better demo
This commit is contained in:
parent
729d9afac3
commit
74b121539d
8 changed files with 92 additions and 3 deletions
|
@ -16,6 +16,8 @@ public class RealmRepresentation {
|
|||
protected boolean enabled;
|
||||
protected boolean sslNotRequired;
|
||||
protected boolean cookieLoginAllowed;
|
||||
protected String privateKey;
|
||||
protected String publicKey;
|
||||
protected Set<String> roles;
|
||||
protected List<RequiredCredentialRepresentation> requiredCredentials;
|
||||
protected List<UserRepresentation> users;
|
||||
|
@ -151,4 +153,20 @@ public class RealmRepresentation {
|
|||
public void setRoles(Set<String> roles) {
|
||||
this.roles = roles;
|
||||
}
|
||||
|
||||
public String getPrivateKey() {
|
||||
return privateKey;
|
||||
}
|
||||
|
||||
public void setPrivateKey(String privateKey) {
|
||||
this.privateKey = privateKey;
|
||||
}
|
||||
|
||||
public String getPublicKey() {
|
||||
return publicKey;
|
||||
}
|
||||
|
||||
public void setPublicKey(String publicKey) {
|
||||
this.publicKey = publicKey;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,5 +1,8 @@
|
|||
{
|
||||
"realm-url" : "http://localhost:8080/auth-server/rest/realms/demo",
|
||||
"realm" : "demo",
|
||||
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
||||
"auth-url" : "http://localhost:8080/auth-server/rest/realms/demo/tokens/auth/request",
|
||||
"code-url" : "http://localhost:8080/auth-server/rest/realms/demo/tokens/access/codes",
|
||||
"ssl-not-required" : true,
|
||||
"client-id" : "customer-portal",
|
||||
"client-credentials" : {
|
||||
|
|
|
@ -1,5 +1,8 @@
|
|||
{
|
||||
"realm-url" : "http://localhost:8080/auth-server/rest/realms/demo",
|
||||
"realm" : "demo",
|
||||
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
||||
"auth-url" : "http://localhost:8080/auth-server/rest/realms/demo/tokens/auth/request",
|
||||
"code-url" : "http://localhost:8080/auth-server/rest/realms/demo/tokens/access/codes",
|
||||
"ssl-not-required" : true,
|
||||
"client-id" : "product-portal",
|
||||
"client-credentials" : {
|
||||
|
|
|
@ -3,6 +3,8 @@
|
|||
"enabled" : true,
|
||||
"tokenLifespan" : 6000,
|
||||
"accessCodeLifespan" : 30,
|
||||
"privateKey" : "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=",
|
||||
"publicKey" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
||||
"requiredCredentials" : [
|
||||
{
|
||||
"type" : "Password",
|
||||
|
|
|
@ -98,6 +98,9 @@ public class ManagedResourceConfigLoader {
|
|||
remoteSkeletonKeyConfig.setRealmKey(rep.getPublicKeyPem());
|
||||
remoteSkeletonKeyConfig.setAdminRole(rep.getAdminRole());
|
||||
}
|
||||
if (remoteSkeletonKeyConfig.getAdminRole() == null) {
|
||||
remoteSkeletonKeyConfig.setAdminRole("$REALM-ADMIN$");
|
||||
}
|
||||
|
||||
String realm = remoteSkeletonKeyConfig.getRealm();
|
||||
String resource = remoteSkeletonKeyConfig.getResource();
|
||||
|
|
|
@ -13,6 +13,11 @@
|
|||
<description/>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.bouncycastle</groupId>
|
||||
<artifactId>bcprov-jdk16</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-core</artifactId>
|
||||
|
|
|
@ -97,13 +97,19 @@ public class RealmManager {
|
|||
|
||||
|
||||
public void importRealm(RealmRepresentation rep, RealmModel newRealm) {
|
||||
generateRealmKeys(newRealm);
|
||||
newRealm.setName(rep.getRealm());
|
||||
newRealm.setEnabled(rep.isEnabled());
|
||||
newRealm.setTokenLifespan(rep.getTokenLifespan());
|
||||
newRealm.setAccessCodeLifespan(rep.getAccessCodeLifespan());
|
||||
newRealm.setSslNotRequired(rep.isSslNotRequired());
|
||||
newRealm.setCookieLoginAllowed(rep.isCookieLoginAllowed());
|
||||
if (rep.getPrivateKey() == null || rep.getPublicKey() == null) {
|
||||
generateRealmKeys(newRealm);
|
||||
} else {
|
||||
newRealm.setPrivateKeyPem(rep.getPrivateKey());
|
||||
newRealm.setPublicKeyPem(rep.getPublicKey());
|
||||
}
|
||||
|
||||
newRealm.updateRealm();
|
||||
|
||||
|
||||
|
|
49
services/src/test/java/org/keycloak/test/RealmKeyGenerator.java
Executable file
49
services/src/test/java/org/keycloak/test/RealmKeyGenerator.java
Executable file
|
@ -0,0 +1,49 @@
|
|||
package org.keycloak.test;
|
||||
|
||||
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||
import org.bouncycastle.openssl.PEMWriter;
|
||||
import org.jboss.resteasy.security.PemUtils;
|
||||
import org.keycloak.services.models.RealmModel;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.StringWriter;
|
||||
import java.security.KeyPair;
|
||||
import java.security.KeyPairGenerator;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.PublicKey;
|
||||
import java.security.Security;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||
* @version $Revision: 1 $
|
||||
*/
|
||||
public class RealmKeyGenerator {
|
||||
static {
|
||||
if (Security.getProvider("BC") == null) Security.addProvider(new BouncyCastleProvider());
|
||||
}
|
||||
public static void main(String[] args) throws Exception {
|
||||
KeyPair keyPair = null;
|
||||
try {
|
||||
keyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
|
||||
System.out.println("privateKey : " + printKey(keyPair.getPrivate()));
|
||||
System.out.println("publicKey : " + printKey(keyPair.getPublic()));
|
||||
}
|
||||
|
||||
private static String printKey(Object key){
|
||||
StringWriter writer = new StringWriter();
|
||||
PEMWriter pemWriter = new PEMWriter(writer);
|
||||
try {
|
||||
pemWriter.writeObject(key);
|
||||
pemWriter.flush();
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
String s = writer.toString();
|
||||
return PemUtils.removeBeginEnd(s);
|
||||
|
||||
}
|
||||
}
|
Loading…
Reference in a new issue