From 81849ae631a6364fb52c3cd5ef143f6c93d3331c Mon Sep 17 00:00:00 2001 From: Jimmi Dyson Date: Thu, 15 Jan 2015 11:52:05 +0000 Subject: [PATCH] Configure resource constraints via Spring Boot properties --- .../KeycloakSpringBootConfiguration.java | 53 ++++++++++-- .../KeycloakSpringBootProperties.java | 81 +++++++++++++++++++ 2 files changed, 127 insertions(+), 7 deletions(-) diff --git a/integration/spring-boot/src/main/java/org/keycloak/adapters/springboot/KeycloakSpringBootConfiguration.java b/integration/spring-boot/src/main/java/org/keycloak/adapters/springboot/KeycloakSpringBootConfiguration.java index e9056e2667..f48929d439 100755 --- a/integration/spring-boot/src/main/java/org/keycloak/adapters/springboot/KeycloakSpringBootConfiguration.java +++ b/integration/spring-boot/src/main/java/org/keycloak/adapters/springboot/KeycloakSpringBootConfiguration.java @@ -17,6 +17,9 @@ import org.springframework.boot.context.properties.EnableConfigurationProperties import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import java.util.HashSet; +import java.util.Set; + /** * Keycloak authentication integration for Spring Boot * @@ -65,16 +68,52 @@ public class KeycloakSpringBootConfiguration { loginConfig.setAuthMethod("KEYCLOAK"); context.setLoginConfig(loginConfig); - context.addSecurityRole("jimmiapprole"); + Set authRoles = new HashSet(); + for (KeycloakSpringBootProperties.SecurityConstraint constraint : keycloakProperties.getSecurityConstraints()) { + for (KeycloakSpringBootProperties.SecurityCollection collection : constraint.getSecurityCollections()) { + for (String authRole : collection.getAuthRoles()) { + if (!authRoles.contains(authRole)) { + context.addSecurityRole(authRole); + authRoles.add(authRole); + } + } + } + } - SecurityConstraint constraint = new SecurityConstraint(); - constraint.addAuthRole("jimmiapprole"); + for (KeycloakSpringBootProperties.SecurityConstraint constraint : keycloakProperties.getSecurityConstraints()) { + SecurityConstraint tomcatConstraint = new SecurityConstraint(); - SecurityCollection collection = new SecurityCollection(); - collection.addPattern("/*"); - constraint.addCollection(collection); + for (KeycloakSpringBootProperties.SecurityCollection collection : constraint.getSecurityCollections()) { + SecurityCollection tomcatSecCollection = new SecurityCollection(); - context.addConstraint(constraint); + if (collection.getName() != null) { + tomcatSecCollection.setName(collection.getName()); + } + if (collection.getDescription() != null) { + tomcatSecCollection.setDescription(collection.getDescription()); + } + + for (String authRole : collection.getAuthRoles()) { + tomcatConstraint.addAuthRole(authRole); + } + + for (String pattern : collection.getPatterns()) { + tomcatSecCollection.addPattern(pattern); + } + + for (String method : collection.getMethods()) { + tomcatSecCollection.addMethod(method); + } + + for (String method : collection.getOmittedMethods()) { + tomcatSecCollection.addOmittedMethod(method); + } + + tomcatConstraint.addCollection(tomcatSecCollection); + } + + context.addConstraint(tomcatConstraint); + } context.addParameter("keycloak.config.resolver", KeycloakSpringBootConfigResolver.class.getName()); } diff --git a/integration/spring-boot/src/main/java/org/keycloak/adapters/springboot/KeycloakSpringBootProperties.java b/integration/spring-boot/src/main/java/org/keycloak/adapters/springboot/KeycloakSpringBootProperties.java index ee922d13cb..18ec7917c6 100644 --- a/integration/spring-boot/src/main/java/org/keycloak/adapters/springboot/KeycloakSpringBootProperties.java +++ b/integration/spring-boot/src/main/java/org/keycloak/adapters/springboot/KeycloakSpringBootProperties.java @@ -3,7 +3,88 @@ package org.keycloak.adapters.springboot; import org.keycloak.representations.adapters.config.AdapterConfig; import org.springframework.boot.context.properties.ConfigurationProperties; +import java.util.ArrayList; +import java.util.List; + @ConfigurationProperties(prefix = "keycloak", ignoreUnknownFields = false) public class KeycloakSpringBootProperties extends AdapterConfig { + private List securityConstraints = new ArrayList(); + + public static class SecurityConstraint { + private List securityCollections = new ArrayList(); + + public List getSecurityCollections() { + return securityCollections; + } + + public void setSecurityCollections(List securityCollections) { + this.securityCollections = securityCollections; + } + } + + public static class SecurityCollection { + private String name; + private String description; + private List authRoles = new ArrayList(); + private List patterns = new ArrayList(); + private List methods = new ArrayList(); + private List omittedMethods = new ArrayList(); + + public List getAuthRoles() { + return authRoles; + } + + public List getPatterns() { + return patterns; + } + + public List getMethods() { + return methods; + } + + public String getDescription() { + return description; + } + + public String getName() { + return name; + } + + public List getOmittedMethods() { + return omittedMethods; + } + + public void setName(String name) { + this.name = name; + } + + public void setDescription(String description) { + this.description = description; + } + + public void setAuthRoles(List authRoles) { + this.authRoles = authRoles; + } + + public void setPatterns(List patterns) { + this.patterns = patterns; + } + + public void setMethods(List methods) { + this.methods = methods; + } + + public void setOmittedMethods(List omittedMethods) { + this.omittedMethods = omittedMethods; + } + } + + public List getSecurityConstraints() { + return securityConstraints; + } + + public void setSecurityConstraints(List securityConstraints) { + this.securityConstraints = securityConstraints; + } }