> config; protected Map<String, String> config;
@ -42,14 +41,6 @@ public class ProtocolMapperEntity {
this.protocol = protocol; this.protocol = protocol;
} }
public boolean isAppliedByDefault() {
return appliedByDefault;
}
public void setAppliedByDefault(boolean appliedByDefault) {
this.appliedByDefault = appliedByDefault;
}
public String getProtocolMapper() { public String getProtocolMapper() {
return protocolMapper; return protocolMapper;
} }

18
model/api/src/main/java/org/keycloak/models/entities/RealmEntity.java
View file

@ -52,8 +52,6 @@ public class RealmEntity extends AbstractIdentifiableEntity {
private List<RequiredCredentialEntity> requiredCredentials = new ArrayList<RequiredCredentialEntity>(); private List<RequiredCredentialEntity> requiredCredentials = new ArrayList<RequiredCredentialEntity>();
private List<UserFederationProviderEntity> userFederationProviders = new ArrayList<UserFederationProviderEntity>(); private List<UserFederationProviderEntity> userFederationProviders = new ArrayList<UserFederationProviderEntity>();
private List<IdentityProviderEntity> identityProviders = new ArrayList<IdentityProviderEntity>(); private List<IdentityProviderEntity> identityProviders = new ArrayList<IdentityProviderEntity>();
private List<ClaimTypeEntity> claimTypes = new ArrayList<ClaimTypeEntity>();
private List<ProtocolMapperEntity> protocolMappers = new ArrayList<ProtocolMapperEntity>();
private Map<String, String> browserSecurityHeaders = new HashMap<String, String>(); private Map<String, String> browserSecurityHeaders = new HashMap<String, String>();
private Map<String, String> smtpConfig = new HashMap<String, String>(); private Map<String, String> smtpConfig = new HashMap<String, String>();
@ -392,22 +390,6 @@ public class RealmEntity extends AbstractIdentifiableEntity {
public void setCertificatePem(String certificatePem) { public void setCertificatePem(String certificatePem) {
this.certificatePem = certificatePem; this.certificatePem = certificatePem;
} }
public List<ClaimTypeEntity> getClaimTypes() {
return claimTypes;
}
public void setClaimTypes(List<ClaimTypeEntity> claimTypes) {
this.claimTypes = claimTypes;
}
public List<ProtocolMapperEntity> getProtocolMappers() {
return protocolMappers;
}
public void setProtocolMappers(List<ProtocolMapperEntity> protocolMappers) {
this.protocolMappers = protocolMappers;
}
} }

38
model/api/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
View file

@ -2,7 +2,6 @@ package org.keycloak.models.utils;
import org.keycloak.models.ApplicationModel; import org.keycloak.models.ApplicationModel;
import org.keycloak.models.ClaimMask; import org.keycloak.models.ClaimMask;
import org.keycloak.models.ClaimTypeModel;
import org.keycloak.models.ClientIdentityProviderMappingModel; import org.keycloak.models.ClientIdentityProviderMappingModel;
import org.keycloak.models.ClientModel; import org.keycloak.models.ClientModel;
import org.keycloak.models.ClientSessionModel; import org.keycloak.models.ClientSessionModel;
@ -19,9 +18,7 @@ import org.keycloak.models.UserModel;
import org.keycloak.models.UserSessionModel; import org.keycloak.models.UserSessionModel;
import org.keycloak.representations.idm.ApplicationRepresentation; import org.keycloak.representations.idm.ApplicationRepresentation;
import org.keycloak.representations.idm.ClaimRepresentation; import org.keycloak.representations.idm.ClaimRepresentation;
import org.keycloak.representations.idm.ClaimTypeRepresentation;
import org.keycloak.representations.idm.ClientIdentityProviderMappingRepresentation; import org.keycloak.representations.idm.ClientIdentityProviderMappingRepresentation;
import org.keycloak.representations.idm.ClientProtocolMappingRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation; import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.FederatedIdentityRepresentation; import org.keycloak.representations.idm.FederatedIdentityRepresentation;
import org.keycloak.representations.idm.IdentityProviderRepresentation; import org.keycloak.representations.idm.IdentityProviderRepresentation;
@ -156,14 +153,6 @@ public class ModelToRepresentation {
rep.addIdentityProvider(toRepresentation(provider)); rep.addIdentityProvider(toRepresentation(provider));
} }
for (ClaimTypeModel claimType : realm.getClaimTypes()) {
rep.getClaimTypes().add(toRepresentation(claimType));
}
for (ProtocolMapperModel mapping : realm.getProtocolMappers()) {
rep.addProtocolMapper(toRepresentation(mapping));
}
return rep; return rep;
} }
@ -269,11 +258,9 @@ public class ModelToRepresentation {
} }
if (!applicationModel.getProtocolMappers().isEmpty()) { if (!applicationModel.getProtocolMappers().isEmpty()) {
List<ClientProtocolMappingRepresentation> mappings = new LinkedList<ClientProtocolMappingRepresentation>(); List<ProtocolMapperRepresentation> mappings = new LinkedList<ProtocolMapperRepresentation>();
for (ProtocolMapperModel model : applicationModel.getProtocolMappers()) { for (ProtocolMapperModel model : applicationModel.getProtocolMappers()) {
ClientProtocolMappingRepresentation map = new ClientProtocolMappingRepresentation(); mappings.add(toRepresentation(model));
map.setProtocol(model.getProtocol());
map.setName(model.getName());
} }
rep.setProtocolMappers(mappings); rep.setProtocolMappers(mappings);
} }
@ -323,13 +310,11 @@ public class ModelToRepresentation {
} }
if (!model.getProtocolMappers().isEmpty()) { if (!model.getProtocolMappers().isEmpty()) {
List<ClientProtocolMappingRepresentation> mappings = new LinkedList<ClientProtocolMappingRepresentation>(); List<ProtocolMapperRepresentation> mappings = new LinkedList<ProtocolMapperRepresentation>();
for (ProtocolMapperModel mapping : model.getProtocolMappers()) { for (ProtocolMapperModel mapper : model.getProtocolMappers()) {
ClientProtocolMappingRepresentation map = new ClientProtocolMappingRepresentation(); mappings.add(toRepresentation(mapper));
map.setProtocol(mapping.getProtocol()); }
map.setName(mapping.getName()); rep.setProtocolMappers(mappings);
}
rep.setProtocolMappers(mappings);
} }
return rep; return rep;
@ -373,18 +358,9 @@ public class ModelToRepresentation {
rep.setConfig(config); rep.setConfig(config);
rep.setName(model.getName()); rep.setName(model.getName());
rep.setProtocolMapper(model.getProtocolMapper()); rep.setProtocolMapper(model.getProtocolMapper());
rep.setAppliedByDefault(model.isAppliedByDefault());
rep.setConsentText(model.getConsentText()); rep.setConsentText(model.getConsentText());
rep.setConsentRequired(model.isConsentRequired()); rep.setConsentRequired(model.isConsentRequired());
return rep; return rep;
} }
public static ClaimTypeRepresentation toRepresentation(ClaimTypeModel claimType) {
ClaimTypeRepresentation rep = new ClaimTypeRepresentation();
rep.setId(claimType.getId());
rep.setName(claimType.getName());
rep.setBuiltIn(claimType.isBuiltIn());
rep.setType(claimType.getType().name().toLowerCase());
return rep;
}
} }

64
model/api/src/main/java/org/keycloak/models/utils/RepresentationToModel.java
View file

@ -6,7 +6,6 @@ import org.keycloak.enums.SslRequired;
import org.keycloak.models.ApplicationModel; import org.keycloak.models.ApplicationModel;
import org.keycloak.models.BrowserSecurityHeaders; import org.keycloak.models.BrowserSecurityHeaders;
import org.keycloak.models.ClaimMask; import org.keycloak.models.ClaimMask;
import org.keycloak.models.ClaimTypeModel;
import org.keycloak.models.ClientIdentityProviderMappingModel; import org.keycloak.models.ClientIdentityProviderMappingModel;
import org.keycloak.models.ClientModel; import org.keycloak.models.ClientModel;
import org.keycloak.models.FederatedIdentityModel; import org.keycloak.models.FederatedIdentityModel;
@ -23,9 +22,7 @@ import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserModel; import org.keycloak.models.UserModel;
import org.keycloak.representations.idm.ApplicationRepresentation; import org.keycloak.representations.idm.ApplicationRepresentation;
import org.keycloak.representations.idm.ClaimRepresentation; import org.keycloak.representations.idm.ClaimRepresentation;
import org.keycloak.representations.idm.ClaimTypeRepresentation;
import org.keycloak.representations.idm.ClientIdentityProviderMappingRepresentation; import org.keycloak.representations.idm.ClientIdentityProviderMappingRepresentation;
import org.keycloak.representations.idm.ClientProtocolMappingRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation; import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.FederatedIdentityRepresentation; import org.keycloak.representations.idm.FederatedIdentityRepresentation;
import org.keycloak.representations.idm.IdentityProviderRepresentation; import org.keycloak.representations.idm.IdentityProviderRepresentation;
@ -120,8 +117,6 @@ public class RepresentationToModel {
if (rep.getPasswordPolicy() != null) newRealm.setPasswordPolicy(new PasswordPolicy(rep.getPasswordPolicy())); if (rep.getPasswordPolicy() != null) newRealm.setPasswordPolicy(new PasswordPolicy(rep.getPasswordPolicy()));
importIdentityProviders(rep, newRealm); importIdentityProviders(rep, newRealm);
importClaimTypes(rep, newRealm);
importProtocolMappers(rep, newRealm);
if (rep.getApplications() != null) { if (rep.getApplications() != null) {
Map<String, ApplicationModel> appMap = createApplications(rep, newRealm); Map<String, ApplicationModel> appMap = createApplications(rep, newRealm);
@ -458,15 +453,13 @@ public class RepresentationToModel {
} }
if (resourceRep.getProtocolMappers() != null) { if (resourceRep.getProtocolMappers() != null) {
Set<String> ids = new HashSet<String>(); // first, remove all default/built in mappers
for (ClientProtocolMappingRepresentation map : resourceRep.getProtocolMappers()) { Set<ProtocolMapperModel> mappers = applicationModel.getProtocolMappers();
ProtocolMapperModel mapperModel = applicationModel.getRealm().getProtocolMapperByName(map.getProtocol(), map.getName()); for (ProtocolMapperModel mapper : mappers) applicationModel.removeProtocolMapper(mapper);
if (mapperModel != null) {
ids.add(mapperModel.getId());
}
for (ProtocolMapperRepresentation mapper : resourceRep.getProtocolMappers()) {
applicationModel.addProtocolMapper(toModel(mapper));
} }
applicationModel.setProtocolMappers(ids);
} }
applicationModel.updateAllowedIdentityProviders(toModel(resourceRep.getIdentityProviders(), realm)); applicationModel.updateAllowedIdentityProviders(toModel(resourceRep.getIdentityProviders(), realm));
@ -636,15 +629,13 @@ public class RepresentationToModel {
updateClientIdentityProvides(rep.getIdentityProviders(), model); updateClientIdentityProvides(rep.getIdentityProviders(), model);
if (rep.getProtocolMappers() != null) { if (rep.getProtocolMappers() != null) {
Set<String> ids = new HashSet<String>(); // first, remove all default/built in mappers
for (ClientProtocolMappingRepresentation map : rep.getProtocolMappers()) { Set<ProtocolMapperModel> mappers = model.getProtocolMappers();
ProtocolMapperModel mapperModel = model.getRealm().getProtocolMapperByName(map.getProtocol(), map.getName()); for (ProtocolMapperModel mapper : mappers) model.removeProtocolMapper(mapper);
if (mapperModel != null) {
ids.add(mapperModel.getId());
}
for (ProtocolMapperRepresentation mapper : rep.getProtocolMappers()) {
model.addProtocolMapper(toModel(mapper));
} }
model.setProtocolMappers(ids);
} }
} }
@ -770,31 +761,6 @@ public class RepresentationToModel {
} }
} }
} }
private static void importClaimTypes(RealmRepresentation rep, RealmModel newRealm) {
if (rep.getClaimTypes() != null) {
for (ClaimTypeRepresentation representation : rep.getClaimTypes()) {
newRealm.addClaimType(toModel(representation));
}
}
}
private static void importProtocolMappers(RealmRepresentation rep, RealmModel newRealm) {
if (rep.getProtocolMappers() != null) {
// we make sure we don't recreate mappers that are automatically created by the protocol providers.
Set<ProtocolMapperModel> mappers = newRealm.getProtocolMappers();
for (ProtocolMapperRepresentation representation : rep.getProtocolMappers()) {
ProtocolMapperModel existing = newRealm.getProtocolMapperByName(representation.getProtocol(), representation.getName());
if (existing == null) {
newRealm.addProtocolMapper(toModel(representation));
} else {
ProtocolMapperModel mapping = toModel(representation);
mapping.setId(existing.getId());
newRealm.updateProtocolMapper(mapping);
}
}
}
}
public static IdentityProviderModel toModel(IdentityProviderRepresentation representation) { public static IdentityProviderModel toModel(IdentityProviderRepresentation representation) {
IdentityProviderModel identityProviderModel = new IdentityProviderModel(); IdentityProviderModel identityProviderModel = new IdentityProviderModel();
@ -811,20 +777,10 @@ public class RepresentationToModel {
return identityProviderModel; return identityProviderModel;
} }
public static ClaimTypeModel toModel(ClaimTypeRepresentation rep) {
ClaimTypeModel model = new ClaimTypeModel();
model.setId(rep.getId());
model.setType(ClaimTypeModel.ValueType.valueOf(rep.getType()));
model.setBuiltIn(rep.isBuiltIn());
model.setName(rep.getName());
return model;
}
public static ProtocolMapperModel toModel(ProtocolMapperRepresentation rep) { public static ProtocolMapperModel toModel(ProtocolMapperRepresentation rep) {
ProtocolMapperModel model = new ProtocolMapperModel(); ProtocolMapperModel model = new ProtocolMapperModel();
model.setId(rep.getId()); model.setId(rep.getId());
model.setName(rep.getName()); model.setName(rep.getName());
model.setAppliedByDefault(rep.isAppliedByDefault());
model.setConsentRequired(rep.isConsentRequired()); model.setConsentRequired(rep.isConsentRequired());
model.setConsentText(rep.getConsentText()); model.setConsentText(rep.getConsentText());
model.setProtocol(rep.getProtocol()); model.setProtocol(rep.getProtocol());

32
model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/ClientAdapter.java vendored
View file

@ -290,26 +290,42 @@ public abstract class ClientAdapter implements ClientModel {
@Override @Override
public Set<ProtocolMapperModel> getProtocolMappers() { public Set<ProtocolMapperModel> getProtocolMappers() {
if (updatedClient != null) return updatedClient.getProtocolMappers(); if (updatedClient != null) return updatedClient.getProtocolMappers();
return cachedClient.getProtocolClaimMappings(); } return cachedClient.getProtocolMappers();
}
@Override @Override
public void addProtocolMappers(Set<String> mapperNames) { public ProtocolMapperModel addProtocolMapper(ProtocolMapperModel model) {
getDelegateForUpdate(); getDelegateForUpdate();
updatedClient.addProtocolMappers(mapperNames); return updatedClient.addProtocolMapper(model);
}
@Override
public void removeProtocolMapper(ProtocolMapperModel mapping) {
getDelegateForUpdate();
updatedClient.removeProtocolMapper(mapping);
} }
@Override @Override
public void removeProtocolMappers(Set<String> mapperNames) { public void updateProtocolMapper(ProtocolMapperModel mapping) {
getDelegateForUpdate(); getDelegateForUpdate();
updatedClient.removeProtocolMappers(mapperNames); updatedClient.updateProtocolMapper(mapping);
} }
@Override @Override
public void setProtocolMappers(Set<String> mapperNames) { public ProtocolMapperModel getProtocolMapperById(String id) {
getDelegateForUpdate(); for (ProtocolMapperModel mapping : cachedClient.getProtocolMappers()) {
updatedClient.setProtocolMappers(mapperNames); if (mapping.getId().equals(id)) return mapping;
}
return null;
}
@Override
public ProtocolMapperModel getProtocolMapperByName(String protocol, String name) {
for (ProtocolMapperModel mapping : cachedClient.getProtocolMappers()) {
if (mapping.getProtocol().equals(protocol) && mapping.getName().equals(name)) return mapping;
}
return null;
} }
} }

76
model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/RealmAdapter.java vendored
View file

@ -850,82 +850,6 @@ public class RealmAdapter implements RealmModel {
return cached.isIdentityFederationEnabled(); return cached.isIdentityFederationEnabled();
} }
@Override
public Set<ClaimTypeModel> getClaimTypes() {
if (updated != null) return updated.getClaimTypes();
return cached.getClaimTypes();
}
@Override
public ClaimTypeModel addClaimType(ClaimTypeModel claimType) {
getDelegateForUpdate();
return updated.addClaimType(claimType);
}
@Override
public void removeClaimType(ClaimTypeModel claimType) {
getDelegateForUpdate();
updated.removeClaimType(claimType);
}
@Override
public ClaimTypeModel getClaimType(String name) {
for (ClaimTypeModel claimType : getClaimTypes()) {
if (claimType.getName().equals(name)) return claimType;
}
return null;
}
@Override
public void updateClaimType(ClaimTypeModel claimType) {
getDelegateForUpdate();
updated.updateClaimType(claimType);
}
@Override
public Set<ProtocolMapperModel> getProtocolMappers() {
if (updated != null) return updated.getProtocolMappers();
return cached.getProtocolMappers();
}
@Override
public ProtocolMapperModel addProtocolMapper(ProtocolMapperModel model) {
getDelegateForUpdate();
return updated.addProtocolMapper(model);
}
@Override
public void removeProtocolMapper(ProtocolMapperModel mapping) {
getDelegateForUpdate();
updated.removeProtocolMapper(mapping);
}
@Override
public void updateProtocolMapper(ProtocolMapperModel mapping) {
getDelegateForUpdate();
updated.updateProtocolMapper(mapping);
}
@Override
public ProtocolMapperModel getProtocolMapperById(String id) {
for (ProtocolMapperModel mapping : cached.getProtocolMappers()) {
if (mapping.getId().equals(id)) return mapping;
}
return null;
}
@Override
public ProtocolMapperModel getProtocolMapperByName(String protocol, String name) {
for (ProtocolMapperModel mapping : cached.getProtocolMappers()) {
if (mapping.getProtocol().equals(protocol) && mapping.getName().equals(name)) return mapping;
}
return null;
}
@Override @Override
public boolean equals(Object o) { public boolean equals(Object o) {

10
model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/entities/CachedClient.java vendored
View file

@ -37,7 +37,7 @@ public class CachedClient {
protected Set<String> scope = new HashSet<String>(); protected Set<String> scope = new HashSet<String>();
protected Set<String> webOrigins = new HashSet<String>(); protected Set<String> webOrigins = new HashSet<String>();
private List<ClientIdentityProviderMappingModel> identityProviders = new ArrayList<ClientIdentityProviderMappingModel>(); private List<ClientIdentityProviderMappingModel> identityProviders = new ArrayList<ClientIdentityProviderMappingModel>();
private Set<ProtocolMapperModel> protocolClaimMappings = new HashSet<ProtocolMapperModel>(); private Set<ProtocolMapperModel> protocolMappers = new HashSet<ProtocolMapperModel>();
public CachedClient(RealmCache cache, RealmProvider delegate, RealmModel realm, ClientModel model) { public CachedClient(RealmCache cache, RealmProvider delegate, RealmModel realm, ClientModel model) {
id = model.getId(); id = model.getId();
@ -59,7 +59,9 @@ public class CachedClient {
scope.add(role.getId()); scope.add(role.getId());
} }
this.identityProviders = model.getIdentityProviders(); this.identityProviders = model.getIdentityProviders();
protocolClaimMappings.addAll(model.getProtocolMappers()); for (ProtocolMapperModel mapper : model.getProtocolMappers()) {
this.protocolMappers.add(mapper);
}
} }
public String getId() { public String getId() {
@ -140,8 +142,8 @@ public class CachedClient {
return false; return false;
} }
public Set<ProtocolMapperModel> getProtocolClaimMappings() { public Set<ProtocolMapperModel> getProtocolMappers() {
return protocolClaimMappings; return protocolMappers;
} }
public boolean isAllowedRetrieveTokenFromIdentityProvider(String providerId) { public boolean isAllowedRetrieveTokenFromIdentityProvider(String providerId) {

17
model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/entities/CachedRealm.java vendored
View file

@ -70,8 +70,6 @@ public class CachedRealm {
private List<RequiredCredentialModel> requiredCredentials = new ArrayList<RequiredCredentialModel>(); private List<RequiredCredentialModel> requiredCredentials = new ArrayList<RequiredCredentialModel>();
private List<UserFederationProviderModel> userFederationProviders = new ArrayList<UserFederationProviderModel>(); private List<UserFederationProviderModel> userFederationProviders = new ArrayList<UserFederationProviderModel>();
private List<IdentityProviderModel> identityProviders = new ArrayList<IdentityProviderModel>(); private List<IdentityProviderModel> identityProviders = new ArrayList<IdentityProviderModel>();
private Set<ClaimTypeModel> claimTypes = new HashSet<ClaimTypeModel>();
private Set<ProtocolMapperModel> protocolMappers = new HashSet<ProtocolMapperModel>();
private Map<String, String> browserSecurityHeaders = new HashMap<String, String>(); private Map<String, String> browserSecurityHeaders = new HashMap<String, String>();
private Map<String, String> smtpConfig = new HashMap<String, String>(); private Map<String, String> smtpConfig = new HashMap<String, String>();
@ -135,13 +133,6 @@ public class CachedRealm {
this.identityProviders.add(new IdentityProviderModel(identityProviderModel)); this.identityProviders.add(new IdentityProviderModel(identityProviderModel));
} }
for (ClaimTypeModel claimType : model.getClaimTypes()) {
this.claimTypes.add(new ClaimTypeModel(claimType));
}
for (ProtocolMapperModel mapper : model.getProtocolMappers()) {
this.protocolMappers.add(mapper);
}
smtpConfig.putAll(model.getSmtpConfig()); smtpConfig.putAll(model.getSmtpConfig());
browserSecurityHeaders.putAll(model.getBrowserSecurityHeaders()); browserSecurityHeaders.putAll(model.getBrowserSecurityHeaders());
@ -351,12 +342,4 @@ public class CachedRealm {
public List<IdentityProviderModel> getIdentityProviders() { public List<IdentityProviderModel> getIdentityProviders() {
return identityProviders; return identityProviders;
} }
public Set<ClaimTypeModel> getClaimTypes() {
return claimTypes;
}
public Set<ProtocolMapperModel> getProtocolMappers() {
return protocolMappers;
}
} }

135
model/jpa/src/main/java/org/keycloak/models/jpa/ClientAdapter.java
View file

@ -1,7 +1,9 @@
package org.keycloak.models.jpa; package org.keycloak.models.jpa;
import org.keycloak.models.ApplicationModel;
import org.keycloak.models.ClientIdentityProviderMappingModel; import org.keycloak.models.ClientIdentityProviderMappingModel;
import org.keycloak.models.ClientModel; import org.keycloak.models.ClientModel;
import org.keycloak.models.OAuthClientModel;
import org.keycloak.models.ProtocolMapperModel; import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.RealmModel; import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleContainerModel; import org.keycloak.models.RoleContainerModel;
@ -12,6 +14,7 @@ import org.keycloak.models.jpa.entities.IdentityProviderEntity;
import org.keycloak.models.jpa.entities.ProtocolMapperEntity; import org.keycloak.models.jpa.entities.ProtocolMapperEntity;
import org.keycloak.models.jpa.entities.RoleEntity; import org.keycloak.models.jpa.entities.RoleEntity;
import org.keycloak.models.jpa.entities.ScopeMappingEntity; import org.keycloak.models.jpa.entities.ScopeMappingEntity;
import org.keycloak.models.utils.KeycloakModelUtils;
import javax.persistence.EntityManager; import javax.persistence.EntityManager;
import javax.persistence.TypedQuery; import javax.persistence.TypedQuery;
@ -412,7 +415,6 @@ public abstract class ClientAdapter implements ClientModel {
mapping.setName(entity.getName()); mapping.setName(entity.getName());
mapping.setProtocol(entity.getProtocol()); mapping.setProtocol(entity.getProtocol());
mapping.setProtocolMapper(entity.getProtocolMapper()); mapping.setProtocolMapper(entity.getProtocolMapper());
mapping.setAppliedByDefault(entity.isAppliedByDefault());
mapping.setConsentRequired(entity.isConsentRequired()); mapping.setConsentRequired(entity.isConsentRequired());
mapping.setConsentText(entity.getConsentText()); mapping.setConsentText(entity.getConsentText());
Map<String, String> config = new HashMap<String, String>(); Map<String, String> config = new HashMap<String, String>();
@ -425,71 +427,98 @@ public abstract class ClientAdapter implements ClientModel {
return mappings; return mappings;
} }
protected ProtocolMapperEntity findProtocolMapperByName(String protocol, String name) { @Override
TypedQuery<ProtocolMapperEntity> query = em.createNamedQuery("getProtocolMapperByNameProtocol", ProtocolMapperEntity.class); public ProtocolMapperModel addProtocolMapper(ProtocolMapperModel model) {
query.setParameter("name", name); if (getProtocolMapperByName(model.getProtocol(), model.getName()) != null) {
query.setParameter("protocol", protocol); throw new RuntimeException("protocol mapper name must be unique per protocol");
query.setParameter("realm", entity.getRealm()); }
List<ProtocolMapperEntity> entities = query.getResultList(); String id = KeycloakModelUtils.generateId();
if (entities.size() == 0) return null; ProtocolMapperEntity entity = new ProtocolMapperEntity();
if (entities.size() > 1) throw new IllegalStateException("Should not be more than one protocol mapper with same name"); entity.setId(id);
return query.getResultList().get(0); entity.setName(model.getName());
entity.setProtocol(model.getProtocol());
entity.setProtocolMapper(model.getProtocolMapper());
entity.setClient(this.entity);
entity.setConfig(model.getConfig());
entity.setConsentRequired(model.isConsentRequired());
entity.setConsentText(model.getConsentText());
em.persist(entity);
this.entity.getProtocolMappers().add(entity);
return entityToModel(entity);
}
protected ProtocolMapperEntity getProtocolMapperEntity(String id) {
for (ProtocolMapperEntity entity : this.entity.getProtocolMappers()) {
if (entity.getId().equals(id)) {
return entity;
}
}
return null;
}
protected ProtocolMapperEntity getProtocolMapperEntityByName(String protocol, String name) {
for (ProtocolMapperEntity entity : this.entity.getProtocolMappers()) {
if (entity.getProtocol().equals(protocol) && entity.getName().equals(name)) {
return entity;
}
}
return null;
} }
@Override @Override
public void addProtocolMappers(Set<String> mappings) { public void removeProtocolMapper(ProtocolMapperModel mapping) {
Collection<ProtocolMapperEntity> entities = entity.getProtocolMappers(); ProtocolMapperEntity toDelete = getProtocolMapperEntity(mapping.getId());
Set<String> already = new HashSet<String>(); if (toDelete != null) {
for (ProtocolMapperEntity rel : entities) { this.entity.getProtocolMappers().remove(toDelete);
already.add(rel.getId()); em.remove(toDelete);
} }
for (String id : mappings) {
if (!already.contains(id)) {
ProtocolMapperEntity mapping = em.find(ProtocolMapperEntity.class, id);
if (mapping != null) {
entities.add(mapping);
}
}
}
em.flush();
} }
@Override @Override
public void removeProtocolMappers(Set<String> mappings) { public void updateProtocolMapper(ProtocolMapperModel mapping) {
Collection<ProtocolMapperEntity> entities = entity.getProtocolMappers(); ProtocolMapperEntity entity = getProtocolMapperEntity(mapping.getId());
List<ProtocolMapperEntity> remove = new LinkedList<ProtocolMapperEntity>(); entity.setProtocolMapper(mapping.getProtocolMapper());
for (ProtocolMapperEntity rel : entities) { entity.setConsentRequired(mapping.isConsentRequired());
if (mappings.contains(rel.getId())) remove.add(rel); entity.setConsentText(mapping.getConsentText());
} if (entity.getConfig() == null) {
for (ProtocolMapperEntity entity : remove) { entity.setConfig(mapping.getConfig());
entities.remove(entity); } else {
entity.getConfig().clear();
entity.getConfig().putAll(mapping.getConfig());
} }
em.flush(); em.flush();
} }
@Override @Override
public void setProtocolMappers(Set<String> mappings) { public ProtocolMapperModel getProtocolMapperById(String id) {
Collection<ProtocolMapperEntity> entities = entity.getProtocolMappers(); ProtocolMapperEntity entity = getProtocolMapperEntity(id);
Iterator<ProtocolMapperEntity> it = entities.iterator(); if (entity == null) return null;
Set<String> already = new HashSet<String>(); return entityToModel(entity);
while (it.hasNext()) {
ProtocolMapperEntity mapper = it.next();
if (mappings.contains(mapper.getId())) {
already.add(mapper.getId());
continue;
}
it.remove();
}
for (String id : mappings) {
if (!already.contains(id)) {
ProtocolMapperEntity mapping = em.find(ProtocolMapperEntity.class, id);
if (mapping != null) {
entities.add(mapping);
}
}
}
em.flush();
} }
@Override
public ProtocolMapperModel getProtocolMapperByName(String protocol, String name) {
ProtocolMapperEntity entity = getProtocolMapperEntityByName(protocol, name);
if (entity == null) return null;
return entityToModel(entity);
}
protected ProtocolMapperModel entityToModel(ProtocolMapperEntity entity) {
ProtocolMapperModel mapping = new ProtocolMapperModel();
mapping.setId(entity.getId());
mapping.setName(entity.getName());
mapping.setProtocol(entity.getProtocol());
mapping.setProtocolMapper(entity.getProtocolMapper());
mapping.setConsentRequired(entity.isConsentRequired());
mapping.setConsentText(entity.getConsentText());
Map<String, String> config = new HashMap<String, String>();
if (entity.getConfig() != null) config.putAll(entity.getConfig());
mapping.setConfig(config);
return mapping;
}
} }

230
model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
View file

@ -2,22 +2,18 @@ package org.keycloak.models.jpa;
import org.keycloak.enums.SslRequired; import org.keycloak.enums.SslRequired;
import org.keycloak.models.ApplicationModel; import org.keycloak.models.ApplicationModel;
import org.keycloak.models.ClaimTypeModel;
import org.keycloak.models.ClientModel; import org.keycloak.models.ClientModel;
import org.keycloak.models.IdentityProviderModel; import org.keycloak.models.IdentityProviderModel;
import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSession;
import org.keycloak.models.OAuthClientModel; import org.keycloak.models.OAuthClientModel;
import org.keycloak.models.PasswordPolicy; import org.keycloak.models.PasswordPolicy;
import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.RealmModel; import org.keycloak.models.RealmModel;
import org.keycloak.models.RequiredCredentialModel; import org.keycloak.models.RequiredCredentialModel;
import org.keycloak.models.RoleModel; import org.keycloak.models.RoleModel;
import org.keycloak.models.UserFederationProviderModel; import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.jpa.entities.ApplicationEntity; import org.keycloak.models.jpa.entities.ApplicationEntity;
import org.keycloak.models.jpa.entities.ClaimTypeEntity;
import org.keycloak.models.jpa.entities.IdentityProviderEntity; import org.keycloak.models.jpa.entities.IdentityProviderEntity;
import org.keycloak.models.jpa.entities.OAuthClientEntity; import org.keycloak.models.jpa.entities.OAuthClientEntity;
import org.keycloak.models.jpa.entities.ProtocolMapperEntity;
import org.keycloak.models.jpa.entities.RealmAttributeEntity; import org.keycloak.models.jpa.entities.RealmAttributeEntity;
import org.keycloak.models.jpa.entities.RealmEntity; import org.keycloak.models.jpa.entities.RealmEntity;
import org.keycloak.models.jpa.entities.RequiredCredentialEntity; import org.keycloak.models.jpa.entities.RequiredCredentialEntity;
@ -628,17 +624,6 @@ public class RealmAdapter implements RealmModel {
return this.addApplication(KeycloakModelUtils.generateId(), name); return this.addApplication(KeycloakModelUtils.generateId(), name);
} }
public void addDefaultClientProtocolMappers(ClientModel client) {
Set<String> adding = new HashSet<String>();
for (ProtocolMapperEntity mapper : realm.getProtocolMappers()) {
if (mapper.isAppliedByDefault()) {
adding.add(mapper.getId());
}
}
client.setProtocolMappers(adding);
}
@Override @Override
public ApplicationModel addApplication(String id, String name) { public ApplicationModel addApplication(String id, String name) {
ApplicationEntity applicationData = new ApplicationEntity(); ApplicationEntity applicationData = new ApplicationEntity();
@ -649,9 +634,19 @@ public class RealmAdapter implements RealmModel {
realm.getApplications().add(applicationData); realm.getApplications().add(applicationData);
em.persist(applicationData); em.persist(applicationData);
em.flush(); em.flush();
ApplicationModel resource = new ApplicationAdapter(this, em, session, applicationData); final ApplicationModel resource = new ApplicationAdapter(this, em, session, applicationData);
addDefaultClientProtocolMappers(resource);
em.flush(); em.flush();
session.getKeycloakSessionFactory().publish(new ApplicationCreationEvent() {
@Override
public ApplicationModel getCreatedApplication() {
return resource;
}
@Override
public ClientModel getCreatedClient() {
return resource;
}
});
return resource; return resource;
} }
@ -714,9 +709,19 @@ public class RealmAdapter implements RealmModel {
data.setRealm(realm); data.setRealm(realm);
em.persist(data); em.persist(data);
em.flush(); em.flush();
OAuthClientModel model = new OAuthClientAdapter(this, data, em); final OAuthClientModel model = new OAuthClientAdapter(this, data, em);
addDefaultClientProtocolMappers(model);
em.flush(); em.flush();
session.getKeycloakSessionFactory().publish(new OAuthClientCreationEvent() {
@Override
public OAuthClientModel getCreatedOAuthClient() {
return model;
}
@Override
public ClientModel getCreatedClient() {
return model;
}
});
return model; return model;
} }
@ -1211,191 +1216,4 @@ public class RealmAdapter implements RealmModel {
return !this.realm.getIdentityProviders().isEmpty(); return !this.realm.getIdentityProviders().isEmpty();
} }
@Override
public Set<ClaimTypeModel> getClaimTypes() {
Set<ClaimTypeModel> claimTypes = new HashSet<ClaimTypeModel>();
for (ClaimTypeEntity claimTypeEntity : realm.getClaimTypes()) {
claimTypes.add(new ClaimTypeModel(claimTypeEntity.getId(), claimTypeEntity.getName(), claimTypeEntity.isBuiltIn(), ClaimTypeModel.ValueType.valueOf(claimTypeEntity.getType())));
}
return claimTypes;
}
@Override
public ClaimTypeModel addClaimType(ClaimTypeModel model) {
String id = model.getId() == null ? KeycloakModelUtils.generateId() : model.getId();
ClaimTypeEntity claimEntity = new ClaimTypeEntity();
claimEntity.setId(id);
claimEntity.setType(model.getType().name());
claimEntity.setBuiltIn(model.isBuiltIn());
claimEntity.setRealm(realm);
em.persist(claimEntity);
realm.getClaimTypes().add(claimEntity);
return new ClaimTypeModel(claimEntity.getId(), model.getName(), model.isBuiltIn(), model.getType());
}
protected ClaimTypeEntity getClaimTypeEntity(ClaimTypeModel claim) {
for (ClaimTypeEntity claimTypeEntity : realm.getClaimTypes()) {
if (claimTypeEntity.getId().equals(claim.getId())) {
return claimTypeEntity;
}
}
return null;
}
@Override
public void removeClaimType(ClaimTypeModel claimType) {
ClaimTypeEntity toDelete = getClaimTypeEntity(claimType);
if (toDelete != null) {
realm.getClaimTypes().remove(toDelete);
em.remove(toDelete);
}
}
@Override
public ClaimTypeModel getClaimType(String name) {
for (ClaimTypeModel model : getClaimTypes()) {
if (model.getName().equals(name)) {
return model;
}
}
return null;
}
@Override
public void updateClaimType(ClaimTypeModel claimType) {
ClaimTypeEntity updated = getClaimTypeEntity(claimType);
updated.setName(claimType.getName());
updated.setBuiltIn(claimType.isBuiltIn());
updated.setType(claimType.getType().name());
em.flush();
}
@Override
public Set<ProtocolMapperModel> getProtocolMappers() {
Set<ProtocolMapperModel> mappings = new HashSet<ProtocolMapperModel>();
for (ProtocolMapperEntity entity : realm.getProtocolMappers()) {
ProtocolMapperModel mapping = new ProtocolMapperModel();
mapping.setId(entity.getId());
mapping.setName(entity.getName());
mapping.setProtocol(entity.getProtocol());
mapping.setAppliedByDefault(entity.isAppliedByDefault());
mapping.setProtocolMapper(entity.getProtocolMapper());
mapping.setConsentRequired(entity.isConsentRequired());
mapping.setConsentText(entity.getConsentText());
Map<String, String> config = new HashMap<String, String>();
if (entity.getConfig() != null) {
config.putAll(entity.getConfig());
}
mapping.setConfig(config);
mappings.add(mapping);
}
return mappings;
}
@Override
public ProtocolMapperModel addProtocolMapper(ProtocolMapperModel model) {
if (getProtocolMapperByName(model.getProtocol(), model.getName()) != null) {
throw new RuntimeException("protocol mapper name must be unique per protocol");
}
String id = KeycloakModelUtils.generateId();
ProtocolMapperEntity entity = new ProtocolMapperEntity();
entity.setId(id);
entity.setName(model.getName());
entity.setProtocol(model.getProtocol());
entity.setProtocolMapper(model.getProtocolMapper());
entity.setAppliedByDefault(model.isAppliedByDefault());
entity.setRealm(realm);
entity.setConfig(model.getConfig());
entity.setConsentRequired(model.isConsentRequired());
entity.setConsentText(model.getConsentText());
em.persist(entity);
realm.getProtocolMappers().add(entity);
return entityToModel(entity);
}
protected ProtocolMapperEntity getProtocolMapperEntity(String id) {
for (ProtocolMapperEntity entity : realm.getProtocolMappers()) {
if (entity.getId().equals(id)) {
return entity;
}
}
return null;
}
protected ProtocolMapperEntity getProtocolMapperEntityByName(String protocol, String name) {
for (ProtocolMapperEntity entity : realm.getProtocolMappers()) {
if (entity.getProtocol().equals(protocol) && entity.getName().equals(name)) {
return entity;
}
}
return null;
}
@Override
public void removeProtocolMapper(ProtocolMapperModel mapping) {
ProtocolMapperEntity toDelete = getProtocolMapperEntity(mapping.getId());
if (toDelete != null) {
realm.getProtocolMappers().remove(toDelete);
Set<String> removeId = new HashSet<String>();
removeId.add(mapping.getId());
for (ApplicationModel app : getApplications()) {
app.removeProtocolMappers(removeId);
}
for (OAuthClientModel app : getOAuthClients()) {
app.removeProtocolMappers(removeId);
}
em.remove(toDelete);
}
}
@Override
public void updateProtocolMapper(ProtocolMapperModel mapping) {
ProtocolMapperEntity entity = getProtocolMapperEntity(mapping.getId());
entity.setProtocolMapper(mapping.getProtocolMapper());
entity.setAppliedByDefault(mapping.isAppliedByDefault());
entity.setConsentRequired(mapping.isConsentRequired());
entity.setConsentText(mapping.getConsentText());
if (entity.getConfig() == null) {
entity.setConfig(mapping.getConfig());
} else {
entity.getConfig().clear();
entity.getConfig().putAll(mapping.getConfig());
}
em.flush();
}
@Override
public ProtocolMapperModel getProtocolMapperById(String id) {
ProtocolMapperEntity entity = getProtocolMapperEntity(id);
if (entity == null) return null;
return entityToModel(entity);
}
@Override
public ProtocolMapperModel getProtocolMapperByName(String protocol, String name) {
ProtocolMapperEntity entity = getProtocolMapperEntityByName(protocol, name);
if (entity == null) return null;
return entityToModel(entity);
}
protected ProtocolMapperModel entityToModel(ProtocolMapperEntity entity) {
ProtocolMapperModel mapping = new ProtocolMapperModel();
mapping.setId(entity.getId());
mapping.setName(entity.getName());
mapping.setProtocol(entity.getProtocol());
mapping.setProtocolMapper(entity.getProtocolMapper());
mapping.setAppliedByDefault(entity.isAppliedByDefault());
mapping.setConsentRequired(entity.isConsentRequired());
mapping.setConsentText(entity.getConsentText());
Map<String, String> config = new HashMap<String, String>();
if (entity.getConfig() != null) config.putAll(entity.getConfig());
mapping.setConfig(config);
return mapping;
}
} }

82
model/jpa/src/main/java/org/keycloak/models/jpa/entities/ClaimTypeEntity.java
View file

@ -1,82 +0,0 @@
package org.keycloak.models.jpa.entities;
import org.keycloak.models.ClaimTypeModel;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.Id;
import javax.persistence.JoinColumn;
import javax.persistence.ManyToOne;
import javax.persistence.NamedQueries;
import javax.persistence.NamedQuery;
import javax.persistence.Table;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
@Entity
@NamedQueries({
@NamedQuery(name="deleteClaimTypesByRealm", query="delete from ClaimTypeEntity attr where attr.realm = :realm")
})
@Table(name="CLAIM_TYPE")
public class ClaimTypeEntity {
@Id
@Column(name="ID", length = 36)
protected String id;
@Column(name = "NAME")
private String name;
@Column(name = "BUILT_IN")
protected boolean builtIn;
@Column(name = "VALUE_TYPE")
protected String type;
@ManyToOne(fetch = FetchType.LAZY)
@JoinColumn(name = "REALM_ID")
protected RealmEntity realm;
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public boolean isBuiltIn() {
return builtIn;
}
public void setBuiltIn(boolean builtIn) {
this.builtIn = builtIn;
}
public String getType() {
return type;
}
public void setType(String type) {
this.type = type;
}
public RealmEntity getRealm() {
return realm;
}
public void setRealm(RealmEntity realm) {
this.realm = realm;
}
}

3
model/jpa/src/main/java/org/keycloak/models/jpa/entities/ClientEntity.java
View file

@ -76,8 +76,7 @@ public abstract class ClientEntity {
@OneToMany(fetch = FetchType.LAZY, mappedBy = "client", cascade = CascadeType.REMOVE) @OneToMany(fetch = FetchType.LAZY, mappedBy = "client", cascade = CascadeType.REMOVE)
Collection<ClientIdentityProviderMappingEntity> identityProviders = new ArrayList<ClientIdentityProviderMappingEntity>(); Collection<ClientIdentityProviderMappingEntity> identityProviders = new ArrayList<ClientIdentityProviderMappingEntity>();
@OneToMany(fetch = FetchType.LAZY) @OneToMany(cascade ={CascadeType.REMOVE}, orphanRemoval = true, mappedBy = "client")
@JoinTable(name="CLIENT_PROTOCOL_MAPPER", joinColumns = { @JoinColumn(name="CLIENT_ID")}, inverseJoinColumns = { @JoinColumn(name="MAPPING_ID")})
Collection<ProtocolMapperEntity> protocolMappers = new ArrayList<ProtocolMapperEntity>(); Collection<ProtocolMapperEntity> protocolMappers = new ArrayList<ProtocolMapperEntity>();
public RealmEntity getRealm() { public RealmEntity getRealm() {

25
model/jpa/src/main/java/org/keycloak/models/jpa/entities/ProtocolMapperEntity.java
View file

@ -19,9 +19,6 @@ import java.util.Map;
* @version $Revision: 1 $ * @version $Revision: 1 $
*/ */
@Entity @Entity
@NamedQueries({
@NamedQuery(name="getProtocolMapperByNameProtocol", query="select mapper from ProtocolMapperEntity mapper where mapper.protocol = :protocol and mapper.name = :name and mapper.realm = :realm")
})
@Table(name="PROTOCOL_MAPPER") @Table(name="PROTOCOL_MAPPER")
public class ProtocolMapperEntity { public class ProtocolMapperEntity {
@ -36,8 +33,6 @@ public class ProtocolMapperEntity {
protected String protocol; protected String protocol;
@Column(name = "PROTOCOL_MAPPER_NAME") @Column(name = "PROTOCOL_MAPPER_NAME")
protected String protocolMapper; protected String protocolMapper;
@Column(name = "APPLIED_BY_DEFAULT")
protected boolean appliedByDefault;
@Column(name="CONSENT_REQUIRED") @Column(name="CONSENT_REQUIRED")
protected boolean consentRequired; protected boolean consentRequired;
@Column(name="CONSENT_TEXT") @Column(name="CONSENT_TEXT")
@ -50,8 +45,8 @@ public class ProtocolMapperEntity {
private Map<String, String> config; private Map<String, String> config;
@ManyToOne(fetch = FetchType.LAZY) @ManyToOne(fetch = FetchType.LAZY)
@JoinColumn(name = "REALM_ID") @JoinColumn(name = "CLIENT_ID")
protected RealmEntity realm; private ClientEntity client;
public String getId() { public String getId() {
return id; return id;
@ -85,14 +80,6 @@ public class ProtocolMapperEntity {
this.protocolMapper = protocolMapper; this.protocolMapper = protocolMapper;
} }
public boolean isAppliedByDefault() {
return appliedByDefault;
}
public void setAppliedByDefault(boolean appliedByDefault) {
this.appliedByDefault = appliedByDefault;
}
public Map<String, String> getConfig() { public Map<String, String> getConfig() {
return config; return config;
} }
@ -101,12 +88,12 @@ public class ProtocolMapperEntity {
this.config = config; this.config = config;
} }
public RealmEntity getRealm() { public ClientEntity getClient() {
return realm; return client;
} }
public void setRealm(RealmEntity realm) { public void setClient(ClientEntity client) {
this.realm = realm; this.client = client;
} }
public boolean isConsentRequired() { public boolean isConsentRequired() {

21
model/jpa/src/main/java/org/keycloak/models/jpa/entities/RealmEntity.java
View file

@ -92,12 +92,6 @@ public class RealmEntity {
@OneToMany(cascade ={CascadeType.REMOVE}, orphanRemoval = true, mappedBy = "realm") @OneToMany(cascade ={CascadeType.REMOVE}, orphanRemoval = true, mappedBy = "realm")
Collection<RealmAttributeEntity> attributes = new ArrayList<RealmAttributeEntity>(); Collection<RealmAttributeEntity> attributes = new ArrayList<RealmAttributeEntity>();
@OneToMany(cascade ={CascadeType.REMOVE}, orphanRemoval = true, mappedBy = "realm")
Collection<ClaimTypeEntity> claimTypes = new ArrayList<ClaimTypeEntity>();
@OneToMany(cascade ={CascadeType.REMOVE}, orphanRemoval = true, mappedBy = "realm")
Collection<ProtocolMapperEntity> protocolMappers = new ArrayList<ProtocolMapperEntity>();
@OneToMany(cascade ={CascadeType.REMOVE}, orphanRemoval = true, mappedBy = "realm") @OneToMany(cascade ={CascadeType.REMOVE}, orphanRemoval = true, mappedBy = "realm")
Collection<RequiredCredentialEntity> requiredCredentials = new ArrayList<RequiredCredentialEntity>(); Collection<RequiredCredentialEntity> requiredCredentials = new ArrayList<RequiredCredentialEntity>();
@ -439,20 +433,5 @@ public class RealmEntity {
getIdentityProviders().add(entity); getIdentityProviders().add(entity);
} }
public Collection<ClaimTypeEntity> getClaimTypes() {
return claimTypes;
}
public void setClaimTypes(Collection<ClaimTypeEntity> claimTypes) {
this.claimTypes = claimTypes;
}
public Collection<ProtocolMapperEntity> getProtocolMappers() {
return protocolMappers;
}
public void setProtocolMappers(Collection<ProtocolMapperEntity> protocolMappers) {
this.protocolMappers = protocolMappers;
}
} }

110
model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/ClientAdapter.java
View file

@ -11,8 +11,10 @@ import org.keycloak.models.RealmProvider;
import org.keycloak.models.RoleModel; import org.keycloak.models.RoleModel;
import org.keycloak.models.entities.ClientEntity; import org.keycloak.models.entities.ClientEntity;
import org.keycloak.models.entities.ClientIdentityProviderMappingEntity; import org.keycloak.models.entities.ClientIdentityProviderMappingEntity;
import org.keycloak.models.entities.ProtocolMapperEntity;
import org.keycloak.models.mongo.keycloak.entities.MongoRoleEntity; import org.keycloak.models.mongo.keycloak.entities.MongoRoleEntity;
import org.keycloak.models.mongo.utils.MongoModelUtils; import org.keycloak.models.mongo.utils.MongoModelUtils;
import org.keycloak.models.utils.KeycloakModelUtils;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.HashMap; import java.util.HashMap;
@ -295,33 +297,117 @@ public abstract class ClientAdapter<T extends MongoIdentifiableEntity> extends A
@Override @Override
public Set<ProtocolMapperModel> getProtocolMappers() { public Set<ProtocolMapperModel> getProtocolMappers() {
Set<ProtocolMapperModel> result = new HashSet<ProtocolMapperModel>(); Set<ProtocolMapperModel> result = new HashSet<ProtocolMapperModel>();
for (String id : getMongoEntityAsClient().getProtocolMappers()) { for (ProtocolMapperEntity entity : getMongoEntityAsClient().getProtocolMappers()) {
ProtocolMapperModel model = getRealm().getProtocolMapperById(id); ProtocolMapperModel mapping = new ProtocolMapperModel();
if (model != null) result.add(model); mapping.setId(entity.getId());
mapping.setName(entity.getName());
mapping.setProtocol(entity.getProtocol());
mapping.setConsentRequired(entity.isConsentRequired());
mapping.setConsentText(entity.getConsentText());
Map<String, String> config = new HashMap<String, String>();
if (entity.getConfig() != null) {
config.putAll(entity.getConfig());
}
mapping.setConfig(config);
} }
return result; return result;
} }
@Override @Override
public void addProtocolMappers(Set<String> mapperIds) { public ProtocolMapperModel addProtocolMapper(ProtocolMapperModel model) {
getMongoEntityAsClient().getProtocolMappers().addAll(mapperIds); if (getProtocolMapperByName(model.getProtocol(), model.getName()) != null) {
throw new RuntimeException("protocol mapper name must be unique per protocol");
}
ProtocolMapperEntity entity = new ProtocolMapperEntity();
entity.setId(KeycloakModelUtils.generateId());
entity.setProtocol(model.getProtocol());
entity.setName(model.getName());
entity.setProtocolMapper(model.getProtocolMapper());
entity.setConfig(model.getConfig());
entity.setConsentRequired(model.isConsentRequired());
entity.setConsentText(model.getConsentText());
getMongoEntityAsClient().getProtocolMappers().add(entity);
updateMongoEntity();
return entityToModel(entity);
}
@Override
public void removeProtocolMapper(ProtocolMapperModel mapping) {
for (ProtocolMapperEntity entity : getMongoEntityAsClient().getProtocolMappers()) {
if (entity.getId().equals(mapping.getId())) {
getMongoEntityAsClient().getProtocolMappers().remove(entity);
updateMongoEntity();
break;
}
}
}
protected ProtocolMapperEntity getProtocolMapperyEntityById(String id) {
for (ProtocolMapperEntity entity : getMongoEntityAsClient().getProtocolMappers()) {
if (entity.getId().equals(id)) {
return entity;
}
}
return null;
}
protected ProtocolMapperEntity getProtocolMapperEntityByName(String protocol, String name) {
for (ProtocolMapperEntity entity : getMongoEntityAsClient().getProtocolMappers()) {
if (entity.getProtocol().equals(protocol) && entity.getName().equals(name)) {
return entity;
}
}
return null;
}
@Override
public void updateProtocolMapper(ProtocolMapperModel mapping) {
ProtocolMapperEntity entity = getProtocolMapperyEntityById(mapping.getId());
entity.setProtocolMapper(mapping.getProtocolMapper());
entity.setConsentRequired(mapping.isConsentRequired());
entity.setConsentText(mapping.getConsentText());
if (entity.getConfig() != null) {
entity.getConfig().clear();
entity.getConfig().putAll(mapping.getConfig());
} else {
entity.setConfig(mapping.getConfig());
}
updateMongoEntity(); updateMongoEntity();
} }
@Override @Override
public void removeProtocolMappers(Set<String> mapperIds) { public ProtocolMapperModel getProtocolMapperById(String id) {
getMongoEntityAsClient().getProtocolMappers().removeAll(mapperIds); ProtocolMapperEntity entity = getProtocolMapperyEntityById(id);
updateMongoEntity(); if (entity == null) return null;
return entityToModel(entity);
} }
@Override @Override
public void setProtocolMappers(Set<String> mapperIds) { public ProtocolMapperModel getProtocolMapperByName(String protocol, String name) {
getMongoEntityAsClient().getProtocolMappers().clear(); ProtocolMapperEntity entity = getProtocolMapperEntityByName(protocol, name);
getMongoEntityAsClient().getProtocolMappers().addAll(mapperIds); if (entity == null) return null;
updateMongoEntity(); return entityToModel(entity);
} }
protected ProtocolMapperModel entityToModel(ProtocolMapperEntity entity) {
ProtocolMapperModel mapping = new ProtocolMapperModel();
mapping.setId(entity.getId());
mapping.setName(entity.getName());
mapping.setProtocol(entity.getProtocol());
mapping.setProtocolMapper(entity.getProtocolMapper());
mapping.setConsentRequired(entity.isConsentRequired());
mapping.setConsentText(entity.getConsentText());
Map<String, String> config = new HashMap<String, String>();
if (entity.getConfig() != null) config.putAll(entity.getConfig());
mapping.setConfig(config);
return mapping;
}
@Override @Override
public void updateAllowedIdentityProviders(List<ClientIdentityProviderMappingModel> identityProviders) { public void updateAllowedIdentityProviders(List<ClientIdentityProviderMappingModel> identityProviders) {
List<ClientIdentityProviderMappingEntity> stored = new ArrayList<ClientIdentityProviderMappingEntity>(); List<ClientIdentityProviderMappingEntity> stored = new ArrayList<ClientIdentityProviderMappingEntity>();

186
model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
View file

@ -5,21 +5,17 @@ import com.mongodb.QueryBuilder;
import org.keycloak.connections.mongo.api.context.MongoStoreInvocationContext; import org.keycloak.connections.mongo.api.context.MongoStoreInvocationContext;
import org.keycloak.enums.SslRequired; import org.keycloak.enums.SslRequired;
import org.keycloak.models.ApplicationModel; import org.keycloak.models.ApplicationModel;
import org.keycloak.models.ClaimTypeModel;
import org.keycloak.models.ClientModel; import org.keycloak.models.ClientModel;
import org.keycloak.models.IdentityProviderModel; import org.keycloak.models.IdentityProviderModel;
import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSession;
import org.keycloak.models.OAuthClientModel; import org.keycloak.models.OAuthClientModel;
import org.keycloak.models.PasswordPolicy; import org.keycloak.models.PasswordPolicy;
import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.RealmModel; import org.keycloak.models.RealmModel;
import org.keycloak.models.RealmProvider; import org.keycloak.models.RealmProvider;
import org.keycloak.models.RequiredCredentialModel; import org.keycloak.models.RequiredCredentialModel;
import org.keycloak.models.RoleModel; import org.keycloak.models.RoleModel;
import org.keycloak.models.UserFederationProviderModel; import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.entities.ClaimTypeEntity;
import org.keycloak.models.entities.IdentityProviderEntity; import org.keycloak.models.entities.IdentityProviderEntity;
import org.keycloak.models.entities.ProtocolMapperEntity;
import org.keycloak.models.entities.RequiredCredentialEntity; import org.keycloak.models.entities.RequiredCredentialEntity;
import org.keycloak.models.entities.UserFederationProviderEntity; import org.keycloak.models.entities.UserFederationProviderEntity;
import org.keycloak.models.mongo.keycloak.entities.MongoApplicationEntity; import org.keycloak.models.mongo.keycloak.entities.MongoApplicationEntity;
@ -616,14 +612,6 @@ public class RealmAdapter extends AbstractMongoAdapter<MongoRealmEntity> impleme
return result; return result;
} }
public void addDefaultClientProtocolMappers(ClientModel client) {
Set<String> adding = new HashSet<String>();
for (ProtocolMapperEntity mapper : realm.getProtocolMappers()) {
if (mapper.isAppliedByDefault()) adding.add(mapper.getId());
}
client.setProtocolMappers(adding);
}
@Override @Override
public ApplicationModel addApplication(String name) { public ApplicationModel addApplication(String name) {
return this.addApplication(null, name); return this.addApplication(null, name);
@ -639,7 +627,6 @@ public class RealmAdapter extends AbstractMongoAdapter<MongoRealmEntity> impleme
getMongoStore().insertEntity(appData, invocationContext); getMongoStore().insertEntity(appData, invocationContext);
ApplicationModel model = new ApplicationAdapter(session, this, appData, invocationContext); ApplicationModel model = new ApplicationAdapter(session, this, appData, invocationContext);
addDefaultClientProtocolMappers(model);
return model; return model;
} }
@ -662,7 +649,6 @@ public class RealmAdapter extends AbstractMongoAdapter<MongoRealmEntity> impleme
getMongoStore().insertEntity(oauthClient, invocationContext); getMongoStore().insertEntity(oauthClient, invocationContext);
OAuthClientAdapter model = new OAuthClientAdapter(session, this, oauthClient, invocationContext); OAuthClientAdapter model = new OAuthClientAdapter(session, this, oauthClient, invocationContext);
addDefaultClientProtocolMappers(model);
return model; return model;
} }
@ -798,178 +784,6 @@ public class RealmAdapter extends AbstractMongoAdapter<MongoRealmEntity> impleme
updateRealm(); updateRealm();
} }
@Override
public Set<ProtocolMapperModel> getProtocolMappers() {
Set<ProtocolMapperModel> result = new HashSet<ProtocolMapperModel>();
for (ProtocolMapperEntity entity : realm.getProtocolMappers()) {
ProtocolMapperModel mapping = new ProtocolMapperModel();
mapping.setId(entity.getId());
mapping.setName(entity.getName());
mapping.setProtocol(entity.getProtocol());
mapping.setAppliedByDefault(entity.isAppliedByDefault());
mapping.setConsentRequired(entity.isConsentRequired());
mapping.setConsentText(entity.getConsentText());
Map<String, String> config = new HashMap<String, String>();
if (entity.getConfig() != null) {
config.putAll(entity.getConfig());
}
mapping.setConfig(config);
}
return result;
}
@Override
public ProtocolMapperModel addProtocolMapper(ProtocolMapperModel model) {
if (getProtocolMapperByName(model.getProtocol(), model.getName()) != null) {
throw new RuntimeException("protocol mapper name must be unique per protocol");
}
ProtocolMapperEntity entity = new ProtocolMapperEntity();
entity.setId(KeycloakModelUtils.generateId());
entity.setProtocol(model.getProtocol());
entity.setName(model.getName());
entity.setAppliedByDefault(model.isAppliedByDefault());
entity.setProtocolMapper(model.getProtocolMapper());
entity.setConfig(model.getConfig());
entity.setConsentRequired(model.isConsentRequired());
entity.setConsentText(model.getConsentText());
realm.getProtocolMappers().add(entity);
updateRealm();
return entityToModel(entity);
}
@Override
public void removeProtocolMapper(ProtocolMapperModel mapping) {
for (ProtocolMapperEntity entity : realm.getProtocolMappers()) {
if (entity.getId().equals(mapping.getId())) {
realm.getProtocolMappers().remove(entity);
updateRealm();
break;
}
}
}
protected ProtocolMapperEntity getProtocolMapperyEntityById(String id) {
for (ProtocolMapperEntity entity : realm.getProtocolMappers()) {
if (entity.getId().equals(id)) {
return entity;
}
}
return null;
}
protected ProtocolMapperEntity getProtocolMapperEntityByName(String protocol, String name) {
for (ProtocolMapperEntity entity : realm.getProtocolMappers()) {
if (entity.getProtocol().equals(protocol) && entity.getName().equals(name)) {
return entity;
}
}
return null;
}
@Override
public void updateProtocolMapper(ProtocolMapperModel mapping) {
ProtocolMapperEntity entity = getProtocolMapperyEntityById(mapping.getId());
entity.setAppliedByDefault(mapping.isAppliedByDefault());
entity.setProtocolMapper(mapping.getProtocolMapper());
entity.setConsentRequired(mapping.isConsentRequired());
entity.setConsentText(mapping.getConsentText());
if (entity.getConfig() != null) {
entity.getConfig().clear();
entity.getConfig().putAll(mapping.getConfig());
} else {
entity.setConfig(mapping.getConfig());
}
updateRealm();
}
@Override
public ProtocolMapperModel getProtocolMapperById(String id) {
ProtocolMapperEntity entity = getProtocolMapperyEntityById(id);
if (entity == null) return null;
return entityToModel(entity);
}
@Override
public ProtocolMapperModel getProtocolMapperByName(String protocol, String name) {
ProtocolMapperEntity entity = getProtocolMapperEntityByName(protocol, name);
if (entity == null) return null;
return entityToModel(entity);
}
protected ProtocolMapperModel entityToModel(ProtocolMapperEntity entity) {
ProtocolMapperModel mapping = new ProtocolMapperModel();
mapping.setId(entity.getId());
mapping.setName(entity.getName());
mapping.setProtocol(entity.getProtocol());
mapping.setAppliedByDefault(entity.isAppliedByDefault());
mapping.setProtocolMapper(entity.getProtocolMapper());
mapping.setConsentRequired(entity.isConsentRequired());
mapping.setConsentText(entity.getConsentText());
Map<String, String> config = new HashMap<String, String>();
if (entity.getConfig() != null) config.putAll(entity.getConfig());
mapping.setConfig(config);
return mapping;
}
@Override
public Set<ClaimTypeModel> getClaimTypes() {
Set<ClaimTypeModel> result = new HashSet<ClaimTypeModel>();
for (ClaimTypeEntity entity : realm.getClaimTypes()) {
result.add(new ClaimTypeModel(entity.getId(), entity.getName(), entity.isBuiltIn(), entity.getType()));
}
return result;
}
@Override
public ClaimTypeModel addClaimType(ClaimTypeModel model) {
String id = model.getId() == null ? KeycloakModelUtils.generateId() : model.getId();
ClaimTypeModel claim = new ClaimTypeModel(id, model.getName(), model.isBuiltIn(), model.getType());
ClaimTypeEntity entity = new ClaimTypeEntity();
entity.setId(claim.getId());
entity.setType(model.getType());
entity.setBuiltIn(model.isBuiltIn());
entity.setName(model.getName());
realm.getClaimTypes().add(entity);
updateRealm();
return claim;
}
@Override
public void removeClaimType(ClaimTypeModel claimType) {
for (ClaimTypeEntity entity : realm.getClaimTypes()) {
if (entity.getId().equals(claimType.getId())) {
realm.getClaimTypes().remove(entity);
updateRealm();
break;
}
}
}
@Override
public ClaimTypeModel getClaimType(String name) {
for (ClaimTypeModel claimType : getClaimTypes()) {
if (claimType.getName().equals(name)) return claimType;
}
return null;
}
@Override
public void updateClaimType(ClaimTypeModel claimType) {
for (ClaimTypeEntity entity : realm.getClaimTypes()) {
if (entity.getId().equals(claimType.getId())) {
entity.setName(claimType.getName());
entity.setBuiltIn(claimType.isBuiltIn());
entity.setType(claimType.getType());
updateRealm();
break;
}
}
}
@Override @Override
public List<IdentityProviderModel> getIdentityProviders() { public List<IdentityProviderModel> getIdentityProviders() {

38
saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlProtocolFactory.java
View file

@ -2,6 +2,7 @@ package org.keycloak.protocol.saml;
import org.keycloak.Config; import org.keycloak.Config;
import org.keycloak.events.EventBuilder; import org.keycloak.events.EventBuilder;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory; import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.ProtocolMapperModel; import org.keycloak.models.ProtocolMapperModel;
@ -19,7 +20,9 @@ import org.keycloak.services.managers.AuthenticationManager;
import org.picketlink.identity.federation.core.saml.v2.constants.X500SAMLProfileConstants; import org.picketlink.identity.federation.core.saml.v2.constants.X500SAMLProfileConstants;
import org.picketlink.identity.federation.core.sts.PicketLinkCoreSTS; import org.picketlink.identity.federation.core.sts.PicketLinkCoreSTS;
import java.util.ArrayList;
import java.util.HashMap; import java.util.HashMap;
import java.util.List;
import java.util.Map; import java.util.Map;
/** /**
@ -50,22 +53,37 @@ public class SamlProtocolFactory extends AbstractLoginProtocolFactory {
} }
@Override @Override
protected void addDefaults(RealmModel realm) { public List<ProtocolMapperModel> getBuiltinMappers() {
UserModelUriReferenceAttributeStatementMapper.addAttributeMapper(realm, "X500 email", return builtins;
}
static List<ProtocolMapperModel> builtins = new ArrayList<>();
static List<ProtocolMapperModel> defaultBuiltins = new ArrayList<>();
static {
ProtocolMapperModel model;
model = UserModelUriReferenceAttributeStatementMapper.createAttributeMapper("X500 email",
"email", "email",
X500SAMLProfileConstants.EMAIL.get(), X500SAMLProfileConstants.EMAIL.getFriendlyName(), X500SAMLProfileConstants.EMAIL.get(), X500SAMLProfileConstants.EMAIL.getFriendlyName(),
true, "email", true, "email");
false); builtins.add(model);
UserModelUriReferenceAttributeStatementMapper.addAttributeMapper(realm, "X500 givenName", model = UserModelUriReferenceAttributeStatementMapper.createAttributeMapper("X500 givenName",
"firstName", "firstName",
X500SAMLProfileConstants.GIVEN_NAME.get(), X500SAMLProfileConstants.GIVEN_NAME.getFriendlyName(), X500SAMLProfileConstants.GIVEN_NAME.get(), X500SAMLProfileConstants.GIVEN_NAME.getFriendlyName(),
true, "given name", true, "given name");
false); builtins.add(model);
UserModelUriReferenceAttributeStatementMapper.addAttributeMapper(realm, "X500 surname", model = UserModelUriReferenceAttributeStatementMapper.createAttributeMapper("X500 surname",
"lastName", "lastName",
X500SAMLProfileConstants.SURNAME.get(), X500SAMLProfileConstants.SURNAME.getFriendlyName(), X500SAMLProfileConstants.SURNAME.get(), X500SAMLProfileConstants.SURNAME.getFriendlyName(),
true, "family name", true, "family name");
false); builtins.add(model);
}
@Override
protected void addDefaults(ClientModel client) {
for (ProtocolMapperModel model : defaultBuiltins) client.addProtocolMapper(model);
} }

9
saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/mappers/AttributeStatementHelper.java
View file

@ -74,16 +74,13 @@ public class AttributeStatementHelper {
configProperties.add(property); configProperties.add(property);
} }
public static void addAttributeMapper(RealmModel realm, String name, String userAttribute, String samlAttributeName, String friendlyName, boolean consentRequired, String consentText, boolean appliedByDefault, String mapperId) { public static ProtocolMapperModel createAttributeMapper(String name, String userAttribute, String samlAttributeName, String friendlyName, boolean consentRequired, String consentText, String mapperId) {
ProtocolMapperModel mapper = realm.getProtocolMapperByName(SamlProtocol.LOGIN_PROTOCOL, name); ProtocolMapperModel mapper = mapper = new ProtocolMapperModel();
if (mapper != null) return;
mapper = new ProtocolMapperModel();
mapper.setName(name); mapper.setName(name);
mapper.setProtocolMapper(mapperId); mapper.setProtocolMapper(mapperId);
mapper.setProtocol(SamlProtocol.LOGIN_PROTOCOL); mapper.setProtocol(SamlProtocol.LOGIN_PROTOCOL);
mapper.setConsentRequired(consentRequired); mapper.setConsentRequired(consentRequired);
mapper.setConsentText(consentText); mapper.setConsentText(consentText);
mapper.setAppliedByDefault(appliedByDefault);
Map<String, String> config = new HashMap<String, String>(); Map<String, String> config = new HashMap<String, String>();
config.put(ProtocolMapperUtils.USER_ATTRIBUTE, userAttribute); config.put(ProtocolMapperUtils.USER_ATTRIBUTE, userAttribute);
config.put(SAML_ATTRIBUTE_NAME, samlAttributeName); config.put(SAML_ATTRIBUTE_NAME, samlAttributeName);
@ -91,6 +88,6 @@ public class AttributeStatementHelper {
config.put(FRIENDLY_NAME, friendlyName); config.put(FRIENDLY_NAME, friendlyName);
} }
mapper.setConfig(config); mapper.setConfig(config);
realm.addProtocolMapper(mapper); return mapper;
} }
} }

7
saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/mappers/UserAttributeBasicAttributeStatementMapper.java
View file

@ -67,14 +67,13 @@ public class UserAttributeBasicAttributeStatementMapper extends AbstractSAMLProt
} }
public static void addAttributeMapper(RealmModel realm, String name, public static ProtocolMapperModel createAttributeMapper(String name,
String userAttribute, String userAttribute,
String samlAttributeName, String samlAttributeName,
String friendlyName, String friendlyName,
boolean consentRequired, String consentText, boolean consentRequired, String consentText) {
boolean appliedByDefault) {
String mapperId = PROVIDER_ID; String mapperId = PROVIDER_ID;
AttributeStatementHelper.addAttributeMapper(realm, name, userAttribute, samlAttributeName, friendlyName, consentRequired, consentText, appliedByDefault, mapperId); return AttributeStatementHelper.createAttributeMapper(name, userAttribute, samlAttributeName, friendlyName, consentRequired, consentText, mapperId);
} }

7
saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/mappers/UserAttributeUriReferenceAttributeStatementMapper.java
View file

@ -66,14 +66,13 @@ public class UserAttributeUriReferenceAttributeStatementMapper extends AbstractS
AttributeStatementHelper.addUriReferenceAttribute(attributeStatement, mappingModel, attributeValue); AttributeStatementHelper.addUriReferenceAttribute(attributeStatement, mappingModel, attributeValue);
} }
public static void addAttributeMapper(RealmModel realm, String name, public static ProtocolMapperModel createAttributeMapper(String name,
String userAttribute, String userAttribute,
String samlAttributeName, String samlAttributeName,
String friendlyName, String friendlyName,
boolean consentRequired, String consentText, boolean consentRequired, String consentText) {
boolean appliedByDefault) {
String mapperId = PROVIDER_ID; String mapperId = PROVIDER_ID;
AttributeStatementHelper.addAttributeMapper(realm, name, userAttribute, samlAttributeName, friendlyName, consentRequired, consentText, appliedByDefault, mapperId); return AttributeStatementHelper.createAttributeMapper(name, userAttribute, samlAttributeName, friendlyName, consentRequired, consentText, mapperId);
} }

7
saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/mappers/UserModelBasicAttributeStatementMapper.java
View file

@ -67,14 +67,13 @@ public class UserModelBasicAttributeStatementMapper extends AbstractSAMLProtocol
} }
public static void addAttributeMapper(RealmModel realm, String name, public static ProtocolMapperModel createAttributeMapper(String name,
String userAttribute, String userAttribute,
String samlAttributeName, String samlAttributeName,
String friendlyName, String friendlyName,
boolean consentRequired, String consentText, boolean consentRequired, String consentText) {
boolean appliedByDefault) {
String mapperId = PROVIDER_ID; String mapperId = PROVIDER_ID;
AttributeStatementHelper.addAttributeMapper(realm, name, userAttribute, samlAttributeName, friendlyName, consentRequired, consentText, appliedByDefault, mapperId); return AttributeStatementHelper.createAttributeMapper(name, userAttribute, samlAttributeName, friendlyName, consentRequired, consentText, mapperId);
} }
} }

8
saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/mappers/UserModelUriReferenceAttributeStatementMapper.java
View file

@ -3,7 +3,6 @@ package org.keycloak.protocol.saml.mappers;
import org.keycloak.models.ClientSessionModel; import org.keycloak.models.ClientSessionModel;
import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ProtocolMapperModel; import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel; import org.keycloak.models.UserModel;
import org.keycloak.models.UserSessionModel; import org.keycloak.models.UserSessionModel;
import org.keycloak.protocol.ProtocolMapperUtils; import org.keycloak.protocol.ProtocolMapperUtils;
@ -67,14 +66,13 @@ public class UserModelUriReferenceAttributeStatementMapper extends AbstractSAMLP
} }
public static void addAttributeMapper(RealmModel realm, String name, public static ProtocolMapperModel createAttributeMapper(String name,
String userAttribute, String userAttribute,
String samlAttributeName, String samlAttributeName,
String friendlyName, String friendlyName,
boolean consentRequired, String consentText, boolean consentRequired, String consentText) {
boolean appliedByDefault) {
String mapperId = PROVIDER_ID; String mapperId = PROVIDER_ID;
AttributeStatementHelper.addAttributeMapper(realm, name, userAttribute, samlAttributeName, friendlyName, consentRequired, consentText, appliedByDefault, mapperId); return AttributeStatementHelper.createAttributeMapper(name, userAttribute, samlAttributeName, friendlyName, consentRequired, consentText, mapperId);
} }
} }

22
services/src/main/java/org/keycloak/protocol/AbstractLoginProtocolFactory.java
View file

@ -2,6 +2,7 @@ package org.keycloak.protocol;
import org.jboss.logging.Logger; import org.jboss.logging.Logger;
import org.keycloak.Config; import org.keycloak.Config;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory; import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.RealmModel; import org.keycloak.models.RealmModel;
@ -24,25 +25,12 @@ public abstract class AbstractLoginProtocolFactory implements LoginProtocolFacto
@Override @Override
public void postInit(KeycloakSessionFactory factory) { public void postInit(KeycloakSessionFactory factory) {
KeycloakSession session = factory.create();
session.getTransaction().begin();
try {
List<RealmModel> realms = session.realms().getRealms();
for (RealmModel realm : realms) addDefaults(realm);
session.getTransaction().commit();
} catch (Exception e) {
logger.error("Can't add default mappers to realm", e);
session.getTransaction().rollback();
} finally {
session.close();
}
factory.register(new ProviderEventListener() { factory.register(new ProviderEventListener() {
@Override @Override
public void onEvent(ProviderEvent event) { public void onEvent(ProviderEvent event) {
if (event instanceof RealmModel.RealmCreationEvent) { if (event instanceof RealmModel.ClientCreationEvent) {
RealmModel realm = ((RealmModel.RealmCreationEvent)event).getCreatedRealm(); ClientModel client = ((RealmModel.ClientCreationEvent)event).getCreatedClient();
addDefaults(realm); addDefaults(client);
} }
} }
}); });
@ -50,7 +38,7 @@ public abstract class AbstractLoginProtocolFactory implements LoginProtocolFacto
} }
protected abstract void addDefaults(RealmModel realm); protected abstract void addDefaults(ClientModel realm);
@Override @Override
public void close() { public void close() {

6
services/src/main/java/org/keycloak/protocol/LoginProtocolFactory.java
View file

@ -13,5 +13,11 @@ import java.util.List;
* @version $Revision: 1 $ * @version $Revision: 1 $
*/ */
public interface LoginProtocolFactory extends ProviderFactory<LoginProtocol> { public interface LoginProtocolFactory extends ProviderFactory<LoginProtocol> {
/**
* List of built in protocol mappers that can be used to apply to clients.
*
* @return
*/
List<ProtocolMapperModel> getBuiltinMappers();
Object createProtocolEndpoint(RealmModel realm, EventBuilder event, AuthenticationManager authManager); Object createProtocolEndpoint(RealmModel realm, EventBuilder event, AuthenticationManager authManager);
} }

92
services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolFactory.java
View file

@ -1,6 +1,7 @@
package org.keycloak.protocol.oidc; package org.keycloak.protocol.oidc;
import org.keycloak.events.EventBuilder; import org.keycloak.events.EventBuilder;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ProtocolMapperModel; import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.RealmModel; import org.keycloak.models.RealmModel;
@ -13,7 +14,9 @@ import org.keycloak.protocol.oidc.mappers.OIDCFullNameMapper;
import org.keycloak.protocol.oidc.mappers.OIDCUserModelMapper; import org.keycloak.protocol.oidc.mappers.OIDCUserModelMapper;
import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.managers.AuthenticationManager;
import java.util.ArrayList;
import java.util.HashMap; import java.util.HashMap;
import java.util.List;
import java.util.Map; import java.util.Map;
/** /**
@ -27,71 +30,80 @@ public class OIDCLoginProtocolFactory extends AbstractLoginProtocolFactory {
} }
@Override @Override
protected void addDefaults(RealmModel realm) { public List<ProtocolMapperModel> getBuiltinMappers() {
int counter = 0; return builtins;
// the ids must never change!!!! So if you add more default mappers, then add to end with higher counter. }
OIDCUserModelMapper.addClaimMapper(realm, "username",
static List<ProtocolMapperModel> builtins = new ArrayList<>();
static List<ProtocolMapperModel> defaultBuiltins = new ArrayList<>();
static {
ProtocolMapperModel model;
model = OIDCUserModelMapper.createClaimMapper("username",
"username", "username",
"preferred_username", "String", "preferred_username", "String",
true, "username", true, "username",
true,
true, true); true, true);
OIDCUserModelMapper.addClaimMapper(realm, "email", builtins.add(model);
defaultBuiltins.add(model);
model = OIDCUserModelMapper.createClaimMapper("email",
"email", "email",
"email", "String", "email", "String",
true, "email", true, "email",
true,
true, true); true, true);
OIDCUserModelMapper.addClaimMapper(realm, "given name", builtins.add(model);
defaultBuiltins.add(model);
model = OIDCUserModelMapper.createClaimMapper("given name",
"firstName", "firstName",
"given_name", "String", "given_name", "String",
true, "given name", true, "given name",
true,
true, true); true, true);
OIDCUserModelMapper.addClaimMapper(realm, "family name", builtins.add(model);
defaultBuiltins.add(model);
model = OIDCUserModelMapper.createClaimMapper("family name",
"lastName", "lastName",
"family_name", "String", "family_name", "String",
true, "family name", true, "family name",
true,
true, true); true, true);
OIDCUserModelMapper.addClaimMapper(realm, "email verified", builtins.add(model);
defaultBuiltins.add(model);
model = OIDCUserModelMapper.createClaimMapper("email verified",
"emailVerified", "emailVerified",
"email_verified", "boolean", "email_verified", "boolean",
false, null, false, null,
false,
true, true); true, true);
builtins.add(model);
ProtocolMapperModel fullName = new ProtocolMapperModel(); ProtocolMapperModel fullName = new ProtocolMapperModel();
if (realm.getProtocolMapperByName(OIDCLoginProtocol.LOGIN_PROTOCOL, "full name") == null) { fullName.setName("full name");
fullName.setName("full name"); fullName.setProtocolMapper(OIDCFullNameMapper.PROVIDER_ID);
fullName.setProtocolMapper(OIDCFullNameMapper.PROVIDER_ID); fullName.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
fullName.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL); fullName.setConsentRequired(true);
fullName.setConsentRequired(true); fullName.setConsentText("full name");
fullName.setConsentText("full name"); Map<String, String> config = new HashMap<String, String>();
fullName.setAppliedByDefault(true); config.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true");
Map<String, String> config = new HashMap<String, String>(); config.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true");
config.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true"); fullName.setConfig(config);
config.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true"); builtins.add(fullName);
fullName.setConfig(config); defaultBuiltins.add(fullName);
realm.addProtocolMapper(fullName);
}
ProtocolMapperModel address = new ProtocolMapperModel(); ProtocolMapperModel address = new ProtocolMapperModel();
if (realm.getProtocolMapperByName(OIDCLoginProtocol.LOGIN_PROTOCOL, "address") == null) { address.setName("address");
address.setName("address"); address.setProtocolMapper(OIDCAddressMapper.PROVIDER_ID);
address.setProtocolMapper(OIDCAddressMapper.PROVIDER_ID); address.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
address.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL); address.setConsentRequired(true);
address.setConsentRequired(true); address.setConsentText("address");
address.setConsentText("address"); config = new HashMap<String, String>();
address.setAppliedByDefault(false); config.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true");
Map<String, String> config = new HashMap<String, String>(); config.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true");
config.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true"); address.setConfig(config);
config.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true"); builtins.add(address);
address.setConfig(config); }
realm.addProtocolMapper(address);
}
@Override
protected void addDefaults(ClientModel client) {
for (ProtocolMapperModel model : defaultBuiltins) client.addProtocolMapper(model);
} }
@Override @Override

10
services/src/main/java/org/keycloak/protocol/oidc/mappers/OIDCAttributeMapperHelper.java
View file

@ -67,22 +67,18 @@ public class OIDCAttributeMapperHelper {
} }
} }
public static void addClaimMapper(RealmModel realm, String name, public static ProtocolMapperModel createClaimMapper(String name,
String userAttribute, String userAttribute,
String tokenClaimName, String claimType, String tokenClaimName, String claimType,
boolean consentRequired, String consentText, boolean consentRequired, String consentText,
boolean appliedByDefault,
boolean accessToken, boolean idToken, boolean accessToken, boolean idToken,
String mapperId) { String mapperId) {
ProtocolMapperModel mapper = realm.getProtocolMapperByName(OIDCLoginProtocol.LOGIN_PROTOCOL, name); ProtocolMapperModel mapper = new ProtocolMapperModel();
if (mapper != null) return;
mapper = new ProtocolMapperModel();
mapper.setName(name); mapper.setName(name);
mapper.setProtocolMapper(mapperId); mapper.setProtocolMapper(mapperId);
mapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL); mapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
mapper.setConsentRequired(consentRequired); mapper.setConsentRequired(consentRequired);
mapper.setConsentText(consentText); mapper.setConsentText(consentText);
mapper.setAppliedByDefault(appliedByDefault);
Map<String, String> config = new HashMap<String, String>(); Map<String, String> config = new HashMap<String, String>();
config.put(ProtocolMapperUtils.USER_ATTRIBUTE, userAttribute); config.put(ProtocolMapperUtils.USER_ATTRIBUTE, userAttribute);
config.put(TOKEN_CLAIM_NAME, tokenClaimName); config.put(TOKEN_CLAIM_NAME, tokenClaimName);
@ -90,7 +86,7 @@ public class OIDCAttributeMapperHelper {
if (accessToken) config.put(INCLUDE_IN_ACCESS_TOKEN, "true"); if (accessToken) config.put(INCLUDE_IN_ACCESS_TOKEN, "true");
if (idToken) config.put(INCLUDE_IN_ID_TOKEN, "true"); if (idToken) config.put(INCLUDE_IN_ID_TOKEN, "true");
mapper.setConfig(config); mapper.setConfig(config);
realm.addProtocolMapper(mapper); return mapper;
} }
public static boolean includeInIDToken(ProtocolMapperModel mappingModel) { public static boolean includeInIDToken(ProtocolMapperModel mappingModel) {

7
services/src/main/java/org/keycloak/protocol/oidc/mappers/OIDCUserAttributeMapper.java
View file

@ -114,16 +114,15 @@ public class OIDCUserAttributeMapper extends AbstractOIDCProtocolMapper implemen
return token; return token;
} }
public static void addClaimMapper(RealmModel realm, String name, public static ProtocolMapperModel createClaimMapper(String name,
String userAttribute, String userAttribute,
String tokenClaimName, String claimType, String tokenClaimName, String claimType,
boolean consentRequired, String consentText, boolean consentRequired, String consentText,
boolean appliedByDefault,
boolean accessToken, boolean idToken) { boolean accessToken, boolean idToken) {
OIDCAttributeMapperHelper.addClaimMapper(realm, name, userAttribute, return OIDCAttributeMapperHelper.createClaimMapper(name, userAttribute,
tokenClaimName, claimType, tokenClaimName, claimType,
consentRequired, consentText, consentRequired, consentText,
appliedByDefault, accessToken, idToken, accessToken, idToken,
PROVIDER_ID); PROVIDER_ID);
} }

7
services/src/main/java/org/keycloak/protocol/oidc/mappers/OIDCUserModelMapper.java
View file

@ -112,16 +112,15 @@ public class OIDCUserModelMapper extends AbstractOIDCProtocolMapper implements O
OIDCAttributeMapperHelper.mapClaim(token, mappingModel, propertyValue); OIDCAttributeMapperHelper.mapClaim(token, mappingModel, propertyValue);
} }
public static void addClaimMapper(RealmModel realm, String name, public static ProtocolMapperModel createClaimMapper(String name,
String userAttribute, String userAttribute,
String tokenClaimName, String claimType, String tokenClaimName, String claimType,
boolean consentRequired, String consentText, boolean consentRequired, String consentText,
boolean appliedByDefault,
boolean accessToken, boolean idToken) { boolean accessToken, boolean idToken) {
OIDCAttributeMapperHelper.addClaimMapper(realm, name, userAttribute, return OIDCAttributeMapperHelper.createClaimMapper(name, userAttribute,
tokenClaimName, claimType, tokenClaimName, claimType,
consentRequired, consentText, consentRequired, consentText,
appliedByDefault, accessToken, idToken, accessToken, idToken,
PROVIDER_ID); PROVIDER_ID);
} }

4
services/src/main/java/org/keycloak/services/resources/admin/ApplicationResource.java
View file

@ -89,8 +89,8 @@ public class ApplicationResource {
} }
@Path("protocol-mappers") @Path("protocol-mappers")
public ClientProtocolMappersResource getProtocolMappers() { public ProtocolMappersResource getProtocolMappers() {
ClientProtocolMappersResource mappers = new ClientProtocolMappersResource(realm, auth, application); ProtocolMappersResource mappers = new ProtocolMappersResource(application, auth);
ResteasyProviderFactory.getInstance().injectProperties(mappers); ResteasyProviderFactory.getInstance().injectProperties(mappers);
//resourceContext.initResource(mappers); //resourceContext.initResource(mappers);
return mappers; return mappers;

120
services/src/main/java/org/keycloak/services/resources/admin/ClientProtocolMappersResource.java
View file

@ -1,120 +0,0 @@
package org.keycloak.services.resources.admin;
import org.jboss.logging.Logger;
import org.jboss.resteasy.annotations.cache.NoCache;
import org.jboss.resteasy.spi.NotFoundException;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.models.utils.RepresentationToModel;
import org.keycloak.representations.idm.ProtocolMapperRepresentation;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
/**
* Base resource for managing users
*
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class ClientProtocolMappersResource {
protected static final Logger logger = Logger.getLogger(ClientProtocolMappersResource.class);
protected ClientModel client;
protected RealmModel realm;
protected RealmAuth auth;
@Context
protected UriInfo uriInfo;
@Context
protected KeycloakSession session;
public ClientProtocolMappersResource(RealmModel realm, RealmAuth auth, ClientModel client) {
this.auth = auth;
this.realm = realm;
this.client = client;
auth.init(RealmAuth.Resource.USER);
}
/**
* Map of mappers by name for a specific protocol attached to the client
*
* @param protocol
* @return
*/
@GET
@NoCache
@Path("protocol/{protocol}")
@Produces("application/json")
public List<ProtocolMapperRepresentation> getMappersPerProtocol(@PathParam("protocol") String protocol) {
auth.requireView();
List<ProtocolMapperRepresentation> mappers = new LinkedList<ProtocolMapperRepresentation>();
for (ProtocolMapperModel mapper : client.getProtocolMappers()) {
mappers.add(ModelToRepresentation.toRepresentation(mapper));
}
return mappers;
}
/**
* Add mappers to client.
*
* @param mapperIds List of mapper ids
*/
@Path("models")
@POST
@NoCache
@Consumes("application/json")
public void addMappers(Set<String> mapperIds) {
auth.requireManage();
client.addProtocolMappers(mapperIds);
}
/**
* remove client mappers.
*
* @param mapperIds List of mapper ids
*/
@Path("models")
@DELETE
@NoCache
@Consumes("application/json")
public void removeMappers(Set<String> mapperIds) {
auth.requireManage();
client.removeProtocolMappers(mapperIds);
}
@GET
@NoCache
@Path("models")
@Produces("application/json")
public List<ProtocolMapperRepresentation> getMappers() {
auth.requireView();
List<ProtocolMapperRepresentation> mappers = new LinkedList<ProtocolMapperRepresentation>();
for (ProtocolMapperModel mapper : realm.getProtocolMappers()) {
mappers.add(ModelToRepresentation.toRepresentation(mapper));
}
return mappers;
}
}

4
services/src/main/java/org/keycloak/services/resources/admin/OAuthClientResource.java
View file

@ -80,8 +80,8 @@ public class OAuthClientResource {
* @return * @return
*/ */
@Path("protocol-mappers") @Path("protocol-mappers")
public ClientProtocolMappersResource getProtocolMappers() { public ProtocolMappersResource getProtocolMappers() {
ClientProtocolMappersResource mappers = new ClientProtocolMappersResource(realm, auth, oauthClient); ProtocolMappersResource mappers = new ProtocolMappersResource(oauthClient, auth);
ResteasyProviderFactory.getInstance().injectProperties(mappers); ResteasyProviderFactory.getInstance().injectProperties(mappers);
//resourceContext.initResource(mappers); //resourceContext.initResource(mappers);
return mappers; return mappers;

40
services/src/main/java/org/keycloak/services/resources/admin/ProtocolMappersResource.java
View file

@ -3,6 +3,7 @@ package org.keycloak.services.resources.admin;
import org.jboss.logging.Logger; import org.jboss.logging.Logger;
import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.annotations.cache.NoCache;
import org.jboss.resteasy.spi.NotFoundException; import org.jboss.resteasy.spi.NotFoundException;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KerberosConstants; import org.keycloak.models.KerberosConstants;
import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ProtocolMapperModel; import org.keycloak.models.ProtocolMapperModel;
@ -47,7 +48,7 @@ import java.util.Map;
public class ProtocolMappersResource { public class ProtocolMappersResource {
protected static final Logger logger = Logger.getLogger(ProtocolMappersResource.class); protected static final Logger logger = Logger.getLogger(ProtocolMappersResource.class);
protected RealmModel realm; protected ClientModel client;
protected RealmAuth auth; protected RealmAuth auth;
@ -57,9 +58,9 @@ public class ProtocolMappersResource {
@Context @Context
protected KeycloakSession session; protected KeycloakSession session;
public ProtocolMappersResource(RealmModel realm, RealmAuth auth) { public ProtocolMappersResource(ClientModel client, RealmAuth auth) {
this.auth = auth; this.auth = auth;
this.realm = realm; this.client = client;
auth.init(RealmAuth.Resource.USER); auth.init(RealmAuth.Resource.USER);
} }
@ -77,14 +78,14 @@ public class ProtocolMappersResource {
public List<ProtocolMapperRepresentation> getMappersPerProtocol(@PathParam("protocol") String protocol) { public List<ProtocolMapperRepresentation> getMappersPerProtocol(@PathParam("protocol") String protocol) {
auth.requireView(); auth.requireView();
List<ProtocolMapperRepresentation> mappers = new LinkedList<ProtocolMapperRepresentation>(); List<ProtocolMapperRepresentation> mappers = new LinkedList<ProtocolMapperRepresentation>();
for (ProtocolMapperModel mapper : realm.getProtocolMappers()) { for (ProtocolMapperModel mapper : client.getProtocolMappers()) {
if (mapper.getProtocol().equals(protocol)) mappers.add(ModelToRepresentation.toRepresentation(mapper)); if (mapper.getProtocol().equals(protocol)) mappers.add(ModelToRepresentation.toRepresentation(mapper));
} }
return mappers; return mappers;
} }
/** /**
* createa mapper * creates mapper
* *
* @param rep * @param rep
*/ */
@ -95,9 +96,24 @@ public class ProtocolMappersResource {
public Response createMapper(ProtocolMapperRepresentation rep) { public Response createMapper(ProtocolMapperRepresentation rep) {
auth.requireManage(); auth.requireManage();
ProtocolMapperModel model = RepresentationToModel.toModel(rep); ProtocolMapperModel model = RepresentationToModel.toModel(rep);
model = realm.addProtocolMapper(model); model = client.addProtocolMapper(model);
return Response.created(uriInfo.getAbsolutePathBuilder().path(model.getId()).build()).build(); return Response.created(uriInfo.getAbsolutePathBuilder().path(model.getId()).build()).build();
} }
/**
* creates multiple mapper
*
*/
@Path("add-models")
@POST
@NoCache
@Consumes("application/json")
public void createMapper(List<ProtocolMapperRepresentation> reps) {
auth.requireManage();
for (ProtocolMapperRepresentation rep : reps) {
ProtocolMapperModel model = RepresentationToModel.toModel(rep);
model = client.addProtocolMapper(model);
}
}
@GET @GET
@NoCache @NoCache
@ -106,7 +122,7 @@ public class ProtocolMappersResource {
public List<ProtocolMapperRepresentation> getMappers() { public List<ProtocolMapperRepresentation> getMappers() {
auth.requireView(); auth.requireView();
List<ProtocolMapperRepresentation> mappers = new LinkedList<ProtocolMapperRepresentation>(); List<ProtocolMapperRepresentation> mappers = new LinkedList<ProtocolMapperRepresentation>();
for (ProtocolMapperModel mapper : realm.getProtocolMappers()) { for (ProtocolMapperModel mapper : client.getProtocolMappers()) {
mappers.add(ModelToRepresentation.toRepresentation(mapper)); mappers.add(ModelToRepresentation.toRepresentation(mapper));
} }
return mappers; return mappers;
@ -118,7 +134,7 @@ public class ProtocolMappersResource {
@Produces("application/json") @Produces("application/json")
public ProtocolMapperRepresentation getMapperById(@PathParam("id") String id) { public ProtocolMapperRepresentation getMapperById(@PathParam("id") String id) {
auth.requireView(); auth.requireView();
ProtocolMapperModel model = realm.getProtocolMapperById(id); ProtocolMapperModel model = client.getProtocolMapperById(id);
if (model == null) throw new NotFoundException("Model not found"); if (model == null) throw new NotFoundException("Model not found");
return ModelToRepresentation.toRepresentation(model); return ModelToRepresentation.toRepresentation(model);
} }
@ -129,10 +145,10 @@ public class ProtocolMappersResource {
@Consumes("application/json") @Consumes("application/json")
public void update(@PathParam("id") String id, ProtocolMapperRepresentation rep) { public void update(@PathParam("id") String id, ProtocolMapperRepresentation rep) {
auth.requireManage(); auth.requireManage();
ProtocolMapperModel model = realm.getProtocolMapperById(id); ProtocolMapperModel model = client.getProtocolMapperById(id);
if (model == null) throw new NotFoundException("Model not found"); if (model == null) throw new NotFoundException("Model not found");
model = RepresentationToModel.toModel(rep); model = RepresentationToModel.toModel(rep);
realm.updateProtocolMapper(model); client.updateProtocolMapper(model);
} }
@DELETE @DELETE
@ -140,9 +156,9 @@ public class ProtocolMappersResource {
@Path("models/{id}") @Path("models/{id}")
public void delete(@PathParam("id") String id) { public void delete(@PathParam("id") String id) {
auth.requireManage(); auth.requireManage();
ProtocolMapperModel model = realm.getProtocolMapperById(id); ProtocolMapperModel model = client.getProtocolMapperById(id);
if (model == null) throw new NotFoundException("Model not found"); if (model == null) throw new NotFoundException("Model not found");
realm.removeProtocolMapper(model); client.removeProtocolMapper(model);
} }

17
services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
View file

@ -12,6 +12,7 @@ import org.keycloak.exportimport.ApplicationImporter;
import org.keycloak.models.ApplicationModel; import org.keycloak.models.ApplicationModel;
import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelDuplicateException; import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.RealmModel; import org.keycloak.models.RealmModel;
import org.keycloak.models.UserFederationProviderModel; import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserSessionModel; import org.keycloak.models.UserSessionModel;
@ -19,8 +20,12 @@ import org.keycloak.models.cache.CacheRealmProvider;
import org.keycloak.models.cache.CacheUserProvider; import org.keycloak.models.cache.CacheUserProvider;
import org.keycloak.models.utils.ModelToRepresentation; import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.models.utils.RepresentationToModel; import org.keycloak.models.utils.RepresentationToModel;
import org.keycloak.protocol.LoginProtocol;
import org.keycloak.protocol.LoginProtocolFactory;
import org.keycloak.protocol.oidc.TokenManager; import org.keycloak.protocol.oidc.TokenManager;
import org.keycloak.provider.ProviderFactory;
import org.keycloak.representations.adapters.action.GlobalRequestResult; import org.keycloak.representations.adapters.action.GlobalRequestResult;
import org.keycloak.representations.idm.ProtocolMapperRepresentation;
import org.keycloak.representations.idm.RealmEventsConfigRepresentation; import org.keycloak.representations.idm.RealmEventsConfigRepresentation;
import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.services.managers.LDAPConnectionTestManager; import org.keycloak.services.managers.LDAPConnectionTestManager;
@ -273,18 +278,6 @@ public class RealmAdminResource {
return new ResourceAdminManager().pushRealmRevocationPolicy(uriInfo.getRequestUri(), realm); return new ResourceAdminManager().pushRealmRevocationPolicy(uriInfo.getRequestUri(), realm);
} }
/**
* Protocol mappers
*
*/
@Path("protocol-mappers")
public ProtocolMappersResource protocolMappers() {
ProtocolMappersResource mappers = new ProtocolMappersResource(realm, auth);
ResteasyProviderFactory.getInstance().injectProperties(mappers);
//resourceContext.initResource(mappers);
return mappers;
}
/** /**
* Removes all user sessions. Any application that has an admin url will also be told to invalidate any sessions * Removes all user sessions. Any application that has an admin url will also be told to invalidate any sessions
* they have. * they have.

31
services/src/main/java/org/keycloak/services/resources/admin/ServerInfoAdminResource.java
View file

@ -1,6 +1,5 @@
package org.keycloak.services.resources.admin; package org.keycloak.services.resources.admin;
import org.jboss.resteasy.annotations.cache.Cache;
import org.keycloak.Version; import org.keycloak.Version;
import org.keycloak.broker.provider.IdentityProvider; import org.keycloak.broker.provider.IdentityProvider;
import org.keycloak.broker.provider.IdentityProviderFactory; import org.keycloak.broker.provider.IdentityProviderFactory;
@ -10,11 +9,15 @@ import org.keycloak.exportimport.ApplicationImporterFactory;
import org.keycloak.freemarker.Theme; import org.keycloak.freemarker.Theme;
import org.keycloak.freemarker.ThemeProvider; import org.keycloak.freemarker.ThemeProvider;
import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.protocol.LoginProtocol; import org.keycloak.protocol.LoginProtocol;
import org.keycloak.protocol.LoginProtocolFactory;
import org.keycloak.protocol.ProtocolMapper; import org.keycloak.protocol.ProtocolMapper;
import org.keycloak.provider.ProviderFactory; import org.keycloak.provider.ProviderFactory;
import org.keycloak.provider.Spi; import org.keycloak.provider.Spi;
import org.keycloak.representations.idm.IdentityProviderRepresentation; import org.keycloak.representations.idm.IdentityProviderRepresentation;
import org.keycloak.representations.idm.ProtocolMapperRepresentation;
import org.keycloak.representations.idm.ProtocolMapperTypeRepresentation; import org.keycloak.representations.idm.ProtocolMapperTypeRepresentation;
import org.keycloak.social.SocialIdentityProvider; import org.keycloak.social.SocialIdentityProvider;
@ -55,7 +58,8 @@ public class ServerInfoAdminResource {
setProtocols(info); setProtocols(info);
setApplicationImporters(info); setApplicationImporters(info);
setProviders(info); setProviders(info);
setProtocolMappers(info); setProtocolMapperTypes(info);
setBuiltinProtocolMappers(info);
return info; return info;
} }
@ -131,7 +135,7 @@ public class ServerInfoAdminResource {
Collections.sort(info.protocols); Collections.sort(info.protocols);
} }
private void setProtocolMappers(ServerInfoRepresentation info) { private void setProtocolMapperTypes(ServerInfoRepresentation info) {
info.protocolMapperTypes = new HashMap<String, List<ProtocolMapperTypeRepresentation>>(); info.protocolMapperTypes = new HashMap<String, List<ProtocolMapperTypeRepresentation>>();
for (ProviderFactory p : session.getKeycloakSessionFactory().getProviderFactories(ProtocolMapper.class)) { for (ProviderFactory p : session.getKeycloakSessionFactory().getProviderFactories(ProtocolMapper.class)) {
ProtocolMapper mapper = (ProtocolMapper)p; ProtocolMapper mapper = (ProtocolMapper)p;
@ -159,6 +163,18 @@ public class ServerInfoAdminResource {
} }
} }
private void setBuiltinProtocolMappers(ServerInfoRepresentation info) {
info.builtinProtocolMappers = new HashMap<>();
for (ProviderFactory p : session.getKeycloakSessionFactory().getProviderFactories(LoginProtocol.class)) {
LoginProtocolFactory factory = (LoginProtocolFactory)p;
List<ProtocolMapperRepresentation> mappers = new LinkedList<>();
for (ProtocolMapperModel mapper : factory.getBuiltinMappers()) {
mappers.add(ModelToRepresentation.toRepresentation(mapper));
}
info.builtinProtocolMappers.put(p.getId(), mappers);
}
}
private void setApplicationImporters(ServerInfoRepresentation info) { private void setApplicationImporters(ServerInfoRepresentation info) {
info.applicationImporters = new LinkedList<Map<String, String>>(); info.applicationImporters = new LinkedList<Map<String, String>>();
for (ProviderFactory p : session.getKeycloakSessionFactory().getProviderFactories(ApplicationImporter.class)) { for (ProviderFactory p : session.getKeycloakSessionFactory().getProviderFactories(ApplicationImporter.class)) {
@ -187,6 +203,7 @@ public class ServerInfoAdminResource {
private List<String> eventListeners; private List<String> eventListeners;
private Map<String, List<ProtocolMapperTypeRepresentation>> protocolMapperTypes; private Map<String, List<ProtocolMapperTypeRepresentation>> protocolMapperTypes;
private Map<String, List<ProtocolMapperRepresentation>> builtinProtocolMappers;
public ServerInfoRepresentation() { public ServerInfoRepresentation() {
} }
@ -230,6 +247,14 @@ public class ServerInfoAdminResource {
public Map<String, List<ProtocolMapperTypeRepresentation>> getProtocolMapperTypes() { public Map<String, List<ProtocolMapperTypeRepresentation>> getProtocolMapperTypes() {
return protocolMapperTypes; return protocolMapperTypes;
} }
public Map<String, List<ProtocolMapperRepresentation>> getBuiltinProtocolMappers() {
return builtinProtocolMappers;
}
public void setBuiltinProtocolMappers(Map<String, List<ProtocolMapperRepresentation>> builtinProtocolMappers) {
this.builtinProtocolMappers = builtinProtocolMappers;
}
} }
} }