Merge pull request #566 from stianst/master

Updated admin endpoints and console to use oauth client name/clientId
This commit is contained in:
Stian Thorgersen 2014-07-30 14:18:45 +01:00
commit 54a7761e15
80 changed files with 73 additions and 7197 deletions

View file

@ -17,7 +17,7 @@ module.controller('OAuthClientClaimsCtrl', function($scope, realm, oauth, claims
$scope.save = function () {
OAuthClientClaims.update({
realm: realm.realm,
oauth: oauth.id
oauth: oauth.name
}, $scope.claims, function () {
$scope.changed = false;
claims = angular.copy($scope.claims);
@ -27,7 +27,7 @@ module.controller('OAuthClientClaimsCtrl', function($scope, realm, oauth, claims
};
$scope.reset = function () {
$location.url("/realms/" + realm.realm + "/oauth-clients/" + oauth.id + "/claims");
$location.url("/realms/" + realm.realm + "/oauth-clients/" + oauth.name + "/claims");
};
});
@ -36,14 +36,14 @@ module.controller('OAuthClientCredentialsCtrl', function($scope, $location, real
$scope.realm = realm;
$scope.oauth = oauth;
var secret = OAuthClientCredentials.get({ realm : realm.realm, oauth : oauth.id },
var secret = OAuthClientCredentials.get({ realm : realm.realm, oauth : oauth.name },
function() {
$scope.secret = secret.value;
}
);
$scope.changePassword = function() {
var secret = OAuthClientCredentials.update({ realm : realm.realm, oauth : oauth.id },
var secret = OAuthClientCredentials.update({ realm : realm.realm, oauth : oauth.name },
function() {
Notifications.success('The secret has been changed.');
$scope.secret = secret.value;
@ -141,14 +141,14 @@ module.controller('OAuthClientDetailCtrl', function($scope, realm, oauth, OAuthC
}, $scope.oauth, function (data, headers) {
$scope.changed = false;
var l = headers().location;
var id = l.substring(l.lastIndexOf("/") + 1);
$location.url("/realms/" + realm.realm + "/oauth-clients/" + id);
var name = l.substring(l.lastIndexOf("/") + 1);
$location.url("/realms/" + realm.realm + "/oauth-clients/" + name);
Notifications.success("The oauth client has been created.");
});
} else {
OAuthClient.update({
realm : realm.realm,
id : oauth.id
oauth : oauth.name
}, $scope.oauth, function() {
$scope.changed = false;
oauth = angular.copy($scope.oauth);
@ -171,7 +171,7 @@ module.controller('OAuthClientDetailCtrl', function($scope, realm, oauth, OAuthC
Dialog.confirmDelete($scope.oauth.name, 'oauth', function() {
$scope.oauth.$remove({
realm : realm.realm,
id : $scope.oauth.id
oauth : $scope.oauth.name
}, function() {
$location.url("/realms/" + realm.realm + "/oauth-clients");
Notifications.success("The oauth client has been deleted.");
@ -200,17 +200,17 @@ module.controller('OAuthClientScopeMappingCtrl', function($scope, $http, realm,
$scope.dummymodel = [];
function updateRealmRoles() {
$scope.realmRoles = OAuthClientAvailableRealmScopeMapping.query({realm : realm.realm, oauth : oauth.id});
$scope.realmMappings = OAuthClientRealmScopeMapping.query({realm : realm.realm, oauth : oauth.id});
$scope.realmComposite = OAuthClientCompositeRealmScopeMapping.query({realm : realm.realm, oauth : oauth.id});
$scope.realmRoles = OAuthClientAvailableRealmScopeMapping.query({realm : realm.realm, oauth : oauth.name});
$scope.realmMappings = OAuthClientRealmScopeMapping.query({realm : realm.realm, oauth : oauth.name});
$scope.realmComposite = OAuthClientCompositeRealmScopeMapping.query({realm : realm.realm, oauth : oauth.name});
}
function updateAppRoles() {
if ($scope.targetApp) {
console.debug($scope.targetApp.name);
$scope.applicationRoles = OAuthClientAvailableApplicationScopeMapping.query({realm : realm.realm, oauth : oauth.id, targetApp : $scope.targetApp.name});
$scope.applicationMappings = OAuthClientApplicationScopeMapping.query({realm : realm.realm, oauth : oauth.id, targetApp : $scope.targetApp.name});
$scope.applicationComposite = OAuthClientCompositeApplicationScopeMapping.query({realm : realm.realm, oauth : oauth.id, targetApp : $scope.targetApp.name});
$scope.applicationRoles = OAuthClientAvailableApplicationScopeMapping.query({realm : realm.realm, oauth : oauth.name, targetApp : $scope.targetApp.name});
$scope.applicationMappings = OAuthClientApplicationScopeMapping.query({realm : realm.realm, oauth : oauth.name, targetApp : $scope.targetApp.name});
$scope.applicationComposite = OAuthClientCompositeApplicationScopeMapping.query({realm : realm.realm, oauth : oauth.name, targetApp : $scope.targetApp.name});
} else {
$scope.applicationRoles = null;
$scope.applicationMappings = null;
@ -219,23 +219,23 @@ module.controller('OAuthClientScopeMappingCtrl', function($scope, $http, realm,
}
$scope.addRealmRole = function() {
$http.post(authUrl + '/admin/realms/' + realm.realm + '/oauth-clients/' + oauth.id + '/scope-mappings/realm', $scope.selectedRealmRoles)
$http.post(authUrl + '/admin/realms/' + realm.realm + '/oauth-clients/' + oauth.name + '/scope-mappings/realm', $scope.selectedRealmRoles)
.success(updateRealmRoles);
};
$scope.deleteRealmRole = function() {
$http.delete(authUrl + '/admin/realms/' + realm.realm + '/oauth-clients/' + oauth.id + '/scope-mappings/realm',
$http.delete(authUrl + '/admin/realms/' + realm.realm + '/oauth-clients/' + oauth.name + '/scope-mappings/realm',
{data : $scope.selectedRealmMappings, headers : {"content-type" : "application/json"}})
.success(updateRealmRoles);
};
$scope.addApplicationRole = function() {
$http.post(authUrl + '/admin/realms/' + realm.realm + '/oauth-clients/' + oauth.id + '/scope-mappings/applications/' + $scope.targetApp.name,
$http.post(authUrl + '/admin/realms/' + realm.realm + '/oauth-clients/' + oauth.name + '/scope-mappings/applications/' + $scope.targetApp.name,
$scope.selectedApplicationRoles).success(updateAppRoles);
};
$scope.deleteApplicationRole = function() {
$http.delete(authUrl + '/admin/realms/' + realm.realm + '/oauth-clients/' + oauth.id + '/scope-mappings/applications/' + $scope.targetApp.name,
$http.delete(authUrl + '/admin/realms/' + realm.realm + '/oauth-clients/' + oauth.name + '/scope-mappings/applications/' + $scope.targetApp.name,
{data : $scope.selectedApplicationMappings, headers : {"content-type" : "application/json"}}).success(updateAppRoles);
};
@ -244,22 +244,22 @@ module.controller('OAuthClientScopeMappingCtrl', function($scope, $http, realm,
};
$scope.addRealmRole = function() {
$http.post(authUrl + '/admin/realms/' + realm.realm + '/oauth-clients/' + oauth.id + '/scope-mappings/realm',
$http.post(authUrl + '/admin/realms/' + realm.realm + '/oauth-clients/' + oauth.name + '/scope-mappings/realm',
$scope.selectedRealmRoles).success(updateRealmRoles);
};
$scope.deleteRealmRole = function() {
$http.delete(authUrl + '/admin/realms/' + realm.realm + '/oauth-clients/' + oauth.id + '/scope-mappings/realm',
$http.delete(authUrl + '/admin/realms/' + realm.realm + '/oauth-clients/' + oauth.name + '/scope-mappings/realm',
{data : $scope.selectedRealmMappings, headers : {"content-type" : "application/json"}}).success(updateRealmRoles);
};
$scope.addApplicationRole = function() {
$http.post(authUrl + '/admin/realms/' + realm.realm + '/oauth-clients/' + oauth.id + '/scope-mappings/applications/' + $scope.targetApp.name,
$http.post(authUrl + '/admin/realms/' + realm.realm + '/oauth-clients/' + oauth.name + '/scope-mappings/applications/' + $scope.targetApp.name,
$scope.selectedApplicationRoles).success(updateAppRoles);
};
$scope.deleteApplicationRole = function() {
$http.delete(authUrl + '/admin/realms/' + realm.realm + '/oauth-clients/' + oauth.id + '/scope-mappings/applications/' + $scope.targetApp.name,
$http.delete(authUrl + '/admin/realms/' + realm.realm + '/oauth-clients/' + oauth.name + '/scope-mappings/applications/' + $scope.targetApp.name,
{data : $scope.selectedApplicationMappings, headers : {"content-type" : "application/json"}}).success(updateAppRoles);
};
@ -287,7 +287,7 @@ module.controller('OAuthClientRevocationCtrl', function($scope, realm, oauth, OA
setNotBefore();
var refresh = function() {
OAuthClient.get({ realm : realm.realm, id: $scope.oauth.id }, function(updated) {
OAuthClient.get({ realm : realm.realm, oauth: $scope.oauth.name }, function(updated) {
$scope.oauth = updated;
setNotBefore();
})
@ -296,7 +296,7 @@ module.controller('OAuthClientRevocationCtrl', function($scope, realm, oauth, OA
$scope.clear = function() {
$scope.oauth.notBefore = 0;
OAuthClient.update({ realm : realm.realm, id: $scope.oauth.id}, $scope.oauth, function () {
OAuthClient.update({ realm : realm.realm, oauth: $scope.oauth.name}, $scope.oauth, function () {
$scope.notBefore = "None";
Notifications.success('Not Before cleared for application.');
refresh();
@ -304,7 +304,7 @@ module.controller('OAuthClientRevocationCtrl', function($scope, realm, oauth, OA
}
$scope.setNotBeforeNow = function() {
$scope.oauth.notBefore = new Date().getTime()/1000;
OAuthClient.update({ realm : realm.realm, id: $scope.oauth.id}, $scope.oauth, function () {
OAuthClient.update({ realm : realm.realm, oauth: $scope.oauth.name}, $scope.oauth, function () {
Notifications.success('Not Before cleared for application.');
refresh();
});

View file

@ -222,7 +222,7 @@ module.factory('OAuthClientLoader', function(Loader, OAuthClient, $route, $q) {
return Loader.get(OAuthClient, function() {
return {
realm : $route.current.params.realm,
id : $route.current.params.oauth
oauth : $route.current.params.oauth
}
});
});

View file

@ -727,9 +727,9 @@ module.factory('ApplicationOrigins', function($resource) {
});
module.factory('OAuthClient', function($resource) {
return $resource(authUrl + '/admin/realms/:realm/oauth-clients/:id', {
return $resource(authUrl + '/admin/realms/:realm/oauth-clients/:oauth', {
realm : '@realm',
id : '@id'
oauth : '@oauth'
}, {
update : {
method : 'PUT'

View file

@ -1,12 +1,12 @@
<div class="bs-sidebar col-md-3 clearfix" data-ng-include data-src="'partials/realm-menu.html'"></div>
<div id="content-area" class="col-md-9" role="main">
<ul class="nav nav-tabs nav-tabs-pf">
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}">Settings</a></li>
<li data-ng-show="!oauth.publicClient"><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/credentials">Credentials</a></li>
<li class="active"><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/claims">Claims</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/scope-mappings">Scope</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/installation">Installation</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/revocation">Revocation</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}">Settings</a></li>
<li data-ng-show="!oauth.publicClient"><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/credentials">Credentials</a></li>
<li class="active"><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/claims">Claims</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/scope-mappings">Scope</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/installation">Installation</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/revocation">Revocation</a></li>
</ul>
<div id="content">
<ol class="breadcrumb" data-ng-hide="create">

View file

@ -1,12 +1,12 @@
<div class="bs-sidebar col-sm-3" data-ng-include data-src="'partials/realm-menu.html'"></div>
<div id="content-area" class="col-sm-9" role="main">
<ul class="nav nav-tabs nav-tabs-pf">
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}">Settings</a></li>
<li class="active"><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/credentials">Credentials</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/claims">Claims</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/scope-mappings">Scope</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/installation">Installation</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/revocation">Revocation</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}">Settings</a></li>
<li class="active"><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/credentials">Credentials</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/claims">Claims</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/scope-mappings">Scope</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/installation">Installation</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/revocation">Revocation</a></li>
</ul>
<div id="content">

View file

@ -1,12 +1,12 @@
<div class="bs-sidebar col-md-3 clearfix" data-ng-include data-src="'partials/realm-menu.html'"></div>
<div id="content-area" class="col-md-9" role="main">
<ul class="nav nav-tabs nav-tabs-pf" data-ng-show="!create">
<li class="active"><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}">Settings</a></li>
<li data-ng-show="!oauth.publicClient"><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/credentials">Credentials</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/claims">Claims</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/scope-mappings">Scope</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/installation">Installation</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/revocation">Revocation</a></li>
<li class="active"><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}">Settings</a></li>
<li data-ng-show="!oauth.publicClient"><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/credentials">Credentials</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/claims">Claims</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/scope-mappings">Scope</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/installation">Installation</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/revocation">Revocation</a></li>
</ul>
<div id="content">
<ol class="breadcrumb" data-ng-show="create">

View file

@ -1,18 +1,18 @@
<div class="bs-sidebar col-sm-3" data-ng-include data-src="'partials/realm-menu.html'"></div>
<div id="content-area" class="col-md-9" role="main">
<ul class="nav nav-tabs nav-tabs-pf" data-ng-show="!create">
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}">Settings</a></li>
<li data-ng-show="!oauth.publicClient"><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/credentials">Credentials</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/claims">Claims</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/scope-mappings">Scope</a></li>
<li class="active"><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/installation">Installation</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/revocation">Revocation</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}">Settings</a></li>
<li data-ng-show="!oauth.publicClient"><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/credentials">Credentials</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/claims">Claims</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/scope-mappings">Scope</a></li>
<li class="active"><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/installation">Installation</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/revocation">Revocation</a></li>
</ul>
<div id="content">
<ol class="breadcrumb" data-ng-hide="create">
<li><a href="#/realms/{{realm.realm}}">{{realm.realm}}</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients">OAuth Clients</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}">{{oauth.name}}</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}">{{oauth.name}}</a></li>
<li class="active">Installation</li>
</ol>
<h2>OAuth Client Installation</h2>

View file

@ -46,7 +46,7 @@
-->
<tbody>
<tr ng-repeat="client in oauthClients | filter:search">
<td><a href="#/realms/{{realm.realm}}/oauth-clients/{{client.id}}">{{client.name}}</a></td>
<td><a href="#/realms/{{realm.realm}}/oauth-clients/{{client.name}}">{{client.name}}</a></td>
<td>{{client.enabled}}</td>
</tr>
<tr data-ng-show="oauthClients.length == 0">

View file

@ -1,18 +1,18 @@
<div class="bs-sidebar col-md-3 clearfix" data-ng-include data-src="'partials/realm-menu.html'"></div>
<div id="content-area" class="col-md-9" role="main">
<ul class="nav nav-tabs nav-tabs-pf" data-ng-show="!create">
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}">Settings</a></li>
<li data-ng-show="!oauth.publicClient"><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/credentials">Credentials</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/claims">Claims</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/scope-mappings">Scope</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/installation">Installation</a></li>
<li class="active"><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/revocation">Revocation</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}">Settings</a></li>
<li data-ng-show="!oauth.publicClient"><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/credentials">Credentials</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/claims">Claims</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/scope-mappings">Scope</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/installation">Installation</a></li>
<li class="active"><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/revocation">Revocation</a></li>
</ul>
<div id="content">
<ol class="breadcrumb">
<li><a href="#/realms/{{realm.realm}}">{{realm.realm}}</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients">OAuth Clients</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}">{{oauth.name}}</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}">{{oauth.name}}</a></li>
<li class="active">Revocation</li>
</ol>
<h2 data-ng-hide="create"><span>{{oauth.name}}</span> Revocation Policies</h2>

View file

@ -2,19 +2,19 @@
<div id="content-area" class="col-md-9" role="main">
<ul class="nav nav-tabs nav-tabs-pf" data-ng-show="!create">
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}">Settings</a></li>
<li data-ng-show="!oauth.publicClient"><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/credentials">Credentials</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/claims">Claims</a></li>
<li class="active"><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/scope-mappings">Scope</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/installation">Installation</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}/revocation">Revocation</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}">Settings</a></li>
<li data-ng-show="!oauth.publicClient"><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/credentials">Credentials</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/claims">Claims</a></li>
<li class="active"><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/scope-mappings">Scope</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/installation">Installation</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}/revocation">Revocation</a></li>
</ul>
<div id="content">
<ol class="breadcrumb" data-ng-hide="create">
<li><a href="#/realms/{{realm.realm}}">{{realm.realm}}</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients">OAuth Clients</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.id}}">{{oauth.name}}</a></li>
<li><a href="#/realms/{{realm.realm}}/oauth-clients/{{oauth.name}}">{{oauth.name}}</a></li>
<li class="active">Scope</li>
</ol>
<h2><span>{{oauth.name}}</span> Scope Mappings</h2>

View file

@ -1,30 +0,0 @@
<?xml version="1.0"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
<version>1.0-beta-4-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>keycloak-model-hybrid</artifactId>
<name>Keycloak Model Hybrid</name>
<description/>
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-core</artifactId>
<version>${project.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-model-api</artifactId>
<version>${project.version}</version>
<scope>provided</scope>
</dependency>
</dependencies>
</project>

View file

@ -1,137 +0,0 @@
package org.keycloak.models.hybrid;
import org.keycloak.models.ApplicationModel;
import org.keycloak.models.ClientModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.realms.Application;
import org.keycloak.models.utils.KeycloakModelUtils;
import java.util.List;
import java.util.Set;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class ApplicationAdapter extends ClientAdapter implements ApplicationModel {
private Application application;
ApplicationAdapter(HybridModelProvider provider, Application application) {
super(provider, application);
this.application = application;
}
Application getApplication() {
return application;
}
@Override
public void updateApplication() {
application.updateApplication();
}
@Override
public String getName() {
return application.getName();
}
@Override
public void setName(String name) {
application.setName(name);
}
@Override
public boolean isSurrogateAuthRequired() {
return application.isSurrogateAuthRequired();
}
@Override
public void setSurrogateAuthRequired(boolean surrogateAuthRequired) {
application.setSurrogateAuthRequired(surrogateAuthRequired);
}
@Override
public String getManagementUrl() {
return application.getManagementUrl();
}
@Override
public void setManagementUrl(String url) {
application.setManagementUrl(url);
}
@Override
public String getBaseUrl() {
return application.getBaseUrl();
}
@Override
public void setBaseUrl(String url) {
application.setBaseUrl(url);
}
@Override
public List<String> getDefaultRoles() {
return application.getDefaultRoles();
}
@Override
public void addDefaultRole(String name) {
if (getRole(name) == null) {
addRole(name);
}
application.addDefaultRole(name);
}
@Override
public void updateDefaultRoles(String[] defaultRoles) {
application.updateDefaultRoles(defaultRoles);
}
@Override
public Set<RoleModel> getApplicationScopeMappings(ClientModel client) {
return provider.mappings().wrap(application.getApplicationScopeMappings(provider.mappings().unwrap(client)));
}
@Override
public boolean isBearerOnly() {
return application.isBearerOnly();
}
@Override
public void setBearerOnly(boolean only) {
application.setBearerOnly(only);
}
@Override
public RoleModel getRole(String name) {
return provider.mappings().wrap(application.getRole(name));
}
@Override
public RoleModel addRole(String name) {
return addRole(KeycloakModelUtils.generateId(), name);
}
@Override
public RoleModel addRole(String id, String name) {
return provider.mappings().wrap(application.addRole(id, name));
}
@Override
public boolean removeRole(RoleModel role) {
if (application.removeRole(provider.mappings().unwrap(role))) {
provider.users().onRoleRemoved(role.getId());
return true;
} else {
return false;
}
}
@Override
public Set<RoleModel> getRoles() {
return provider.mappings().wrap(application.getRoles());
}
}

View file

@ -1,191 +0,0 @@
package org.keycloak.models.hybrid;
import org.keycloak.models.ClientModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.realms.Client;
import java.util.Set;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public abstract class ClientAdapter implements ClientModel {
protected HybridModelProvider provider;
protected Client client;
ClientAdapter(HybridModelProvider provider, Client client) {
this.provider = provider;
this.client = client;
}
@Override
public String getId() {
return client.getId();
}
@Override
public String getClientId() {
return client.getClientId();
}
@Override
public long getAllowedClaimsMask() {
return client.getAllowedClaimsMask();
}
@Override
public void setAllowedClaimsMask(long mask) {
client.setAllowedClaimsMask(mask);
}
@Override
public Set<String> getWebOrigins() {
return client.getWebOrigins();
}
@Override
public void setWebOrigins(Set<String> webOrigins) {
client.setWebOrigins(webOrigins);
}
@Override
public void addWebOrigin(String webOrigin) {
client.addWebOrigin(webOrigin);
}
@Override
public void removeWebOrigin(String webOrigin) {
client.removeWebOrigin(webOrigin);
}
@Override
public Set<String> getRedirectUris() {
return client.getRedirectUris();
}
@Override
public void setRedirectUris(Set<String> redirectUris) {
client.setRedirectUris(redirectUris);
}
@Override
public void addRedirectUri(String redirectUri) {
client.addRedirectUri(redirectUri);
}
@Override
public void removeRedirectUri(String redirectUri) {
client.removeRedirectUri(redirectUri);
}
@Override
public boolean isEnabled() {
return client.isEnabled();
}
@Override
public void setEnabled(boolean enabled) {
client.setEnabled(enabled);
}
@Override
public boolean validateSecret(String secret) {
return client.validateSecret(secret);
}
@Override
public String getSecret() {
return client.getSecret();
}
@Override
public void setSecret(String secret) {
client.setSecret(secret);
}
@Override
public boolean isPublicClient() {
return client.isPublicClient();
}
@Override
public void setPublicClient(boolean flag) {
client.setPublicClient(flag);
}
@Override
public boolean isDirectGrantsOnly() {
return client.isDirectGrantsOnly();
}
@Override
public void setDirectGrantsOnly(boolean flag) {
client.setDirectGrantsOnly(flag);
}
@Override
public Set<RoleModel> getScopeMappings() {
return provider.mappings().wrap(client.getScopeMappings());
}
@Override
public void addScopeMapping(RoleModel role) {
if (!hasScope(role)) {
client.addScopeMapping(provider.mappings().unwrap(role));
}
}
@Override
public void deleteScopeMapping(RoleModel role) {
client.deleteScopeMapping(provider.mappings().unwrap(role));
}
@Override
public Set<RoleModel> getRealmScopeMappings() {
return provider.mappings().wrap(client.getRealmScopeMappings());
}
@Override
public boolean hasScope(RoleModel role) {
Set<RoleModel> roles = getScopeMappings();
if (roles.contains(role)) {
return true;
}
for (RoleModel mapping : roles) {
if (mapping.hasRole(role)) {
return true;
}
}
return false;
}
@Override
public RealmModel getRealm() {
return provider.mappings().wrap(client.getRealm());
}
@Override
public int getNotBefore() {
return client.getNotBefore();
}
@Override
public void setNotBefore(int notBefore) {
client.setNotBefore(notBefore);
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (!this.getClass().equals(o.getClass())) return false;
ClientAdapter that = (ClientAdapter) o;
return that.getId().equals(getId());
}
}

View file

@ -1,65 +0,0 @@
package org.keycloak.models.hybrid;
import org.keycloak.models.KeycloakTransaction;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class HybridKeycloakTransaction implements KeycloakTransaction {
private KeycloakTransaction[] txs;
public HybridKeycloakTransaction(KeycloakTransaction... txs) {
this.txs = txs;
}
@Override
public void begin() {
for (KeycloakTransaction tx : txs) {
tx.begin();
}
}
@Override
public void commit() {
// TODO What do we do if one tx fails?
for (KeycloakTransaction tx : txs) {
tx.commit();
}
}
@Override
public void rollback() {
for (KeycloakTransaction tx : txs) {
tx.rollback();
}
}
@Override
public void setRollbackOnly() {
for (KeycloakTransaction tx : txs) {
tx.setRollbackOnly();
}
}
@Override
public boolean getRollbackOnly() {
for (KeycloakTransaction tx : txs) {
if (tx.getRollbackOnly()) {
return true;
}
}
return false;
}
@Override
public boolean isActive() {
for (KeycloakTransaction tx : txs) {
if (tx.isActive()) {
return true;
}
}
return false;
}
}

View file

@ -1,202 +0,0 @@
package org.keycloak.models.hybrid;
import org.keycloak.models.ApplicationModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakTransaction;
import org.keycloak.models.ModelProvider;
import org.keycloak.models.OAuthClientModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.SocialLinkModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.UsernameLoginFailureModel;
import org.keycloak.models.realms.RealmProvider;
import org.keycloak.models.sessions.SessionProvider;
import org.keycloak.models.users.UserProvider;
import org.keycloak.models.utils.KeycloakModelUtils;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class HybridModelProvider implements ModelProvider {
private final Mappings mappings;
private KeycloakSession session;
private HybridKeycloakTransaction tx;
public HybridModelProvider(KeycloakSession session) {
this.session = session;
this.mappings = new Mappings(this);
}
@Override
public KeycloakTransaction getTransaction() {
if (tx == null) {
tx = new HybridKeycloakTransaction(realms().getTransaction(), users().getTransaction(), sessions().getTransaction());
}
return tx;
}
Mappings mappings() {
return mappings;
}
SessionProvider sessions() {
return session.getProvider(SessionProvider.class);
}
UserProvider users() {
return session.getProvider(UserProvider.class);
}
RealmProvider realms() {
return session.getProvider(RealmProvider.class);
}
@Override
public RealmModel createRealm(String name) {
return createRealm(KeycloakModelUtils.generateId(), name);
}
@Override
public RealmModel createRealm(String id, String name) {
return mappings.wrap(realms().createRealm(id, name));
}
@Override
public RealmModel getRealm(String id) {
return mappings.wrap(realms().getRealm(id));
}
@Override
public RealmModel getRealmByName(String name) {
return mappings.wrap(realms().getRealmByName(name));
}
@Override
public UserModel getUserById(String id, RealmModel realm) {
return mappings.wrap(realm, users().getUserById(id, realm.getId()));
}
@Override
public UserModel getUserByUsername(String username, RealmModel realm) {
return mappings.wrap(realm, users().getUserByUsername(username, realm.getId()));
}
@Override
public UserModel getUserByEmail(String email, RealmModel realm) {
return mappings.wrap(realm, users().getUserByEmail(email, realm.getId()));
}
@Override
public UserModel getUserBySocialLink(SocialLinkModel socialLink, RealmModel realm) {
return mappings.wrap(realm, users().getUserByAttribute("keycloak.socialLink." + socialLink.getSocialProvider() + ".userId", socialLink.getSocialUserId(), realm.getId()));
}
@Override
public List<UserModel> getUsers(RealmModel realm) {
return mappings.wrapUsers(realm, users().getUsers(realm.getId()));
}
@Override
public List<UserModel> searchForUser(String search, RealmModel realm) {
return mappings.wrapUsers(realm, users().searchForUser(search, realm.getId()));
}
@Override
public List<UserModel> searchForUserByAttributes(Map<String, String> attributes, RealmModel realm) {
return mappings.wrapUsers(realm, users().searchForUserByAttributes(attributes, realm.getId()));
}
@Override
public Set<SocialLinkModel> getSocialLinks(UserModel user, RealmModel realm) {
Set<SocialLinkModel> links = new HashSet<SocialLinkModel>();
for (Map.Entry<String, String> e : user.getAttributes().entrySet()) {
if (e.getKey().matches("keycloak\\.socialLink\\..*\\.userId")) {
String provider = e.getKey().split("\\.")[2];
SocialLinkModel link = new SocialLinkModel();
link.setSocialProvider(provider);
link.setSocialUserId(e.getValue());
link.setSocialUsername(user.getAttribute("keycloak.socialLink." + provider + ".username"));
links.add(link);
}
}
return links;
}
@Override
public SocialLinkModel getSocialLink(UserModel user, String provider, RealmModel realm) {
if (user.getAttribute("keycloak.socialLink." + provider + ".userId") != null) {
SocialLinkModel link = new SocialLinkModel();
link.setSocialProvider(provider);
link.setSocialUserId(user.getAttribute("keycloak.socialLink." + provider + ".userId"));
link.setSocialUsername(user.getAttribute("keycloak.socialLink." + provider + ".username"));
return link;
} else {
return null;
}
}
@Override
public RoleModel getRoleById(String id, RealmModel realm) {
return mappings.wrap(realms().getRoleById(id, realm.getId()));
}
@Override
public ApplicationModel getApplicationById(String id, RealmModel realm) {
return mappings.wrap(realms().getApplicationById(id, realm.getId()));
}
@Override
public OAuthClientModel getOAuthClientById(String id, RealmModel realm) {
return mappings.wrap(realms().getOAuthClientById(id, realm.getId()));
}
@Override
public List<RealmModel> getRealms() {
return mappings.wrap(realms().getRealms());
}
@Override
public boolean removeRealm(String id) {
if (realms().removeRealm(id)) {
users().onRealmRemoved(id);
return true;
} else {
return false;
}
}
@Override
public UsernameLoginFailureModel getUserLoginFailure(String username, RealmModel realm) {
return mappings.wrap(sessions().getUserLoginFailure(username, realm.getId()));
}
@Override
public UsernameLoginFailureModel addUserLoginFailure(String username, RealmModel realm) {
return mappings.wrap(sessions().addUserLoginFailure(username, realm.getId()));
}
@Override
public List<UsernameLoginFailureModel> getAllUserLoginFailures(RealmModel realm) {
return mappings.wrapLoginFailures(sessions().getAllUserLoginFailures(realm.getId()));
}
@Override
public void close() {
}
}

View file

@ -1,31 +0,0 @@
package org.keycloak.models.hybrid;
import org.keycloak.Config;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelProvider;
import org.keycloak.models.ModelProviderFactory;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class HybridModelProviderFactory implements ModelProviderFactory {
@Override
public String getId() {
return "hybrid";
}
@Override
public ModelProvider create(KeycloakSession session) {
return new HybridModelProvider(session);
}
@Override
public void init(Config.Scope config) {
}
@Override
public void close() {
}
}

View file

@ -1,220 +0,0 @@
package org.keycloak.models.hybrid;
import org.keycloak.models.ApplicationModel;
import org.keycloak.models.ClientModel;
import org.keycloak.models.OAuthClientModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleContainerModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserSessionModel;
import org.keycloak.models.UsernameLoginFailureModel;
import org.keycloak.models.realms.Application;
import org.keycloak.models.realms.Client;
import org.keycloak.models.realms.OAuthClient;
import org.keycloak.models.realms.Realm;
import org.keycloak.models.realms.Role;
import org.keycloak.models.sessions.LoginFailure;
import org.keycloak.models.sessions.Session;
import org.keycloak.models.users.User;
import java.util.HashMap;
import java.util.HashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class Mappings {
private final HybridModelProvider provider;
private Map<Object, Object> mappings = new HashMap<Object, Object>();
public Mappings(HybridModelProvider provider) {
this.provider = provider;
}
public RealmModel wrap(Realm realm) {
if (realm == null) return null;
RealmAdapter adapter = (RealmAdapter) mappings.get(realm);
if (adapter == null) {
adapter = new RealmAdapter(provider, realm);
mappings.put(realm, adapter);
}
return adapter;
}
public List<RealmModel> wrap(List<Realm> realms) {
List<RealmModel> adapters = new LinkedList<RealmModel>();
for (Realm realm : realms) {
adapters.add(wrap(realm));
}
return adapters;
}
public RoleModel wrap(Role role) {
if (role == null) return null;
RoleAdapter adapter = (RoleAdapter) mappings.get(role);
if (adapter == null) {
adapter = new RoleAdapter(provider, role);
mappings.put(role, adapter);
}
return adapter;
}
public Set<RoleModel> wrap(Set<Role> roles) {
Set<RoleModel> adapters = new HashSet<RoleModel>();
for (Role role : roles) {
adapters.add(wrap(role));
}
return adapters;
}
public Role unwrap(RoleModel role) {
if (role instanceof RoleAdapter) {
return ((RoleAdapter) role).getRole();
} else {
return provider.realms().getRoleById(role.getId(), getRealm(role.getContainer()));
}
}
public ApplicationModel wrap(Application application) {
return application != null ? new ApplicationAdapter(provider, application) : null;
}
public List<ApplicationModel> wrapApps(List<Application> applications) {
List<ApplicationModel> adapters = new LinkedList<ApplicationModel>();
for (Application application : applications) {
adapters.add(wrap(application));
}
return adapters;
}
public Map<String, ApplicationModel> wrap(Map<String, Application> applications) {
Map<String, ApplicationModel> adapters = new HashMap<String, ApplicationModel>();
for (Map.Entry<String, Application> e : applications.entrySet()) {
adapters.put(e.getKey(), wrap(e.getValue()));
}
return adapters;
}
public OAuthClientModel wrap(OAuthClient client) {
return client != null ? new OAuthClientAdapter(provider, client) : null;
}
public List<OAuthClientModel> wrapClients(List<OAuthClient> clients) {
List<OAuthClientModel> adapters = new LinkedList<OAuthClientModel>();
for (OAuthClient client : clients) {
adapters.add(wrap(client));
}
return adapters;
}
public Client unwrap(ClientModel client) {
if (client == null) {
return null;
}
if (client instanceof ApplicationAdapter) {
return ((ApplicationAdapter) client).getApplication();
} else if (client instanceof OAuthClientAdapter) {
return ((OAuthClientAdapter) client).getOauthClient();
} else {
throw new IllegalArgumentException("Not a hybrid model");
}
}
public Application unwrap(ApplicationModel application) {
if (application == null) {
return null;
}
if (!(application instanceof ApplicationAdapter)) {
throw new IllegalArgumentException("Not a hybrid model");
}
return ((ApplicationAdapter) application).getApplication();
}
public UserModel wrap(RealmModel realm, User user) {
return user != null ? new UserAdapter(provider, realm, user) : null;
}
public List<UserModel> wrapUsers(RealmModel realm, List<User> users) {
List<UserModel> adapters = new LinkedList<UserModel>();
for (User user : users) {
adapters.add(wrap(realm, user));
}
return adapters;
}
public static User unwrap(UserModel user) {
if (user == null) {
return null;
}
if (!(user instanceof UserAdapter)) {
throw new IllegalArgumentException("Not a hybrid model");
}
return ((UserAdapter) user).getUser();
}
public UserSessionModel wrap(RealmModel realm, Session session) {
return session != null ? new UserSessionAdapter(provider, realm, session) : null;
}
public List<UserSessionModel> wrapSessions(RealmModel realm, List<Session> sessions) {
List<UserSessionModel> adapters = new LinkedList<UserSessionModel>();
for (Session session : sessions) {
adapters.add(wrap(realm, session));
}
return adapters;
}
public Set<UserSessionModel> wrapSessions(RealmModel realm, Set<Session> sessions) {
Set<UserSessionModel> adapters = new HashSet<UserSessionModel>();
for (Session session : sessions) {
adapters.add(wrap(realm, session));
}
return adapters;
}
public Session unwrap(UserSessionModel session) {
if (session == null) {
return null;
}
if (!(session instanceof UserSessionAdapter)) {
throw new IllegalArgumentException("Not a hybrid model");
}
return ((UserSessionAdapter) session).getSession();
}
public UsernameLoginFailureModel wrap(LoginFailure loginFailure) {
return loginFailure != null ? new UsernameLoginFailureAdapter(provider, loginFailure) : null;
}
public List<UsernameLoginFailureModel> wrapLoginFailures(List<LoginFailure> loginFailures) {
List<UsernameLoginFailureModel> adapters = new LinkedList<UsernameLoginFailureModel>();
for (LoginFailure loginFailure : loginFailures) {
adapters.add(wrap(loginFailure));
}
return adapters;
}
private String getRealm(RoleContainerModel container) {
if (container instanceof RealmModel) {
return ((RealmModel) container).getId();
} else {
return ((ApplicationModel) container).getRealm().getId();
}
}
}

View file

@ -1,27 +0,0 @@
package org.keycloak.models.hybrid;
import org.keycloak.models.OAuthClientModel;
import org.keycloak.models.realms.OAuthClient;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class OAuthClientAdapter extends ClientAdapter implements OAuthClientModel {
private OAuthClient oauthClient;
OAuthClientAdapter(HybridModelProvider provider, OAuthClient oauthClient) {
super(provider, oauthClient);
this.oauthClient = oauthClient;
}
OAuthClient getOauthClient() {
return oauthClient;
}
@Override
public void setClientId(String id) {
oauthClient.setClientId(id);
}
}

View file

@ -1,794 +0,0 @@
package org.keycloak.models.hybrid;
import org.keycloak.models.ApplicationModel;
import org.keycloak.models.AuthenticationProviderModel;
import org.keycloak.models.ClientModel;
import org.keycloak.models.OAuthClientModel;
import org.keycloak.models.PasswordPolicy;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RequiredCredentialModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.SocialLinkModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserCredentialValueModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.UsernameLoginFailureModel;
import org.keycloak.models.realms.Application;
import org.keycloak.models.realms.Client;
import org.keycloak.models.realms.OAuthClient;
import org.keycloak.models.realms.Realm;
import org.keycloak.models.users.Credentials;
import org.keycloak.models.users.Feature;
import org.keycloak.models.users.User;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.models.utils.Pbkdf2PasswordEncoder;
import org.keycloak.models.utils.TimeBasedOTP;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class RealmAdapter implements RealmModel {
private HybridModelProvider provider;
private Realm realm;
RealmAdapter(HybridModelProvider provider, Realm realm) {
this.provider = provider;
this.realm = realm;
}
Realm getRealm() {
return realm;
}
@Override
public String getId() {
return realm.getId();
}
@Override
public String getName() {
return realm.getName();
}
@Override
public void setName(String name) {
realm.setName(name);
}
@Override
public boolean isEnabled() {
return realm.isEnabled();
}
@Override
public void setEnabled(boolean enabled) {
realm.setEnabled(enabled);
}
@Override
public boolean isSslNotRequired() {
return realm.isSslNotRequired();
}
@Override
public void setSslNotRequired(boolean sslNotRequired) {
realm.setSslNotRequired(sslNotRequired);
}
@Override
public boolean isRegistrationAllowed() {
return realm.isRegistrationAllowed();
}
@Override
public void setRegistrationAllowed(boolean registrationAllowed) {
realm.setRegistrationAllowed(registrationAllowed);
}
@Override
public boolean isPasswordCredentialGrantAllowed() {
return realm.isPasswordCredentialGrantAllowed();
}
@Override
public void setPasswordCredentialGrantAllowed(boolean passwordCredentialGrantAllowed) {
realm.setPasswordCredentialGrantAllowed(passwordCredentialGrantAllowed);
}
@Override
public boolean isRememberMe() {
return realm.isRememberMe();
}
@Override
public void setRememberMe(boolean rememberMe) {
realm.setRememberMe(rememberMe);
}
@Override
public boolean isBruteForceProtected() {
return realm.isBruteForceProtected();
}
@Override
public void setBruteForceProtected(boolean value) {
realm.setBruteForceProtected(value);
}
@Override
public int getMaxFailureWaitSeconds() {
return realm.getMaxFailureWaitSeconds();
}
@Override
public void setMaxFailureWaitSeconds(int val) {
realm.setMaxFailureWaitSeconds(val);
}
@Override
public int getWaitIncrementSeconds() {
return realm.getWaitIncrementSeconds();
}
@Override
public void setWaitIncrementSeconds(int val) {
realm.setWaitIncrementSeconds(val);
}
@Override
public int getMinimumQuickLoginWaitSeconds() {
return realm.getMinimumQuickLoginWaitSeconds();
}
@Override
public void setMinimumQuickLoginWaitSeconds(int val) {
realm.setMinimumQuickLoginWaitSeconds(val);
}
@Override
public long getQuickLoginCheckMilliSeconds() {
return realm.getQuickLoginCheckMilliSeconds();
}
@Override
public void setQuickLoginCheckMilliSeconds(long val) {
realm.setQuickLoginCheckMilliSeconds(val);
}
@Override
public int getMaxDeltaTimeSeconds() {
return realm.getMaxDeltaTimeSeconds();
}
@Override
public void setMaxDeltaTimeSeconds(int val) {
realm.setMaxDeltaTimeSeconds(val);
}
@Override
public int getFailureFactor() {
return realm.getFailureFactor();
}
@Override
public void setFailureFactor(int failureFactor) {
realm.setFailureFactor(failureFactor);
}
@Override
public boolean isVerifyEmail() {
return realm.isVerifyEmail();
}
@Override
public void setVerifyEmail(boolean verifyEmail) {
realm.setVerifyEmail(verifyEmail);
}
@Override
public boolean isResetPasswordAllowed() {
return realm.isResetPasswordAllowed();
}
@Override
public void setResetPasswordAllowed(boolean resetPasswordAllowed) {
realm.setResetPasswordAllowed(resetPasswordAllowed);
}
@Override
public int getSsoSessionIdleTimeout() {
return realm.getSsoSessionIdleTimeout();
}
@Override
public void setSsoSessionIdleTimeout(int seconds) {
realm.setSsoSessionIdleTimeout(seconds);
}
@Override
public int getSsoSessionMaxLifespan() {
return realm.getSsoSessionMaxLifespan();
}
@Override
public void setSsoSessionMaxLifespan(int seconds) {
realm.setSsoSessionMaxLifespan(seconds);
}
@Override
public int getAccessTokenLifespan() {
return realm.getAccessTokenLifespan();
}
@Override
public void setAccessTokenLifespan(int seconds) {
realm.setAccessTokenLifespan(seconds);
}
@Override
public int getAccessCodeLifespan() {
return realm.getAccessCodeLifespan();
}
@Override
public void setAccessCodeLifespan(int seconds) {
realm.setAccessCodeLifespan(seconds);
}
@Override
public int getAccessCodeLifespanUserAction() {
return realm.getAccessCodeLifespanUserAction();
}
@Override
public void setAccessCodeLifespanUserAction(int seconds) {
realm.setAccessCodeLifespanUserAction(seconds);
}
@Override
public String getPublicKeyPem() {
return realm.getPublicKeyPem();
}
@Override
public void setPublicKeyPem(String publicKeyPem) {
realm.setPublicKeyPem(publicKeyPem);
}
@Override
public String getPrivateKeyPem() {
return realm.getPrivateKeyPem();
}
@Override
public void setPrivateKeyPem(String privateKeyPem) {
realm.setPrivateKeyPem(privateKeyPem);
}
@Override
public PublicKey getPublicKey() {
return realm.getPublicKey();
}
@Override
public void setPublicKey(PublicKey publicKey) {
realm.setPublicKey(publicKey);
}
@Override
public PrivateKey getPrivateKey() {
return realm.getPrivateKey();
}
@Override
public void setPrivateKey(PrivateKey privateKey) {
realm.setPrivateKey(privateKey);
}
@Override
public List<RequiredCredentialModel> getRequiredCredentials() {
return realm.getRequiredCredentials();
}
@Override
public void addRequiredCredential(String cred) {
realm.addRequiredCredential(cred);
}
@Override
public PasswordPolicy getPasswordPolicy() {
return realm.getPasswordPolicy();
}
@Override
public void setPasswordPolicy(PasswordPolicy policy) {
realm.setPasswordPolicy(policy);
}
@Override
public boolean validatePassword(UserModel userModel, String password) {
if (provider.users().supports(Feature.VERIFY_CREDENTIALS)) {
User user = provider.mappings().unwrap(userModel);
return provider.users().verifyCredentials(user, new Credentials(UserCredentialModel.PASSWORD, password));
} else {
for (UserCredentialValueModel cred : userModel.getCredentialsDirectly()) {
if (cred.getType().equals(UserCredentialModel.PASSWORD)) {
return new Pbkdf2PasswordEncoder(cred.getSalt()).verify(password, cred.getValue());
}
}
return false;
}
}
@Override
public boolean validateTOTP(UserModel userModel, String password, String token) {
if (provider.users().supports(Feature.VERIFY_CREDENTIALS)) {
User user = provider.mappings().unwrap(userModel);
return provider.users().verifyCredentials(user, new Credentials(UserCredentialModel.PASSWORD, password),
new Credentials(UserCredentialModel.TOTP, token));
} else {
if (!validatePassword(userModel, password)) return false;
for (UserCredentialValueModel cred : userModel.getCredentialsDirectly()) {
if (cred.getType().equals(UserCredentialModel.TOTP)) {
return new TimeBasedOTP().validate(token, cred.getValue().getBytes());
}
}
return false;
}
}
@Override
public UserModel getUser(String name) {
return provider.getUserByUsername(name, this);
}
@Override
public UserModel getUserByEmail(String email) {
return provider.getUserByEmail(email, this);
}
@Override
public UserModel getUserById(String name) {
return provider.getUserById(name, this);
}
@Override
public UserModel addUser(String id, String username, boolean addDefaultRoles) {
if (id == null) {
id = KeycloakModelUtils.generateId();
}
Set<String> initialRoles = new HashSet<String>();
if (addDefaultRoles) {
for (String r : realm.getDefaultRoles()) {
initialRoles.add(realm.getRole(r).getId());
}
for (Application app : realm.getApplications()) {
for (String r : app.getDefaultRoles()) {
initialRoles.add(app.getRole(r).getId());
}
}
}
return provider.mappings().wrap(this, provider.users().addUser(id, username, initialRoles, realm.getId()));
}
@Override
public UserModel addUser(String username) {
return addUser(null, username, true);
}
@Override
public boolean removeUser(String name) {
return provider.users().removeUser(name, realm.getId());
}
@Override
public RoleModel getRoleById(String id) {
return provider.mappings().wrap(provider.realms().getRoleById(id, realm.getId()));
}
@Override
public List<String> getDefaultRoles() {
return realm.getDefaultRoles();
}
@Override
public void addDefaultRole(String name) {
if (getRole(name) == null) {
addRole(name);
}
realm.addDefaultRole(name);
}
@Override
public void updateDefaultRoles(String[] defaultRoles) {
for (String name : defaultRoles) {
if (getRole(name) == null) {
addRole(name);
}
}
realm.updateDefaultRoles(defaultRoles);
}
@Override
public ClientModel findClient(String clientId) {
Client client = realm.findClient(clientId);
if (client instanceof Application) {
return provider.mappings().wrap((Application) client);
} else if (client instanceof OAuthClient) {
return provider.mappings().wrap((OAuthClient) client);
} else {
throw new IllegalArgumentException("Unsupported client type");
}
}
@Override
public Map<String, ApplicationModel> getApplicationNameMap() {
return provider.mappings().wrap(realm.getApplicationNameMap());
}
@Override
public List<ApplicationModel> getApplications() {
return provider.mappings().wrapApps(realm.getApplications());
}
@Override
public ApplicationModel addApplication(String name) {
return addApplication(KeycloakModelUtils.generateId(), name);
}
@Override
public ApplicationModel addApplication(String id, String name) {
return provider.mappings().wrap(realm.addApplication(id, name));
}
@Override
public boolean removeApplication(String id) {
Application application = provider.realms().getApplicationById(id, realm.getId());
if (application != null) {
return realm.removeApplication(application);
} else {
return false;
}
}
@Override
public ApplicationModel getApplicationById(String id) {
return provider.getApplicationById(id, this);
}
@Override
public ApplicationModel getApplicationByName(String name) {
return provider.mappings().wrap(realm.getApplicationByName(name));
}
@Override
public void updateRequiredCredentials(Set<String> creds) {
realm.updateRequiredCredentials(creds);
}
@Override
public UserModel getUserBySocialLink(SocialLinkModel socialLink) {
return provider.getUserBySocialLink(socialLink, this);
}
@Override
public Set<SocialLinkModel> getSocialLinks(UserModel user) {
return provider.getSocialLinks(user, this);
}
@Override
public SocialLinkModel getSocialLink(UserModel user, String socialProvider) {
return provider.getSocialLink(user, socialProvider, this);
}
@Override
public void addSocialLink(UserModel user, SocialLinkModel socialLink) {
user.setAttribute("keycloak.socialLink." + socialLink.getSocialProvider() + ".userId", socialLink.getSocialUserId());
user.setAttribute("keycloak.socialLink." + socialLink.getSocialProvider() + ".username", socialLink.getSocialUsername());
}
@Override
public boolean removeSocialLink(UserModel user, String socialProvider) {
if (user.getAttribute("keycloak.socialLink." + socialProvider + ".userId") != null) {
user.removeAttribute("keycloak.socialLink." + socialProvider + ".userId");
user.removeAttribute("keycloak.socialLink." + socialProvider + ".username");
return true;
} else {
return false;
}
}
@Override
public boolean isSocial() {
return realm.isSocial();
}
@Override
public void setSocial(boolean social) {
realm.setSocial(social);
}
@Override
public boolean isUpdateProfileOnInitialSocialLogin() {
return realm.isUpdateProfileOnInitialSocialLogin();
}
@Override
public void setUpdateProfileOnInitialSocialLogin(boolean updateProfileOnInitialSocialLogin) {
realm.setUpdateProfileOnInitialSocialLogin(updateProfileOnInitialSocialLogin);
}
@Override
public UsernameLoginFailureModel getUserLoginFailure(String username) {
return provider.getUserLoginFailure(username, this);
}
@Override
public UsernameLoginFailureModel addUserLoginFailure(String username) {
return provider.addUserLoginFailure(username, this);
}
@Override
public List<UsernameLoginFailureModel> getAllUserLoginFailures() {
return provider.getAllUserLoginFailures(this);
}
@Override
public List<UserModel> getUsers() {
return provider.getUsers(this);
}
@Override
public List<UserModel> searchForUser(String search) {
return provider.searchForUser(search, this);
}
@Override
public List<UserModel> searchForUserByAttributes(Map<String, String> attributes) {
return provider.searchForUserByAttributes(attributes, this);
}
@Override
public OAuthClientModel addOAuthClient(String name) {
return addOAuthClient(KeycloakModelUtils.generateId(), name);
}
@Override
public OAuthClientModel addOAuthClient(String id, String name) {
return provider.mappings().wrap(realm.addOAuthClient(id, name));
}
@Override
public OAuthClientModel getOAuthClient(String name) {
return provider.mappings().wrap(realm.getOAuthClient(name));
}
@Override
public OAuthClientModel getOAuthClientById(String id) {
return provider.getOAuthClientById(id, this);
}
@Override
public boolean removeOAuthClient(String id) {
OAuthClient client = provider.realms().getOAuthClientById(id, realm.getId());
if (client != null) {
return realm.removeOAuthClient(client);
} else {
return false;
}
}
@Override
public List<OAuthClientModel> getOAuthClients() {
return provider.mappings().wrapClients(realm.getOAuthClients());
}
@Override
public Map<String, String> getSmtpConfig() {
return realm.getSmtpConfig();
}
@Override
public void setSmtpConfig(Map<String, String> smtpConfig) {
realm.setSmtpConfig(smtpConfig);
}
@Override
public Map<String, String> getSocialConfig() {
return realm.getSocialConfig();
}
@Override
public void setSocialConfig(Map<String, String> socialConfig) {
realm.setSocialConfig(socialConfig);
}
@Override
public Map<String, String> getLdapServerConfig() {
return realm.getLdapServerConfig();
}
@Override
public void setLdapServerConfig(Map<String, String> ldapServerConfig) {
realm.setLdapServerConfig(ldapServerConfig);
}
@Override
public List<AuthenticationProviderModel> getAuthenticationProviders() {
return realm.getAuthenticationProviders();
}
@Override
public void setAuthenticationProviders(List<AuthenticationProviderModel> authenticationProviders) {
realm.setAuthenticationProviders(authenticationProviders);
}
@Override
public String getLoginTheme() {
return realm.getLoginTheme();
}
@Override
public void setLoginTheme(String name) {
realm.setLoginTheme(name);
}
@Override
public String getAccountTheme() {
return realm.getAccountTheme();
}
@Override
public void setAccountTheme(String name) {
realm.setAccountTheme(name);
}
@Override
public String getAdminTheme() {
return realm.getAdminTheme();
}
@Override
public void setAdminTheme(String name) {
realm.setAdminTheme(name);
}
@Override
public String getEmailTheme() {
return realm.getEmailTheme();
}
@Override
public void setEmailTheme(String name) {
realm.setEmailTheme(name);
}
@Override
public int getNotBefore() {
return realm.getNotBefore();
}
@Override
public void setNotBefore(int notBefore) {
realm.setNotBefore(notBefore);
}
@Override
public boolean isAuditEnabled() {
return realm.isAuditEnabled();
}
@Override
public void setAuditEnabled(boolean enabled) {
realm.setAuditEnabled(enabled);
}
@Override
public long getAuditExpiration() {
return realm.getAuditExpiration();
}
@Override
public void setAuditExpiration(long expiration) {
realm.setAuditExpiration(expiration);
}
@Override
public Set<String> getAuditListeners() {
return realm.getAuditListeners();
}
@Override
public void setAuditListeners(Set<String> listeners) {
realm.setAuditListeners(listeners);
}
@Override
public ApplicationModel getMasterAdminApp() {
return provider.mappings().wrap(realm.getMasterAdminApp());
}
@Override
public void setMasterAdminApp(ApplicationModel app) {
realm.setMasterAdminApp(provider.mappings().unwrap(app));
}
@Override
public ClientModel findClientById(String id) {
Application application = provider.realms().getApplicationById(id, realm.getId());
if (application != null) {
return provider.mappings().wrap(application);
}
OAuthClient client = provider.realms().getOAuthClientById(id, realm.getId());
if (client != null) {
return provider.mappings().wrap(client);
}
return null;
}
@Override
public RoleModel getRole(String name) {
return provider.mappings().wrap(realm.getRole(name));
}
@Override
public RoleModel addRole(String name) {
return addRole(KeycloakModelUtils.generateId(), name);
}
@Override
public RoleModel addRole(String id, String name) {
return provider.mappings().wrap(realm.addRole(id, name));
}
@Override
public boolean removeRoleById(String id) {
RoleModel role = getRoleById(id);
if (role != null) {
if (role.getContainer().removeRole(role)) {
provider.users().onRoleRemoved(role.getId());
return true;
} else {
return false;
}
}
return false;
}
@Override
public boolean removeRole(RoleModel role) {
return removeRoleById(role.getId());
}
@Override
public Set<RoleModel> getRoles() {
return provider.mappings().wrap(realm.getRoles());
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || !(o instanceof RealmModel)) return false;
RealmModel that = (RealmModel) o;
return that.getId().equals(getId());
}
}

View file

@ -1,114 +0,0 @@
package org.keycloak.models.hybrid;
import org.keycloak.models.RoleContainerModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.realms.Application;
import org.keycloak.models.realms.Realm;
import org.keycloak.models.realms.Role;
import org.keycloak.models.utils.KeycloakModelUtils;
import java.util.HashSet;
import java.util.Set;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class RoleAdapter implements RoleModel {
private HybridModelProvider provider;
private Role role;
RoleAdapter(HybridModelProvider provider, Role role) {
this.provider = provider;
this.role = role;
}
Role getRole() {
return role;
}
@Override
public String getName() {
return role.getName();
}
@Override
public String getDescription() {
return role.getDescription();
}
@Override
public void setDescription(String description) {
role.setDescription(description);
}
@Override
public String getId() {
return role.getId();
}
@Override
public void setName(String name) {
role.setName(name);
}
@Override
public boolean isComposite() {
return role.isComposite();
}
@Override
public void addCompositeRole(RoleModel role) {
this.role.addCompositeRole(provider.mappings().unwrap(role));
}
@Override
public void removeCompositeRole(RoleModel role) {
this.role.removeCompositeRole(provider.mappings().unwrap(role));
}
@Override
public Set<RoleModel> getComposites() {
return provider.mappings().wrap(role.getComposites());
}
@Override
public RoleContainerModel getContainer() {
if (role.getContainer() instanceof Application) {
return provider.mappings().wrap((Application) role.getContainer());
} else if (role.getContainer() instanceof Realm) {
return provider.mappings().wrap((Realm) role.getContainer());
} else {
throw new IllegalArgumentException("Unsupported role container");
}
}
@Override
public boolean hasRole(RoleModel role) {
if (this.equals(role)) {
return true;
}
if (!isComposite()) {
return false;
}
Set<RoleModel> visited = new HashSet<RoleModel>();
return KeycloakModelUtils.searchFor(role, this, visited);
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || !(o instanceof RoleModel)) return false;
RoleModel that = (RoleModel) o;
return that.getId().equals(getId());
}
@Override
public int hashCode() {
return getId().hashCode();
}
}

View file

@ -1,325 +0,0 @@
package org.keycloak.models.hybrid;
import org.keycloak.models.ApplicationModel;
import org.keycloak.models.AuthenticationLinkModel;
import org.keycloak.models.PasswordPolicy;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserCredentialValueModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.users.Attributes;
import org.keycloak.models.users.Credentials;
import org.keycloak.models.users.Feature;
import org.keycloak.models.users.User;
import org.keycloak.models.utils.Pbkdf2PasswordEncoder;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
import static org.keycloak.models.utils.Pbkdf2PasswordEncoder.getSalt;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class UserAdapter implements UserModel {
private HybridModelProvider provider;
private RealmModel realm;
private User user;
UserAdapter(HybridModelProvider provider, RealmModel realm, User user) {
this.provider = provider;
this.realm = realm;
this.user = user;
}
User getUser() {
return user;
}
@Override
public String getId() {
return user.getId();
}
@Override
public String getUsername() {
return user.getUsername();
}
@Override
public void setUsername(String username) {
user.setUsername(username);
}
@Override
public boolean isEnabled() {
return user.isEnabled();
}
@Override
public void setEnabled(boolean enabled) {
user.setEnabled(enabled);
}
@Override
public void setAttribute(String name, String value) {
user.setAttribute(name, value);
}
@Override
public void removeAttribute(String name) {
user.removeAttribute(name);
}
@Override
public String getAttribute(String name) {
return user.getAttribute(name);
}
@Override
public Map<String, String> getAttributes() {
return user.getAttributes();
}
@Override
public Set<RequiredAction> getRequiredActions() {
String value = user.getAttribute(Attributes.REQUIRED_ACTIONS);
if (value == null) {
return Collections.emptySet();
}
Set<RequiredAction> actions = new HashSet<RequiredAction>();
for (String a : value.substring(1, value.length() - 1).split(",")) {
actions.add(RequiredAction.valueOf(a.trim()));
}
return actions;
}
@Override
public void addRequiredAction(RequiredAction action) {
Set<RequiredAction> actions;
if (user.getAttribute(Attributes.REQUIRED_ACTIONS) == null) {
actions = new HashSet<RequiredAction>();
} else {
actions = getRequiredActions();
}
if (!actions.contains(action)) {
actions.add(action);
user.setAttribute(Attributes.REQUIRED_ACTIONS, actions.toString());
}
}
@Override
public void removeRequiredAction(RequiredAction action) {
Set<RequiredAction> actions = getRequiredActions();
if (actions.contains(action)) {
actions.remove(action);
if (actions.isEmpty()) {
user.removeAttribute(Attributes.REQUIRED_ACTIONS);
} else {
user.setAttribute(Attributes.REQUIRED_ACTIONS, actions.toString());
}
}
}
@Override
public String getFirstName() {
return user.getFirstName();
}
@Override
public void setFirstName(String firstName) {
user.setFirstName(firstName);
}
@Override
public String getLastName() {
return user.getLastName();
}
@Override
public void setLastName(String lastName) {
user.setLastName(lastName);
}
@Override
public String getEmail() {
return user.getEmail();
}
@Override
public void setEmail(String email) {
user.setEmail(email);
}
@Override
public boolean isEmailVerified() {
return isBooleanAttribute(Attributes.EMAIL_VERIFIED);
}
@Override
public void setEmailVerified(boolean verified) {
setBooleanAttribute(Attributes.EMAIL_VERIFIED, verified);
}
@Override
public boolean isTotp() {
return isBooleanAttribute(Attributes.TOTP_ENABLED);
}
@Override
public void setTotp(boolean totp) {
setBooleanAttribute(Attributes.TOTP_ENABLED, totp);
}
@Override
public void updateCredential(UserCredentialModel model) {
if (provider.users().supports(Feature.UPDATE_CREDENTIALS)) {
Credentials credentials;
if (model.getType().equals(UserCredentialModel.PASSWORD)) {
byte[] salt = getSalt();
int hashIterations = 1;
PasswordPolicy policy = realm.getPasswordPolicy();
if (policy != null) {
hashIterations = policy.getHashIterations();
if (hashIterations == -1) hashIterations = 1;
}
String value = new Pbkdf2PasswordEncoder(salt).encode(model.getValue(), hashIterations);
credentials = new Credentials(model.getType(), salt, value, hashIterations, model.getDevice());
} else {
credentials = new Credentials(model.getType(), model.getValue(), model.getDevice());
}
user.updateCredential(credentials);
} else {
throw new RuntimeException("Users store doesn't support updating credentials");
}
}
@Override
public List<UserCredentialValueModel> getCredentialsDirectly() {
if (provider.users().supports(Feature.READ_CREDENTIALS)) {
List<UserCredentialValueModel> models = new LinkedList<UserCredentialValueModel>();
for (Credentials cred : user.getCredentials()) {
UserCredentialValueModel model = new UserCredentialValueModel();
model.setType(cred.getType());
model.setValue(cred.getValue());
model.setDevice(cred.getDevice());
model.setSalt(cred.getSalt());
model.setHashIterations(cred.getHashIterations());
models.add(model);
}
return models;
} else {
throw new IllegalStateException("Users provider doesn't support reading credentials");
}
}
@Override
public void updateCredentialDirectly(UserCredentialValueModel model) {
if (provider.users().supports(Feature.UPDATE_CREDENTIALS)) {
Credentials credentials = new Credentials(model.getType(), model.getSalt(), model.getValue(), model.getHashIterations(), model.getDevice());
user.updateCredential(credentials);
} else {
throw new IllegalStateException("Users provider doesn't support updating credentials");
}
}
@Override
public AuthenticationLinkModel getAuthenticationLink() {
for (Map.Entry<String, String> e : user.getAttributes().entrySet()) {
if (e.getKey().matches("keycloak\\.authenticationLink\\..*\\.userId")) {
String provider = e.getKey().split("\\.")[2];
return new AuthenticationLinkModel(provider, e.getValue());
}
}
return null;
}
@Override
public void setAuthenticationLink(AuthenticationLinkModel authenticationLink) {
Iterator<Map.Entry<String, String>> itr = user.getAttributes().entrySet().iterator();
while (itr.hasNext()) {
if (itr.next().getKey().matches("keycloak\\.authenticationLink\\..*\\.userId")) {
itr.remove();
}
}
user.setAttribute("keycloak.authenticationLink." + authenticationLink.getAuthProvider() + ".userId", authenticationLink.getAuthUserId());
}
@Override
public Set<RoleModel> getRealmRoleMappings() {
Set<RoleModel> roles = new HashSet<RoleModel>();
for (RoleModel r : getRoleMappings()) {
if (r.getContainer() instanceof RealmModel) {
roles.add(r);
}
}
return roles;
}
@Override
public Set<RoleModel> getApplicationRoleMappings(ApplicationModel app) {
Set<RoleModel> roles = new HashSet<RoleModel>();
for (RoleModel r : getRoleMappings()) {
if (r.getContainer() instanceof ApplicationModel && ((ApplicationModel) r.getContainer()).getId().equals(app.getId())) {
roles.add(r);
}
}
return roles;
}
@Override
public boolean hasRole(RoleModel role) {
for (RoleModel r : getRoleMappings()) {
if (r.hasRole(role)) {
return true;
}
}
return false;
}
@Override
public void grantRole(RoleModel role) {
user.grantRole(role.getId());
}
@Override
public Set<RoleModel> getRoleMappings() {
Set<RoleModel> roles = new HashSet<RoleModel>();
for (String r : user.getRoleMappings()) {
roles.add(realm.getRoleById(r));
}
return roles;
}
@Override
public void deleteRoleMapping(RoleModel role) {
user.deleteRoleMapping(role.getId());
}
private boolean isBooleanAttribute(String name) {
String v = user.getAttribute(name);
return v != null ? v.equals("true") : false;
}
private void setBooleanAttribute(String name, boolean enable) {
if (enable) {
user.setAttribute(name, "true");
} else {
user.removeAttribute(name);
}
}
}

View file

@ -1,100 +0,0 @@
package org.keycloak.models.hybrid;
import org.keycloak.models.ClientModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserSessionModel;
import org.keycloak.models.sessions.Session;
import java.util.LinkedList;
import java.util.List;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class UserSessionAdapter implements UserSessionModel {
private HybridModelProvider provider;
private RealmModel realm;
private Session session;
UserSessionAdapter(HybridModelProvider provider, RealmModel realm, Session session) {
this.provider = provider;
this.realm = realm;
this.session = session;
}
Session getSession() {
return session;
}
@Override
public String getId() {
return session.getId();
}
@Override
public void setId(String id) {
session.setId(id);
}
@Override
public UserModel getUser() {
return provider.getUserById(session.getUser(), realm);
}
@Override
public void setUser(UserModel user) {
session.setUser(user.getId());
}
@Override
public String getIpAddress() {
return session.getIpAddress();
}
@Override
public void setIpAddress(String ipAddress) {
session.setIpAddress(ipAddress);
}
@Override
public int getStarted() {
return session.getStarted();
}
@Override
public void setStarted(int started) {
session.setStarted(started);
}
@Override
public int getLastSessionRefresh() {
return session.getLastSessionRefresh();
}
@Override
public void setLastSessionRefresh(int seconds) {
session.setLastSessionRefresh(seconds);
}
@Override
public void associateClient(ClientModel client) {
session.associateClient(client.getId());
}
@Override
public List<ClientModel> getClientAssociations() {
List<ClientModel> clients = new LinkedList<ClientModel>();
for (String id : session.getClientAssociations()) {
clients.add(realm.findClientById(id));
}
return clients;
}
@Override
public void removeAssociatedClient(ClientModel client) {
session.removeAssociatedClient(client.getId());
}
}

View file

@ -1,70 +0,0 @@
package org.keycloak.models.hybrid;
import org.keycloak.models.UsernameLoginFailureModel;
import org.keycloak.models.sessions.LoginFailure;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class UsernameLoginFailureAdapter implements UsernameLoginFailureModel {
private HybridModelProvider provider;
private LoginFailure loginFailure;
UsernameLoginFailureAdapter(HybridModelProvider provider, LoginFailure loginFailure) {
this.provider = provider;
this.loginFailure = loginFailure;
}
@Override
public String getUsername() {
return loginFailure.getUsername();
}
@Override
public int getFailedLoginNotBefore() {
return loginFailure.getFailedLoginNotBefore();
}
@Override
public void setFailedLoginNotBefore(int notBefore) {
loginFailure.setFailedLoginNotBefore(notBefore);
}
@Override
public int getNumFailures() {
return loginFailure.getNumFailures();
}
@Override
public void incrementFailures() {
loginFailure.incrementFailures();
}
@Override
public void clearFailures() {
loginFailure.clearFailures();
}
@Override
public long getLastFailure() {
return loginFailure.getLastFailure();
}
@Override
public void setLastFailure(long lastFailure) {
loginFailure.setLastFailure(lastFailure);
}
@Override
public String getLastIPFailure() {
return loginFailure.getLastIPFailure();
}
@Override
public void setLastIPFailure(String ip) {
loginFailure.setLastIPFailure(ip);
}
}

View file

@ -1,40 +0,0 @@
package org.keycloak.models.realms;
import java.util.List;
import java.util.Set;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public interface Application extends RoleContainer, Client {
void updateApplication();
String getName();
void setName(String name);
boolean isSurrogateAuthRequired();
void setSurrogateAuthRequired(boolean surrogateAuthRequired);
String getManagementUrl();
void setManagementUrl(String url);
String getBaseUrl();
void setBaseUrl(String url);
List<String> getDefaultRoles();
void addDefaultRole(String name);
void updateDefaultRoles(String[] defaultRoles);
Set<Role> getApplicationScopeMappings(Client client);
boolean isBearerOnly();
void setBearerOnly(boolean only);
}

View file

@ -1,76 +0,0 @@
package org.keycloak.models.realms;
import java.util.Set;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public interface Client {
/**
* Internal database key
*
* @return
*/
String getId();
/**
* String exposed to outside world
*
* @return
*/
String getClientId();
long getAllowedClaimsMask();
void setAllowedClaimsMask(long mask);
Set<String> getWebOrigins();
void setWebOrigins(Set<String> webOrigins);
void addWebOrigin(String webOrigin);
void removeWebOrigin(String webOrigin);
Set<String> getRedirectUris();
void setRedirectUris(Set<String> redirectUris);
void addRedirectUri(String redirectUri);
void removeRedirectUri(String redirectUri);
boolean isEnabled();
void setEnabled(boolean enabled);
boolean validateSecret(String secret);
String getSecret();
public void setSecret(String secret);
boolean isPublicClient();
void setPublicClient(boolean flag);
boolean isDirectGrantsOnly();
void setDirectGrantsOnly(boolean flag);
Set<Role> getScopeMappings();
void addScopeMapping(Role role);
void deleteScopeMapping(Role role);
Set<Role> getRealmScopeMappings();
Realm getRealm();
/**
* Time in seconds since epoc
*
* @return
*/
int getNotBefore();
void setNotBefore(int notBefore);
}

View file

@ -1,11 +0,0 @@
package org.keycloak.models.realms;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public interface OAuthClient extends Client {
void setClientId(String id);
}

View file

@ -1,208 +0,0 @@
package org.keycloak.models.realms;
import org.keycloak.models.AuthenticationProviderModel;
import org.keycloak.models.PasswordPolicy;
import org.keycloak.models.RequiredCredentialModel;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.List;
import java.util.Map;
import java.util.Set;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public interface Realm extends RoleContainer {
String getId();
String getName();
void setName(String name);
boolean isEnabled();
void setEnabled(boolean enabled);
boolean isSslNotRequired();
void setSslNotRequired(boolean sslNotRequired);
boolean isRegistrationAllowed();
void setRegistrationAllowed(boolean registrationAllowed);
boolean isPasswordCredentialGrantAllowed();
void setPasswordCredentialGrantAllowed(boolean passwordCredentialGrantAllowed);
boolean isRememberMe();
void setRememberMe(boolean rememberMe);
//--- brute force settings
boolean isBruteForceProtected();
void setBruteForceProtected(boolean value);
int getMaxFailureWaitSeconds();
void setMaxFailureWaitSeconds(int val);
int getWaitIncrementSeconds();
void setWaitIncrementSeconds(int val);
int getMinimumQuickLoginWaitSeconds();
void setMinimumQuickLoginWaitSeconds(int val);
long getQuickLoginCheckMilliSeconds();
void setQuickLoginCheckMilliSeconds(long val);
int getMaxDeltaTimeSeconds();
void setMaxDeltaTimeSeconds(int val);
int getFailureFactor();
void setFailureFactor(int failureFactor);
//--- end brute force settings
boolean isVerifyEmail();
void setVerifyEmail(boolean verifyEmail);
boolean isResetPasswordAllowed();
void setResetPasswordAllowed(boolean resetPasswordAllowed);
int getSsoSessionIdleTimeout();
void setSsoSessionIdleTimeout(int seconds);
int getSsoSessionMaxLifespan();
void setSsoSessionMaxLifespan(int seconds);
int getAccessTokenLifespan();
void setAccessTokenLifespan(int seconds);
int getAccessCodeLifespan();
void setAccessCodeLifespan(int seconds);
int getAccessCodeLifespanUserAction();
void setAccessCodeLifespanUserAction(int seconds);
String getPublicKeyPem();
void setPublicKeyPem(String publicKeyPem);
String getPrivateKeyPem();
void setPrivateKeyPem(String privateKeyPem);
PublicKey getPublicKey();
void setPublicKey(PublicKey publicKey);
PrivateKey getPrivateKey();
void setPrivateKey(PrivateKey privateKey);
List<RequiredCredentialModel> getRequiredCredentials();
void addRequiredCredential(String cred);
PasswordPolicy getPasswordPolicy();
void setPasswordPolicy(PasswordPolicy policy);
List<String> getDefaultRoles();
void addDefaultRole(String name);
void updateDefaultRoles(String[] defaultRoles);
Client findClient(String clientId);
Map<String, Application> getApplicationNameMap();
List<Application> getApplications();
Application addApplication(String id, String name);
boolean removeApplication(Application application);
Application getApplicationByName(String name);
void updateRequiredCredentials(Set<String> creds);
boolean isSocial();
void setSocial(boolean social);
boolean isUpdateProfileOnInitialSocialLogin();
void setUpdateProfileOnInitialSocialLogin(boolean updateProfileOnInitialSocialLogin);
OAuthClient addOAuthClient(String id, String name);
OAuthClient getOAuthClient(String name);
boolean removeOAuthClient(OAuthClient client);
List<OAuthClient> getOAuthClients();
Map<String, String> getSmtpConfig();
void setSmtpConfig(Map<String, String> smtpConfig);
Map<String, String> getSocialConfig();
void setSocialConfig(Map<String, String> socialConfig);
Map<String, String> getLdapServerConfig();
void setLdapServerConfig(Map<String, String> ldapServerConfig);
List<AuthenticationProviderModel> getAuthenticationProviders();
void setAuthenticationProviders(List<AuthenticationProviderModel> authenticationProviders);
String getLoginTheme();
void setLoginTheme(String name);
String getAccountTheme();
void setAccountTheme(String name);
String getAdminTheme();
void setAdminTheme(String name);
String getEmailTheme();
void setEmailTheme(String name);
/**
* Time in seconds since epoc
*
* @return
*/
int getNotBefore();
void setNotBefore(int notBefore);
boolean removeRole(Role role);
boolean isAuditEnabled();
void setAuditEnabled(boolean enabled);
long getAuditExpiration();
void setAuditExpiration(long expiration);
Set<String> getAuditListeners();
void setAuditListeners(Set<String> listeners);
Application getMasterAdminApp();
void setMasterAdminApp(Application app);
}

View file

@ -1,29 +0,0 @@
package org.keycloak.models.realms;
import org.keycloak.models.KeycloakTransaction;
import org.keycloak.provider.Provider;
import java.util.List;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public interface RealmProvider extends Provider {
Realm createRealm(String name);
Realm createRealm(String id, String name);
Realm getRealm(String id);
Realm getRealmByName(String name);
List<Realm> getRealms();
boolean removeRealm(String id);
Role getRoleById(String id, String realm);
Application getApplicationById(String id, String realm);
OAuthClient getOAuthClientById(String id, String realm);
KeycloakTransaction getTransaction();
void close();
}

View file

@ -1,9 +0,0 @@
package org.keycloak.models.realms;
import org.keycloak.provider.ProviderFactory;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public interface RealmProviderFactory extends ProviderFactory<RealmProvider> {
}

View file

@ -1,27 +0,0 @@
package org.keycloak.models.realms;
import org.keycloak.provider.Provider;
import org.keycloak.provider.ProviderFactory;
import org.keycloak.provider.Spi;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class RealmSpi implements Spi {
@Override
public String getName() {
return "modelRealms";
}
@Override
public Class<? extends Provider> getProviderClass() {
return RealmProvider.class;
}
@Override
public Class<? extends ProviderFactory> getProviderFactoryClass() {
return RealmProviderFactory.class;
}
}

View file

@ -1,31 +0,0 @@
package org.keycloak.models.realms;
import java.util.Set;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public interface Role {
String getId();
String getName();
void setName(String name);
String getDescription();
void setDescription(String description);
boolean isComposite();
void addCompositeRole(Role role);
void removeCompositeRole(Role role);
Set<Role> getComposites();
RoleContainer getContainer();
}

View file

@ -1,19 +0,0 @@
package org.keycloak.models.realms;
import java.util.Set;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public interface RoleContainer {
Role getRole(String name);
Set<Role> getRoles();
Role addRole(String id, String name);
boolean removeRole(Role role);
}

View file

@ -1,29 +0,0 @@
package org.keycloak.models.sessions;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public interface LoginFailure {
String getUsername();
int getFailedLoginNotBefore();
void setFailedLoginNotBefore(int notBefore);
int getNumFailures();
void incrementFailures();
void clearFailures();
long getLastFailure();
void setLastFailure(long lastFailure);
String getLastIPFailure();
void setLastIPFailure(String ip);
}

View file

@ -1,36 +0,0 @@
package org.keycloak.models.sessions;
import java.util.List;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public interface Session {
String getId();
void setId(String id);
String getUser();
void setUser(String user);
String getIpAddress();
void setIpAddress(String ipAddress);
int getStarted();
void setStarted(int started);
int getLastSessionRefresh();
void setLastSessionRefresh(int seconds);
void associateClient(String client);
List<String> getClientAssociations();
void removeAssociatedClient(String client);
}

View file

@ -1,42 +0,0 @@
package org.keycloak.models.sessions;
import org.keycloak.models.KeycloakTransaction;
import org.keycloak.provider.Provider;
import java.util.List;
import java.util.Set;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public interface SessionProvider extends Provider {
LoginFailure getUserLoginFailure(String username, String realm);
LoginFailure addUserLoginFailure(String username, String realm);
List<LoginFailure> getAllUserLoginFailures(String realm);
Session createUserSession(String realm, String id, String user, String ipAddress);
Session getUserSession(String id, String realm);
List<Session> getUserSessionsByUser(String user, String realm);
Set<Session> getUserSessionsByClient(String realm, String client);
int getActiveUserSessions(String realm, String client);
void removeUserSession(Session session);
void removeUserSessions(String realm, String user);
void removeExpiredUserSessions(String realm, long refreshTimeout, long sessionTimeout);
void removeUserSessions(String realm);
KeycloakTransaction getTransaction();
void close();
}

View file

@ -1,9 +0,0 @@
package org.keycloak.models.sessions;
import org.keycloak.provider.ProviderFactory;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public interface SessionProviderFactory extends ProviderFactory<SessionProvider> {
}

View file

@ -1,27 +0,0 @@
package org.keycloak.models.sessions;
import org.keycloak.provider.Provider;
import org.keycloak.provider.ProviderFactory;
import org.keycloak.provider.Spi;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class SessionSpi implements Spi {
@Override
public String getName() {
return "modelSessions";
}
@Override
public Class<? extends Provider> getProviderClass() {
return SessionProvider.class;
}
@Override
public Class<? extends ProviderFactory> getProviderFactoryClass() {
return SessionProviderFactory.class;
}
}

View file

@ -1,12 +0,0 @@
package org.keycloak.models.users;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public interface Attributes {
String EMAIL_VERIFIED = "keycloak.emailVerified";
String TOTP_ENABLED = "keycloak.totpEnabled";
String REQUIRED_ACTIONS = "keycloak.requiredActions";
}

View file

@ -1,72 +0,0 @@
package org.keycloak.models.users;
/**
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
*/
public class Credentials {
private byte[] salt;
private String type;
private String value;
private String device;
private int hashIterations;
public Credentials(String type, String value) {
this.type = type;
this.value = value;
}
public Credentials(String type, String value, String device) {
this.type = type;
this.value = value;
this.device = device;
}
public Credentials(String type, byte[] salt, String value, int hashIterations, String device) {
this.salt = salt;
this.type = type;
this.value = value;
this.hashIterations = hashIterations;
this.device = device;
}
public String getType() {
return type;
}
public void setType(String type) {
this.type = type;
}
public String getValue() {
return value;
}
public void setValue(String value) {
this.value = value;
}
public String getDevice() {
return device;
}
public void setDevice(String device) {
this.device = device;
}
public byte[] getSalt() {
return salt;
}
public void setSalt(byte[] salt) {
this.salt = salt;
}
public int getHashIterations() {
return hashIterations;
}
public void setHashIterations(int hashIterations) {
this.hashIterations = hashIterations;
}
}

View file

@ -1,12 +0,0 @@
package org.keycloak.models.users;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public enum Feature {
READ_CREDENTIALS,
UPDATE_CREDENTIALS,
VERIFY_CREDENTIALS;
}

View file

@ -1,58 +0,0 @@
package org.keycloak.models.users;
import java.util.List;
import java.util.Map;
import java.util.Set;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public interface User {
public static final String USERNAME = "username";
public static final String LAST_NAME = "lastName";
public static final String FIRST_NAME = "firstName";
public static final String EMAIL = "email";
String getId();
boolean isEnabled();
void setEnabled(boolean enabled);
String getUsername();
void setUsername(String username);
String getFirstName();
void setFirstName(String firstName);
String getLastName();
void setLastName(String lastName);
String getEmail();
void setEmail(String email);
String getAttribute(String name);
Map<String, String> getAttributes();
void setAttribute(String name, String value);
void removeAttribute(String name);
List<Credentials> getCredentials();
void updateCredential(Credentials cred);
Set<String> getRoleMappings();
void grantRole(String role);
void deleteRoleMapping(String role);
}

View file

@ -1,46 +0,0 @@
package org.keycloak.models.users;
import org.keycloak.models.KeycloakTransaction;
import org.keycloak.provider.Provider;
import java.util.List;
import java.util.Map;
import java.util.Set;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public interface UserProvider extends Provider {
KeycloakTransaction getTransaction();
User addUser(String id, String username, Set<String> roles, String realm);
boolean removeUser(String name, String realm);
User getUserById(String id, String realm);
User getUserByUsername(String username, String realm);
User getUserByEmail(String email, String realm);
User getUserByAttribute(String name, String value, String realm);
List<User> getUsers(String realm);
List<User> searchForUser(String search, String realm);
List<User> searchForUserByAttributes(Map<String, String> attributes, String realm);
/**
* Returns features supported by the provider. A provider is required to at least support one of verifying credentials
* or reading credentials.
*
* @param feature
* @return
*/
boolean supports(Feature feature);
boolean verifyCredentials(User user, Credentials... credentials);
void onRealmRemoved(String realm);
void onRoleRemoved(String role);
void close();
}

View file

@ -1,9 +0,0 @@
package org.keycloak.models.users;
import org.keycloak.provider.ProviderFactory;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public interface UserProviderFactory extends ProviderFactory<UserProvider> {
}

View file

@ -1,27 +0,0 @@
package org.keycloak.models.users;
import org.keycloak.provider.Provider;
import org.keycloak.provider.ProviderFactory;
import org.keycloak.provider.Spi;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class UserSpi implements Spi {
@Override
public String getName() {
return "modelUsers";
}
@Override
public Class<? extends Provider> getProviderClass() {
return UserProvider.class;
}
@Override
public Class<? extends ProviderFactory> getProviderFactoryClass() {
return UserProviderFactory.class;
}
}

View file

@ -1 +0,0 @@
org.keycloak.models.hybrid.HybridModelProviderFactory

View file

@ -1,3 +0,0 @@
org.keycloak.models.realms.RealmSpi
org.keycloak.models.sessions.SessionSpi
org.keycloak.models.users.UserSpi

View file

@ -1,45 +0,0 @@
<?xml version="1.0"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
<version>1.0-beta-4-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>keycloak-model-realms-jpa</artifactId>
<name>Keycloak Model Realms JPA</name>
<description/>
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-core</artifactId>
<version>${project.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-model-api</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-model-hybrid</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.hibernate.javax.persistence</groupId>
<artifactId>hibernate-jpa-2.0-api</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-entitymanager</artifactId>
<version>${hibernate.entitymanager.version}</version>
<scope>provided</scope>
</dependency>
</dependencies>
</project>

View file

@ -1,258 +0,0 @@
package org.keycloak.models.realms.jpa;
import org.keycloak.models.realms.Application;
import org.keycloak.models.realms.Client;
import org.keycloak.models.realms.Realm;
import org.keycloak.models.realms.RealmProvider;
import org.keycloak.models.realms.Role;
import org.keycloak.models.realms.RoleContainer;
import org.keycloak.models.realms.jpa.entities.ApplicationEntity;
import org.keycloak.models.realms.jpa.entities.RoleEntity;
import org.keycloak.models.realms.jpa.entities.ScopeMappingEntity;
import javax.persistence.EntityManager;
import javax.persistence.TypedQuery;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class ApplicationAdapter extends ClientAdapter implements Application {
protected EntityManager em;
protected ApplicationEntity applicationEntity;
public ApplicationAdapter(RealmProvider provider, EntityManager em, ApplicationEntity applicationEntity) {
super(provider, applicationEntity, em);
this.em = em;
this.applicationEntity = applicationEntity;
}
@Override
public void updateApplication() {
em.flush();
}
@Override
public String getName() {
return entity.getName();
}
@Override
public void setName(String name) {
entity.setName(name);
}
@Override
public boolean isSurrogateAuthRequired() {
return applicationEntity.isSurrogateAuthRequired();
}
@Override
public void setSurrogateAuthRequired(boolean surrogateAuthRequired) {
applicationEntity.setSurrogateAuthRequired(surrogateAuthRequired);
}
@Override
public String getManagementUrl() {
return applicationEntity.getManagementUrl();
}
@Override
public void setManagementUrl(String url) {
applicationEntity.setManagementUrl(url);
}
@Override
public String getBaseUrl() {
return applicationEntity.getBaseUrl();
}
@Override
public void setBaseUrl(String url) {
applicationEntity.setBaseUrl(url);
}
@Override
public boolean isBearerOnly() {
return applicationEntity.isBearerOnly();
}
@Override
public void setBearerOnly(boolean only) {
applicationEntity.setBearerOnly(only);
}
@Override
public boolean isDirectGrantsOnly() {
return false; // applications can't be grant only
}
@Override
public void setDirectGrantsOnly(boolean flag) {
// applications can't be grant only
}
@Override
public Role getRole(String name) {
TypedQuery<RoleEntity> query = em.createNamedQuery("getAppRoleByName", RoleEntity.class);
query.setParameter("name", name);
query.setParameter("application", entity);
List<RoleEntity> roles = query.getResultList();
if (roles.size() == 0) return null;
return new RoleAdapter(provider, em, roles.get(0));
}
@Override
public Role addRole(String id, String name) {
RoleEntity roleEntity = new RoleEntity();
roleEntity.setId(id);
roleEntity.setName(name);
roleEntity.setApplication(applicationEntity);
roleEntity.setApplicationRole(true);
roleEntity.setRealmId(entity.getRealm().getId());
em.persist(roleEntity);
applicationEntity.getRoles().add(roleEntity);
em.flush();
return new RoleAdapter(provider, em, roleEntity);
}
@Override
public boolean removeRole(Role Role) {
RoleAdapter roleAdapter = (RoleAdapter) Role;
if (Role == null) {
return false;
}
if (!roleAdapter.getContainer().equals(this)) return false;
if (!roleAdapter.getRole().isApplicationRole()) return false;
RoleEntity role = roleAdapter.getRole();
applicationEntity.getRoles().remove(role);
applicationEntity.getDefaultRoles().remove(role);
em.createNativeQuery("delete from CompositeRole where childRole = :role").setParameter("role", role).executeUpdate();
em.createQuery("delete from " + ScopeMappingEntity.class.getSimpleName() + " where role = :role").setParameter("role", role).executeUpdate();
role.setApplication(null);
em.flush();
em.remove(role);
em.flush();
return true;
}
@Override
public Set<Role> getRoles() {
Set<Role> list = new HashSet<Role>();
Collection<RoleEntity> roles = applicationEntity.getRoles();
if (roles == null) return list;
for (RoleEntity entity : roles) {
list.add(new RoleAdapter(provider, em, entity));
}
return list;
}
@Override
public Set<Role> getApplicationScopeMappings(Client client) {
Set<Role> roleMappings = client.getScopeMappings();
Set<Role> appRoles = new HashSet<Role>();
for (Role role : roleMappings) {
RoleContainer container = role.getContainer();
if (container instanceof Realm) {
} else {
Application app = (Application)container;
if (app.getId().equals(getId())) {
appRoles.add(role);
}
}
}
return appRoles;
}
@Override
public List<String> getDefaultRoles() {
Collection<RoleEntity> entities = applicationEntity.getDefaultRoles();
List<String> roles = new ArrayList<String>();
if (entities == null) return roles;
for (RoleEntity entity : entities) {
roles.add(entity.getName());
}
return roles;
}
@Override
public void addDefaultRole(String name) {
Role role = getRole(name);
Collection<RoleEntity> entities = applicationEntity.getDefaultRoles();
for (RoleEntity entity : entities) {
if (entity.getId().equals(role.getId())) {
return;
}
}
entities.add(((RoleAdapter) role).getRole());
em.flush();
}
public static boolean contains(String str, String[] array) {
for (String s : array) {
if (str.equals(s)) return true;
}
return false;
}
@Override
public void updateDefaultRoles(String[] defaultRoles) {
Collection<RoleEntity> entities = applicationEntity.getDefaultRoles();
Set<String> already = new HashSet<String>();
List<RoleEntity> remove = new ArrayList<RoleEntity>();
for (RoleEntity rel : entities) {
if (!contains(rel.getName(), defaultRoles)) {
remove.add(rel);
} else {
already.add(rel.getName());
}
}
for (RoleEntity entity : remove) {
entities.remove(entity);
}
em.flush();
for (String roleName : defaultRoles) {
if (!already.contains(roleName)) {
addDefaultRole(roleName);
}
}
em.flush();
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || !(o instanceof Application)) return false;
Application that = (Application) o;
return that.getId().equals(getId());
}
@Override
public int hashCode() {
return getId().hashCode();
}
public String toString() {
return getName();
}
ApplicationEntity getJpaEntity() {
return applicationEntity;
}
}

View file

@ -1,225 +0,0 @@
package org.keycloak.models.realms.jpa;
import org.keycloak.models.realms.Client;
import org.keycloak.models.realms.Realm;
import org.keycloak.models.realms.RealmProvider;
import org.keycloak.models.realms.Role;
import org.keycloak.models.realms.RoleContainer;
import org.keycloak.models.realms.jpa.entities.ClientEntity;
import org.keycloak.models.realms.jpa.entities.ScopeMappingEntity;
import javax.persistence.EntityManager;
import javax.persistence.TypedQuery;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public abstract class ClientAdapter implements Client {
protected RealmProvider provider;
protected ClientEntity entity;
protected EntityManager em;
public ClientAdapter(RealmProvider provider, ClientEntity entity, EntityManager em) {
this.provider = provider;
this.entity = entity;
this.em = em;
}
public ClientEntity getEntity() {
return entity;
}
@Override
public String getId() {
return entity.getId();
}
@Override
public Realm getRealm() {
return new RealmAdapter(provider, em, entity.getRealm());
}
@Override
public String getClientId() {
return entity.getName();
}
@Override
public boolean isEnabled() {
return entity.isEnabled();
}
@Override
public void setEnabled(boolean enabled) {
entity.setEnabled(enabled);
}
@Override
public long getAllowedClaimsMask() {
return entity.getAllowedClaimsMask();
}
@Override
public void setAllowedClaimsMask(long mask) {
entity.setAllowedClaimsMask(mask);
}
@Override
public boolean isPublicClient() {
return entity.isPublicClient();
}
@Override
public void setPublicClient(boolean flag) {
entity.setPublicClient(flag);
}
@Override
public Set<String> getWebOrigins() {
Set<String> result = new HashSet<String>();
result.addAll(entity.getWebOrigins());
return result;
}
@Override
public void setWebOrigins(Set<String> webOrigins) {
entity.setWebOrigins(webOrigins);
}
@Override
public void addWebOrigin(String webOrigin) {
entity.getWebOrigins().add(webOrigin);
}
@Override
public void removeWebOrigin(String webOrigin) {
entity.getWebOrigins().remove(webOrigin);
}
@Override
public Set<String> getRedirectUris() {
Set<String> result = new HashSet<String>();
result.addAll(entity.getRedirectUris());
return result;
}
@Override
public void setRedirectUris(Set<String> redirectUris) {
entity.setRedirectUris(redirectUris);
}
@Override
public void addRedirectUri(String redirectUri) {
entity.getRedirectUris().add(redirectUri);
}
@Override
public void removeRedirectUri(String redirectUri) {
entity.getRedirectUris().remove(redirectUri);
}
@Override
public String getSecret() {
return entity.getSecret();
}
@Override
public void setSecret(String secret) {
entity.setSecret(secret);
}
@Override
public boolean validateSecret(String secret) {
return secret.equals(entity.getSecret());
}
@Override
public int getNotBefore() {
return entity.getNotBefore();
}
@Override
public void setNotBefore(int notBefore) {
entity.setNotBefore(notBefore);
}
@Override
public Set<Role> getRealmScopeMappings() {
Set<Role> roleMappings = getScopeMappings();
Set<Role> appRoles = new HashSet<Role>();
for (Role role : roleMappings) {
RoleContainer container = role.getContainer();
if (container instanceof Realm) {
if (((Realm) container).getId().equals(entity.getRealm().getId())) {
appRoles.add(role);
}
}
}
return appRoles;
}
@Override
public Set<Role> getScopeMappings() {
TypedQuery<String> query = em.createNamedQuery("clientScopeMappingIds", String.class);
query.setParameter("client", getEntity());
List<String> ids = query.getResultList();
Set<Role> roles = new HashSet<Role>();
for (String roleId : ids) {
Role role = provider.getRoleById(roleId, entity.getRealm().getId());
if (role == null) continue;
roles.add(role);
}
return roles;
}
@Override
public void addScopeMapping(Role role) {
ScopeMappingEntity entity = new ScopeMappingEntity();
entity.setClient(getEntity());
entity.setRole(((RoleAdapter) role).getRole());
em.persist(entity);
em.flush();
em.detach(entity);
}
@Override
public void deleteScopeMapping(Role role) {
TypedQuery<ScopeMappingEntity> query = getRealmScopeMappingQuery((RoleAdapter) role);
List<ScopeMappingEntity> results = query.getResultList();
if (results.size() == 0) return;
for (ScopeMappingEntity entity : results) {
em.remove(entity);
}
}
protected TypedQuery<ScopeMappingEntity> getRealmScopeMappingQuery(RoleAdapter role) {
TypedQuery<ScopeMappingEntity> query = em.createNamedQuery("hasScope", ScopeMappingEntity.class);
query.setParameter("client", getEntity());
query.setParameter("role", role.getRole());
return query;
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (!this.getClass().equals(o.getClass())) return false;
ClientAdapter that = (ClientAdapter) o;
return that.getId().equals(getId());
}
@Override
public int hashCode() {
return entity.getId().hashCode();
}
}

View file

@ -1,53 +0,0 @@
package org.keycloak.models.realms.jpa;
import org.keycloak.models.KeycloakTransaction;
import javax.persistence.EntityManager;
import javax.persistence.PersistenceException;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class JpaKeycloakTransaction implements KeycloakTransaction {
protected EntityManager em;
public JpaKeycloakTransaction(EntityManager em) {
this.em = em;
}
@Override
public void begin() {
em.getTransaction().begin();
}
@Override
public void commit() {
try {
em.getTransaction().commit();
} catch (PersistenceException e) {
throw PersistenceExceptionConverter.convert(e.getCause() != null ? e.getCause() : e);
}
}
@Override
public void rollback() {
em.getTransaction().rollback();
}
@Override
public void setRollbackOnly() {
em.getTransaction().setRollbackOnly();
}
@Override
public boolean getRollbackOnly() {
return em.getTransaction().getRollbackOnly();
}
@Override
public boolean isActive() {
return em.getTransaction().isActive();
}
}

View file

@ -1,135 +0,0 @@
package org.keycloak.models.realms.jpa;
import org.keycloak.models.KeycloakTransaction;
import org.keycloak.models.realms.Application;
import org.keycloak.models.realms.OAuthClient;
import org.keycloak.models.realms.Realm;
import org.keycloak.models.realms.RealmProvider;
import org.keycloak.models.realms.Role;
import org.keycloak.models.realms.jpa.entities.ApplicationEntity;
import org.keycloak.models.realms.jpa.entities.OAuthClientEntity;
import org.keycloak.models.realms.jpa.entities.RealmEntity;
import org.keycloak.models.realms.jpa.entities.RoleEntity;
import org.keycloak.models.utils.KeycloakModelUtils;
import javax.persistence.EntityManager;
import javax.persistence.TypedQuery;
import java.util.ArrayList;
import java.util.List;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class JpaRealmProvider implements RealmProvider {
protected final EntityManager em;
public JpaRealmProvider(EntityManager em) {
this.em = PersistenceExceptionConverter.create(em);
}
@Override
public KeycloakTransaction getTransaction() {
return new JpaKeycloakTransaction(em);
}
@Override
public Realm createRealm(String name) {
return createRealm(KeycloakModelUtils.generateId(), name);
}
@Override
public Realm createRealm(String id, String name) {
RealmEntity realm = new RealmEntity();
realm.setName(name);
realm.setId(id);
em.persist(realm);
em.flush();
return new RealmAdapter(this, em, realm);
}
@Override
public Realm getRealm(String id) {
RealmEntity realm = em.find(RealmEntity.class, id);
if (realm == null) return null;
return new RealmAdapter(this, em, realm);
}
@Override
public List<Realm> getRealms() {
TypedQuery<RealmEntity> query = em.createNamedQuery("getAllRealms", RealmEntity.class);
List<RealmEntity> entities = query.getResultList();
List<Realm> realms = new ArrayList<Realm>();
for (RealmEntity entity : entities) {
realms.add(new RealmAdapter(this, em, entity));
}
return realms;
}
@Override
public Realm getRealmByName(String name) {
TypedQuery<RealmEntity> query = em.createNamedQuery("getRealmByName", RealmEntity.class);
query.setParameter("name", name);
List<RealmEntity> entities = query.getResultList();
if (entities.size() == 0) return null;
if (entities.size() > 1) throw new IllegalStateException("Should not be more than one realm with same name");
RealmEntity realm = query.getResultList().get(0);
if (realm == null) return null;
return new RealmAdapter(this, em, realm);
}
@Override
public boolean removeRealm(String id) {
RealmEntity realm = em.find(RealmEntity.class, id);
if (realm == null) {
return false;
}
RealmAdapter adapter = new RealmAdapter(this, em, realm);
for (Application a : adapter.getApplications()) {
adapter.removeApplication(a);
}
for (OAuthClient oauth : adapter.getOAuthClients()) {
adapter.removeOAuthClient(oauth);
}
em.remove(realm);
return true;
}
@Override
public void close() {
if (em.getTransaction().isActive()) em.getTransaction().rollback();
if (em.isOpen()) em.close();
}
@Override
public Role getRoleById(String id, String realm) {
RoleEntity entity = em.find(RoleEntity.class, id);
if (entity == null) return null;
if (!realm.equals(entity.getRealmId())) return null;
return new RoleAdapter(this, em, entity);
}
@Override
public Application getApplicationById(String id, String realm) {
ApplicationEntity app = em.find(ApplicationEntity.class, id);
// Check if application belongs to this realm
if (app == null || !realm.equals(app.getRealm().getId())) return null;
return new ApplicationAdapter(this, em, app);
}
@Override
public OAuthClient getOAuthClientById(String id, String realm) {
OAuthClientEntity client = em.find(OAuthClientEntity.class, id);
// Check if client belongs to this realm
if (client == null || !realm.equals(client.getRealm().getId())) return null;
return new OAuthClientAdapter(this, client, em);
}
}

View file

@ -1,41 +0,0 @@
package org.keycloak.models.realms.jpa;
import org.keycloak.Config;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.realms.RealmProvider;
import org.keycloak.models.realms.RealmProviderFactory;
import org.keycloak.util.JpaUtils;
import javax.persistence.EntityManagerFactory;
import javax.persistence.Persistence;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class JpaRealmProviderFactory implements RealmProviderFactory {
protected EntityManagerFactory emf;
@Override
public void init(Config.Scope config) {
String persistenceUnit = config.get("persistenceUnit", "jpa-keycloak-identity-store");
emf = Persistence.createEntityManagerFactory(persistenceUnit, JpaUtils.getHibernateProperties());
}
@Override
public String getId() {
return "jpa";
}
@Override
public RealmProvider create(KeycloakSession session) {
return new JpaRealmProvider(emf.createEntityManager());
}
@Override
public void close() {
emf.close();
}
}

View file

@ -1,52 +0,0 @@
package org.keycloak.models.realms.jpa;
import org.keycloak.models.realms.OAuthClient;
import org.keycloak.models.realms.RealmProvider;
import org.keycloak.models.realms.jpa.entities.OAuthClientEntity;
import javax.persistence.EntityManager;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class OAuthClientAdapter extends ClientAdapter implements OAuthClient {
protected final OAuthClientEntity oAuthClientEntity;
public OAuthClientAdapter(RealmProvider provider, OAuthClientEntity entity, EntityManager em) {
super(provider, entity, em);
oAuthClientEntity = entity;
}
@Override
public void setClientId(String id) {
entity.setName(id);
}
@Override
public boolean isDirectGrantsOnly() {
return oAuthClientEntity.isDirectGrantsOnly();
}
@Override
public void setDirectGrantsOnly(boolean flag) {
oAuthClientEntity.setDirectGrantsOnly(flag);
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || !(o instanceof OAuthClient)) return false;
OAuthClient that = (OAuthClient) o;
return that.getId().equals(getId());
}
@Override
public int hashCode() {
return getId().hashCode();
}
}

View file

@ -1,48 +0,0 @@
package org.keycloak.models.realms.jpa;
import org.hibernate.exception.ConstraintViolationException;
import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.ModelException;
import javax.persistence.EntityExistsException;
import javax.persistence.EntityManager;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class PersistenceExceptionConverter implements InvocationHandler {
private EntityManager em;
public static EntityManager create(EntityManager em) {
return (EntityManager) Proxy.newProxyInstance(EntityManager.class.getClassLoader(), new Class[]{EntityManager.class}, new PersistenceExceptionConverter(em));
}
private PersistenceExceptionConverter(EntityManager em) {
this.em = em;
}
@Override
public Object invoke(Object proxy, Method method, Object[] args) throws Throwable {
try {
return method.invoke(em, args);
} catch (InvocationTargetException e) {
throw convert(e.getCause());
}
}
public static ModelException convert(Throwable t) {
if (t.getCause() != null && t.getCause() instanceof ConstraintViolationException) {
throw new ModelDuplicateException(t);
} if (t instanceof EntityExistsException) {
throw new ModelDuplicateException(t);
} else {
throw new ModelException(t);
}
}
}

View file

@ -1,853 +0,0 @@
package org.keycloak.models.realms.jpa;
import org.keycloak.models.AuthenticationProviderModel;
import org.keycloak.models.PasswordPolicy;
import org.keycloak.models.RequiredCredentialModel;
import org.keycloak.models.realms.Application;
import org.keycloak.models.realms.Client;
import org.keycloak.models.realms.OAuthClient;
import org.keycloak.models.realms.Realm;
import org.keycloak.models.realms.RealmProvider;
import org.keycloak.models.realms.Role;
import org.keycloak.models.realms.jpa.entities.ApplicationEntity;
import org.keycloak.models.realms.jpa.entities.AuthenticationProviderEntity;
import org.keycloak.models.realms.jpa.entities.OAuthClientEntity;
import org.keycloak.models.realms.jpa.entities.RealmEntity;
import org.keycloak.models.realms.jpa.entities.RequiredCredentialEntity;
import org.keycloak.models.realms.jpa.entities.RoleEntity;
import org.keycloak.models.realms.jpa.entities.ScopeMappingEntity;
import org.keycloak.models.utils.KeycloakModelUtils;
import javax.persistence.EntityManager;
import javax.persistence.TypedQuery;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Comparator;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class RealmAdapter implements Realm {
protected RealmEntity realm;
protected RealmProvider provider;
protected EntityManager em;
protected volatile transient PublicKey publicKey;
protected volatile transient PrivateKey privateKey;
protected PasswordPolicy passwordPolicy;
public RealmAdapter(RealmProvider provider, EntityManager em, RealmEntity realm) {
this.provider = provider;
this.em = em;
this.realm = realm;
}
public RealmEntity getEntity() {
return realm;
}
@Override
public String getId() {
return realm.getId();
}
@Override
public String getName() {
return realm.getName();
}
@Override
public void setName(String name) {
realm.setName(name);
em.flush();
}
@Override
public boolean isEnabled() {
return realm.isEnabled();
}
@Override
public void setEnabled(boolean enabled) {
realm.setEnabled(enabled);
em.flush();
}
@Override
public boolean isSslNotRequired() {
return realm.isSslNotRequired();
}
@Override
public void setSslNotRequired(boolean sslNotRequired) {
realm.setSslNotRequired(sslNotRequired);
em.flush();
}
@Override
public boolean isPasswordCredentialGrantAllowed() {
return realm.isPasswordCredentialGrantAllowed();
}
@Override
public void setPasswordCredentialGrantAllowed(boolean passwordCredentialGrantAllowed) {
realm.setPasswordCredentialGrantAllowed(passwordCredentialGrantAllowed);
em.flush();
}
@Override
public boolean isRegistrationAllowed() {
return realm.isRegistrationAllowed();
}
@Override
public void setRegistrationAllowed(boolean registrationAllowed) {
realm.setRegistrationAllowed(registrationAllowed);
em.flush();
}
@Override
public boolean isRememberMe() {
return realm.isRememberMe();
}
@Override
public void setRememberMe(boolean rememberMe) {
realm.setRememberMe(rememberMe);
em.flush();
}
@Override
public boolean isBruteForceProtected() {
return realm.isBruteForceProtected();
}
@Override
public void setBruteForceProtected(boolean value) {
realm.setBruteForceProtected(value);
}
@Override
public int getMaxFailureWaitSeconds() {
return realm.getMaxFailureWaitSeconds();
}
@Override
public void setMaxFailureWaitSeconds(int val) {
realm.setMaxFailureWaitSeconds(val);
}
@Override
public int getWaitIncrementSeconds() {
return realm.getWaitIncrementSeconds();
}
@Override
public void setWaitIncrementSeconds(int val) {
realm.setWaitIncrementSeconds(val);
}
@Override
public long getQuickLoginCheckMilliSeconds() {
return realm.getQuickLoginCheckMilliSeconds();
}
@Override
public void setQuickLoginCheckMilliSeconds(long val) {
realm.setQuickLoginCheckMilliSeconds(val);
}
@Override
public int getMinimumQuickLoginWaitSeconds() {
return realm.getMinimumQuickLoginWaitSeconds();
}
@Override
public void setMinimumQuickLoginWaitSeconds(int val) {
realm.setMinimumQuickLoginWaitSeconds(val);
}
@Override
public int getMaxDeltaTimeSeconds() {
return realm.getMaxDeltaTimeSeconds();
}
@Override
public void setMaxDeltaTimeSeconds(int val) {
realm.setMaxDeltaTimeSeconds(val);
}
@Override
public int getFailureFactor() {
return realm.getFailureFactor();
}
@Override
public void setFailureFactor(int failureFactor) {
realm.setFailureFactor(failureFactor);
}
@Override
public boolean isVerifyEmail() {
return realm.isVerifyEmail();
}
@Override
public void setVerifyEmail(boolean verifyEmail) {
realm.setVerifyEmail(verifyEmail);
em.flush();
}
@Override
public boolean isResetPasswordAllowed() {
return realm.isResetPasswordAllowed();
}
@Override
public void setResetPasswordAllowed(boolean resetPasswordAllowed) {
realm.setResetPasswordAllowed(resetPasswordAllowed);
em.flush();
}
@Override
public int getNotBefore() {
return realm.getNotBefore();
}
@Override
public void setNotBefore(int notBefore) {
realm.setNotBefore(notBefore);
}
@Override
public int getAccessTokenLifespan() {
return realm.getAccessTokenLifespan();
}
@Override
public void setAccessTokenLifespan(int tokenLifespan) {
realm.setAccessTokenLifespan(tokenLifespan);
em.flush();
}
@Override
public int getSsoSessionIdleTimeout() {
return realm.getSsoSessionIdleTimeout();
}
@Override
public void setSsoSessionIdleTimeout(int seconds) {
realm.setSsoSessionIdleTimeout(seconds);
}
@Override
public int getSsoSessionMaxLifespan() {
return realm.getSsoSessionMaxLifespan();
}
@Override
public void setSsoSessionMaxLifespan(int seconds) {
realm.setSsoSessionMaxLifespan(seconds);
}
@Override
public int getAccessCodeLifespan() {
return realm.getAccessCodeLifespan();
}
@Override
public void setAccessCodeLifespan(int accessCodeLifespan) {
realm.setAccessCodeLifespan(accessCodeLifespan);
em.flush();
}
@Override
public int getAccessCodeLifespanUserAction() {
return realm.getAccessCodeLifespanUserAction();
}
@Override
public void setAccessCodeLifespanUserAction(int accessCodeLifespanUserAction) {
realm.setAccessCodeLifespanUserAction(accessCodeLifespanUserAction);
em.flush();
}
@Override
public String getPublicKeyPem() {
return realm.getPublicKeyPem();
}
@Override
public void setPublicKeyPem(String publicKeyPem) {
realm.setPublicKeyPem(publicKeyPem);
em.flush();
}
@Override
public String getPrivateKeyPem() {
return realm.getPrivateKeyPem();
}
@Override
public void setPrivateKeyPem(String privateKeyPem) {
realm.setPrivateKeyPem(privateKeyPem);
em.flush();
}
@Override
public PublicKey getPublicKey() {
if (publicKey != null) return publicKey;
publicKey = KeycloakModelUtils.getPublicKey(getPublicKeyPem());
return publicKey;
}
@Override
public void setPublicKey(PublicKey publicKey) {
this.publicKey = publicKey;
String publicKeyPem = KeycloakModelUtils.getPemFromKey(publicKey);
setPublicKeyPem(publicKeyPem);
}
@Override
public PrivateKey getPrivateKey() {
if (privateKey != null) return privateKey;
privateKey = KeycloakModelUtils.getPrivateKey(getPrivateKeyPem());
return privateKey;
}
@Override
public void setPrivateKey(PrivateKey privateKey) {
this.privateKey = privateKey;
String privateKeyPem = KeycloakModelUtils.getPemFromKey(privateKey);
setPrivateKeyPem(privateKeyPem);
}
protected RequiredCredentialModel initRequiredCredentialModel(String type) {
RequiredCredentialModel model = RequiredCredentialModel.BUILT_IN.get(type);
if (model == null) {
throw new RuntimeException("Unknown credential type " + type);
}
return model;
}
@Override
public void addRequiredCredential(String type) {
RequiredCredentialModel model = initRequiredCredentialModel(type);
addRequiredCredential(model);
em.flush();
}
public void addRequiredCredential(RequiredCredentialModel model) {
RequiredCredentialEntity entity = new RequiredCredentialEntity();
entity.setInput(model.isInput());
entity.setSecret(model.isSecret());
entity.setType(model.getType());
entity.setFormLabel(model.getFormLabel());
em.persist(entity);
realm.getRequiredCredentials().add(entity);
em.flush();
}
@Override
public void updateRequiredCredentials(Set<String> creds) {
Collection<RequiredCredentialEntity> relationships = realm.getRequiredCredentials();
if (relationships == null) relationships = new ArrayList<RequiredCredentialEntity>();
Set<String> already = new HashSet<String>();
List<RequiredCredentialEntity> remove = new ArrayList<RequiredCredentialEntity>();
for (RequiredCredentialEntity rel : relationships) {
if (!creds.contains(rel.getType())) {
remove.add(rel);
} else {
already.add(rel.getType());
}
}
for (RequiredCredentialEntity entity : remove) {
relationships.remove(entity);
em.remove(entity);
}
for (String cred : creds) {
if (!already.contains(cred)) {
addRequiredCredential(cred);
}
}
em.flush();
}
@Override
public List<RequiredCredentialModel> getRequiredCredentials() {
List<RequiredCredentialModel> requiredCredentialModels = new ArrayList<RequiredCredentialModel>();
Collection<RequiredCredentialEntity> entities = realm.getRequiredCredentials();
if (entities == null) return requiredCredentialModels;
for (RequiredCredentialEntity entity : entities) {
RequiredCredentialModel model = new RequiredCredentialModel();
model.setFormLabel(entity.getFormLabel());
model.setType(entity.getType());
model.setSecret(entity.isSecret());
model.setInput(entity.isInput());
requiredCredentialModels.add(model);
}
return requiredCredentialModels; //To change body of implemented methods use File | Settings | File Templates.
}
@Override
public List<String> getDefaultRoles() {
Collection<RoleEntity> entities = realm.getDefaultRoles();
List<String> roles = new ArrayList<String>();
if (entities == null) return roles;
for (RoleEntity entity : entities) {
roles.add(entity.getName());
}
return roles;
}
@Override
public void addDefaultRole(String name) {
Role role = getRole(name);
Collection<RoleEntity> entities = realm.getDefaultRoles();
for (RoleEntity entity : entities) {
if (entity.getId().equals(role.getId())) {
return;
}
}
realm.getDefaultRoles().add(((RoleAdapter) role).getRole());
em.flush();
}
public static boolean contains(String str, String[] array) {
for (String s : array) {
if (str.equals(s)) return true;
}
return false;
}
@Override
public void updateDefaultRoles(String[] defaultRoles) {
Collection<RoleEntity> entities = realm.getDefaultRoles();
Set<String> already = new HashSet<String>();
List<RoleEntity> remove = new ArrayList<RoleEntity>();
for (RoleEntity rel : entities) {
if (!contains(rel.getName(), defaultRoles)) {
remove.add(rel);
} else {
already.add(rel.getName());
}
}
for (RoleEntity entity : remove) {
entities.remove(entity);
}
em.flush();
for (String roleName : defaultRoles) {
if (!already.contains(roleName)) {
addDefaultRole(roleName);
}
}
em.flush();
}
@Override
public Client findClient(String clientId) {
Client model = getApplicationByName(clientId);
if (model != null) return model;
return getOAuthClient(clientId);
}
@Override
public Map<String, Application> getApplicationNameMap() {
Map<String, Application> map = new HashMap<String, Application>();
for (Application app : getApplications()) {
map.put(app.getName(), app);
}
return map; //To change body of implemented methods use File | Settings | File Templates.
}
@Override
public List<Application> getApplications() {
List<Application> list = new ArrayList<Application>();
if (realm.getApplications() == null) return list;
for (ApplicationEntity entity : realm.getApplications()) {
list.add(new ApplicationAdapter(provider, em, entity));
}
return list;
}
@Override
public Application addApplication(String id, String name) {
ApplicationEntity applicationData = new ApplicationEntity();
applicationData.setId(id);
applicationData.setName(name);
applicationData.setEnabled(true);
applicationData.setRealm(realm);
realm.getApplications().add(applicationData);
em.persist(applicationData);
em.flush();
Application resource = new ApplicationAdapter(provider, em, applicationData);
em.flush();
return resource;
}
@Override
public boolean removeApplication(Application application) {
for (Role role : application.getRoles()) {
application.removeRole(role);
}
ApplicationEntity applicationEntity = null;
Iterator<ApplicationEntity> it = realm.getApplications().iterator();
while (it.hasNext()) {
ApplicationEntity ae = it.next();
if (ae.getId().equals(application.getId())) {
applicationEntity = ae;
it.remove();
break;
}
}
for (ApplicationEntity a : realm.getApplications()) {
if (a.getId().equals(application.getId())) {
applicationEntity = a;
}
}
if (application == null) {
return false;
}
em.remove(applicationEntity);
em.createQuery("delete from " + ScopeMappingEntity.class.getSimpleName() + " where client = :client").setParameter("client", applicationEntity).executeUpdate();
return true;
}
@Override
public Application getApplicationByName(String name) {
return getApplicationNameMap().get(name);
}
@Override
public boolean isSocial() {
return realm.isSocial();
}
@Override
public void setSocial(boolean social) {
realm.setSocial(social);
em.flush();
}
@Override
public boolean isUpdateProfileOnInitialSocialLogin() {
return realm.isUpdateProfileOnInitialSocialLogin();
}
@Override
public void setUpdateProfileOnInitialSocialLogin(boolean updateProfileOnInitialSocialLogin) {
realm.setUpdateProfileOnInitialSocialLogin(updateProfileOnInitialSocialLogin);
em.flush();
}
@Override
public OAuthClient addOAuthClient(String id, String name) {
OAuthClientEntity data = new OAuthClientEntity();
data.setId(id);
data.setEnabled(true);
data.setName(name);
data.setRealm(realm);
em.persist(data);
em.flush();
return new OAuthClientAdapter(provider, data, em);
}
@Override
public boolean removeOAuthClient(OAuthClient client) {
em.createQuery("delete from " + ScopeMappingEntity.class.getSimpleName() + " where client = :client").setParameter("client", client).executeUpdate();
em.remove(client);
return true;
}
@Override
public OAuthClient getOAuthClient(String name) {
TypedQuery<OAuthClientEntity> query = em.createNamedQuery("findOAuthClientByName", OAuthClientEntity.class);
query.setParameter("name", name);
query.setParameter("realm", realm);
List<OAuthClientEntity> entities = query.getResultList();
if (entities.size() == 0) return null;
return new OAuthClientAdapter(provider, entities.get(0), em);
}
@Override
public List<OAuthClient> getOAuthClients() {
TypedQuery<OAuthClientEntity> query = em.createNamedQuery("findOAuthClientByRealm", OAuthClientEntity.class);
query.setParameter("realm", realm);
List<OAuthClientEntity> entities = query.getResultList();
List<OAuthClient> list = new ArrayList<OAuthClient>();
for (OAuthClientEntity entity : entities) list.add(new OAuthClientAdapter(provider, entity, em));
return list;
}
@Override
public Map<String, String> getSmtpConfig() {
return realm.getSmtpConfig();
}
@Override
public void setSmtpConfig(Map<String, String> smtpConfig) {
realm.setSmtpConfig(smtpConfig);
em.flush();
}
@Override
public Map<String, String> getSocialConfig() {
return realm.getSocialConfig();
}
@Override
public void setSocialConfig(Map<String, String> socialConfig) {
realm.setSocialConfig(socialConfig);
em.flush();
}
@Override
public Map<String, String> getLdapServerConfig() {
return realm.getLdapServerConfig();
}
@Override
public void setLdapServerConfig(Map<String, String> ldapServerConfig) {
realm.setLdapServerConfig(ldapServerConfig);
em.flush();
}
@Override
public List<AuthenticationProviderModel> getAuthenticationProviders() {
List<AuthenticationProviderEntity> entities = realm.getAuthenticationProviders();
List<AuthenticationProviderEntity> copy = new ArrayList<AuthenticationProviderEntity>();
for (AuthenticationProviderEntity entity : entities) {
copy.add(entity);
}
Collections.sort(copy, new Comparator<AuthenticationProviderEntity>() {
@Override
public int compare(AuthenticationProviderEntity o1, AuthenticationProviderEntity o2) {
return o1.getPriority() - o2.getPriority();
}
});
List<AuthenticationProviderModel> result = new ArrayList<AuthenticationProviderModel>();
for (AuthenticationProviderEntity entity : copy) {
result.add(new AuthenticationProviderModel(entity.getProviderName(), entity.isPasswordUpdateSupported(), entity.getConfig()));
}
return result;
}
@Override
public void setAuthenticationProviders(List<AuthenticationProviderModel> authenticationProviders) {
List<AuthenticationProviderEntity> newEntities = new ArrayList<AuthenticationProviderEntity>();
int counter = 1;
for (AuthenticationProviderModel model : authenticationProviders) {
AuthenticationProviderEntity entity = new AuthenticationProviderEntity();
entity.setProviderName(model.getProviderName());
entity.setPasswordUpdateSupported(model.isPasswordUpdateSupported());
entity.setConfig(model.getConfig());
entity.setPriority(counter++);
newEntities.add(entity);
}
// Remove all existing first
Collection<AuthenticationProviderEntity> existing = realm.getAuthenticationProviders();
Collection<AuthenticationProviderEntity> copy = new ArrayList<AuthenticationProviderEntity>(existing);
for (AuthenticationProviderEntity apToRemove : copy) {
existing.remove(apToRemove);
em.remove(apToRemove);
}
// Now create all new providers
for (AuthenticationProviderEntity apToAdd : newEntities) {
existing.add(apToAdd);
em.persist(apToAdd);
}
em.flush();
}
@Override
public Role getRole(String name) {
TypedQuery<RoleEntity> query = em.createNamedQuery("getRealmRoleByName", RoleEntity.class);
query.setParameter("name", name);
query.setParameter("realm", realm);
List<RoleEntity> roles = query.getResultList();
if (roles.size() == 0) return null;
return new RoleAdapter(provider, em, roles.get(0));
}
@Override
public Role addRole(String id, String name) {
RoleEntity entity = new RoleEntity();
entity.setId(id);
entity.setName(name);
entity.setRealm(realm);
entity.setRealmId(realm.getId());
em.persist(entity);
realm.getRoles().add(entity);
em.flush();
return new RoleAdapter(provider, em, entity);
}
@Override
public boolean removeRole(Role role) {
if (role == null) {
return false;
}
if (!role.getContainer().equals(this)) return false;
RoleEntity roleEntity = ((RoleAdapter) role).getRole();
realm.getRoles().remove(role);
realm.getDefaultRoles().remove(role);
em.createNativeQuery("delete from CompositeRole where childRole = :role").setParameter("role", roleEntity).executeUpdate();
em.createQuery("delete from " + ScopeMappingEntity.class.getSimpleName() + " where role = :role").setParameter("role", roleEntity).executeUpdate();
em.remove(roleEntity);
return true;
}
@Override
public Set<Role> getRoles() {
Set<Role> list = new HashSet<Role>();
Collection<RoleEntity> roles = realm.getRoles();
if (roles == null) return list;
for (RoleEntity entity : roles) {
list.add(new RoleAdapter(provider, em, entity));
}
return list;
}
@Override
public PasswordPolicy getPasswordPolicy() {
if (passwordPolicy == null) {
passwordPolicy = new PasswordPolicy(realm.getPasswordPolicy());
}
return passwordPolicy;
}
@Override
public void setPasswordPolicy(PasswordPolicy policy) {
this.passwordPolicy = policy;
realm.setPasswordPolicy(policy.toString());
em.flush();
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || !(o instanceof Realm)) return false;
Realm that = (Realm) o;
return that.getId().equals(getId());
}
@Override
public int hashCode() {
return getId().hashCode();
}
@Override
public String getLoginTheme() {
return realm.getLoginTheme();
}
@Override
public void setLoginTheme(String name) {
realm.setLoginTheme(name);
em.flush();
}
@Override
public String getAccountTheme() {
return realm.getAccountTheme();
}
@Override
public void setAccountTheme(String name) {
realm.setAccountTheme(name);
em.flush();
}
@Override
public String getAdminTheme() {
return realm.getAdminTheme();
}
@Override
public void setAdminTheme(String name) {
realm.setAdminTheme(name);
em.flush();
}
@Override
public String getEmailTheme() {
return realm.getEmailTheme();
}
@Override
public void setEmailTheme(String name) {
realm.setEmailTheme(name);
em.flush();
}
@Override
public boolean isAuditEnabled() {
return realm.isAuditEnabled();
}
@Override
public void setAuditEnabled(boolean enabled) {
realm.setAuditEnabled(enabled);
em.flush();
}
@Override
public long getAuditExpiration() {
return realm.getAuditExpiration();
}
@Override
public void setAuditExpiration(long expiration) {
realm.setAuditExpiration(expiration);
em.flush();
}
@Override
public Set<String> getAuditListeners() {
return realm.getAuditListeners();
}
@Override
public void setAuditListeners(Set<String> listeners) {
realm.setAuditListeners(listeners);
em.flush();
}
@Override
public Application getMasterAdminApp() {
return new ApplicationAdapter(provider, em, realm.getMasterAdminApp());
}
@Override
public void setMasterAdminApp(Application app) {
realm.setMasterAdminApp(((ApplicationAdapter) app).getJpaEntity());
em.flush();
}
}

View file

@ -1,117 +0,0 @@
package org.keycloak.models.realms.jpa;
import org.keycloak.models.realms.RealmProvider;
import org.keycloak.models.realms.Role;
import org.keycloak.models.realms.RoleContainer;
import org.keycloak.models.realms.jpa.entities.RoleEntity;
import javax.persistence.EntityManager;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class RoleAdapter implements Role {
protected RoleEntity role;
protected RealmProvider provider;
protected EntityManager em;
public RoleAdapter(RealmProvider provider, EntityManager em, RoleEntity role) {
this.provider = provider;
this.em = em;
this.role = role;
}
public RoleEntity getRole() {
return role;
}
public void setRole(RoleEntity role) {
this.role = role;
}
@Override
public String getName() {
return role.getName();
}
@Override
public String getDescription() {
return role.getDescription();
}
@Override
public void setDescription(String description) {
role.setDescription(description);
}
@Override
public String getId() {
return role.getId();
}
@Override
public void setName(String name) {
role.setName(name);
}
@Override
public boolean isComposite() {
return getComposites().size() > 0;
}
@Override
public void addCompositeRole(Role role) {
RoleEntity entity = ((RoleAdapter)role).getRole();
for (RoleEntity composite : getRole().getCompositeRoles()) {
if (composite.equals(entity)) return;
}
getRole().getCompositeRoles().add(entity);
em.flush();
}
@Override
public void removeCompositeRole(Role role) {
RoleEntity entity = ((RoleAdapter)role).getRole();
Iterator<RoleEntity> it = getRole().getCompositeRoles().iterator();
while (it.hasNext()) {
if (it.next().equals(entity)) it.remove();
}
}
@Override
public Set<Role> getComposites() {
Set<Role> set = new HashSet<Role>();
for (RoleEntity composite : getRole().getCompositeRoles()) {
set.add(new RoleAdapter(provider, em, composite));
}
return set;
}
@Override
public RoleContainer getContainer() {
if (role.isApplicationRole()) {
return provider.getApplicationById(role.getApplication().getId(), role.getApplication().getRealm().getId());
} else {
return provider.getRealm(role.getRealm().getId());
}
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || !(o instanceof Role)) return false;
Role that = (Role) o;
return that.getId().equals(getId());
}
@Override
public int hashCode() {
return getId().hashCode();
}
}

View file

@ -1,77 +0,0 @@
package org.keycloak.models.realms.jpa.entities;
import javax.persistence.CascadeType;
import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.JoinTable;
import javax.persistence.OneToMany;
import java.util.ArrayList;
import java.util.Collection;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
@Entity
public class ApplicationEntity extends ClientEntity {
private boolean surrogateAuthRequired;
private String baseUrl;
private String managementUrl;
private boolean bearerOnly;
@OneToMany(fetch = FetchType.EAGER, cascade ={CascadeType.REMOVE}, orphanRemoval = true, mappedBy = "application")
Collection<RoleEntity> roles = new ArrayList<RoleEntity>();
@OneToMany(fetch = FetchType.LAZY, cascade ={CascadeType.REMOVE}, orphanRemoval = true)
@JoinTable(name="ApplicationDefaultRoles")
Collection<RoleEntity> defaultRoles = new ArrayList<RoleEntity>();
public boolean isSurrogateAuthRequired() {
return surrogateAuthRequired;
}
public void setSurrogateAuthRequired(boolean surrogateAuthRequired) {
this.surrogateAuthRequired = surrogateAuthRequired;
}
public String getBaseUrl() {
return baseUrl;
}
public void setBaseUrl(String baseUrl) {
this.baseUrl = baseUrl;
}
public String getManagementUrl() {
return managementUrl;
}
public void setManagementUrl(String managementUrl) {
this.managementUrl = managementUrl;
}
public Collection<RoleEntity> getRoles() {
return roles;
}
public void setRoles(Collection<RoleEntity> roles) {
this.roles = roles;
}
public Collection<RoleEntity> getDefaultRoles() {
return defaultRoles;
}
public void setDefaultRoles(Collection<RoleEntity> defaultRoles) {
this.defaultRoles = defaultRoles;
}
public boolean isBearerOnly() {
return bearerOnly;
}
public void setBearerOnly(boolean bearerOnly) {
this.bearerOnly = bearerOnly;
}
}

View file

@ -1,79 +0,0 @@
package org.keycloak.models.realms.jpa.entities;
import org.hibernate.annotations.GenericGenerator;
import javax.persistence.CollectionTable;
import javax.persistence.Column;
import javax.persistence.ElementCollection;
import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
import javax.persistence.Id;
import javax.persistence.JoinColumn;
import javax.persistence.MapKeyColumn;
import javax.persistence.Table;
import java.util.Map;
/**
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
*/
@Entity
@Table(name="AuthProviderEntity")
public class AuthenticationProviderEntity {
@Id
@GenericGenerator(name="keycloak_generator", strategy="org.keycloak.models.realms.jpa.utils.JpaIdGenerator")
@GeneratedValue(generator = "keycloak_generator")
protected String id;
private String providerName;
private boolean passwordUpdateSupported;
private int priority;
@ElementCollection
@MapKeyColumn(name="name")
@Column(name="value")
@CollectionTable(name="AuthProviderEntity_cfg", joinColumns = {
@JoinColumn(name = "AuthProviderEntity_id")
})
private Map<String, String> config;
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getProviderName() {
return providerName;
}
public void setProviderName(String providerName) {
this.providerName = providerName;
}
public boolean isPasswordUpdateSupported() {
return passwordUpdateSupported;
}
public void setPasswordUpdateSupported(boolean passwordUpdateSupported) {
this.passwordUpdateSupported = passwordUpdateSupported;
}
public int getPriority() {
return priority;
}
public void setPriority(int priority) {
this.priority = priority;
}
public Map<String, String> getConfig() {
return config;
}
public void setConfig(Map<String, String> config) {
this.config = config;
}
}

View file

@ -1,126 +0,0 @@
package org.keycloak.models.realms.jpa.entities;
import javax.persistence.CollectionTable;
import javax.persistence.Column;
import javax.persistence.ElementCollection;
import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.Id;
import javax.persistence.Inheritance;
import javax.persistence.InheritanceType;
import javax.persistence.JoinColumn;
import javax.persistence.ManyToOne;
import javax.persistence.Table;
import javax.persistence.UniqueConstraint;
import java.util.HashSet;
import java.util.Set;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
@Entity
@Inheritance(strategy = InheritanceType.SINGLE_TABLE)
@Table(uniqueConstraints = {@UniqueConstraint(columnNames = {"realm", "name"})})
public abstract class ClientEntity {
@Id
private String id;
@Column(name = "name")
private String name;
private boolean enabled;
private String secret;
private long allowedClaimsMask;
private int notBefore;
private boolean publicClient;
@ManyToOne(fetch = FetchType.LAZY)
@JoinColumn(name = "realm")
protected RealmEntity realm;
@ElementCollection
@CollectionTable
protected Set<String> webOrigins = new HashSet<String>();
@ElementCollection
@CollectionTable
protected Set<String> redirectUris = new HashSet<String>();
public RealmEntity getRealm() {
return realm;
}
public void setRealm(RealmEntity realm) {
this.realm = realm;
}
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public boolean isEnabled() {
return enabled;
}
public void setEnabled(boolean enabled) {
this.enabled = enabled;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public long getAllowedClaimsMask() {
return allowedClaimsMask;
}
public void setAllowedClaimsMask(long allowedClaimsMask) {
this.allowedClaimsMask = allowedClaimsMask;
}
public Set<String> getWebOrigins() {
return webOrigins;
}
public void setWebOrigins(Set<String> webOrigins) {
this.webOrigins = webOrigins;
}
public Set<String> getRedirectUris() {
return redirectUris;
}
public void setRedirectUris(Set<String> redirectUris) {
this.redirectUris = redirectUris;
}
public String getSecret() {
return secret;
}
public void setSecret(String secret) {
this.secret = secret;
}
public int getNotBefore() {
return notBefore;
}
public void setNotBefore(int notBefore) {
this.notBefore = notBefore;
}
public boolean isPublicClient() {
return publicClient;
}
public void setPublicClient(boolean publicClient) {
this.publicClient = publicClient;
}
}

View file

@ -1,27 +0,0 @@
package org.keycloak.models.realms.jpa.entities;
import javax.persistence.Entity;
import javax.persistence.NamedQueries;
import javax.persistence.NamedQuery;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
@NamedQueries({
@NamedQuery(name="findOAuthClientByName", query="select o from OAuthClientEntity o where o.name=:name and o.realm = :realm"),
@NamedQuery(name="findOAuthClientByRealm", query="select o from OAuthClientEntity o where o.realm = :realm")
})
@Entity
public class OAuthClientEntity extends ClientEntity {
protected boolean directGrantsOnly;
public boolean isDirectGrantsOnly() {
return directGrantsOnly;
}
public void setDirectGrantsOnly(boolean directGrantsOnly) {
this.directGrantsOnly = directGrantsOnly;
}
}

View file

@ -1,479 +0,0 @@
package org.keycloak.models.realms.jpa.entities;
import javax.persistence.CascadeType;
import javax.persistence.CollectionTable;
import javax.persistence.Column;
import javax.persistence.ElementCollection;
import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.Id;
import javax.persistence.JoinTable;
import javax.persistence.MapKeyColumn;
import javax.persistence.NamedQueries;
import javax.persistence.NamedQuery;
import javax.persistence.OneToMany;
import javax.persistence.OneToOne;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
@Entity
@NamedQueries({
@NamedQuery(name="getAllRealms", query="select realm from RealmEntity realm"),
@NamedQuery(name="getRealmByName", query="select realm from RealmEntity realm where realm.name = :name"),
})
public class RealmEntity {
@Id
protected String id;
@Column(unique = true)
protected String name;
protected boolean enabled;
protected boolean sslNotRequired;
protected boolean registrationAllowed;
protected boolean passwordCredentialGrantAllowed;
protected boolean verifyEmail;
protected boolean resetPasswordAllowed;
protected boolean social;
protected boolean rememberMe;
//--- brute force settings
protected boolean bruteForceProtected;
protected int maxFailureWaitSeconds;
protected int minimumQuickLoginWaitSeconds;
protected int waitIncrementSeconds;
protected long quickLoginCheckMilliSeconds;
protected int maxDeltaTimeSeconds;
protected int failureFactor;
//--- end brute force settings
@Column(name="updateProfileOnInitSocLogin")
protected boolean updateProfileOnInitialSocialLogin;
protected String passwordPolicy;
private int ssoSessionIdleTimeout;
private int ssoSessionMaxLifespan;
protected int accessTokenLifespan;
protected int accessCodeLifespan;
protected int accessCodeLifespanUserAction;
protected int notBefore;
@Column(length = 2048)
protected String publicKeyPem;
@Column(length = 2048)
protected String privateKeyPem;
protected String loginTheme;
protected String accountTheme;
protected String adminTheme;
protected String emailTheme;
@OneToMany(cascade ={CascadeType.REMOVE}, orphanRemoval = true)
@JoinTable(name="User_RequiredCreds")
Collection<RequiredCredentialEntity> requiredCredentials = new ArrayList<RequiredCredentialEntity>();
@OneToMany(cascade ={CascadeType.REMOVE}, orphanRemoval = true)
@JoinTable(name="AuthProviders")
List<AuthenticationProviderEntity> authenticationProviders = new ArrayList<AuthenticationProviderEntity>();
@OneToMany(fetch = FetchType.LAZY, cascade ={CascadeType.REMOVE}, orphanRemoval = true)
Collection<ApplicationEntity> applications = new ArrayList<ApplicationEntity>();
@OneToMany(fetch = FetchType.LAZY, cascade ={CascadeType.REMOVE}, orphanRemoval = true, mappedBy = "realm")
Collection<RoleEntity> roles = new ArrayList<RoleEntity>();
@ElementCollection
@MapKeyColumn(name="name")
@Column(name="value")
@CollectionTable
protected Map<String, String> smtpConfig = new HashMap<String, String>();
@ElementCollection
@MapKeyColumn(name="name")
@Column(name="value")
@CollectionTable
protected Map<String, String> socialConfig = new HashMap<String, String>();
@ElementCollection
@MapKeyColumn(name="name")
@Column(name="value")
@CollectionTable
protected Map<String, String> ldapServerConfig = new HashMap<String, String>();
@OneToMany(fetch = FetchType.LAZY, cascade ={CascadeType.REMOVE}, orphanRemoval = true)
@JoinTable(name="RealmDefaultRoles")
protected Collection<RoleEntity> defaultRoles = new ArrayList<RoleEntity>();
protected boolean auditEnabled;
protected long auditExpiration;
@ElementCollection
protected Set<String> auditListeners= new HashSet<String>();
@OneToOne
protected ApplicationEntity masterAdminApp;
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public boolean isEnabled() {
return enabled;
}
public void setEnabled(boolean enabled) {
this.enabled = enabled;
}
public boolean isSslNotRequired() {
return sslNotRequired;
}
public void setSslNotRequired(boolean sslNotRequired) {
this.sslNotRequired = sslNotRequired;
}
public boolean isPasswordCredentialGrantAllowed() {
return passwordCredentialGrantAllowed;
}
public void setPasswordCredentialGrantAllowed(boolean passwordCredentialGrantAllowed) {
this.passwordCredentialGrantAllowed = passwordCredentialGrantAllowed;
}
public boolean isRegistrationAllowed() {
return registrationAllowed;
}
public void setRegistrationAllowed(boolean registrationAllowed) {
this.registrationAllowed = registrationAllowed;
}
public boolean isRememberMe() {
return rememberMe;
}
public void setRememberMe(boolean rememberMe) {
this.rememberMe = rememberMe;
}
public boolean isVerifyEmail() {
return verifyEmail;
}
public void setVerifyEmail(boolean verifyEmail) {
this.verifyEmail = verifyEmail;
}
public boolean isResetPasswordAllowed() {
return resetPasswordAllowed;
}
public void setResetPasswordAllowed(boolean resetPasswordAllowed) {
this.resetPasswordAllowed = resetPasswordAllowed;
}
public boolean isSocial() {
return social;
}
public void setSocial(boolean social) {
this.social = social;
}
public boolean isUpdateProfileOnInitialSocialLogin() {
return updateProfileOnInitialSocialLogin;
}
public void setUpdateProfileOnInitialSocialLogin(boolean updateProfileOnInitialSocialLogin) {
this.updateProfileOnInitialSocialLogin = updateProfileOnInitialSocialLogin;
}
public int getSsoSessionIdleTimeout() {
return ssoSessionIdleTimeout;
}
public void setSsoSessionIdleTimeout(int ssoSessionIdleTimeout) {
this.ssoSessionIdleTimeout = ssoSessionIdleTimeout;
}
public int getSsoSessionMaxLifespan() {
return ssoSessionMaxLifespan;
}
public void setSsoSessionMaxLifespan(int ssoSessionMaxLifespan) {
this.ssoSessionMaxLifespan = ssoSessionMaxLifespan;
}
public int getAccessTokenLifespan() {
return accessTokenLifespan;
}
public void setAccessTokenLifespan(int accessTokenLifespan) {
this.accessTokenLifespan = accessTokenLifespan;
}
public int getAccessCodeLifespan() {
return accessCodeLifespan;
}
public void setAccessCodeLifespan(int accessCodeLifespan) {
this.accessCodeLifespan = accessCodeLifespan;
}
public int getAccessCodeLifespanUserAction() {
return accessCodeLifespanUserAction;
}
public void setAccessCodeLifespanUserAction(int accessCodeLifespanUserAction) {
this.accessCodeLifespanUserAction = accessCodeLifespanUserAction;
}
public String getPublicKeyPem() {
return publicKeyPem;
}
public void setPublicKeyPem(String publicKeyPem) {
this.publicKeyPem = publicKeyPem;
}
public String getPrivateKeyPem() {
return privateKeyPem;
}
public void setPrivateKeyPem(String privateKeyPem) {
this.privateKeyPem = privateKeyPem;
}
public Collection<RequiredCredentialEntity> getRequiredCredentials() {
return requiredCredentials;
}
public void setRequiredCredentials(Collection<RequiredCredentialEntity> requiredCredentials) {
this.requiredCredentials = requiredCredentials;
}
public List<AuthenticationProviderEntity> getAuthenticationProviders() {
return authenticationProviders;
}
public void setAuthenticationProviders(List<AuthenticationProviderEntity> authenticationProviders) {
this.authenticationProviders = authenticationProviders;
}
public Collection<ApplicationEntity> getApplications() {
return applications;
}
public void setApplications(Collection<ApplicationEntity> applications) {
this.applications = applications;
}
public Collection<RoleEntity> getRoles() {
return roles;
}
public void setRoles(Collection<RoleEntity> roles) {
this.roles = roles;
}
public void addRole(RoleEntity role) {
if (roles == null) {
roles = new ArrayList<RoleEntity>();
}
roles.add(role);
}
public Map<String, String> getSmtpConfig() {
return smtpConfig;
}
public void setSmtpConfig(Map<String, String> smtpConfig) {
this.smtpConfig = smtpConfig;
}
public Map<String, String> getSocialConfig() {
return socialConfig;
}
public void setSocialConfig(Map<String, String> socialConfig) {
this.socialConfig = socialConfig;
}
public Map<String, String> getLdapServerConfig() {
return ldapServerConfig;
}
public void setLdapServerConfig(Map<String, String> ldapServerConfig) {
this.ldapServerConfig = ldapServerConfig;
}
public Collection<RoleEntity> getDefaultRoles() {
return defaultRoles;
}
public void setDefaultRoles(Collection<RoleEntity> defaultRoles) {
this.defaultRoles = defaultRoles;
}
public String getPasswordPolicy() {
return passwordPolicy;
}
public void setPasswordPolicy(String passwordPolicy) {
this.passwordPolicy = passwordPolicy;
}
public String getLoginTheme() {
return loginTheme;
}
public void setLoginTheme(String theme) {
this.loginTheme = theme;
}
public String getAccountTheme() {
return accountTheme;
}
public void setAccountTheme(String theme) {
this.accountTheme = theme;
}
public String getAdminTheme() {
return adminTheme;
}
public void setAdminTheme(String adminTheme) {
this.adminTheme = adminTheme;
}
public String getEmailTheme() {
return emailTheme;
}
public void setEmailTheme(String emailTheme) {
this.emailTheme = emailTheme;
}
public int getNotBefore() {
return notBefore;
}
public void setNotBefore(int notBefore) {
this.notBefore = notBefore;
}
public boolean isBruteForceProtected() {
return bruteForceProtected;
}
public void setBruteForceProtected(boolean bruteForceProtected) {
this.bruteForceProtected = bruteForceProtected;
}
public int getMaxFailureWaitSeconds() {
return maxFailureWaitSeconds;
}
public void setMaxFailureWaitSeconds(int maxFailureWaitSeconds) {
this.maxFailureWaitSeconds = maxFailureWaitSeconds;
}
public int getMinimumQuickLoginWaitSeconds() {
return minimumQuickLoginWaitSeconds;
}
public void setMinimumQuickLoginWaitSeconds(int minimumQuickLoginWaitSeconds) {
this.minimumQuickLoginWaitSeconds = minimumQuickLoginWaitSeconds;
}
public int getWaitIncrementSeconds() {
return waitIncrementSeconds;
}
public void setWaitIncrementSeconds(int waitIncrementSeconds) {
this.waitIncrementSeconds = waitIncrementSeconds;
}
public long getQuickLoginCheckMilliSeconds() {
return quickLoginCheckMilliSeconds;
}
public void setQuickLoginCheckMilliSeconds(long quickLoginCheckMilliSeconds) {
this.quickLoginCheckMilliSeconds = quickLoginCheckMilliSeconds;
}
public int getMaxDeltaTimeSeconds() {
return maxDeltaTimeSeconds;
}
public void setMaxDeltaTimeSeconds(int maxDeltaTimeSeconds) {
this.maxDeltaTimeSeconds = maxDeltaTimeSeconds;
}
public int getFailureFactor() {
return failureFactor;
}
public void setFailureFactor(int failureFactor) {
this.failureFactor = failureFactor;
}
public boolean isAuditEnabled() {
return auditEnabled;
}
public void setAuditEnabled(boolean auditEnabled) {
this.auditEnabled = auditEnabled;
}
public long getAuditExpiration() {
return auditExpiration;
}
public void setAuditExpiration(long auditExpiration) {
this.auditExpiration = auditExpiration;
}
public Set<String> getAuditListeners() {
return auditListeners;
}
public void setAuditListeners(Set<String> auditListeners) {
this.auditListeners = auditListeners;
}
public ApplicationEntity getMasterAdminApp() {
return masterAdminApp;
}
public void setMasterAdminApp(ApplicationEntity masterAdminApp) {
this.masterAdminApp = masterAdminApp;
}
}

View file

@ -1,64 +0,0 @@
package org.keycloak.models.realms.jpa.entities;
import org.hibernate.annotations.GenericGenerator;
import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
import javax.persistence.Id;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
@Entity
public class RequiredCredentialEntity {
@Id
@GenericGenerator(name="keycloak_generator", strategy="org.keycloak.models.realms.jpa.utils.JpaIdGenerator")
@GeneratedValue(generator = "keycloak_generator")
protected String id;
protected String type;
protected boolean input;
protected boolean secret;
protected String formLabel;
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getType() {
return type;
}
public void setType(String type) {
this.type = type;
}
public boolean isInput() {
return input;
}
public void setInput(boolean input) {
this.input = input;
}
public boolean isSecret() {
return secret;
}
public void setSecret(boolean secret) {
this.secret = secret;
}
public String getFormLabel() {
return formLabel;
}
public void setFormLabel(String formLabel) {
this.formLabel = formLabel;
}
}

View file

@ -1,152 +0,0 @@
package org.keycloak.models.realms.jpa.entities;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.Id;
import javax.persistence.JoinColumn;
import javax.persistence.JoinTable;
import javax.persistence.ManyToMany;
import javax.persistence.ManyToOne;
import javax.persistence.NamedQueries;
import javax.persistence.NamedQuery;
import javax.persistence.Table;
import javax.persistence.UniqueConstraint;
import java.util.ArrayList;
import java.util.Collection;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
@Entity
@Table(uniqueConstraints = {
@UniqueConstraint(columnNames = { "name", "appRealmConstraint" })
})
@NamedQueries({
@NamedQuery(name="getAppRoleByName", query="select role from RoleEntity role where role.name = :name and role.application = :application"),
@NamedQuery(name="getRealmRoleByName", query="select role from RoleEntity role where role.applicationRole = false and role.name = :name and role.realm = :realm")
})
public class RoleEntity {
@Id
@Column(name="id")
private String id;
private String name;
private String description;
// hax! couldn't get constraint to work properly
private String realmId;
@ManyToOne(fetch = FetchType.LAZY)
@JoinColumn(name = "realm")
private RealmEntity realm;
@Column(name="applicationRole")
private boolean applicationRole;
@ManyToOne(fetch = FetchType.LAZY)
@JoinColumn(name = "application")
private ApplicationEntity application;
// Hack to ensure that either name+application or name+realm are unique. Needed due to MS-SQL as it don't allow multiple NULL values in the column, which is part of constraint
private String appRealmConstraint;
@ManyToMany(fetch = FetchType.LAZY, cascade = {})
@JoinTable(name = "CompositeRole", joinColumns = @JoinColumn(name = "composite"), inverseJoinColumns = @JoinColumn(name = "childRole"))
private Collection<RoleEntity> compositeRoles = new ArrayList<RoleEntity>();
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getRealmId() {
return realmId;
}
public void setRealmId(String realmId) {
this.realmId = realmId;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getDescription() {
return description;
}
public void setDescription(String description) {
this.description = description;
}
public Collection<RoleEntity> getCompositeRoles() {
return compositeRoles;
}
public void setCompositeRoles(Collection<RoleEntity> compositeRoles) {
this.compositeRoles = compositeRoles;
}
public boolean isApplicationRole() {
return applicationRole;
}
public void setApplicationRole(boolean applicationRole) {
this.applicationRole = applicationRole;
}
public RealmEntity getRealm() {
return realm;
}
public void setRealm(RealmEntity realm) {
this.realm = realm;
this.appRealmConstraint = realm.getId();
}
public ApplicationEntity getApplication() {
return application;
}
public void setApplication(ApplicationEntity application) {
this.application = application;
if (application != null) {
this.appRealmConstraint = application.getId();
}
}
public String getAppRealmConstraint() {
return appRealmConstraint;
}
public void setAppRealmConstraint(String appRealmConstraint) {
this.appRealmConstraint = appRealmConstraint;
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false;
RoleEntity that = (RoleEntity) o;
if (!id.equals(that.id)) return false;
return true;
}
@Override
public int hashCode() {
return id.hashCode();
}
}

View file

@ -1,60 +0,0 @@
package org.keycloak.models.realms.jpa.entities;
import org.hibernate.annotations.GenericGenerator;
import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.GeneratedValue;
import javax.persistence.Id;
import javax.persistence.JoinColumn;
import javax.persistence.ManyToOne;
import javax.persistence.NamedQueries;
import javax.persistence.NamedQuery;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
@NamedQueries({
@NamedQuery(name="hasScope", query="select m from ScopeMappingEntity m where m.client = :client and m.role = :role"),
@NamedQuery(name="clientScopeMappings", query="select m from ScopeMappingEntity m where m.client = :client"),
@NamedQuery(name="clientScopeMappingIds", query="select m.role.id from ScopeMappingEntity m where m.client = :client")
})
@Entity
public class ScopeMappingEntity {
@Id
@GenericGenerator(name="keycloak_generator", strategy="org.keycloak.models.realms.jpa.utils.JpaIdGenerator")
@GeneratedValue(generator = "keycloak_generator")
protected String id;
@ManyToOne(fetch= FetchType.LAZY)
protected ClientEntity client;
@ManyToOne(fetch= FetchType.LAZY)
@JoinColumn(name="roleId")
protected RoleEntity role;
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public ClientEntity getClient() {
return client;
}
public void setClient(ClientEntity client) {
this.client = client;
}
public RoleEntity getRole() {
return role;
}
public void setRole(RoleEntity role) {
this.role = role;
}
}

View file

@ -1,19 +0,0 @@
package org.keycloak.models.realms.jpa.utils;
import org.hibernate.HibernateException;
import org.hibernate.engine.spi.SessionImplementor;
import org.hibernate.id.IdentifierGenerator;
import org.keycloak.models.utils.KeycloakModelUtils;
import java.io.Serializable;
/**
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
*/
public class JpaIdGenerator implements IdentifierGenerator {
@Override
public Serializable generate(SessionImplementor session, Object object) throws HibernateException {
return KeycloakModelUtils.generateId();
}
}

View file

@ -1 +0,0 @@
org.keycloak.models.realms.jpa.JpaRealmProviderFactory

View file

@ -1,79 +0,0 @@
<?xml version="1.0"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
<version>1.0-beta-4-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>keycloak-model-users-jpa</artifactId>
<name>Keycloak Model Users JPA</name>
<description/>
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-core</artifactId>
<version>${project.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-model-api</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-model-hybrid</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.hibernate.javax.persistence</groupId>
<artifactId>hibernate-jpa-2.0-api</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-entitymanager</artifactId>
<version>${hibernate.entitymanager.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-model-tests-hybrid</artifactId>
<version>${project.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.h2database</groupId>
<artifactId>h2</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk16</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>net.iharder</groupId>
<artifactId>base64</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-deploy-plugin</artifactId>
<configuration>
<skip>true</skip>
</configuration>
</plugin>
</plugins>
</build>
</project>

View file

@ -1,53 +0,0 @@
package org.keycloak.models.users.jpa;
import org.keycloak.models.KeycloakTransaction;
import javax.persistence.EntityManager;
import javax.persistence.PersistenceException;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class JpaKeycloakTransaction implements KeycloakTransaction {
protected EntityManager em;
public JpaKeycloakTransaction(EntityManager em) {
this.em = em;
}
@Override
public void begin() {
em.getTransaction().begin();
}
@Override
public void commit() {
try {
em.getTransaction().commit();
} catch (PersistenceException e) {
throw PersistenceExceptionConverter.convert(e.getCause() != null ? e.getCause() : e);
}
}
@Override
public void rollback() {
em.getTransaction().rollback();
}
@Override
public void setRollbackOnly() {
em.getTransaction().setRollbackOnly();
}
@Override
public boolean getRollbackOnly() {
return em.getTransaction().getRollbackOnly();
}
@Override
public boolean isActive() {
return em.getTransaction().isActive();
}
}

View file

@ -1,184 +0,0 @@
package org.keycloak.models.users.jpa;
import org.keycloak.models.KeycloakTransaction;
import org.keycloak.models.users.Credentials;
import org.keycloak.models.users.Feature;
import org.keycloak.models.users.User;
import org.keycloak.models.users.UserProvider;
import org.keycloak.models.users.jpa.entities.UserEntity;
import javax.persistence.EntityManager;
import javax.persistence.TypedQuery;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Set;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class JpaUserProvider implements UserProvider {
protected final EntityManager em;
public JpaUserProvider(EntityManager em) {
this.em = PersistenceExceptionConverter.create(em);
}
@Override
public KeycloakTransaction getTransaction() {
return new JpaKeycloakTransaction(em);
}
@Override
public User addUser(String id, String username, Set<String> initialRoles, String realm) {
UserEntity entity = new UserEntity();
entity.setId(id);
entity.setUsername(username);
entity.setEmailConstraint(id);
entity.setRealm(realm);
em.persist(entity);
UserAdapter adapter = new UserAdapter(realm, em, entity);
if (initialRoles != null && !initialRoles.isEmpty()) {
for (String role : initialRoles) {
adapter.grantRole(role);
}
}
return adapter;
}
@Override
public boolean removeUser(String name, String realm) {
TypedQuery<UserEntity> query = em.createNamedQuery("getRealmUserByLoginName", UserEntity.class);
query.setParameter("username", name);
query.setParameter("realm", realm);
List<UserEntity> results = query.getResultList();
if (results.size() == 0) return false;
em.remove(results.get(0));
return true;
}
@Override
public User getUserById(String id, String realm) {
UserEntity user = em.find(UserEntity.class, new UserEntity.Key(id, realm));
return user != null ? new UserAdapter(realm, em, user) : null;
}
@Override
public User getUserByUsername(String username, String realm) {
TypedQuery<UserEntity> query = em.createNamedQuery("getRealmUserByUsername", UserEntity.class);
query.setParameter("username", username);
query.setParameter("realm", realm);
List<UserEntity> results = query.getResultList();
if (results.size() == 0) return null;
return new UserAdapter(realm, em, results.get(0));
}
@Override
public User getUserByEmail(String email, String realm) {
TypedQuery<UserEntity> query = em.createNamedQuery("getRealmUserByEmail", UserEntity.class);
query.setParameter("email", email);
query.setParameter("realm", realm);
List<UserEntity> results = query.getResultList();
return results.isEmpty() ? null : new UserAdapter(realm, em, results.get(0));
}
@Override
public User getUserByAttribute(String name, String value, String realm) {
List<UserEntity> results = em.createNamedQuery("getRealmUserByAttribute", UserEntity.class)
.setParameter("realm", realm)
.setParameter("name", name)
.setParameter("value", value)
.getResultList();
return results.isEmpty() ? null : new UserAdapter(realm, em, results.get(0));
}
@Override
public void close() {
if (em.getTransaction().isActive()) em.getTransaction().rollback();
if (em.isOpen()) em.close();
}
@Override
public List<User> getUsers(String realm) {
TypedQuery<UserEntity> query = em.createQuery("select u from UserEntity u where u.realm = :realm", UserEntity.class);
query.setParameter("realm", realm);
List<UserEntity> results = query.getResultList();
List<User> users = new ArrayList<User>();
for (UserEntity entity : results) users.add(new UserAdapter(realm, em, entity));
return users;
}
@Override
public List<User> searchForUser(String search, String realm) {
TypedQuery<UserEntity> query = em.createQuery("select u from UserEntity u where u.realm = :realm and ( lower(u.username) like :search or lower(concat(u.firstName, ' ', u.lastName)) like :search or u.email like :search )", UserEntity.class);
query.setParameter("realm", realm);
query.setParameter("search", "%" + search.toLowerCase() + "%");
List<UserEntity> results = query.getResultList();
List<User> users = new ArrayList<User>();
for (UserEntity entity : results) users.add(new UserAdapter(realm, em, entity));
return users;
}
@Override
public List<User> searchForUserByAttributes(Map<String, String> attributes, String realm) {
StringBuilder builder = new StringBuilder("select u from UserEntity u");
boolean first = true;
for (Map.Entry<String, String> entry : attributes.entrySet()) {
String attribute = null;
if (entry.getKey().equals(User.USERNAME)) {
attribute = "lower(username)";
} else if (entry.getKey().equalsIgnoreCase(User.FIRST_NAME)) {
attribute = "lower(firstName)";
} else if (entry.getKey().equalsIgnoreCase(User.LAST_NAME)) {
attribute = "lower(lastName)";
} else if (entry.getKey().equalsIgnoreCase(User.EMAIL)) {
attribute = "lower(email)";
}
if (attribute == null) continue;
if (first) {
first = false;
builder.append(" where realm = :realm");
} else {
builder.append(" and ");
}
builder.append(attribute).append(" like '%").append(entry.getValue().toLowerCase()).append("%'");
}
String q = builder.toString();
TypedQuery<UserEntity> query = em.createQuery(q, UserEntity.class);
query.setParameter("realm", realm);
List<UserEntity> results = query.getResultList();
List<User> users = new ArrayList<User>();
for (UserEntity entity : results) users.add(new UserAdapter(realm, em, entity));
return users;
}
@Override
public boolean supports(Feature feature) {
return (feature == Feature.READ_CREDENTIALS || feature == Feature.UPDATE_CREDENTIALS);
}
@Override
public boolean verifyCredentials(User user, Credentials... credentials) {
return false;
}
@Override
public void onRealmRemoved(String realm) {
TypedQuery<UserEntity> query = em.createQuery("select u from UserEntity u where u.realm = :realm", UserEntity.class);
query.setParameter("realm", realm);
for (UserEntity u : query.getResultList()) {
em.remove(u);
}
}
@Override
public void onRoleRemoved(String role) {
em.createQuery("delete from RoleEntity r where r.role = :role").setParameter("role", role).executeUpdate();
}
}

View file

@ -1,43 +0,0 @@
package org.keycloak.models.users.jpa;
import org.keycloak.Config;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.users.UserProvider;
import org.keycloak.models.users.UserProviderFactory;
import org.keycloak.util.JpaUtils;
import javax.persistence.EntityManagerFactory;
import javax.persistence.Persistence;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class JpaUserProviderFactory implements UserProviderFactory {
public static final String ID = "jpa";
protected EntityManagerFactory emf;
@Override
public void init(Config.Scope config) {
String persistenceUnit = config.get("persistenceUnit", "jpa-keycloak-identity-store");
emf = Persistence.createEntityManagerFactory(persistenceUnit, JpaUtils.getHibernateProperties());
}
@Override
public String getId() {
return ID;
}
@Override
public UserProvider create(KeycloakSession session) {
return new JpaUserProvider(emf.createEntityManager());
}
@Override
public void close() {
emf.close();
}
}

View file

@ -1,48 +0,0 @@
package org.keycloak.models.users.jpa;
import org.hibernate.exception.ConstraintViolationException;
import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.ModelException;
import javax.persistence.EntityExistsException;
import javax.persistence.EntityManager;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class PersistenceExceptionConverter implements InvocationHandler {
private EntityManager em;
public static EntityManager create(EntityManager em) {
return (EntityManager) Proxy.newProxyInstance(EntityManager.class.getClassLoader(), new Class[]{EntityManager.class}, new PersistenceExceptionConverter(em));
}
private PersistenceExceptionConverter(EntityManager em) {
this.em = em;
}
@Override
public Object invoke(Object proxy, Method method, Object[] args) throws Throwable {
try {
return method.invoke(em, args);
} catch (InvocationTargetException e) {
throw convert(e.getCause());
}
}
public static ModelException convert(Throwable t) {
if (t.getCause() != null && t.getCause() instanceof ConstraintViolationException) {
throw new ModelDuplicateException(t);
} if (t instanceof EntityExistsException) {
throw new ModelDuplicateException(t);
} else {
throw new ModelException(t);
}
}
}

View file

@ -1,215 +0,0 @@
package org.keycloak.models.users.jpa;
import org.keycloak.models.UserModel;
import org.keycloak.models.users.Credentials;
import org.keycloak.models.users.User;
import org.keycloak.models.users.jpa.entities.UserAttributeEntity;
import org.keycloak.models.users.jpa.entities.UserCredentialEntity;
import org.keycloak.models.users.jpa.entities.UserEntity;
import org.keycloak.models.users.jpa.entities.UserRoleMappingEntity;
import javax.persistence.EntityManager;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class UserAdapter implements User {
protected UserEntity user;
protected EntityManager em;
protected String realm;
public UserAdapter(String realm, EntityManager em, UserEntity user) {
this.em = em;
this.user = user;
this.realm = realm;
}
public UserEntity getUser() {
return user;
}
@Override
public String getId() {
return user.getId();
}
@Override
public boolean isEnabled() {
return user.isEnabled();
}
@Override
public void setEnabled(boolean enabled) {
user.setEnabled(enabled);
}
@Override
public String getUsername() {
return user.getUsername();
}
@Override
public void setUsername(String username) {
user.setUsername(username);
}
@Override
public String getFirstName() {
return user.getFirstName();
}
@Override
public void setFirstName(String firstName) {
user.setFirstName(firstName);
}
@Override
public String getLastName() {
return user.getLastName();
}
@Override
public void setLastName(String lastName) {
user.setLastName(lastName);
}
@Override
public String getEmail() {
return user.getEmail();
}
@Override
public void setEmail(String email) {
user.setEmail(email);
}
@Override
public void setAttribute(String name, String value) {
List<UserAttributeEntity> attributes = user.getAttributes();
for (UserAttributeEntity a : user.getAttributes()) {
if (a.getName().equals(name)) {
a.setValue(value);
return;
}
}
attributes.add(new UserAttributeEntity(user, name, value));
}
@Override
public String getAttribute(String name) {
for (UserAttributeEntity a : user.getAttributes()) {
if (a.getName().equals(name)) {
return a.getValue();
}
}
return null;
}
@Override
public Map<String, String> getAttributes() {
Map<String, String> result = new HashMap<String, String>();
for (UserAttributeEntity a : user.getAttributes()) {
result.put(a.getName(), a.getValue());
}
return result;
}
@Override
public void removeAttribute(String name) {
Iterator<UserAttributeEntity> itr = user.getAttributes().iterator();
while(itr.hasNext()) {
if (itr.next().getName().equals(name)) {
itr.remove();
return;
}
}
}
private UserCredentialEntity getCredentialEntity(String credType) {
for (UserCredentialEntity entity : user.getCredentials()) {
if (entity.getType().equals(credType)) {
return entity;
}
}
return null;
}
@Override
public List<Credentials> getCredentials() {
List<Credentials> result = new ArrayList<Credentials>();
for (UserCredentialEntity entity : user.getCredentials()) {
result.add(new Credentials(entity.getType(), entity.getSalt(), entity.getValue(), entity.getHashIterations(), entity.getDevice()));
}
return result;
}
@Override
public void updateCredential(Credentials credentials) {
UserCredentialEntity entity = getCredentialEntity(credentials.getType());
if (entity == null) {
entity = new UserCredentialEntity(user, credentials.getType());
user.getCredentials().add(entity);
}
entity.setValue(credentials.getValue());
entity.setSalt(credentials.getSalt());
entity.setHashIterations(credentials.getHashIterations());
entity.setDevice(credentials.getDevice());
}
@Override
public void grantRole(String role) {
for (UserRoleMappingEntity r : user.getRoles()) {
if (r.getRole().equals(role)) {
return;
}
}
user.getRoles().add(new UserRoleMappingEntity(user, role));
}
@Override
public Set<String> getRoleMappings() {
Set<String> roles = new HashSet<String>();
for (UserRoleMappingEntity r : user.getRoles()) {
roles.add(r.getRole());
}
return roles;
}
@Override
public void deleteRoleMapping(String role) {
Iterator<UserRoleMappingEntity> itr = user.getRoles().iterator();
while (itr.hasNext()) {
if (itr.next().getRole().equals(role)) {
itr.remove();
return;
}
}
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || !(o instanceof UserModel)) return false;
UserModel that = (UserModel) o;
return that.getId().equals(getId());
}
@Override
public int hashCode() {
return getId().hashCode();
}
}

View file

@ -1,79 +0,0 @@
package org.keycloak.models.users.jpa.entities;
import javax.persistence.Entity;
import javax.persistence.Id;
import javax.persistence.IdClass;
import javax.persistence.ManyToOne;
import java.io.Serializable;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
@Entity
@IdClass(UserAttributeEntity.Key.class)
public class UserAttributeEntity {
@Id
protected String name;
@Id
@ManyToOne
protected UserEntity user;
protected String value;
public UserAttributeEntity() {
}
public UserAttributeEntity(UserEntity user, String name, String value) {
this.user = user;
this.name = name;
this.value = value;
}
public String getName() {
return name;
}
public String getValue() {
return value;
}
public void setValue(String value) {
this.value = value;
}
public static class Key implements Serializable {
private String name;
private UserEntity user;
public Key() {
}
public Key(String name, UserEntity user) {
this.name = name;
this.user = user;
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false;
Key key = (Key) o;
if (name != null ? !name.equals(key.name) : key.name != null) return false;
if (user != null ? !user.equals(key.user) : key.user != null) return false;
return true;
}
@Override
public int hashCode() {
int result = name != null ? name.hashCode() : 0;
result = 31 * result + (user != null ? user.hashCode() : 0);
return result;
}
}
}

View file

@ -1,106 +0,0 @@
package org.keycloak.models.users.jpa.entities;
import javax.persistence.Entity;
import javax.persistence.Id;
import javax.persistence.IdClass;
import javax.persistence.ManyToOne;
import java.io.Serializable;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
@Entity
@IdClass(UserCredentialEntity.Key.class)
public class UserCredentialEntity {
@Id
protected String type;
protected String value;
protected String device;
protected byte[] salt;
protected int hashIterations;
@Id
@ManyToOne
protected UserEntity user;
public UserCredentialEntity() {
}
public UserCredentialEntity(UserEntity user, String type) {
this.user = user;
this.type = type;
}
public String getValue() {
return value;
}
public void setValue(String value) {
this.value = value;
}
public String getType() {
return type;
}
public String getDevice() {
return device;
}
public void setDevice(String device) {
this.device = device;
}
public byte[] getSalt() {
return salt;
}
public void setSalt(byte[] salt) {
this.salt = salt;
}
public int getHashIterations() {
return hashIterations;
}
public void setHashIterations(int hashIterations) {
this.hashIterations = hashIterations;
}
public static class Key implements Serializable {
private String type;
private UserEntity user;
public Key() {
}
public Key(String type, UserEntity user) {
this.type = type;
this.user = user;
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false;
Key key = (Key) o;
if (type != null ? !type.equals(key.type) : key.type != null) return false;
if (user != null ? !user.equals(key.user) : key.user != null) return false;
return true;
}
@Override
public int hashCode() {
int result = type != null ? type.hashCode() : 0;
result = 31 * result + (user != null ? user.hashCode() : 0);
return result;
}
}
}

View file

@ -1,179 +0,0 @@
package org.keycloak.models.users.jpa.entities;
import javax.persistence.CascadeType;
import javax.persistence.Entity;
import javax.persistence.Id;
import javax.persistence.IdClass;
import javax.persistence.NamedQueries;
import javax.persistence.NamedQuery;
import javax.persistence.OneToMany;
import javax.persistence.Table;
import javax.persistence.UniqueConstraint;
import java.io.Serializable;
import java.util.Collection;
import java.util.LinkedList;
import java.util.List;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
@NamedQueries({
@NamedQuery(name="getRealmUserByUsername", query="select u from UserEntity u where u.username = :username and u.realm = :realm"),
@NamedQuery(name="getRealmUserByEmail", query="select u from UserEntity u where u.email = :email and u.realm = :realm"),
@NamedQuery(name="getRealmUserByAttribute", query="select u from UserEntity u join u.attributes a where u.realm = :realm and a.name = :name and a.value = :value")
})
@Entity
@Table(uniqueConstraints = {
@UniqueConstraint(columnNames = { "realm", "username" }),
@UniqueConstraint(columnNames = { "realm", "emailConstraint" })
})
@IdClass(UserEntity.Key.class)
public class UserEntity {
@Id
protected String id;
protected boolean enabled;
protected String username;
protected String firstName;
protected String lastName;
protected String email;
// Hack just to workaround the fact that on MS-SQL you can't have unique constraint with multiple NULL values TODO: Find better solution (like unique index with 'where' but that's proprietary)
protected String emailConstraint;
@Id
protected String realm;
@OneToMany(cascade = CascadeType.ALL, orphanRemoval = true, mappedBy="user")
protected List<UserAttributeEntity> attributes = new LinkedList<UserAttributeEntity>();
@OneToMany(cascade = CascadeType.ALL, orphanRemoval = true, mappedBy="user")
protected List<UserCredentialEntity> credentials = new LinkedList<UserCredentialEntity>();
@OneToMany(cascade = CascadeType.ALL, orphanRemoval = true, mappedBy="user")
protected List<UserRoleMappingEntity> roles = new LinkedList<UserRoleMappingEntity>();
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getFirstName() {
return firstName;
}
public void setFirstName(String firstName) {
this.firstName = firstName;
}
public String getLastName() {
return lastName;
}
public void setLastName(String lastName) {
this.lastName = lastName;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
this.emailConstraint = email != null ? email : id;
}
public boolean isEnabled() {
return enabled;
}
public void setEnabled(boolean enabled) {
this.enabled = enabled;
}
public String getEmailConstraint() {
return emailConstraint;
}
public void setEmailConstraint(String emailConstraint) {
this.emailConstraint = emailConstraint;
}
public List<UserAttributeEntity> getAttributes() {
return attributes;
}
public void setAttributes(List<UserAttributeEntity> attributes) {
this.attributes = attributes;
}
public String getRealm() {
return realm;
}
public void setRealm(String realm) {
this.realm = realm;
}
public Collection<UserCredentialEntity> getCredentials() {
return credentials;
}
public void setCredentials(List<UserCredentialEntity> credentials) {
this.credentials = credentials;
}
public List<UserRoleMappingEntity> getRoles() {
return roles;
}
public void setRoles(List<UserRoleMappingEntity> roles) {
this.roles = roles;
}
public static class Key implements Serializable {
private String id;
private String realm;
public Key() {
}
public Key(String id, String realm) {
this.id = id;
this.realm = realm;
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false;
Key key = (Key) o;
if (id != null ? !id.equals(key.id) : key.id != null) return false;
if (realm != null ? !realm.equals(key.realm) : key.realm != null) return false;
return true;
}
@Override
public int hashCode() {
int result = id != null ? id.hashCode() : 0;
result = 31 * result + (realm != null ? realm.hashCode() : 0);
return result;
}
}
}

View file

@ -1,68 +0,0 @@
package org.keycloak.models.users.jpa.entities;
import javax.persistence.Entity;
import javax.persistence.Id;
import javax.persistence.IdClass;
import javax.persistence.ManyToOne;
import java.io.Serializable;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
@Entity
@IdClass(UserRoleMappingEntity.Key.class)
public class UserRoleMappingEntity {
@Id
protected String role;
@Id
@ManyToOne
protected UserEntity user;
public UserRoleMappingEntity() {
}
public UserRoleMappingEntity(UserEntity user, String role) {
this.user = user;
this.role = role;
}
public String getRole() {
return role;
}
public static class Key implements Serializable {
private String role;
private UserEntity user;
public Key() {
}
public Key(String role, UserEntity user) {
this.role = role;
this.user = user;
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false;
Key key = (Key) o;
if (role != null ? !role.equals(key.role) : key.role != null) return false;
if (user != null ? !user.equals(key.user) : key.user != null) return false;
return true;
}
@Override
public int hashCode() {
int result = role != null ? role.hashCode() : 0;
result = 31 * result + (user != null ? user.hashCode() : 0);
return result;
}
}
}

View file

@ -1 +0,0 @@
org.keycloak.models.users.jpa.JpaUserProviderFactory

View file

@ -1,15 +0,0 @@
package org.keycloak.models.users.jpa;
import org.keycloak.model.test.AbstractUserProviderTest;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class JpaUserProviderTest extends AbstractUserProviderTest {
@Override
protected String getProviderId() {
return JpaUserProviderFactory.ID;
}
}

View file

@ -90,7 +90,7 @@ public class OAuthClientsResource {
try {
OAuthClientModel oauth = RepresentationToModel.createOAuthClient(rep, realm);
return Response.created(uriInfo.getAbsolutePathBuilder().path(oauth.getId()).build()).build();
return Response.created(uriInfo.getAbsolutePathBuilder().path(oauth.getClientId()).build()).build();
} catch (ModelDuplicateException e) {
return Flows.errors().exists("Client " + rep.getName() + " already exists");
}
@ -99,14 +99,14 @@ public class OAuthClientsResource {
/**
* Base path to manage one specific oauth client
*
* @param id oauth client's id (not clientId!)
* @param clientId oauth client's clientId
* @return
*/
@Path("{id}")
public OAuthClientResource getOAuthClient(final @PathParam("id") String id) {
@Path("{clientId}")
public OAuthClientResource getOAuthClient(final @PathParam("clientId") String clientId) {
auth.requireView();
OAuthClientModel oauth = realm.getOAuthClientById(id);
OAuthClientModel oauth = realm.getOAuthClient(clientId);
if (oauth == null) {
throw new NotFoundException("OAuth Client not found");
}

View file

@ -28,8 +28,6 @@ public class OAuthClientTest extends AbstractClientTest {
}
@Test
@Ignore
// TODO For some reason clients are retrieved using id, not client-id
public void removeOAuthClient() {
createOAuthClient();
@ -37,8 +35,6 @@ public class OAuthClientTest extends AbstractClientTest {
}
@Test
@Ignore
// TODO For some reason clients are retrieved using id, not client-id
public void getOAuthClientRepresentation() {
createOAuthClient();