Merge pull request #1587 from mstruk/asciidoc

KEYCLOAK-1241 Can't build release with Java 8
This commit is contained in:
Stian Thorgersen 2015-09-17 09:06:22 +02:00
commit 4878073867
27 changed files with 655 additions and 239 deletions

View file

@ -13,7 +13,7 @@
<outputDirectory>javadocs</outputDirectory> <outputDirectory>javadocs</outputDirectory>
</fileSet> </fileSet>
<fileSet> <fileSet>
<directory>../../services/target/apidocs</directory> <directory>../../services/target/apidocs-rest/output</directory>
<outputDirectory>rest-api</outputDirectory> <outputDirectory>rest-api</outputDirectory>
</fileSet> </fileSet>
<fileSet> <fileSet>

View file

@ -13,6 +13,10 @@
<name>Keycloak REST Services</name> <name>Keycloak REST Services</name>
<description /> <description />
<properties>
<version.swagger.doclet>1.0.5</version.swagger.doclet>
</properties>
<dependencies> <dependencies>
<dependency> <dependency>
<groupId>org.bouncycastle</groupId> <groupId>org.bouncycastle</groupId>
@ -185,30 +189,119 @@
<target>${maven.compiler.target}</target> <target>${maven.compiler.target}</target>
</configuration> </configuration>
</plugin> </plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<configuration>
<subpackages>org.keycloak.services.resources.admin:org.keycloak.protocol.oidc</subpackages>
<doclet>com.lunatech.doclets.jax.jaxrs.JAXRSDoclet</doclet>
<docletArtifacts>
<docletArtifact>
<groupId>com.lunatech.jax-doclets</groupId>
<artifactId>doclets</artifactId>
<version>0.10.2</version>
</docletArtifact>
</docletArtifacts>
<detectOfflineLinks>false</detectOfflineLinks>
<offlineLinks>
<offlineLink>
<url>../javadocs</url>
<location>${project.basedir}/../target/site/apidocs</location>
</offlineLink>
</offlineLinks>
<additionalparam>-disablejavascriptexample</additionalparam>
<additionalparam>-pathexcludefilter '/admin/.*index.*' -pathexcludefilter '/admin' -pathexcludefilter '/admin/\\{realm\\}/console.*'</additionalparam>
</configuration>
</plugin>
</plugins> </plugins>
</build> </build>
<profiles>
<profile>
<id>jboss-release</id>
<repositories>
<repository>
<snapshots>
<enabled>false</enabled>
</snapshots>
<id>central</id>
<name>bintray</name>
<url>http://jcenter.bintray.com</url>
</repository>
</repositories>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<executions>
<execution>
<id>generate-service-docs</id>
<phase>generate-resources</phase>
<configuration>
<doclet>com.carma.swagger.doclet.ServiceDoclet</doclet>
<docletArtifact>
<groupId>com.carma</groupId>
<artifactId>swagger-doclet</artifactId>
<version>${version.swagger.doclet}</version>
</docletArtifact>
<subpackages>org.keycloak.services.resources.admin:org.keycloak.protocol.oidc</subpackages>
<detectOfflineLinks>false</detectOfflineLinks>
<offlineLinks>
<offlineLink>
<url>../javadocs</url>
<location>${project.basedir}/../target/site/apidocs</location>
</offlineLink>
</offlineLinks>
<reportOutputDirectory>${project.basedir}/target/apidocs-rest/swagger</reportOutputDirectory>
<useStandardDocletOptions>false</useStandardDocletOptions>
<additionalparam> -skipUiFiles -apiVersion 1 -includeResourcePrefixes org.keycloak.services.resources.admin,org.keycloak.protocol.oidc -docBasePath /apidocs -apiBasePath http://localhost:8080/auth -apiInfoFile ${project.basedir}/src/docs/swagger/apiinfo.json</additionalparam>
</configuration>
<goals>
<goal>javadoc</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>com.redowlanalytics</groupId>
<artifactId>swagger2markup-maven-plugin</artifactId>
<version>0.7.1</version>
<dependencies>
<dependency>
<groupId>io.github.robwin</groupId>
<artifactId>swagger2markup</artifactId>
<version>0.7.1</version>
</dependency>
</dependencies>
<executions>
<execution>
<id>gen-asciidoc</id>
<phase>process-resources</phase>
<goals>
<goal>process-swagger</goal>
</goals>
<configuration>
<inputDirectory>${project.basedir}/target/apidocs-rest/swagger/apidocs</inputDirectory>
<outputDirectory>${project.basedir}/target/apidocs-rest/asciidoc</outputDirectory>
<markupLanguage>asciidoc</markupLanguage>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.asciidoctor</groupId>
<artifactId>asciidoctor-maven-plugin</artifactId>
<version>1.5.2</version>
<executions>
<execution>
<id>generate-docs</id>
<phase>package</phase>
<goals>
<goal>process-asciidoc</goal>
</goals>
<configuration>
<sourceDirectory>${project.basedir}/src/docs/asciidoc</sourceDirectory>
<sourceDocumentName>index.adoc</sourceDocumentName>
<outputDirectory>${project.basedir}/target/apidocs-rest/output</outputDirectory>
<backend>html5</backend>
<attributes>
<!-- List of attributes:
https://github.com/asciidoctor/asciidoctorj/blob/master/asciidoctorj-core/src/main/java/org/asciidoctor/Attributes.java
-->
<toc/>
<generated>${project.basedir}/target/apidocs-rest/asciidoc</generated>
</attributes>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
</profiles>
</project> </project>

View file

@ -0,0 +1,3 @@
include::{generated}/overview.adoc[]
include::{generated}/paths.adoc[]
include::{generated}/definitions.adoc[]

View file

@ -0,0 +1,4 @@
{
"title": "Keycloak Admin REST API",
"description": "This is a REST API reference for the Keycloak Admin"
}

View file

@ -12,15 +12,10 @@ import javax.ws.rs.core.Response;
import org.jboss.logging.Logger; import org.jboss.logging.Logger;
import org.keycloak.OAuth2Constants; import org.keycloak.OAuth2Constants;
import org.keycloak.authentication.AuthenticationFlowContext;
import org.keycloak.authentication.AuthenticationFlowError; import org.keycloak.authentication.AuthenticationFlowError;
import org.keycloak.authentication.ClientAuthenticationFlowContext; import org.keycloak.authentication.ClientAuthenticationFlowContext;
import org.keycloak.events.Details;
import org.keycloak.events.Errors;
import org.keycloak.models.AuthenticationExecutionModel; import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.ClientModel; import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.provider.ProviderConfigProperty; import org.keycloak.provider.ProviderConfigProperty;
import org.keycloak.representations.idm.CredentialRepresentation; import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.util.BasicAuthHelper; import org.keycloak.util.BasicAuthHelper;
@ -147,7 +142,7 @@ public class ClientIdAndSecretAuthenticator extends AbstractClientAuthenticator
@Override @Override
public List<ProviderConfigProperty> getConfigPropertiesPerClient() { public List<ProviderConfigProperty> getConfigPropertiesPerClient() {
// This impl doesn't use generic screen in admin console, but has it's own screen. So no need to return anything here // This impl doesn't use generic screen in admin console, but has its own screen. So no need to return anything here
return Collections.emptyList(); return Collections.emptyList();
} }

View file

@ -19,7 +19,6 @@ import org.keycloak.jose.jws.JWSInput;
import org.keycloak.jose.jws.crypto.RSAProvider; import org.keycloak.jose.jws.crypto.RSAProvider;
import org.keycloak.models.AuthenticationExecutionModel; import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.ClientModel; import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel; import org.keycloak.models.RealmModel;
import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.provider.ProviderConfigProperty; import org.keycloak.provider.ProviderConfigProperty;
@ -163,7 +162,7 @@ public class JWTClientAuthenticator extends AbstractClientAuthenticator {
@Override @Override
public List<ProviderConfigProperty> getConfigPropertiesPerClient() { public List<ProviderConfigProperty> getConfigPropertiesPerClient() {
// This impl doesn't use generic screen in admin console, but has it's own screen. So no need to return anything here // This impl doesn't use generic screen in admin console, but has its own screen. So no need to return anything here
return Collections.emptyList(); return Collections.emptyList();
} }

View file

@ -337,7 +337,7 @@ public class RealmManager implements RealmImporter {
} }
// Could happen when migrating from older version and I have exported JSON file, which contains "realm-management" client but not "impersonation" client // Could happen when migrating from older version and I have exported JSON file, which contains "realm-management" client but not "impersonation" client
// I need to postpone impersonation because it needs "realm-management" client and it's roles set // I need to postpone impersonation because it needs "realm-management" client and its roles set
if (postponeImpersonationSetup) { if (postponeImpersonationSetup) {
setupImpersonationService(realm); setupImpersonationService(realm);
} }

View file

@ -77,6 +77,7 @@ public class AdminRoot {
/** /**
* Convenience path to master realm admin console * Convenience path to master realm admin console
* *
* @exclude
* @return * @return
*/ */
@GET @GET
@ -90,6 +91,7 @@ public class AdminRoot {
/** /**
* Convenience path to master realm admin console * Convenience path to master realm admin console
* *
* @exclude
* @return * @return
*/ */
@Path("index.{html:html}") // expression is actually "index.html" but this is a hack to get around jax-doclet bug @Path("index.{html:html}") // expression is actually "index.html" but this is a hack to get around jax-doclet bug
@ -118,6 +120,7 @@ public class AdminRoot {
/** /**
* path to realm admin console ui * path to realm admin console ui
* *
* @exclude
* @param name Realm name (not id!) * @param name Realm name (not id!)
* @return * @return
*/ */

View file

@ -2,64 +2,24 @@ package org.keycloak.services.resources.admin;
import org.jboss.logging.Logger; import org.jboss.logging.Logger;
import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.annotations.cache.NoCache;
import org.jboss.resteasy.spi.BadRequestException;
import org.jboss.resteasy.spi.NotFoundException;
import org.jboss.resteasy.spi.ResteasyProviderFactory;
import org.keycloak.ClientConnection; import org.keycloak.ClientConnection;
import org.keycloak.events.Event;
import org.keycloak.events.EventQuery;
import org.keycloak.events.EventStoreProvider;
import org.keycloak.events.EventType;
import org.keycloak.events.admin.AdminEvent;
import org.keycloak.events.admin.AdminEventQuery;
import org.keycloak.events.admin.OperationType; import org.keycloak.events.admin.OperationType;
import org.keycloak.exportimport.ClientImporter;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.RealmModel; import org.keycloak.models.RealmModel;
import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserSessionModel;
import org.keycloak.models.UsernameLoginFailureModel; import org.keycloak.models.UsernameLoginFailureModel;
import org.keycloak.models.cache.CacheRealmProvider;
import org.keycloak.models.cache.CacheUserProvider;
import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.models.utils.RepresentationToModel;
import org.keycloak.protocol.oidc.TokenManager;
import org.keycloak.representations.adapters.action.GlobalRequestResult;
import org.keycloak.representations.idm.RealmEventsConfigRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.services.ErrorResponse;
import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.services.managers.BruteForceProtector; import org.keycloak.services.managers.BruteForceProtector;
import org.keycloak.services.managers.LDAPConnectionTestManager;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.services.managers.ResourceAdminManager;
import org.keycloak.services.managers.UsersSyncManager;
import org.keycloak.timer.TimerProvider;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE; import javax.ws.rs.DELETE;
import javax.ws.rs.GET; import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path; import javax.ws.rs.Path;
import javax.ws.rs.PathParam; import javax.ws.rs.PathParam;
import javax.ws.rs.Produces; import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context; import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo; import javax.ws.rs.core.UriInfo;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap; import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.regex.PatternSyntaxException;
/** /**
* Base resource class for the admin REST api of one realm * Base resource class for the admin REST api of one realm
@ -127,7 +87,9 @@ public class AttackDetectionResource {
} }
/** /**
* Clear any user login failures for the user. This can release temporary disabled user * Clear any user login failures for the user
*
* This can release temporary disabled user
* *
* @param username * @param username
*/ */
@ -143,7 +105,9 @@ public class AttackDetectionResource {
} }
/** /**
* Clear any user login failures for all users. This can release temporary disabled users * Clear any user login failures for all users
*
* This can release temporary disabled users
* *
*/ */
@Path("brute-force/usernames") @Path("brute-force/usernames")

View file

@ -6,13 +6,10 @@ import org.jboss.resteasy.spi.BadRequestException;
import org.jboss.resteasy.spi.NotFoundException; import org.jboss.resteasy.spi.NotFoundException;
import org.keycloak.authentication.AuthenticationFlow; import org.keycloak.authentication.AuthenticationFlow;
import org.keycloak.authentication.Authenticator; import org.keycloak.authentication.Authenticator;
import org.keycloak.authentication.AuthenticatorUtil;
import org.keycloak.authentication.ClientAuthenticator; import org.keycloak.authentication.ClientAuthenticator;
import org.keycloak.authentication.ClientAuthenticatorFactory; import org.keycloak.authentication.ClientAuthenticatorFactory;
import org.keycloak.authentication.ConfigurableAuthenticatorFactory; import org.keycloak.authentication.ConfigurableAuthenticatorFactory;
import org.keycloak.authentication.DefaultAuthenticationFlow;
import org.keycloak.authentication.FormAction; import org.keycloak.authentication.FormAction;
import org.keycloak.authentication.FormAuthenticationFlow;
import org.keycloak.authentication.FormAuthenticator; import org.keycloak.authentication.FormAuthenticator;
import org.keycloak.authentication.RequiredActionFactory; import org.keycloak.authentication.RequiredActionFactory;
import org.keycloak.authentication.RequiredActionProvider; import org.keycloak.authentication.RequiredActionProvider;
@ -22,7 +19,6 @@ import org.keycloak.models.AuthenticatorConfigModel;
import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel; import org.keycloak.models.RealmModel;
import org.keycloak.models.RequiredActionProviderModel; import org.keycloak.models.RequiredActionProviderModel;
import org.keycloak.provider.ConfiguredProvider;
import org.keycloak.provider.ProviderConfigProperty; import org.keycloak.provider.ProviderConfigProperty;
import org.keycloak.provider.ProviderFactory; import org.keycloak.provider.ProviderFactory;
import org.keycloak.representations.idm.ConfigPropertyRepresentation; import org.keycloak.representations.idm.ConfigPropertyRepresentation;
@ -172,6 +168,11 @@ public class AuthenticationManagementResource {
} }
} }
/**
* Get form providers
*
* Returns a list of form providers.
*/
@Path("/form-providers") @Path("/form-providers")
@GET @GET
@NoCache @NoCache
@ -182,6 +183,11 @@ public class AuthenticationManagementResource {
return buildProviderMetadata(factories); return buildProviderMetadata(factories);
} }
/**
* Get authenticator providers
*
* Returns a list of authenticator providers.
*/
@Path("/authenticator-providers") @Path("/authenticator-providers")
@GET @GET
@NoCache @NoCache
@ -192,6 +198,11 @@ public class AuthenticationManagementResource {
return buildProviderMetadata(factories); return buildProviderMetadata(factories);
} }
/**
* Get client authenticator providers
*
* Returns a list of client authenticator providers.
*/
@Path("/client-authenticator-providers") @Path("/client-authenticator-providers")
@GET @GET
@NoCache @NoCache
@ -216,6 +227,11 @@ public class AuthenticationManagementResource {
return providers; return providers;
} }
/**
* Get form action providers
*
* Returns a list of form action providers.
*/
@Path("/form-action-providers") @Path("/form-action-providers")
@GET @GET
@NoCache @NoCache
@ -227,6 +243,11 @@ public class AuthenticationManagementResource {
} }
/**
* Get authentication flows
*
* Returns a list of authentication flows.
*/
@Path("/flows") @Path("/flows")
@GET @GET
@NoCache @NoCache
@ -242,6 +263,12 @@ public class AuthenticationManagementResource {
return flows; return flows;
} }
/**
* Create a new authentication flow
*
* @param model Authentication flow model
* @return
*/
@Path("/flows") @Path("/flows")
@POST @POST
@NoCache @NoCache
@ -258,6 +285,12 @@ public class AuthenticationManagementResource {
} }
/**
* Get authentication flow for id
*
* @param id Flow id
* @return
*/
@Path("/flows/{id}") @Path("/flows/{id}")
@GET @GET
@NoCache @NoCache
@ -272,6 +305,11 @@ public class AuthenticationManagementResource {
return flow; return flow;
} }
/**
* Delete an authentication flow
*
* @param id Flow id
*/
@Path("/flows/{id}") @Path("/flows/{id}")
@DELETE @DELETE
@NoCache @NoCache
@ -288,6 +326,14 @@ public class AuthenticationManagementResource {
realm.removeAuthenticationFlow(flow); realm.removeAuthenticationFlow(flow);
} }
/**
* Copy existing authentication flow under a new name
*
* The new name is given as 'newName' attribute of the passed JSON object
*
* @param flowAlias Name of the existing authentication flow
* @param data JSON containing 'newName' attribute
*/
@Path("/flows/{flowAlias}/copy") @Path("/flows/{flowAlias}/copy")
@POST @POST
@NoCache @NoCache
@ -338,6 +384,12 @@ public class AuthenticationManagementResource {
} }
} }
/**
* Add new flow with new execution to existing flow
*
* @param flowAlias Alias of parent authentication flow
* @param data New authentication flow / execution JSON data containing 'alias', 'type', 'provider', and 'description' attributes
*/
@Path("/flows/{flowAlias}/executions/flow") @Path("/flows/{flowAlias}/executions/flow")
@POST @POST
@NoCache @NoCache
@ -373,6 +425,12 @@ public class AuthenticationManagementResource {
realm.addAuthenticatorExecution(execution); realm.addAuthenticatorExecution(execution);
} }
/**
* Add new authentication execution to a flow
*
* @param flowAlias Alias of parent flow
* @param data New execution JSON data containing 'provider' attribute
*/
@Path("/flows/{flowAlias}/executions/execution") @Path("/flows/{flowAlias}/executions/execution")
@POST @POST
@NoCache @NoCache
@ -395,8 +453,11 @@ public class AuthenticationManagementResource {
realm.addAuthenticatorExecution(execution); realm.addAuthenticatorExecution(execution);
} }
/**
* Get authentication executions for a flow
*
* @param flowAlias Flow alias
*/
@Path("/flows/{flowAlias}/executions") @Path("/flows/{flowAlias}/executions")
@GET @GET
@NoCache @NoCache
@ -467,6 +528,12 @@ public class AuthenticationManagementResource {
} }
} }
/**
* Update authentication executions of a flow
*
* @param flowAlias Flow alias
* @param rep
*/
@Path("/flows/{flowAlias}/executions") @Path("/flows/{flowAlias}/executions")
@PUT @PUT
@NoCache @NoCache
@ -492,6 +559,11 @@ public class AuthenticationManagementResource {
} }
} }
/**
* Add new authentication execution
*
* @param model JSON model describing authentication execution
*/
@Path("/executions") @Path("/executions")
@POST @POST
@NoCache @NoCache
@ -525,6 +597,11 @@ public class AuthenticationManagementResource {
return parentFlow; return parentFlow;
} }
/**
* Raise execution's priority
*
* @param execution Execution id
*/
@Path("/executions/{executionId}/raise-priority") @Path("/executions/{executionId}/raise-priority")
@POST @POST
@NoCache @NoCache
@ -564,6 +641,11 @@ public class AuthenticationManagementResource {
return executions; return executions;
} }
/**
* Lower execution's priority
*
* @param execution Execution id
*/
@Path("/executions/{executionId}/lower-priority") @Path("/executions/{executionId}/lower-priority")
@POST @POST
@NoCache @NoCache
@ -597,6 +679,11 @@ public class AuthenticationManagementResource {
} }
/**
* Delete execution
*
* @param execution Execution id
*/
@Path("/executions/{executionId}") @Path("/executions/{executionId}")
@DELETE @DELETE
@NoCache @NoCache
@ -617,9 +704,13 @@ public class AuthenticationManagementResource {
} }
/**
* Update execution with new configuration
*
* @param execution Execution id
* @param config JSON with new configuration
* @return
*/
@Path("/executions/{executionId}/config") @Path("/executions/{executionId}/config")
@POST @POST
@NoCache @NoCache
@ -639,6 +730,12 @@ public class AuthenticationManagementResource {
return Response.created(uriInfo.getAbsolutePathBuilder().path(config.getId()).build()).build(); return Response.created(uriInfo.getAbsolutePathBuilder().path(config.getId()).build()).build();
} }
/**
* Get execution's configuration
*
* @param execution Execution id
* @param id Configuration id
*/
@Path("/executions/{executionId}/config/{id}") @Path("/executions/{executionId}/config/{id}")
@GET @GET
@Produces(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON)
@ -702,6 +799,11 @@ public class AuthenticationManagementResource {
} }
} }
/**
* Get unregistered required actions
*
* Returns a list of unregistered required actions.
*/
@Path("unregistered-required-actions") @Path("unregistered-required-actions")
@GET @GET
@Produces(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON)
@ -729,6 +831,11 @@ public class AuthenticationManagementResource {
return unregisteredList; return unregisteredList;
} }
/**
* Register a new required actions
*
* @param data JSON containing 'providerId', and 'name' attributes.
*/
@Path("register-required-action") @Path("register-required-action")
@POST @POST
@Consumes(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON)
@ -746,7 +853,11 @@ public class AuthenticationManagementResource {
} }
/**
* Get required actions
*
* Returns a list of required actions.
*/
@Path("required-actions") @Path("required-actions")
@GET @GET
@Produces(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON)
@ -770,6 +881,10 @@ public class AuthenticationManagementResource {
return rep; return rep;
} }
/**
* Get required action for alias
* @param alias Alias of required action
*/
@Path("required-actions/{alias}") @Path("required-actions/{alias}")
@GET @GET
@Produces(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON)
@ -783,6 +898,12 @@ public class AuthenticationManagementResource {
} }
/**
* Update required action
*
* @param alias Alias of required action
* @param rep JSON describing new state of required action
*/
@Path("required-actions/{alias}") @Path("required-actions/{alias}")
@PUT @PUT
@Consumes(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON)
@ -803,6 +924,10 @@ public class AuthenticationManagementResource {
realm.updateRequiredActionProvider(update); realm.updateRequiredActionProvider(update);
} }
/**
* Delete required action
* @param alias Alias of required action
*/
@Path("required-actions/{alias}") @Path("required-actions/{alias}")
@DELETE @DELETE
public void updateRequiredAction(@PathParam("alias") String alias) { public void updateRequiredAction(@PathParam("alias") String alias) {
@ -855,6 +980,9 @@ public class AuthenticationManagementResource {
} }
/**
* Get authenticator provider's configuration description
*/
@Path("config-description/{providerId}") @Path("config-description/{providerId}")
@GET @GET
@Produces(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON)
@ -888,7 +1016,9 @@ public class AuthenticationManagementResource {
return propRep; return propRep;
} }
/**
* Get configuration descriptions for all clients
*/
@Path("per-client-config-description") @Path("per-client-config-description")
@GET @GET
@Produces(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON)
@ -915,6 +1045,10 @@ public class AuthenticationManagementResource {
return toReturn; return toReturn;
} }
/**
* Create new authenticator configuration
* @param config JSON describing new authenticator configuration
*/
@Path("config") @Path("config")
@POST @POST
@NoCache @NoCache
@ -924,6 +1058,10 @@ public class AuthenticationManagementResource {
return Response.created(uriInfo.getAbsolutePathBuilder().path(config.getId()).build()).build(); return Response.created(uriInfo.getAbsolutePathBuilder().path(config.getId()).build()).build();
} }
/**
* Get authenticator configuration
* @param id Configuration id
*/
@Path("config/{id}") @Path("config/{id}")
@GET @GET
@Produces(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON)
@ -937,6 +1075,11 @@ public class AuthenticationManagementResource {
} }
return config; return config;
} }
/**
* Delete authenticator configuration
* @param id Configuration id
*/
@Path("config/{id}") @Path("config/{id}")
@DELETE @DELETE
@NoCache @NoCache
@ -959,6 +1102,12 @@ public class AuthenticationManagementResource {
realm.removeAuthenticatorConfig(config); realm.removeAuthenticatorConfig(config);
} }
/**
* Update authenticator configuration
* @param id Configuration id
* @param config JSON describing new state of authenticator configuration
*/
@Path("config/{id}") @Path("config/{id}")
@PUT @PUT
@Consumes(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON)

View file

@ -64,6 +64,7 @@ public class ClientAttributeCertificateResource {
} }
/** /**
* Get key info
* *
* @return * @return
*/ */
@ -78,6 +79,7 @@ public class ClientAttributeCertificateResource {
} }
/** /**
* Generate a new certificate with new key pair
* *
* @return * @return
*/ */
@ -256,8 +258,9 @@ public class ClientAttributeCertificateResource {
} }
/** /**
* Get a keystore file for the client, containing private key and public certificate
* *
* @param config * @param config Keystore configuration as JSON
* @return * @return
*/ */
@POST @POST
@ -288,10 +291,12 @@ public class ClientAttributeCertificateResource {
} }
/** /**
* Generate new keypair and certificate and downloads private key into specified keystore format. Only generated certificate is saved in Keycloak DB, but private * Generate a new keypair and certificate, and get the private key file
* key is not.
* *
* @param config * Generates a keypair and certificate and serves the private key in a specified keystore format.
* Only generated public certificate is saved in Keycloak DB - the private key is not.
*
* @param config Keystore configuration as JSON
* @return * @return
*/ */
@POST @POST

View file

@ -92,7 +92,7 @@ public class ClientResource {
} }
/** /**
* Update the client. * Update the client
* @param rep * @param rep
* @return * @return
*/ */
@ -116,7 +116,7 @@ public class ClientResource {
/** /**
* Get representation of the client. * Get representation of the client
* *
* @return * @return
*/ */
@ -129,6 +129,7 @@ public class ClientResource {
} }
/** /**
* Get representation of certificate resource
* *
* @param attributePrefix * @param attributePrefix
* @return * @return
@ -140,7 +141,9 @@ public class ClientResource {
/** /**
* Return keycloak.json file for this client to be used to configure the adapter of that client. * Get keycloak.json file
*
* Returns a keycloak.json file to be used to configure the adapter of the specified client.
* *
* @return * @return
* @throws IOException * @throws IOException
@ -160,7 +163,9 @@ public class ClientResource {
} }
/** /**
* Return XML that can be included in the JBoss/Wildfly Keycloak subsystem to configure the adapter of that client. * Get adapter configuration XML for JBoss / Wildfly Keycloak subsystem
*
* Returns XML that can be included in the JBoss / Wildfly Keycloak subsystem to configure the adapter of that client.
* *
* @return * @return
* @throws IOException * @throws IOException
@ -177,7 +182,7 @@ public class ClientResource {
} }
/** /**
* Delete this client. * Delete the client
* *
*/ */
@DELETE @DELETE
@ -190,7 +195,7 @@ public class ClientResource {
/** /**
* Generates a new secret for this client * Generate a new secret for the client
* *
* @return * @return
*/ */
@ -209,7 +214,7 @@ public class ClientResource {
} }
/** /**
* Get the secret of this client * Get the client secret
* *
* @return * @return
*/ */
@ -227,7 +232,7 @@ public class ClientResource {
} }
/** /**
* Base path for managing the scope mappings for this client * Base path for managing the scope mappings for the client
* *
* @return * @return
*/ */
@ -242,7 +247,9 @@ public class ClientResource {
} }
/** /**
* Returns set of allowed origin. This is used for CORS requests. Access tokens will have * Get allowed origins
*
* This is used for CORS requests. Access tokens will have
* their allowedOrigins claim set to this value for tokens created for this client. * their allowedOrigins claim set to this value for tokens created for this client.
* *
* @return * @return
@ -258,7 +265,9 @@ public class ClientResource {
} }
/** /**
* Change the set of allowed origins. This is used for CORS requests. Access tokens will have * Update allowed origins
*
* This is used for CORS requests. Access tokens will have
* their allowedOrigins claim set to this value for tokens created for this client. * their allowedOrigins claim set to this value for tokens created for this client.
* *
* @param allowedOrigins * @param allowedOrigins
@ -275,10 +284,12 @@ public class ClientResource {
} }
/** /**
* Remove set of allowed origins from current allowed origins list. This is used for CORS requests. Access tokens will have * Delete the specified origins from current allowed origins
*
* This is used for CORS requests. Access tokens will have
* their allowedOrigins claim set to this value for tokens created for this client. * their allowedOrigins claim set to this value for tokens created for this client.
* *
* @param allowedOrigins * @param allowedOrigins List of origins to delete
*/ */
@Path("allowed-origins") @Path("allowed-origins")
@DELETE @DELETE
@ -294,7 +305,7 @@ public class ClientResource {
} }
/** /**
* Returns user dedicated to this service account * Get a user dedicated to the service account
* *
* @return * @return
*/ */
@ -319,8 +330,9 @@ public class ClientResource {
} }
/** /**
* If the client has an admin URL, push the client's revocation policy to it. * Push the client's revocation policy to its admin URL
* *
* If the client has an admin URL, push revocation policy to it.
*/ */
@Path("push-revocation") @Path("push-revocation")
@POST @POST
@ -332,7 +344,9 @@ public class ClientResource {
} }
/** /**
* Number of user sessions associated with this client * Get application session count
*
* Returns a number of user sessions associated with this client
* *
* { * {
* "count": number * "count": number
@ -352,8 +366,12 @@ public class ClientResource {
} }
/** /**
* Return a list of user sessions associated with this client * Get user sessions for client
* *
* Returns a list of user sessions associated with this client
*
* @param firstResult Paging offset
* @param maxResults Paging size
* @return * @return
*/ */
@Path("user-sessions") @Path("user-sessions")
@ -373,6 +391,8 @@ public class ClientResource {
} }
/** /**
* Logout all sessions
*
* If the client has an admin URL, invalidate all sessions associated with that client directly. * If the client has an admin URL, invalidate all sessions associated with that client directly.
* *
*/ */
@ -386,6 +406,8 @@ public class ClientResource {
} }
/** /**
* Logout the user by username
*
* If the client has an admin URL, invalidate the sessions for a particular user directly. * If the client has an admin URL, invalidate the sessions for a particular user directly.
* *
*/ */
@ -403,6 +425,8 @@ public class ClientResource {
} }
/** /**
* Register a cluster node with the client
*
* Manually register cluster node to this client - usually it's not needed to call this directly as adapter should handle * Manually register cluster node to this client - usually it's not needed to call this directly as adapter should handle
* by sending registration request to Keycloak * by sending registration request to Keycloak
* *
@ -423,7 +447,7 @@ public class ClientResource {
} }
/** /**
* Unregister cluster node from this client * Unregister a cluster node from the client
* *
* @param node * @param node
*/ */
@ -443,7 +467,9 @@ public class ClientResource {
} }
/** /**
* Test if registered cluster nodes are available by sending 'ping' request to all of them * Test if registered cluster nodes are available
*
* Tests availability by sending 'ping' request to all cluster nodes.
* *
* @return * @return
*/ */

View file

@ -52,9 +52,9 @@ public class ClientsResource {
} }
/** /**
* List of clients belonging to this realm. * Get clients belonging to the realm
* *
* @return * Returns a list of clients belonging to the realm
*/ */
@GET @GET
@Produces(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON)
@ -80,7 +80,9 @@ public class ClientsResource {
} }
/** /**
* Create a new client. Client client_id must be unique! * Create a new client
*
* Client's client_id must be unique!
* *
* @param uriInfo * @param uriInfo
* @param rep * @param rep

View file

@ -7,7 +7,6 @@ import org.keycloak.broker.provider.IdentityProvider;
import org.keycloak.broker.provider.IdentityProviderFactory; import org.keycloak.broker.provider.IdentityProviderFactory;
import org.keycloak.broker.provider.IdentityProviderMapper; import org.keycloak.broker.provider.IdentityProviderMapper;
import org.keycloak.events.admin.OperationType; import org.keycloak.events.admin.OperationType;
import org.keycloak.models.ClientModel;
import org.keycloak.models.FederatedIdentityModel; import org.keycloak.models.FederatedIdentityModel;
import org.keycloak.models.IdentityProviderMapperModel; import org.keycloak.models.IdentityProviderMapperModel;
import org.keycloak.models.IdentityProviderModel; import org.keycloak.models.IdentityProviderModel;
@ -70,6 +69,11 @@ public class IdentityProviderResource {
this.adminEvent = adminEvent; this.adminEvent = adminEvent;
} }
/**
* Get the identity provider
*
* @return
*/
@GET @GET
@NoCache @NoCache
@Produces(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON)
@ -79,6 +83,11 @@ public class IdentityProviderResource {
return rep; return rep;
} }
/**
* Delete the identity provider
*
* @return
*/
@DELETE @DELETE
@NoCache @NoCache
public Response delete() { public Response delete() {
@ -91,6 +100,12 @@ public class IdentityProviderResource {
return Response.noContent().build(); return Response.noContent().build();
} }
/**
* Update the identity provider
*
* @param providerRep
* @return
*/
@PUT @PUT
@Consumes(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON)
@NoCache @NoCache
@ -161,7 +176,13 @@ public class IdentityProviderResource {
return null; return null;
} }
/**
* Export public broker configuration for identity provider
*
* @param uriInfo
* @param format Format to use
* @return
*/
@GET @GET
@Path("export") @Path("export")
@NoCache @NoCache
@ -175,6 +196,9 @@ public class IdentityProviderResource {
} }
} }
/**
* Get mapper types for identity provider
*/
@GET @GET
@Path("mapper-types") @Path("mapper-types")
@NoCache @NoCache
@ -210,6 +234,9 @@ public class IdentityProviderResource {
return types; return types;
} }
/**
* Get mappers for identity provider
*/
@GET @GET
@Path("mappers") @Path("mappers")
@Produces(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON)
@ -223,6 +250,12 @@ public class IdentityProviderResource {
return mappers; return mappers;
} }
/**
* Add a mapper to identity provider
*
* @param mapper
* @return
*/
@POST @POST
@Path("mappers") @Path("mappers")
@Consumes(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON)
@ -238,6 +271,12 @@ public class IdentityProviderResource {
} }
/**
* Get mapper by id for the identity provider
*
* @param id
* @return
*/
@GET @GET
@NoCache @NoCache
@Path("mappers/{id}") @Path("mappers/{id}")
@ -249,6 +288,12 @@ public class IdentityProviderResource {
return ModelToRepresentation.toRepresentation(model); return ModelToRepresentation.toRepresentation(model);
} }
/**
* Update a mapper for the identity provider
*
* @param id Mapper id
* @param rep
*/
@PUT @PUT
@NoCache @NoCache
@Path("mappers/{id}") @Path("mappers/{id}")
@ -263,6 +308,11 @@ public class IdentityProviderResource {
} }
/**
* Delete a mapper for the identity provider
*
* @param id Mapper id
*/
@DELETE @DELETE
@NoCache @NoCache
@Path("mappers/{id}") @Path("mappers/{id}")

View file

@ -57,6 +57,12 @@ public class IdentityProvidersResource {
this.adminEvent = adminEvent; this.adminEvent = adminEvent;
} }
/**
* Get identity providers
*
* @param providerId Provider id
* @return
*/
@Path("/providers/{provider_id}") @Path("/providers/{provider_id}")
@GET @GET
@NoCache @NoCache
@ -70,6 +76,14 @@ public class IdentityProvidersResource {
return Response.status(BAD_REQUEST).build(); return Response.status(BAD_REQUEST).build();
} }
/**
* Import identity provider from uploaded JSON file
*
* @param uriInfo
* @param input
* @return
* @throws IOException
*/
@POST @POST
@Path("import-config") @Path("import-config")
@Consumes(MediaType.MULTIPART_FORM_DATA) @Consumes(MediaType.MULTIPART_FORM_DATA)
@ -85,6 +99,14 @@ public class IdentityProvidersResource {
return config; return config;
} }
/**
* Import identity provider from JSON body
*
* @param uriInfo
* @param data JSON body
* @return
* @throws IOException
*/
@POST @POST
@Path("import-config") @Path("import-config")
@Consumes(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON)
@ -108,6 +130,11 @@ public class IdentityProvidersResource {
} }
} }
/**
* Get identity providers
*
* @return
*/
@GET @GET
@Path("instances") @Path("instances")
@NoCache @NoCache
@ -123,6 +150,13 @@ public class IdentityProvidersResource {
return representations; return representations;
} }
/**
* Create a new identity provider
*
* @param uriInfo
* @param representation JSON body
* @return
*/
@POST @POST
@Path("instances") @Path("instances")
@Consumes(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON)

View file

@ -7,7 +7,6 @@ import org.keycloak.events.admin.OperationType;
import org.keycloak.models.ClientModel; import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ProtocolMapperModel; import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.utils.ModelToRepresentation; import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.models.utils.RepresentationToModel; import org.keycloak.models.utils.RepresentationToModel;
import org.keycloak.representations.idm.ProtocolMapperRepresentation; import org.keycloak.representations.idm.ProtocolMapperRepresentation;
@ -39,7 +38,7 @@ public class ProtocolMappersResource {
protected ClientModel client; protected ClientModel client;
protected RealmAuth auth; protected RealmAuth auth;
protected AdminEventBuilder adminEvent; protected AdminEventBuilder adminEvent;
@ -58,7 +57,7 @@ public class ProtocolMappersResource {
} }
/** /**
* Map of mappers by name for a specific protocol * Get mappers by name for a specific protocol
* *
* @param protocol * @param protocol
* @return * @return
@ -77,7 +76,7 @@ public class ProtocolMappersResource {
} }
/** /**
* creates mapper * Create a mapper
* *
* @param rep * @param rep
*/ */
@ -93,7 +92,7 @@ public class ProtocolMappersResource {
return Response.created(uriInfo.getAbsolutePathBuilder().path(model.getId()).build()).build(); return Response.created(uriInfo.getAbsolutePathBuilder().path(model.getId()).build()).build();
} }
/** /**
* creates multiple mapper * Create multiple mappers
* *
*/ */
@Path("add-models") @Path("add-models")
@ -110,6 +109,11 @@ public class ProtocolMappersResource {
adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo).representation(reps).success(); adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo).representation(reps).success();
} }
/**
* Get mappers
*
* @return
*/
@GET @GET
@NoCache @NoCache
@Path("models") @Path("models")
@ -123,6 +127,12 @@ public class ProtocolMappersResource {
return mappers; return mappers;
} }
/**
* Get mapper by id
*
* @param id Mapper id
* @return
*/
@GET @GET
@NoCache @NoCache
@Path("models/{id}") @Path("models/{id}")
@ -134,6 +144,12 @@ public class ProtocolMappersResource {
return ModelToRepresentation.toRepresentation(model); return ModelToRepresentation.toRepresentation(model);
} }
/**
* Update the mapper
*
* @param id Mapper id
* @param rep
*/
@PUT @PUT
@NoCache @NoCache
@Path("models/{id}") @Path("models/{id}")
@ -147,6 +163,11 @@ public class ProtocolMappersResource {
adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(rep).success(); adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(rep).success();
} }
/**
* Delete the mapper
*
* @param id Mapper id
*/
@DELETE @DELETE
@NoCache @NoCache
@Path("models/{id}") @Path("models/{id}")

View file

@ -6,8 +6,6 @@ import org.jboss.resteasy.spi.BadRequestException;
import org.jboss.resteasy.spi.NotFoundException; import org.jboss.resteasy.spi.NotFoundException;
import org.jboss.resteasy.spi.ResteasyProviderFactory; import org.jboss.resteasy.spi.ResteasyProviderFactory;
import org.keycloak.ClientConnection; import org.keycloak.ClientConnection;
import org.keycloak.authentication.RequiredActionFactory;
import org.keycloak.authentication.RequiredActionProvider;
import org.keycloak.events.Event; import org.keycloak.events.Event;
import org.keycloak.events.EventQuery; import org.keycloak.events.EventQuery;
import org.keycloak.events.EventStoreProvider; import org.keycloak.events.EventStoreProvider;
@ -27,7 +25,6 @@ import org.keycloak.models.cache.CacheUserProvider;
import org.keycloak.models.utils.ModelToRepresentation; import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.models.utils.RepresentationToModel; import org.keycloak.models.utils.RepresentationToModel;
import org.keycloak.protocol.oidc.TokenManager; import org.keycloak.protocol.oidc.TokenManager;
import org.keycloak.provider.ProviderFactory;
import org.keycloak.representations.adapters.action.GlobalRequestResult; import org.keycloak.representations.adapters.action.GlobalRequestResult;
import org.keycloak.representations.idm.RealmEventsConfigRepresentation; import org.keycloak.representations.idm.RealmEventsConfigRepresentation;
import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.representations.idm.RealmRepresentation;
@ -143,7 +140,9 @@ public class RealmAdminResource {
} }
/** /**
* Get the top-level representation of the realm. It will not include nested information like User and Client representations. * Get the top-level representation of the realm
*
* It will not include nested information like User and Client representations.
* *
* @return * @return
*/ */
@ -172,7 +171,9 @@ public class RealmAdminResource {
} }
/** /**
* Update the top-level information of this realm. Any user, roles or client information in the representation * Update the top-level information of the realm
*
* Any user, roles or client information in the representation
* will be ignored. This will only update top-level attributes of the realm. * will be ignored. This will only update top-level attributes of the realm.
* *
* @param rep * @param rep
@ -215,7 +216,7 @@ public class RealmAdminResource {
} }
/** /**
* Delete this realm. * Delete the realm
* *
*/ */
@DELETE @DELETE
@ -260,7 +261,7 @@ public class RealmAdminResource {
} }
/** /**
* Path for managing all realm-level or client-level roles defined in this realm by it's id. * Path for managing all realm-level or client-level roles defined in this realm by its id.
* *
* @return * @return
*/ */
@ -316,8 +317,10 @@ public class RealmAdminResource {
} }
/** /**
* Get client session stats
*
* Returns a JSON map. The key is the client id, the value is the number of sessions that currently are active * Returns a JSON map. The key is the client id, the value is the number of sessions that currently are active
* with that client. Only client's that actually have a session associated with them will be in this map. * with that client. Only clients that actually have a session associated with them will be in this map.
* *
* @return * @return
*/ */
@ -341,7 +344,9 @@ public class RealmAdminResource {
} }
/** /**
* View the events provider and how it is configured. * Get the events provider configuration
*
* Returns JSON object with events provider configuration
* *
* @return * @return
*/ */
@ -356,7 +361,9 @@ public class RealmAdminResource {
} }
/** /**
* Change the events provider and/or it's configuration * Update the events provider
*
* Change the events provider and/or its configuration
* *
* @param rep * @param rep
*/ */
@ -371,15 +378,17 @@ public class RealmAdminResource {
} }
/** /**
* Query events. Returns all events, or will query based on URL query parameters listed here * Get events
* *
* @param client app or oauth client name * Returns all events, or filters them based on URL query parameters listed here
* @param user user id *
* @param ipAddress * @param client App or oauth client name
* @param dateTo * @param user User id
* @param dateFrom * @param ipAddress IP address
* @param firstResult * @param dateTo To date
* @param maxResults * @param dateFrom From date
* @param firstResult Paging offset
* @param maxResults Paging size
* @return * @return
*/ */
@Path("events") @Path("events")
@ -448,7 +457,9 @@ public class RealmAdminResource {
} }
/** /**
* Query admin events. Returns all admin events, or will query based on URL query parameters listed here * Get admin events
*
* Returns all admin events, or filters events based on URL query parameters listed here
* *
* @param authRealm * @param authRealm
* @param authClient * @param authClient
@ -538,7 +549,7 @@ public class RealmAdminResource {
} }
/** /**
* Delete all events. * Delete all events
* *
*/ */
@Path("events") @Path("events")
@ -551,7 +562,7 @@ public class RealmAdminResource {
} }
/** /**
* Delete all admin events. * Delete all admin events
* *
*/ */
@Path("admin-events") @Path("admin-events")
@ -563,6 +574,15 @@ public class RealmAdminResource {
eventStore.clearAdmin(realm.getId()); eventStore.clearAdmin(realm.getId());
} }
/**
* Test LDAP connection
*
* @param action
* @param connectionUrl
* @param bindDn
* @param bindCredential
* @return
*/
@Path("testLDAPConnection") @Path("testLDAPConnection")
@GET @GET
@NoCache @NoCache

View file

@ -73,7 +73,9 @@ public class RealmsAdminResource {
} }
/** /**
* Returns a list of realms. This list is filtered based on what realms the caller is allowed to view. * Get accessible realms
*
* Returns a list of accessible realms. The list is filtered based on what realms the caller is allowed to view.
* *
* @return * @return
*/ */
@ -107,10 +109,12 @@ public class RealmsAdminResource {
} }
/** /**
* Import a realm from a full representation of that realm. Realm name must be unique. * Import a realm
*
* Imports a realm from a full representation of that realm. Realm name must be unique.
* *
* @param uriInfo * @param uriInfo
* @param rep JSON representation * @param rep JSON representation of the realm
* @return * @return
*/ */
@POST @POST
@ -141,7 +145,9 @@ public class RealmsAdminResource {
} }
/** /**
* Upload a realm from a uploaded JSON file. The posted represenation is expected to be a multipart/form-data encapsulation * Import a realm from uploaded JSON file
*
* The posted represenation is expected to be a multipart/form-data encapsulation
* of a JSON file. The same format a browser would use when uploading a file. * of a JSON file. The same format a browser would use when uploading a file.
* *
* @param uriInfo * @param uriInfo

View file

@ -87,7 +87,7 @@ public class RoleByIdResource extends RoleResource {
} }
/** /**
* Delete this role * Delete the role
* *
* @param id id of role * @param id id of role
*/ */
@ -102,7 +102,7 @@ public class RoleByIdResource extends RoleResource {
} }
/** /**
* Update this role * Update the role
* *
* @param id id of role * @param id id of role
* @param rep * @param rep
@ -118,7 +118,7 @@ public class RoleByIdResource extends RoleResource {
} }
/** /**
* Make this role a composite role by associating some child roles to it. * Make the role a composite role by associating some child roles
* *
* @param id * @param id
* @param roles * @param roles
@ -133,7 +133,9 @@ public class RoleByIdResource extends RoleResource {
} }
/** /**
* If this role is a composite, return a set of its children * Get role's children
*
* Returns a set of role's children provided the role is a composite.
* *
* @param id * @param id
* @return * @return
@ -151,7 +153,7 @@ public class RoleByIdResource extends RoleResource {
} }
/** /**
* Return a set of realm-level roles that are in the role's composite * Get realm-level roles that are in the role's composite
* *
* @param id * @param id
* @return * @return
@ -167,7 +169,7 @@ public class RoleByIdResource extends RoleResource {
} }
/** /**
* Return a set of client-level roles for a specific client that are in the role's composite * Get client-level roles for the client that are in the role's composite
* *
* @param id * @param id
* @param client * @param client
@ -189,7 +191,7 @@ public class RoleByIdResource extends RoleResource {
} }
/** /**
* Return a set of client-level roles for a specific client that are in the role's composite * Get client-level roles for the client that are in the role's composite
* *
* @param role * @param role
* @param client * @param client
@ -212,10 +214,10 @@ public class RoleByIdResource extends RoleResource {
} }
/** /**
* Remove the listed set of roles from this role's composite * Remove a set of roles from the role's composite
* *
* @param id * @param id Role id
* @param roles * @param roles A set of roles to be removed
*/ */
@Path("{role-id}/composites") @Path("{role-id}/composites")
@DELETE @DELETE

View file

@ -4,7 +4,6 @@ import org.jboss.resteasy.annotations.cache.NoCache;
import org.jboss.resteasy.spi.NotFoundException; import org.jboss.resteasy.spi.NotFoundException;
import org.keycloak.events.admin.OperationType; import org.keycloak.events.admin.OperationType;
import org.keycloak.models.ClientModel; import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelDuplicateException; import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.RealmModel; import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleContainerModel; import org.keycloak.models.RoleContainerModel;
@ -51,7 +50,7 @@ public class RoleContainerResource extends RoleResource {
} }
/** /**
* List all roles for this realm or client * Get all roles for the realm or client
* *
* @return * @return
*/ */
@ -70,7 +69,7 @@ public class RoleContainerResource extends RoleResource {
} }
/** /**
* Create a new role for this realm or client * Create a new role for the realm or client
* *
* @param rep * @param rep
* @return * @return
@ -164,7 +163,7 @@ public class RoleContainerResource extends RoleResource {
} }
/** /**
* Add a composite to this role * Add a composite to the role
* *
* @param roleName role's name (not id!) * @param roleName role's name (not id!)
* @param roles * @param roles
@ -183,7 +182,7 @@ public class RoleContainerResource extends RoleResource {
} }
/** /**
* List composites of this role * Get composites of the role
* *
* @param roleName role's name (not id!) * @param roleName role's name (not id!)
* @return * @return
@ -203,7 +202,7 @@ public class RoleContainerResource extends RoleResource {
} }
/** /**
* Get realm-level roles of this role's composite * Get realm-level roles of the role's composite
* *
* @param roleName role's name (not id!) * @param roleName role's name (not id!)
* @return * @return
@ -223,7 +222,7 @@ public class RoleContainerResource extends RoleResource {
} }
/** /**
* An app-level roles for a specific app for this role's composite * An app-level roles for the specified app for the role's composite
* *
* @param roleName role's name (not id!) * @param roleName role's name (not id!)
* @param client * @param client
@ -252,7 +251,7 @@ public class RoleContainerResource extends RoleResource {
/** /**
* Remove roles from this role's composite * Remove roles from the role's composite
* *
* @param roleName role's name (not id!) * @param roleName role's name (not id!)
* @param roles roles to remove * @param roles roles to remove

View file

@ -44,7 +44,9 @@ public class ScopeMappedClientResource {
} }
/** /**
* Get the roles associated with a client's scope for a specific client. * Get the roles associated with a client's scope
*
* Returns roles for the client.
* *
* @return * @return
*/ */
@ -63,7 +65,9 @@ public class ScopeMappedClientResource {
} }
/** /**
* The available client-level roles that can be associated with the client's scope * The available client-level roles
*
* Returns the roles for the client that can be associated with the client's scope
* *
* @return * @return
*/ */
@ -79,7 +83,9 @@ public class ScopeMappedClientResource {
} }
/** /**
* Get effective client roles that are associated with the client's scope for a specific client. * Get effective client roles
*
* Returns the roles for the client that are associated with the client's scope.
* *
* @return * @return
*/ */

View file

@ -19,9 +19,7 @@ import javax.ws.rs.POST;
import javax.ws.rs.Path; import javax.ws.rs.Path;
import javax.ws.rs.PathParam; import javax.ws.rs.PathParam;
import javax.ws.rs.Produces; import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.UriInfo;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.HashMap; import java.util.HashMap;
@ -51,7 +49,7 @@ public class ScopeMappedResource {
} }
/** /**
* Get all scope mappings for this client * Get all scope mappings for the client
* *
* @return * @return
*/ */
@ -94,7 +92,7 @@ public class ScopeMappedResource {
} }
/** /**
* Get list of realm-level roles associated with this client's scope. * Get realm-level roles associated with the client's scope
* *
* @return * @return
*/ */
@ -114,7 +112,7 @@ public class ScopeMappedResource {
} }
/** /**
* Get list of realm-level roles that are available to attach to this client's scope. * Get realm-level roles that are available to attach to this client's scope
* *
* @return * @return
*/ */
@ -139,7 +137,9 @@ public class ScopeMappedResource {
} }
/** /**
* Get all effective realm-level roles that are associated with this client's scope. What this does is recurse * Get effective realm-level roles associated with the client's scope
*
* What this does is recurse
* any composite roles associated with the client's scope and adds the roles to this lists. The method is really * any composite roles associated with the client's scope and adds the roles to this lists. The method is really
* to show a comprehensive total view of realm-level roles associated with the client. * to show a comprehensive total view of realm-level roles associated with the client.
* *

View file

@ -5,7 +5,6 @@ import org.jboss.resteasy.annotations.cache.NoCache;
import org.jboss.resteasy.spi.NotFoundException; import org.jboss.resteasy.spi.NotFoundException;
import org.keycloak.events.admin.OperationType; import org.keycloak.events.admin.OperationType;
import org.keycloak.models.ClientModel; import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel; import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel; import org.keycloak.models.RoleModel;
import org.keycloak.models.UserModel; import org.keycloak.models.UserModel;
@ -18,7 +17,6 @@ import javax.ws.rs.GET;
import javax.ws.rs.POST; import javax.ws.rs.POST;
import javax.ws.rs.Path; import javax.ws.rs.Path;
import javax.ws.rs.Produces; import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.UriInfo; import javax.ws.rs.core.UriInfo;
@ -51,7 +49,7 @@ public class UserClientRoleMappingsResource {
} }
/** /**
* Get client-level role mappings for this user for a specific app * Get client-level role mappings for the user, and the app
* *
* @return * @return
*/ */
@ -70,7 +68,9 @@ public class UserClientRoleMappingsResource {
} }
/** /**
* Get effective client-level role mappings. This recurses any composite roles * Get effective client-level role mappings
*
* This recurses any composite roles
* *
* @return * @return
*/ */
@ -120,9 +120,9 @@ public class UserClientRoleMappingsResource {
} }
/** /**
* Add client-level roles to the user role mapping. * Add client-level roles to the user role mapping
* *
* @param roles * @param roles
*/ */
@POST @POST
@Consumes(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON)
@ -141,7 +141,7 @@ public class UserClientRoleMappingsResource {
} }
/** /**
* Delete client-level roles from user role mapping. * Delete client-level roles from user role mapping
* *
* @param roles * @param roles
*/ */

View file

@ -98,7 +98,7 @@ public class UserFederationProviderResource {
} }
/** /**
* get a provider * Get a provider
* *
*/ */
@GET @GET
@ -126,7 +126,7 @@ public class UserFederationProviderResource {
} }
/** /**
* trigger sync of users * Trigger sync of users
* *
* @return * @return
*/ */
@ -150,7 +150,7 @@ public class UserFederationProviderResource {
} }
/** /**
* List of available User Federation mapper types * Get available user federation mapper types
* *
* @return * @return
*/ */
@ -227,7 +227,7 @@ public class UserFederationProviderResource {
} }
/** /**
* Create mapper * Create a mapper
* *
* @param mapper * @param mapper
* @return * @return
@ -251,9 +251,9 @@ public class UserFederationProviderResource {
} }
/** /**
* Get mapper * Get a mapper
* *
* @param id mapperId * @param id Mapper id
* @return * @return
*/ */
@GET @GET
@ -268,9 +268,9 @@ public class UserFederationProviderResource {
} }
/** /**
* Update mapper * Update a mapper
* *
* @param id * @param id Mapper id
* @param rep * @param rep
*/ */
@PUT @PUT
@ -291,9 +291,9 @@ public class UserFederationProviderResource {
} }
/** /**
* Delete mapper with given ID * Delete a mapper with a given id
* *
* @param id * @param id Mapper id
*/ */
@DELETE @DELETE
@NoCache @NoCache

View file

@ -8,8 +8,6 @@ import org.keycloak.constants.KerberosConstants;
import org.keycloak.events.admin.OperationType; import org.keycloak.events.admin.OperationType;
import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel; import org.keycloak.models.RealmModel;
import org.keycloak.models.RequiredCredentialModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserFederationProvider; import org.keycloak.models.UserFederationProvider;
import org.keycloak.models.UserFederationProviderFactory; import org.keycloak.models.UserFederationProviderFactory;
import org.keycloak.models.UserFederationProviderModel; import org.keycloak.models.UserFederationProviderModel;
@ -84,7 +82,9 @@ public class UserFederationProvidersResource {
} }
/** /**
* Get List of available provider factories * Get available provider factories
*
* Returns a list of available provider factories.
* *
* @return * @return
*/ */
@ -105,7 +105,7 @@ public class UserFederationProvidersResource {
} }
/** /**
* Get factory with given ID * Get factory with given id
* *
* @return * @return
*/ */
@ -159,7 +159,7 @@ public class UserFederationProvidersResource {
} }
/** /**
* list configured providers * Get configured providers
* *
* @return * @return
*/ */

View file

@ -118,7 +118,7 @@ public class UsersResource {
/** /**
* Update the user * Update the user
* *
* @param id * @param id User id
* @param rep * @param rep
* @return * @return
*/ */
@ -164,7 +164,9 @@ public class UsersResource {
} }
/** /**
* Create a new user. Must be a unique username! * Create a new user
*
* Username must be unique.
* *
* @param uriInfo * @param uriInfo
* @param rep * @param rep
@ -245,7 +247,7 @@ public class UsersResource {
/** /**
* Get represenation of the user * Get represenation of the user
* *
* @param id user id * @param id User id
* @return * @return
*/ */
@Path("{id}") @Path("{id}")
@ -274,6 +276,12 @@ public class UsersResource {
return rep; return rep;
} }
/**
* Impersonate the user
*
* @param id User id
* @return
*/
@Path("{id}/impersonation") @Path("{id}/impersonation")
@POST @POST
@NoCache @NoCache
@ -314,9 +322,9 @@ public class UsersResource {
/** /**
* List set of sessions associated with this user. * Get sessions associated with the user
* *
* @param id * @param id User id
* @return * @return
*/ */
@Path("{id}/sessions") @Path("{id}/sessions")
@ -339,9 +347,9 @@ public class UsersResource {
} }
/** /**
* List set of social logins associated with this user. * Get social logins associated with the user
* *
* @param id * @param id User id
* @return * @return
*/ */
@Path("{id}/federated-identity") @Path("{id}/federated-identity")
@ -373,6 +381,14 @@ public class UsersResource {
return result; return result;
} }
/**
* Add a social login provider to the user
*
* @param id User id
* @param provider Social login provider id
* @param rep
* @return
*/
@Path("{id}/federated-identity/{provider}") @Path("{id}/federated-identity/{provider}")
@POST @POST
@NoCache @NoCache
@ -392,6 +408,12 @@ public class UsersResource {
return Response.noContent().build(); return Response.noContent().build();
} }
/**
* Remove a social login provider from user
*
* @param id User id
* @param provider Social login provider id
*/
@Path("{id}/federated-identity/{provider}") @Path("{id}/federated-identity/{provider}")
@DELETE @DELETE
@NoCache @NoCache
@ -408,9 +430,9 @@ public class UsersResource {
} }
/** /**
* List set of consents granted by this user. * Get consents granted by the user
* *
* @param id * @param id User id
* @return * @return
*/ */
@Path("{id}/consents") @Path("{id}/consents")
@ -435,10 +457,10 @@ public class UsersResource {
} }
/** /**
* Revoke consent for particular client * Revoke consent for particular client from user
* *
* @param id * @param id User id
* @param clientId * @param clientId Client id
*/ */
@Path("{id}/consents/{client}") @Path("{id}/consents/{client}")
@DELETE @DELETE
@ -462,10 +484,11 @@ public class UsersResource {
} }
/** /**
* Remove all user sessions associated with this user. And, for all client that have an admin URL, tell * Remove all user sessions associated with the user
* them to invalidate the sessions for this particular user.
* *
* @param id user id * Also send notification to all clients that have an admin URL to invalidate the sessions for the particular user.
*
* @param id User id
*/ */
@Path("{id}/logout") @Path("{id}/logout")
@POST @POST
@ -484,9 +507,9 @@ public class UsersResource {
} }
/** /**
* delete this user * Delete the user
* *
* @param id user id * @param id User id
*/ */
@Path("{id}") @Path("{id}")
@DELETE @DELETE
@ -509,13 +532,17 @@ public class UsersResource {
} }
/** /**
* Query list of users. May pass in query criteria * Get users
* *
* @param search string contained in username, first or last name, or email * Returns a list of users, filtered according to query parameters
*
* @param search A String contained in username, first or last name, or email
* @param last * @param last
* @param first * @param first
* @param email * @param email
* @param username * @param username
* @param first Pagination offset
* @param maxResults Pagination size
* @return * @return
*/ */
@GET @GET
@ -563,9 +590,9 @@ public class UsersResource {
} }
/** /**
* Get role mappings for this user * Get role mappings for the user
* *
* @param id user id * @param id User id
* @return * @return
*/ */
@Path("{id}/role-mappings") @Path("{id}/role-mappings")
@ -614,9 +641,9 @@ public class UsersResource {
} }
/** /**
* Get realm-level role mappings for this user * Get realm-level role mappings for the user
* *
* @param id user id * @param id User id
* @return * @return
*/ */
@Path("{id}/role-mappings/realm") @Path("{id}/role-mappings/realm")
@ -640,9 +667,11 @@ public class UsersResource {
} }
/** /**
* Effective realm-level role mappings for this user. Will recurse all composite roles to get this list. * Get effective realm-level role mappings for the user
* *
* @param id user id * This will recurse all composite roles to get the result.
*
* @param id User id
* @return * @return
*/ */
@Path("{id}/role-mappings/realm/composite") @Path("{id}/role-mappings/realm/composite")
@ -668,9 +697,9 @@ public class UsersResource {
} }
/** /**
* Realm-level roles that can be mapped to this user * Get realm-level roles that can be mapped to this user
* *
* @param id * @param id User id
* @return * @return
*/ */
@Path("{id}/role-mappings/realm/available") @Path("{id}/role-mappings/realm/available")
@ -690,10 +719,10 @@ public class UsersResource {
} }
/** /**
* Add realm-level role mappings * Add realm-level role mappings to the user
* *
* @param id * @param id User id
* @param roles * @param roles Roles to add
*/ */
@Path("{id}/role-mappings/realm") @Path("{id}/role-mappings/realm")
@POST @POST
@ -720,7 +749,7 @@ public class UsersResource {
/** /**
* Delete realm-level role mappings * Delete realm-level role mappings
* *
* @param id user id * @param id User id
* @param roles * @param roles
*/ */
@Path("{id}/role-mappings/realm") @Path("{id}/role-mappings/realm")
@ -770,12 +799,14 @@ public class UsersResource {
return new UserClientRoleMappingsResource(uriInfo, realm, auth, user, clientModel, adminEvent); return new UserClientRoleMappingsResource(uriInfo, realm, auth, user, clientModel, adminEvent);
} }
/** /**
* Set up a temporary password for this user. User will have to reset this temporary password when they log * Set up a temporary password for the user
* in next.
* *
* @param id * User will have to reset the temporary password next time they log in.
* @param pass temporary password *
* @param id User id
* @param pass A Temporary password
*/ */
@Path("{id}/reset-password") @Path("{id}/reset-password")
@PUT @PUT
@ -805,9 +836,9 @@ public class UsersResource {
} }
/** /**
* Remove TOTP from the user
* *
* * @param id User id
* @param id
*/ */
@Path("{id}/remove-totp") @Path("{id}/remove-totp")
@PUT @PUT
@ -825,13 +856,15 @@ public class UsersResource {
} }
/** /**
* Send an email to the user with a link they can click to reset their password. * Send a password-reset email to the user
*
* An email contains a link the user can click to reset their password.
* The redirectUri and clientId parameters are optional. The default for the * The redirectUri and clientId parameters are optional. The default for the
* redirect is the account client. * redirect is the account client.
* *
* @param id * @param id User is
* @param redirectUri redirect uri * @param redirectUri Redirect uri
* @param clientId client id * @param clientId Client id
* @return * @return
*/ */
@Path("{id}/execute-actions-email") @Path("{id}/execute-actions-email")
@ -880,13 +913,15 @@ public class UsersResource {
} }
/** /**
* Send an email to the user with a link they can click to verify their email address. * Send an email-verification email to the user
*
* An email contains a link the user can click to verify their email address.
* The redirectUri and clientId parameters are optional. The default for the * The redirectUri and clientId parameters are optional. The default for the
* redirect is the account client. * redirect is the account client.
* *
* @param id * @param id User id
* @param redirectUri redirect uri * @param redirectUri Redirect uri
* @param clientId client id * @param clientId Client id
* @return * @return
*/ */
@Path("{id}/send-verify-email") @Path("{id}/send-verify-email")

View file

@ -38,7 +38,7 @@ public class ServerInfoAdminResource {
private KeycloakSession session; private KeycloakSession session;
/** /**
* Returns a list of themes, social providers, auth providers, and event listeners available on this server * Get themes, social providers, auth providers, and event listeners available on this server
* *
* @return * @return
*/ */