merge
This commit is contained in:
commit
73f64bf4ec
16 changed files with 128 additions and 15 deletions
|
@ -22,6 +22,7 @@ public class RealmRepresentation {
|
|||
protected String privateKey;
|
||||
protected String publicKey;
|
||||
protected List<RoleRepresentation> roles;
|
||||
protected String[] defaultRoles;
|
||||
protected Set<String> requiredCredentials;
|
||||
protected Set<String> requiredApplicationCredentials;
|
||||
protected Set<String> requiredOAuthClientCredentials;
|
||||
|
@ -183,6 +184,14 @@ public class RealmRepresentation {
|
|||
this.roles = roles;
|
||||
}
|
||||
|
||||
public String[] getDefaultRoles() {
|
||||
return defaultRoles;
|
||||
}
|
||||
|
||||
public void setDefaultRoles(String[] defaultRoles) {
|
||||
this.defaultRoles = defaultRoles;
|
||||
}
|
||||
|
||||
public String getPrivateKey() {
|
||||
return privateKey;
|
||||
}
|
||||
|
|
|
@ -43,6 +43,7 @@ public class DemoApplication extends KeycloakApplication {
|
|||
manager.generateRealmKeys(defaultRealm);
|
||||
defaultRealm.addRequiredCredential(CredentialRepresentation.PASSWORD);
|
||||
defaultRealm.addRole(SaasService.REALM_CREATOR_ROLE);
|
||||
defaultRealm.addDefaultRole(SaasService.REALM_CREATOR_ROLE);
|
||||
|
||||
RealmRepresentation rep = loadJson("META-INF/testrealm.json");
|
||||
RealmModel realm = manager.createRealm("demo", rep.getRealm());
|
||||
|
|
|
@ -11,6 +11,7 @@
|
|||
"requiredCredentials": [ "password" ],
|
||||
"requiredApplicationCredentials": [ "password" ],
|
||||
"requiredOAuthClientCredentials": [ "password" ],
|
||||
"defaultRoles": [ "user" ],
|
||||
"users" : [
|
||||
{
|
||||
"username" : "bburke@redhat.com",
|
||||
|
|
|
@ -2,7 +2,6 @@ package org.keycloak.services.managers;
|
|||
|
||||
import org.jboss.resteasy.logging.Logger;
|
||||
import org.keycloak.representations.idm.*;
|
||||
import org.keycloak.representations.idm.ApplicationRepresentation;
|
||||
import org.keycloak.services.models.*;
|
||||
|
||||
import java.security.KeyPair;
|
||||
|
@ -84,6 +83,9 @@ public class RealmManager {
|
|||
if (rep.getRequiredApplicationCredentials() != null) {
|
||||
realm.updateRequiredApplicationCredentials(rep.getRequiredApplicationCredentials());
|
||||
}
|
||||
if (rep.getDefaultRoles() != null) {
|
||||
realm.updateDefaultRoles(rep.getDefaultRoles());
|
||||
}
|
||||
}
|
||||
|
||||
public RealmModel importRealm(RealmRepresentation rep, UserModel realmCreator) {
|
||||
|
@ -131,11 +133,9 @@ public class RealmManager {
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
UserManager userManager = new UserManager();
|
||||
if (rep.getUsers() != null) {
|
||||
for (UserRepresentation userRep : rep.getUsers()) {
|
||||
UserModel user = userManager.createUser(newRealm, userRep);
|
||||
UserModel user = createUser(newRealm, userRep);
|
||||
userMap.put(user.getLoginName(), user);
|
||||
}
|
||||
}
|
||||
|
@ -146,6 +146,12 @@ public class RealmManager {
|
|||
}
|
||||
}
|
||||
|
||||
if (rep.getDefaultRoles() != null) {
|
||||
for (String roleString : rep.getDefaultRoles()) {
|
||||
newRealm.addDefaultRole(roleString.trim());
|
||||
}
|
||||
}
|
||||
|
||||
if (rep.getApplications() != null) {
|
||||
createResources(rep, newRealm);
|
||||
}
|
||||
|
@ -183,6 +189,24 @@ public class RealmManager {
|
|||
if (roleRep.getDescription() != null) role.setDescription(roleRep.getDescription());
|
||||
}
|
||||
|
||||
public UserModel createUser(RealmModel newRealm, UserRepresentation userRep) {
|
||||
UserModel user = newRealm.addUser(userRep.getUsername());
|
||||
user.setEnabled(userRep.isEnabled());
|
||||
if (userRep.getAttributes() != null) {
|
||||
for (Map.Entry<String, String> entry : userRep.getAttributes().entrySet()) {
|
||||
user.setAttribute(entry.getKey(), entry.getValue());
|
||||
}
|
||||
}
|
||||
if (userRep.getCredentials() != null) {
|
||||
for (CredentialRepresentation cred : userRep.getCredentials()) {
|
||||
UserCredentialModel credential = new UserCredentialModel();
|
||||
credential.setType(cred.getType());
|
||||
credential.setValue(cred.getValue());
|
||||
newRealm.updateCredential(user, credential);
|
||||
}
|
||||
}
|
||||
return user;
|
||||
}
|
||||
|
||||
public void addRequiredCredential(RealmModel newRealm, String requiredCred) {
|
||||
newRealm.addRequiredCredential(requiredCred);
|
||||
|
|
|
@ -79,6 +79,12 @@ public interface RealmModel {
|
|||
|
||||
List<RoleModel> getRoles();
|
||||
|
||||
List<RoleModel> getDefaultRoles();
|
||||
|
||||
void addDefaultRole(String name);
|
||||
|
||||
void updateDefaultRoles(String[] defaultRoles);
|
||||
|
||||
Map<String, ApplicationModel> getResourceNameMap();
|
||||
|
||||
List<ApplicationModel> getApplications();
|
||||
|
|
|
@ -29,6 +29,7 @@ public class RealmEntity {
|
|||
protected String publicKeyPem;
|
||||
@Column(length = 2048)
|
||||
protected String privateKeyPem;
|
||||
protected String[] defaultRoles;
|
||||
|
||||
@OneToMany(cascade ={CascadeType.REMOVE}, orphanRemoval = true)
|
||||
Collection<RequiredCredentailEntity> requiredCredentials;
|
||||
|
|
|
@ -41,6 +41,7 @@ import java.security.PrivateKey;
|
|||
import java.security.PublicKey;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
|
@ -665,4 +666,48 @@ public class RealmAdapter implements RealmModel {
|
|||
relationship.setRealm(realm.getName());
|
||||
getRelationshipManager().add(relationship);
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<RoleModel> getDefaultRoles() {
|
||||
List<RoleModel> defaultRoleModels = new ArrayList<RoleModel>();
|
||||
if (realm.getDefaultRoles() != null) {
|
||||
for (String name : realm.getDefaultRoles()) {
|
||||
RoleAdapter role = getRole(name);
|
||||
if (role != null) {
|
||||
defaultRoleModels.add(role);
|
||||
}
|
||||
}
|
||||
}
|
||||
return defaultRoleModels;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void addDefaultRole(String name) {
|
||||
if (getRole(name) == null) {
|
||||
addRole(name);
|
||||
}
|
||||
|
||||
String[] defaultRoles = realm.getDefaultRoles();
|
||||
if (defaultRoles == null) {
|
||||
defaultRoles = new String[1];
|
||||
} else {
|
||||
defaultRoles = Arrays.copyOf(defaultRoles, defaultRoles.length + 1);
|
||||
}
|
||||
defaultRoles[defaultRoles.length - 1] = name;
|
||||
|
||||
realm.setDefaultRoles(defaultRoles);
|
||||
updateRealm();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void updateDefaultRoles(String[] defaultRoles) {
|
||||
for (String name : defaultRoles) {
|
||||
if (getRole(name) == null) {
|
||||
addRole(name);
|
||||
}
|
||||
}
|
||||
|
||||
realm.setDefaultRoles(defaultRoles);
|
||||
updateRealm();
|
||||
}
|
||||
}
|
||||
|
|
|
@ -19,6 +19,7 @@ public class RealmData extends AbstractPartition {
|
|||
private int accessCodeLifespan;
|
||||
private String publicKeyPem;
|
||||
private String privateKeyPem;
|
||||
private String[] defaultRoles;
|
||||
|
||||
public RealmData() {
|
||||
super(null);
|
||||
|
@ -116,4 +117,13 @@ public class RealmData extends AbstractPartition {
|
|||
public void setPrivateKeyPem(String privateKeyPem) {
|
||||
this.privateKeyPem = privateKeyPem;
|
||||
}
|
||||
|
||||
@AttributeProperty
|
||||
public String[] getDefaultRoles() {
|
||||
return defaultRoles;
|
||||
}
|
||||
|
||||
public void setDefaultRoles(String[] defaultRoles) {
|
||||
this.defaultRoles = defaultRoles;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -46,6 +46,8 @@ public class RealmEntity implements Serializable {
|
|||
@AttributeValue
|
||||
@Column(length = 2048)
|
||||
private String privateKeyPem;
|
||||
@AttributeValue
|
||||
private String[] defaultRoles;
|
||||
|
||||
|
||||
public PartitionTypeEntity getPartitionTypeEntity() {
|
||||
|
|
|
@ -376,8 +376,11 @@ public class SaasService {
|
|||
credModel.setValue(cred.getValue());
|
||||
defaultRealm.updateCredential(user, credModel);
|
||||
}
|
||||
RoleModel realmCreator = defaultRealm.getRole(REALM_CREATOR_ROLE);
|
||||
defaultRealm.grantRole(user, realmCreator);
|
||||
|
||||
for (RoleModel role : defaultRealm.getDefaultRoles()) {
|
||||
defaultRealm.grantRole(user, role);
|
||||
}
|
||||
|
||||
return user;
|
||||
}
|
||||
|
||||
|
|
|
@ -144,13 +144,16 @@ public class SocialResource {
|
|||
UserModel user = realm.getUser(provider.getId() + "." + socialUser.getId());
|
||||
|
||||
if (user == null) {
|
||||
if (!realm.isRegistrationAllowed()) {
|
||||
return oauth.forwardToSecurityFailure("Registration not allowed");
|
||||
}
|
||||
|
||||
user = realm.addUser(provider.getId() + "." + socialUser.getId());
|
||||
user.setAttribute(provider.getId() + ".id", socialUser.getId());
|
||||
|
||||
// TODO Grant default roles for realm when available
|
||||
RoleModel defaultRole = realm.getRole("user");
|
||||
|
||||
realm.grantRole(user, defaultRole);
|
||||
for (RoleModel role : realm.getDefaultRoles()) {
|
||||
realm.grantRole(user, role);
|
||||
}
|
||||
}
|
||||
|
||||
if (!user.isEnabled()) {
|
||||
|
|
|
@ -296,10 +296,9 @@ public class TokenService {
|
|||
credentials.setValue(formData.getFirst("password"));
|
||||
realm.updateCredential(user, credentials);
|
||||
|
||||
// TODO Grant default roles for realm when available
|
||||
RoleModel defaultRole = realm.getRole("user");
|
||||
|
||||
realm.grantRole(user, defaultRole);
|
||||
for (RoleModel role : realm.getDefaultRoles()) {
|
||||
realm.grantRole(user, role);
|
||||
}
|
||||
|
||||
return processLogin(clientId, scopeParam, state, redirect, formData);
|
||||
}
|
||||
|
|
|
@ -75,6 +75,7 @@ public class AdapterTest {
|
|||
realmModel.setPrivateKeyPem("0234234");
|
||||
realmModel.setPublicKeyPem("0234234");
|
||||
realmModel.setTokenLifespan(1000);
|
||||
realmModel.addDefaultRole("foo");
|
||||
|
||||
System.out.println(realmModel.getId());
|
||||
realmModel = adapter.getRealm(realmModel.getId());
|
||||
|
@ -85,6 +86,8 @@ public class AdapterTest {
|
|||
Assert.assertEquals(realmModel.getName(), "JUGGLER");
|
||||
Assert.assertEquals(realmModel.getPrivateKeyPem(), "0234234");
|
||||
Assert.assertEquals(realmModel.getPublicKeyPem(), "0234234");
|
||||
Assert.assertEquals(1, realmModel.getDefaultRoles().size());
|
||||
Assert.assertEquals("foo", realmModel.getDefaultRoles().get(0).getName());
|
||||
}
|
||||
|
||||
@Test
|
||||
|
@ -134,7 +137,7 @@ public class AdapterTest {
|
|||
realmModel.addRole("admin");
|
||||
realmModel.addRole("user");
|
||||
List<RoleModel> roles = realmModel.getRoles();
|
||||
Assert.assertEquals(5, roles.size());
|
||||
Assert.assertEquals(6, roles.size());
|
||||
UserModel user = realmModel.addUser("bburke");
|
||||
RoleModel role = realmModel.getRole("user");
|
||||
realmModel.grantRole(user, role);
|
||||
|
|
|
@ -72,6 +72,10 @@ public class ImportTest {
|
|||
Assert.assertEquals(1, creds.size());
|
||||
RequiredCredentialModel cred = creds.get(0);
|
||||
Assert.assertEquals("password", cred.getFormLabel());
|
||||
Assert.assertEquals(2, realm.getDefaultRoles().size());
|
||||
|
||||
Assert.assertNotNull(realm.getRole("foo"));
|
||||
Assert.assertNotNull(realm.getRole("bar"));
|
||||
|
||||
UserModel user = realm.getUser("loginclient");
|
||||
Assert.assertNotNull(user);
|
||||
|
|
|
@ -24,6 +24,7 @@ public class InstallationManager {
|
|||
manager.generateRealmKeys(defaultRealm);
|
||||
defaultRealm.addRequiredCredential(CredentialRepresentation.PASSWORD);
|
||||
defaultRealm.addRole(SaasService.REALM_CREATOR_ROLE);
|
||||
defaultRealm.addDefaultRole(SaasService.REALM_CREATOR_ROLE);
|
||||
}
|
||||
|
||||
public boolean isInstalled(RealmManager manager) {
|
||||
|
|
|
@ -6,6 +6,7 @@
|
|||
"requiredCredentials": [ "password" ],
|
||||
"requiredApplicationCredentials": [ "password" ],
|
||||
"requiredOAuthClientCredentials": [ "password" ],
|
||||
"defaultRoles": [ "foo", "bar" ],
|
||||
"users": [
|
||||
{
|
||||
"username": "wburke",
|
||||
|
|
Loading…
Reference in a new issue