federation refactor

This commit is contained in:
Bill Burke 2014-07-30 16:01:54 -04:00
parent ba8fe1ddaf
commit 8ea0d19d2f
38 changed files with 903 additions and 3822 deletions

View file

@ -9,7 +9,7 @@
<class>org.keycloak.models.jpa.entities.RealmEntity</class>
<class>org.keycloak.models.jpa.entities.RequiredCredentialEntity</class>
<class>org.keycloak.models.jpa.entities.AuthenticationProviderEntity</class>
<class>org.keycloak.models.jpa.entities.FederationProviderEntity</class>
<class>org.keycloak.models.jpa.entities.UserFederationProviderEntity</class>
<class>org.keycloak.models.jpa.entities.RoleEntity</class>
<class>org.keycloak.models.jpa.entities.SocialLinkEntity</class>
<class>org.keycloak.models.jpa.entities.AuthenticationLinkEntity</class>

View file

@ -10,6 +10,7 @@ public class UserFederationProviderRepresentation {
private String id;
private String providerName;
private Map<String, String> config;
private int priority;
public String getId() {
return id;
@ -36,6 +37,14 @@ public class UserFederationProviderRepresentation {
this.config = config;
}
public int getPriority() {
return priority;
}
public void setPriority(int priority) {
this.priority = priority;
}
@Override
public boolean equals(Object o) {
if (this == o) return true;

View file

@ -167,6 +167,8 @@ public interface RealmModel extends RoleContainerModel {
List<UserFederationProviderModel> getUserFederationProviders();
UserFederationProviderModel addUserFederationProvider(String providerName, Map<String, String> config, int priority);
void removeUserFederationProvider(UserFederationProviderModel provider);
void setUserFederationProviders(List<UserFederationProviderModel> providers);
String getLoginTheme();

View file

@ -12,10 +12,11 @@ public class UserFederationProviderModel {
private String id;
private String providerName;
private Map<String, String> config = new HashMap<String, String>();
private int priority;
public UserFederationProviderModel() {};
public UserFederationProviderModel(String id, String providerName, Map<String, String> config) {
public UserFederationProviderModel(String id, String providerName, Map<String, String> config, int priority) {
this.id = id;
this.providerName = providerName;
if (config != null) {
@ -42,4 +43,12 @@ public class UserFederationProviderModel {
public void setConfig(Map<String, String> config) {
this.config = config;
}
public int getPriority() {
return priority;
}
public void setPriority(int priority) {
this.priority = priority;
}
}

View file

@ -51,7 +51,7 @@ public class RealmEntity extends AbstractIdentifiableEntity {
private List<RequiredCredentialEntity> requiredCredentials = new ArrayList<RequiredCredentialEntity>();
private List<AuthenticationProviderEntity> authenticationProviders = new ArrayList<AuthenticationProviderEntity>();
private List<FederationProviderEntity> federationProviders = new ArrayList<FederationProviderEntity>();
private List<UserFederationProviderEntity> userFederationProviders = new ArrayList<UserFederationProviderEntity>();
private Map<String, String> smtpConfig = new HashMap<String, String>();
private Map<String, String> socialConfig = new HashMap<String, String>();
@ -383,11 +383,11 @@ public class RealmEntity extends AbstractIdentifiableEntity {
this.adminAppId = adminAppId;
}
public List<FederationProviderEntity> getFederationProviders() {
return federationProviders;
public List<UserFederationProviderEntity> getUserFederationProviders() {
return userFederationProviders;
}
public void setFederationProviders(List<FederationProviderEntity> federationProviders) {
this.federationProviders = federationProviders;
public void setUserFederationProviders(List<UserFederationProviderEntity> userFederationProviders) {
this.userFederationProviders = userFederationProviders;
}
}

View file

@ -6,10 +6,12 @@ import java.util.Map;
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class FederationProviderEntity {
public class UserFederationProviderEntity {
protected String id;
protected String providerName;
private Map<String, String> config;
protected Map<String, String> config;
protected int priority;
public String getId() {
return id;
@ -34,4 +36,12 @@ public class FederationProviderEntity {
public void setConfig(Map<String, String> config) {
this.config = config;
}
public int getPriority() {
return priority;
}
public void setPriority(int priority) {
this.priority = priority;
}
}

View file

@ -608,7 +608,7 @@ public class RealmAdapter implements RealmModel {
@Override
public List<UserFederationProviderModel> getUserFederationProviders() {
if (updated != null) return updated.getUserFederationProviders();
return cached.getFederationProviders();
return cached.getUserFederationProviders();
}
@Override
@ -617,6 +617,19 @@ public class RealmAdapter implements RealmModel {
updated.setUserFederationProviders(providers);
}
@Override
public UserFederationProviderModel addUserFederationProvider(String providerName, Map<String, String> config, int priority) {
getDelegateForUpdate();
return updated.addUserFederationProvider(providerName, config, priority);
}
@Override
public void removeUserFederationProvider(UserFederationProviderModel provider) {
getDelegateForUpdate();
updated.removeUserFederationProvider(provider);
}
@Override
public String getLoginTheme() {
if (updated != null) return updated.getLoginTheme();

View file

@ -65,7 +65,7 @@ public class CachedRealm {
private List<RequiredCredentialModel> requiredCredentials = new ArrayList<RequiredCredentialModel>();
private List<AuthenticationProviderModel> authenticationProviders = new ArrayList<AuthenticationProviderModel>();
private List<UserFederationProviderModel> federationProviders = new ArrayList<UserFederationProviderModel>();
private List<UserFederationProviderModel> userFederationProviders = new ArrayList<UserFederationProviderModel>();
private Map<String, String> smtpConfig = new HashMap<String, String>();
private Map<String, String> socialConfig = new HashMap<String, String>();
@ -122,7 +122,7 @@ public class CachedRealm {
requiredCredentials = model.getRequiredCredentials();
authenticationProviders = model.getAuthenticationProviders();
federationProviders = model.getUserFederationProviders();
userFederationProviders = model.getUserFederationProviders();
smtpConfig.putAll(model.getSmtpConfig());
socialConfig.putAll(model.getSocialConfig());
@ -331,7 +331,7 @@ public class CachedRealm {
return auditListeners;
}
public List<UserFederationProviderModel> getFederationProviders() {
return federationProviders;
public List<UserFederationProviderModel> getUserFederationProviders() {
return userFederationProviders;
}
}

View file

@ -3,8 +3,9 @@ package org.keycloak.models.jpa;
import org.keycloak.models.ApplicationModel;
import org.keycloak.models.AuthenticationProviderModel;
import org.keycloak.models.ClientModel;
import org.keycloak.models.UserFederationProvider;
import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.jpa.entities.FederationProviderEntity;
import org.keycloak.models.jpa.entities.UserFederationProviderEntity;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.OAuthClientModel;
import org.keycloak.models.PasswordPolicy;
@ -30,6 +31,7 @@ import java.util.Comparator;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
@ -728,61 +730,104 @@ public class RealmAdapter implements RealmModel {
@Override
public List<UserFederationProviderModel> getUserFederationProviders() {
List<FederationProviderEntity> entities = realm.getFederationProviders();
List<FederationProviderEntity> copy = new ArrayList<FederationProviderEntity>();
for (FederationProviderEntity entity : entities) {
List<UserFederationProviderEntity> entities = realm.getUserFederationProviders();
List<UserFederationProviderEntity> copy = new ArrayList<UserFederationProviderEntity>();
for (UserFederationProviderEntity entity : entities) {
copy.add(entity);
}
Collections.sort(copy, new Comparator<FederationProviderEntity>() {
Collections.sort(copy, new Comparator<UserFederationProviderEntity>() {
@Override
public int compare(FederationProviderEntity o1, FederationProviderEntity o2) {
public int compare(UserFederationProviderEntity o1, UserFederationProviderEntity o2) {
return o1.getPriority() - o2.getPriority();
}
});
List<UserFederationProviderModel> result = new ArrayList<UserFederationProviderModel>();
for (FederationProviderEntity entity : copy) {
result.add(new UserFederationProviderModel(entity.getId(), entity.getProviderName(), entity.getConfig()));
for (UserFederationProviderEntity entity : copy) {
result.add(new UserFederationProviderModel(entity.getId(), entity.getProviderName(), entity.getConfig(), entity.getPriority()));
}
return result;
}
@Override
public void setUserFederationProviders(List<UserFederationProviderModel> providers) {
List<FederationProviderEntity> newEntities = new ArrayList<FederationProviderEntity>();
int counter = 1;
for (UserFederationProviderModel model : providers) {
FederationProviderEntity entity = new FederationProviderEntity();
entity.setId(KeycloakModelUtils.generateId());
entity.setRealm(realm);
entity.setProviderName(model.getProviderName());
entity.setConfig(model.getConfig());
entity.setPriority(counter++);
newEntities.add(entity);
}
// Remove all existing first
Collection<FederationProviderEntity> existing = realm.getFederationProviders();
Collection<FederationProviderEntity> copy = new ArrayList<FederationProviderEntity>(existing);
for (FederationProviderEntity apToRemove : copy) {
existing.remove(apToRemove);
em.remove(apToRemove);
}
em.flush();
// Now create all new providers
for (FederationProviderEntity apToAdd : newEntities) {
existing.add(apToAdd);
em.persist(apToAdd);
}
public UserFederationProviderModel addUserFederationProvider(String providerName, Map<String, String> config, int priority) {
String id = KeycloakModelUtils.generateId();
UserFederationProviderEntity entity = new UserFederationProviderEntity();
entity.setId(id);
entity.setRealm(realm);
entity.setProviderName(providerName);
entity.setConfig(config);
entity.setPriority(priority);
em.persist(entity);
realm.getUserFederationProviders().add(entity);
em.flush();
return new UserFederationProviderModel(entity.getId(), providerName, config, priority);
}
@Override
public void removeUserFederationProvider(UserFederationProviderModel provider) {
UserFederationProviderEntity entity = null;
Iterator<UserFederationProviderEntity> it = realm.getUserFederationProviders().iterator();
while (it.hasNext()) {
if (entity.getId().equals(provider.getId())) {
it.remove();
em.remove(entity);
return;
}
}
}
@Override
public void setUserFederationProviders(List<UserFederationProviderModel> providers) {
Iterator<UserFederationProviderEntity> it = realm.getUserFederationProviders().iterator();
while (it.hasNext()) {
UserFederationProviderEntity entity = it.next();
boolean found = false;
for (UserFederationProviderModel model : providers) {
if (entity.getId().equals(model.getId())) {
entity.setConfig(model.getConfig());
entity.setPriority(model.getPriority());
entity.setProviderName(model.getProviderName());
entity.setPriority(model.getPriority());
found = true;
break;
}
}
if (found) continue;
it.remove();
em.remove(entity);
}
List<UserFederationProviderModel> add = new LinkedList<UserFederationProviderModel>();
for (UserFederationProviderModel model : providers) {
boolean found = false;
for (UserFederationProviderEntity entity : realm.getUserFederationProviders()) {
if (entity.getId().equals(model.getId())) {
found = true;
break;
}
}
if (!found) add.add(model);
}
for (UserFederationProviderModel model : providers) {
UserFederationProviderEntity entity = new UserFederationProviderEntity();
if (model.getId() != null) entity.setId(model.getId());
else entity.setId(KeycloakModelUtils.generateId());
entity.setConfig(model.getConfig());
entity.setPriority(model.getPriority());
entity.setProviderName(model.getProviderName());
entity.setPriority(model.getPriority());
em.persist(entity);
realm.getUserFederationProviders().add(entity);
}
}
@Override
public RoleModel getRole(String name) {

View file

@ -117,7 +117,7 @@ public class RealmEntity {
@OneToMany(cascade ={CascadeType.REMOVE}, orphanRemoval = true)
@JoinTable(name="FED_PROVIDERS")
List<FederationProviderEntity> federationProviders = new ArrayList<FederationProviderEntity>();
List<UserFederationProviderEntity> userFederationProviders = new ArrayList<UserFederationProviderEntity>();
@OneToMany(fetch = FetchType.LAZY, cascade ={CascadeType.REMOVE}, orphanRemoval = true)
@JoinTable(name="REALM_APPLICATION", joinColumns={ @JoinColumn(name="APPLICATION_ID") }, inverseJoinColumns={ @JoinColumn(name="REALM_ID") })
@ -513,12 +513,12 @@ public class RealmEntity {
this.masterAdminApp = masterAdminApp;
}
public List<FederationProviderEntity> getFederationProviders() {
return federationProviders;
public List<UserFederationProviderEntity> getUserFederationProviders() {
return userFederationProviders;
}
public void setFederationProviders(List<FederationProviderEntity> federationProviders) {
this.federationProviders = federationProviders;
public void setUserFederationProviders(List<UserFederationProviderEntity> userFederationProviders) {
this.userFederationProviders = userFederationProviders;
}
}

View file

@ -19,8 +19,8 @@ import java.util.Map;
* @author <a href="mailto:bburke@redhat.com">Bill Burke</a>
*/
@Entity
@Table(name="FEDERATION_PROVIDER")
public class FederationProviderEntity {
@Table(name="USER_FEDERATION_PROVIDER")
public class UserFederationProviderEntity {
@Id
@Column(name="ID", length = 36)
@ -38,7 +38,7 @@ public class FederationProviderEntity {
@ElementCollection
@MapKeyColumn(name="name")
@Column(name="value")
@CollectionTable(name="FEDERATION_PROVIDER_CONFIG")
@CollectionTable(name="USER_FEDERATION_CONFIG")
private Map<String, String> config;
public String getId() {

View file

@ -8,7 +8,7 @@ import org.keycloak.models.ApplicationModel;
import org.keycloak.models.AuthenticationProviderModel;
import org.keycloak.models.ClientModel;
import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.entities.FederationProviderEntity;
import org.keycloak.models.entities.UserFederationProviderEntity;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmProvider;
import org.keycloak.models.OAuthClientModel;
@ -29,8 +29,11 @@ import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Comparator;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
@ -790,12 +793,51 @@ public class RealmAdapter extends AbstractMongoAdapter<MongoRealmEntity> impleme
realm.setAuthenticationProviders(entities);
updateRealm();
}
@Override
public UserFederationProviderModel addUserFederationProvider(String providerName, Map<String, String> config, int priority) {
UserFederationProviderEntity entity = new UserFederationProviderEntity();
entity.setId(KeycloakModelUtils.generateId());
entity.setPriority(priority);
entity.setProviderName(providerName);
entity.setConfig(config);
realm.getUserFederationProviders().add(entity);
updateRealm();
return new UserFederationProviderModel(entity.getId(), providerName, config, priority);
}
@Override
public void removeUserFederationProvider(UserFederationProviderModel provider) {
Iterator<UserFederationProviderEntity> it = realm.getUserFederationProviders().iterator();
while (it.hasNext()) {
UserFederationProviderEntity entity = it.next();
if (entity.getId().equals(provider.getId())) {
it.remove();
}
}
updateRealm();
}
@Override
public List<UserFederationProviderModel> getUserFederationProviders() {
List<FederationProviderEntity> entities = realm.getFederationProviders();
List<UserFederationProviderModel> result = new ArrayList<UserFederationProviderModel>();
for (FederationProviderEntity entity : entities) {
result.add(new UserFederationProviderModel(entity.getId(), entity.getProviderName(), entity.getConfig()));
List<UserFederationProviderEntity> entities = realm.getUserFederationProviders();
List<UserFederationProviderEntity> copy = new LinkedList<UserFederationProviderEntity>();
for (UserFederationProviderEntity entity : entities) {
copy.add(entity);
}
Collections.sort(copy, new Comparator<UserFederationProviderEntity>() {
@Override
public int compare(UserFederationProviderEntity o1, UserFederationProviderEntity o2) {
return o1.getPriority() - o2.getPriority();
}
});
List<UserFederationProviderModel> result = new LinkedList<UserFederationProviderModel>();
for (UserFederationProviderEntity entity : copy) {
result.add(new UserFederationProviderModel(entity.getId(), entity.getProviderName(), entity.getConfig(), entity.getPriority()));
}
return result;
@ -803,16 +845,18 @@ public class RealmAdapter extends AbstractMongoAdapter<MongoRealmEntity> impleme
@Override
public void setUserFederationProviders(List<UserFederationProviderModel> providers) {
List<FederationProviderEntity> entities = new ArrayList<FederationProviderEntity>();
List<UserFederationProviderEntity> entities = new LinkedList<UserFederationProviderEntity>();
for (UserFederationProviderModel model : providers) {
FederationProviderEntity entity = new FederationProviderEntity();
entity.setId(KeycloakModelUtils.generateId());
UserFederationProviderEntity entity = new UserFederationProviderEntity();
if (model.getId() != null) entity.setId(model.getId());
else entity.setId(KeycloakModelUtils.generateId());
entity.setProviderName(model.getProviderName());
entity.setConfig(model.getConfig());
entity.setPriority(model.getPriority());
entities.add(entity);
}
realm.setFederationProviders(entities);
realm.setUserFederationProviders(entities);
updateRealm();
}

View file

@ -1,82 +0,0 @@
<?xml version="1.0"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
<version>1.0-beta-3-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>keycloak-model-picketlink</artifactId>
<name>Keycloak Model Picketlink</name>
<description/>
<dependencies>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk16</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-core</artifactId>
<version>${project.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-model-api</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.jboss.logging</groupId>
<artifactId>jboss-logging</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.picketlink</groupId>
<artifactId>picketlink-idm-api</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.picketlink</groupId>
<artifactId>picketlink-common</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.picketlink</groupId>
<artifactId>picketlink-idm-impl</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.picketlink</groupId>
<artifactId>picketlink-idm-simple-schema</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.picketlink</groupId>
<artifactId>picketlink-config</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.hibernate.javax.persistence</groupId>
<artifactId>hibernate-jpa-2.0-api</artifactId>
<scope>provided</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<source>${maven.compiler.source}</source>
<target>${maven.compiler.target}</target>
</configuration>
</plugin>
</plugins>
</build>
</project>

View file

@ -1,313 +0,0 @@
package org.keycloak.models.picketlink;
import org.keycloak.models.ApplicationModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.picketlink.mappings.ApplicationData;
import org.keycloak.models.picketlink.relationships.ScopeRelationship;
import org.picketlink.idm.IdentityManagementException;
import org.picketlink.idm.IdentityManager;
import org.picketlink.idm.PartitionManager;
import org.picketlink.idm.RelationshipManager;
import org.picketlink.idm.model.IdentityType;
import org.picketlink.idm.model.sample.Grant;
import org.picketlink.idm.model.sample.Role;
import org.picketlink.idm.model.sample.SampleModel;
import org.picketlink.idm.query.IdentityQuery;
import org.picketlink.idm.query.RelationshipQuery;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class ApplicationAdapter implements ApplicationModel {
protected ApplicationData applicationData;
protected RealmAdapter realm;
protected IdentityManager idm;
protected PartitionManager partitionManager;
protected RelationshipManager relationshipManager;
public ApplicationAdapter(ApplicationData applicationData, RealmAdapter realm, PartitionManager partitionManager) {
this.applicationData = applicationData;
this.realm = realm;
this.partitionManager = partitionManager;
}
protected IdentityManager getIdm() {
if (idm == null) idm = partitionManager.createIdentityManager(applicationData);
return idm;
}
protected RelationshipManager getRelationshipManager() {
if (relationshipManager == null) relationshipManager = partitionManager.createRelationshipManager();
return relationshipManager;
}
@Override
public void updateApplication() {
partitionManager.update(applicationData);
}
@Override
public UserAdapter getApplicationUser() {
return new UserAdapter(applicationData.getResourceUser(), realm.getIdm());
}
@Override
public String getId() {
// for some reason picketlink queries by name when finding partition, don't know what ID is used for now
return applicationData.getName();
}
@Override
public String getName() {
return applicationData.getResourceName();
}
@Override
public void setName(String name) {
applicationData.setResourceName(name);
updateApplication();
}
@Override
public boolean isEnabled() {
return applicationData.isEnabled();
}
@Override
public void setEnabled(boolean enabled) {
applicationData.setEnabled(enabled);
updateApplication();
}
@Override
public boolean isSurrogateAuthRequired() {
return applicationData.isSurrogateAuthRequired();
}
@Override
public void setSurrogateAuthRequired(boolean surrogateAuthRequired) {
applicationData.setSurrogateAuthRequired(surrogateAuthRequired);
updateApplication();
}
@Override
public String getManagementUrl() {
return applicationData.getManagementUrl();
}
@Override
public void setManagementUrl(String url) {
applicationData.setManagementUrl(url);
updateApplication();
}
@Override
public String getBaseUrl() {
return applicationData.getBaseUrl();
}
@Override
public void setBaseUrl(String url) {
applicationData.setBaseUrl(url);
updateApplication();
}
@Override
public RoleAdapter getRole(String name) {
Role role = SampleModel.getRole(getIdm(), name);
if (role == null) return null;
return new RoleAdapter(role, getIdm());
}
@Override
public RoleModel getRoleById(String id) {
IdentityQuery<Role> query = getIdm().createIdentityQuery(Role.class);
query.setParameter(IdentityType.ID, id);
List<Role> roles = query.getResultList();
if (roles.size() == 0) return null;
return new RoleAdapter(roles.get(0), getIdm());
}
@Override
public void grantRole(UserModel user, RoleModel role) {
SampleModel.grantRole(getRelationshipManager(), ((UserAdapter) user).getUser(), ((RoleAdapter) role).getRole());
}
@Override
public boolean hasRole(UserModel user, RoleModel role) {
return SampleModel.hasRole(getRelationshipManager(), ((UserAdapter) user).getUser(), ((RoleAdapter) role).getRole());
}
@Override
public boolean hasRole(UserModel user, String role) {
RoleModel roleModel = getRole(role);
return hasRole(user, roleModel);
}
@Override
public RoleAdapter addRole(String name) {
Role role = new Role(name);
getIdm().add(role);
return new RoleAdapter(role, getIdm());
}
@Override
public boolean removeRoleById(String id) {
try {
getIdm().remove(getIdm().lookupIdentityById(Role.class, id));
return true;
} catch (IdentityManagementException e) {
return false;
}
}
@Override
public List<RoleModel> getRoles() {
IdentityQuery<Role> query = getIdm().createIdentityQuery(Role.class);
query.setParameter(Role.PARTITION, applicationData);
List<Role> roles = query.getResultList();
List<RoleModel> roleModels = new ArrayList<RoleModel>();
for (Role role : roles) {
roleModels.add(new RoleAdapter(role, idm));
}
return roleModels;
}
@Override
public Set<String> getRoleMappingValues(UserModel user) {
RelationshipQuery<Grant> query = getRelationshipManager().createRelationshipQuery(Grant.class);
query.setParameter(Grant.ASSIGNEE, ((UserAdapter)user).getUser());
List<Grant> grants = query.getResultList();
HashSet<String> set = new HashSet<String>();
for (Grant grant : grants) {
if (grant.getRole().getPartition().getId().equals(applicationData.getId())) set.add(grant.getRole().getName());
}
return set;
}
@Override
public List<RoleModel> getRoleMappings(UserModel user) {
RelationshipQuery<Grant> query = getRelationshipManager().createRelationshipQuery(Grant.class);
query.setParameter(Grant.ASSIGNEE, ((UserAdapter)user).getUser());
List<Grant> grants = query.getResultList();
List<RoleModel> set = new ArrayList<RoleModel>();
for (Grant grant : grants) {
if (grant.getRole().getPartition().getId().equals(applicationData.getId())) set.add(new RoleAdapter(grant.getRole(), getIdm()));
}
return set;
}
@Override
public void deleteRoleMapping(UserModel user, RoleModel role) {
RelationshipQuery<Grant> query = getRelationshipManager().createRelationshipQuery(Grant.class);
query.setParameter(Grant.ASSIGNEE, ((UserAdapter)user).getUser());
query.setParameter(Grant.ROLE, ((RoleAdapter)role).getRole());
List<Grant> grants = query.getResultList();
for (Grant grant : grants) {
getRelationshipManager().remove(grant);
}
}
@Override
public void addScopeMapping(UserModel agent, String roleName) {
IdentityManager idm = getIdm();
Role role = SampleModel.getRole(idm,roleName);
if (role == null) throw new RuntimeException("role not found");
addScopeMapping(agent, new RoleAdapter(role, idm));
}
@Override
public void addScopeMapping(UserModel agent, RoleModel role) {
ScopeRelationship scope = new ScopeRelationship();
scope.setClient(((UserAdapter)agent).getUser());
scope.setScope(((RoleAdapter)role).getRole());
getRelationshipManager().add(scope);
}
@Override
public void deleteScopeMapping(UserModel user, RoleModel role) {
RelationshipQuery<ScopeRelationship> query = getRelationshipManager().createRelationshipQuery(ScopeRelationship.class);
query.setParameter(ScopeRelationship.CLIENT, ((UserAdapter)user).getUser());
query.setParameter(ScopeRelationship.SCOPE, ((RoleAdapter)role).getRole());
List<ScopeRelationship> grants = query.getResultList();
for (ScopeRelationship grant : grants) {
getRelationshipManager().remove(grant);
}
}
@Override
public Set<String> getScopeMappingValues(UserModel agent) {
RelationshipQuery<ScopeRelationship> query = getRelationshipManager().createRelationshipQuery(ScopeRelationship.class);
query.setParameter(ScopeRelationship.CLIENT, ((UserAdapter)agent).getUser());
List<ScopeRelationship> scope = query.getResultList();
HashSet<String> set = new HashSet<String>();
for (ScopeRelationship rel : scope) {
if (rel.getScope().getPartition().getId().equals(applicationData.getId())) set.add(rel.getScope().getName());
}
return set;
}
@Override
public List<RoleModel> getScopeMappings(UserModel agent) {
RelationshipQuery<ScopeRelationship> query = getRelationshipManager().createRelationshipQuery(ScopeRelationship.class);
query.setParameter(ScopeRelationship.CLIENT, ((UserAdapter)agent).getUser());
List<ScopeRelationship> scope = query.getResultList();
List<RoleModel> roles = new ArrayList<RoleModel>();
for (ScopeRelationship rel : scope) {
if (rel.getScope().getPartition().getId().equals(applicationData.getId())) roles.add(new RoleAdapter(rel.getScope(), getIdm()));
}
return roles;
}
@Override
public List<String> getDefaultRoles() {
if ( applicationData.getDefaultRoles() != null) {
return Arrays.asList(applicationData.getDefaultRoles());
}
else {
return Collections.emptyList();
}
}
@Override
public void addDefaultRole(String name) {
if (getRole(name) == null) {
addRole(name);
}
String[] defaultRoles = applicationData.getDefaultRoles();
if (defaultRoles == null) {
defaultRoles = new String[1];
} else {
defaultRoles = Arrays.copyOf(defaultRoles, defaultRoles.length + 1);
}
defaultRoles[defaultRoles.length - 1] = name;
applicationData.setDefaultRoles(defaultRoles);
updateApplication();
}
@Override
public void updateDefaultRoles(String[] defaultRoles) {
for (String name : defaultRoles) {
if (getRole(name) == null) {
addRole(name);
}
}
applicationData.setDefaultRoles(defaultRoles);
updateApplication();
}
}

View file

@ -1,34 +0,0 @@
package org.keycloak.models.picketlink;
import org.keycloak.models.OAuthClientModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.picketlink.relationships.OAuthClientRelationship;
import org.picketlink.idm.IdentityManager;
import org.picketlink.idm.RelationshipManager;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class OAuthClientAdapter implements OAuthClientModel {
protected OAuthClientRelationship delegate;
protected IdentityManager idm;
protected RelationshipManager relationshipManager;
public OAuthClientAdapter(OAuthClientRelationship delegate, IdentityManager idm, RelationshipManager relationshipManager) {
this.delegate = delegate;
this.idm = idm;
this.relationshipManager = relationshipManager;
}
@Override
public String getId() {
return delegate.getId();
}
@Override
public UserModel getOAuthAgent() {
return new UserAdapter(delegate.getOauthAgent(), idm);
}
}

View file

@ -1,119 +0,0 @@
package org.keycloak.models.picketlink;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakTransaction;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.picketlink.mappings.RealmData;
import org.keycloak.models.picketlink.relationships.RealmListingRelationship;
import org.keycloak.models.utils.KeycloakSessionUtils;
import org.picketlink.idm.PartitionManager;
import org.picketlink.idm.RelationshipManager;
import org.picketlink.idm.query.RelationshipQuery;
import javax.persistence.EntityManager;
import java.util.ArrayList;
import java.util.List;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class PicketlinkKeycloakSession implements KeycloakSession {
public static ThreadLocal<EntityManager> currentEntityManager = new ThreadLocal<EntityManager>();
public static ThreadLocal<Exception> setWhere = new ThreadLocal<Exception>();
protected PartitionManager partitionManager;
protected EntityManager entityManager;
public PicketlinkKeycloakSession(PartitionManager partitionManager, EntityManager entityManager) {
this.partitionManager = partitionManager;
this.entityManager = entityManager;
if (currentEntityManager.get() != null)
{
setWhere.get().printStackTrace();
throw new IllegalStateException("Thread local was leaked!");
}
currentEntityManager.set(entityManager);
setWhere.set(new Exception());
}
@Override
public KeycloakTransaction getTransaction() {
return new PicketlinkKeycloakTransaction(entityManager.getTransaction());
}
@Override
public RealmAdapter createRealm(String name) {
return createRealm(KeycloakSessionUtils.generateId(), name);
}
@Override
public RealmAdapter createRealm(String id, String name) {
// Picketlink beta 6 uses name attribute for getPartition()
RealmData newRealm = new RealmData(id);
newRealm.setId(id);
newRealm.setRealmName(name);
partitionManager.add(newRealm);
RealmListingRelationship rel = new RealmListingRelationship();
// picketlink beta 6 uses Realm name for lookup! Don't forget!
rel.setRealm(newRealm.getName());
partitionManager.createRelationshipManager().add(rel);
RealmAdapter realm = new RealmAdapter(this, newRealm, partitionManager);
return realm;
}
@Override
public List<RealmModel> getRealms(UserModel admin) {
// todo ability to assign realm management to a specific admin
// currently each admin is allowed to access all realms so just do a big query
RelationshipManager relationshipManager = partitionManager.createRelationshipManager();
RelationshipQuery<RealmListingRelationship> query = relationshipManager.createRelationshipQuery(RealmListingRelationship.class);
List<RealmListingRelationship> results = query.getResultList();
List<RealmModel> realmModels = new ArrayList<RealmModel>();
for (RealmListingRelationship relationship : results) {
String realmName = relationship.getRealm();
RealmModel model = getRealm(realmName);
if (model == null) {
relationshipManager.remove(relationship);
} else {
realmModels.add(model);
}
}
return realmModels;
}
@Override
public RealmAdapter getRealm(String id) {
// picketlink beta 6 uses Realm name for lookup! Don't forget!
RealmData existing = partitionManager.getPartition(RealmData.class, id);
if (existing == null) {
return null;
}
return new RealmAdapter(this, existing, partitionManager);
}
@Override
public RealmModel getRealmByName(String name) {
throw new RuntimeException("NOT IMPLEMENTED YET");
}
@Override
public boolean removeRealm(String id) {
RealmData partition = partitionManager.getPartition(RealmData.class, id);
if (partition == null) {
return false;
}
partitionManager.remove(partition);
return true;
}
@Override
public void close() {
setWhere.set(null);
currentEntityManager.set(null);
if (entityManager.getTransaction().isActive()) entityManager.getTransaction().rollback();
if (entityManager.isOpen()) entityManager.close();
}
}

View file

@ -1,31 +0,0 @@
package org.keycloak.models.picketlink;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import org.picketlink.idm.PartitionManager;
import javax.persistence.EntityManagerFactory;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class PicketlinkKeycloakSessionFactory implements KeycloakSessionFactory {
protected EntityManagerFactory factory;
protected PartitionManager partitionManager;
public PicketlinkKeycloakSessionFactory(EntityManagerFactory factory, PartitionManager partitionManager) {
this.factory = factory;
this.partitionManager = partitionManager;
}
@Override
public KeycloakSession createSession() {
return new PicketlinkKeycloakSession(partitionManager, factory.createEntityManager());
}
@Override
public void close() {
factory.close();
}
}

View file

@ -1,41 +0,0 @@
package org.keycloak.models.picketlink;
import org.keycloak.models.KeycloakTransaction;
import javax.persistence.EntityTransaction;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class PicketlinkKeycloakTransaction implements KeycloakTransaction {
protected EntityTransaction transaction;
public PicketlinkKeycloakTransaction(EntityTransaction transaction) {
this.transaction = transaction;
}
public void begin() {
transaction.begin();
}
public void setRollbackOnly() {
transaction.setRollbackOnly();
}
public boolean isActive() {
return transaction.isActive();
}
public boolean getRollbackOnly() {
return transaction.getRollbackOnly();
}
public void commit() {
transaction.commit();
}
public void rollback() {
transaction.rollback();
}
}

View file

@ -1,82 +0,0 @@
package org.keycloak.models.picketlink;
import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.ModelProvider;
import org.keycloak.models.picketlink.mappings.ApplicationEntity;
import org.keycloak.models.picketlink.mappings.RealmEntity;
import org.picketlink.idm.PartitionManager;
import org.picketlink.idm.config.IdentityConfigurationBuilder;
import org.picketlink.idm.internal.DefaultPartitionManager;
import org.picketlink.idm.jpa.internal.JPAContextInitializer;
import org.picketlink.idm.jpa.model.sample.simple.AccountTypeEntity;
import org.picketlink.idm.jpa.model.sample.simple.AttributeTypeEntity;
import org.picketlink.idm.jpa.model.sample.simple.AttributedTypeEntity;
import org.picketlink.idm.jpa.model.sample.simple.DigestCredentialTypeEntity;
import org.picketlink.idm.jpa.model.sample.simple.GroupTypeEntity;
import org.picketlink.idm.jpa.model.sample.simple.IdentityTypeEntity;
import org.picketlink.idm.jpa.model.sample.simple.OTPCredentialTypeEntity;
import org.picketlink.idm.jpa.model.sample.simple.PartitionTypeEntity;
import org.picketlink.idm.jpa.model.sample.simple.PasswordCredentialTypeEntity;
import org.picketlink.idm.jpa.model.sample.simple.RelationshipIdentityTypeEntity;
import org.picketlink.idm.jpa.model.sample.simple.RelationshipTypeEntity;
import org.picketlink.idm.jpa.model.sample.simple.RoleTypeEntity;
import org.picketlink.idm.jpa.model.sample.simple.X509CredentialTypeEntity;
import javax.persistence.EntityManager;
import javax.persistence.EntityManagerFactory;
import javax.persistence.Persistence;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class PicketlinkModelProvider implements ModelProvider {
@Override
public KeycloakSessionFactory createFactory() {
EntityManagerFactory emf = Persistence.createEntityManagerFactory("picketlink-keycloak-identity-store");
return new PicketlinkKeycloakSessionFactory(emf, buildPartitionManager());
}
@Override
public String getId() {
return "picketlink";
}
public static PartitionManager buildPartitionManager() {
IdentityConfigurationBuilder builder = new IdentityConfigurationBuilder();
builder
.named("KEYCLOAK_JPA_CONFIG")
.stores()
.jpa()
.mappedEntity(
AttributedTypeEntity.class,
AccountTypeEntity.class,
RoleTypeEntity.class,
GroupTypeEntity.class,
IdentityTypeEntity.class,
RelationshipTypeEntity.class,
RelationshipIdentityTypeEntity.class,
PartitionTypeEntity.class,
PasswordCredentialTypeEntity.class,
DigestCredentialTypeEntity.class,
X509CredentialTypeEntity.class,
OTPCredentialTypeEntity.class,
AttributeTypeEntity.class,
RealmEntity.class,
ApplicationEntity.class
)
.supportGlobalRelationship(org.picketlink.idm.model.Relationship.class)
.addContextInitializer(new JPAContextInitializer(null) {
@Override
public EntityManager getEntityManager() {
return PicketlinkKeycloakSession.currentEntityManager.get();
}
})
.supportAllFeatures();
DefaultPartitionManager partitionManager = new DefaultPartitionManager(builder.buildAll());
return partitionManager;
}
}

View file

@ -1,60 +0,0 @@
package org.keycloak.models.picketlink;
import org.keycloak.models.RoleModel;
import org.picketlink.idm.IdentityManager;
import org.picketlink.idm.model.Attribute;
import org.picketlink.idm.model.sample.Role;
import java.io.Serializable;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class RoleAdapter implements RoleModel {
protected Role role;
protected IdentityManager idm;
public RoleAdapter(Role role, IdentityManager idm) {
this.role = role;
this.idm = idm;
}
protected Role getRole() {
return role;
}
@Override
public String getId() {
return role.getId();
}
@Override
public String getName() {
return role.getName();
}
@Override
public void setName(String name) {
role.setName(name);
idm.update(role);
}
@Override
public String getDescription() {
Attribute<Serializable> description = role.getAttribute("description");
if (description == null) return null;
return (String) description.getValue();
}
@Override
public void setDescription(String description) {
if (description == null) {
role.removeAttribute("description");
} else {
role.setAttribute(new Attribute<String>("description", description));
}
idm.update(role);
}
}

View file

@ -1,249 +0,0 @@
package org.keycloak.models.picketlink;
import org.keycloak.models.UserModel;
import org.picketlink.idm.IdentityManager;
import org.picketlink.idm.model.Attribute;
import org.picketlink.idm.model.sample.User;
import java.io.Serializable;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class UserAdapter implements UserModel {
private static final String EMAIL_VERIFIED_ATTR = "emailVerified";
private static final String KEYCLOAK_TOTP_ATTR = "totpEnabled";
private static final String REQUIRED_ACTIONS_ATTR = "requiredActions";
private static final String REDIRECT_URIS = "redirectUris";
private static final String WEB_ORIGINS = "webOrigins";
protected User user;
protected IdentityManager idm;
public UserAdapter(User user, IdentityManager idm) {
this.user = user;
this.idm = idm;
}
protected User getUser() {
return user;
}
@Override
public String getLoginName() {
return user.getLoginName();
}
@Override
public boolean isEnabled() {
return user.isEnabled();
}
@Override
public void setEnabled(boolean enabled) {
user.setEnabled(enabled);
idm.update(user);
}
@Override
public String getFirstName() {
return user.getFirstName();
}
@Override
public void setFirstName(String firstName) {
user.setFirstName(firstName);
idm.update(user);
}
@Override
public String getLastName() {
return user.getLastName();
}
@Override
public void setLastName(String lastName) {
user.setLastName(lastName);
idm.update(user);
}
@Override
public String getEmail() {
return user.getEmail();
}
@Override
public void setEmail(String email) {
user.setEmail(email);
idm.update(user);
}
@Override
public boolean isEmailVerified() {
Attribute<Boolean> a = user.getAttribute(EMAIL_VERIFIED_ATTR);
return a != null ? a.getValue() : false;
}
@Override
public void setEmailVerified(boolean verified) {
user.setAttribute(new Attribute<Boolean>(EMAIL_VERIFIED_ATTR, verified));
idm.update(user);
}
@Override
public void setAttribute(String name, String value) {
user.setAttribute(new Attribute<String>(name, value));
idm.update(user);
}
@Override
public void removeAttribute(String name) {
user.removeAttribute(name);
idm.update(user);
}
@Override
public String getAttribute(String name) {
Attribute<String> attribute = user.getAttribute(name);
if (attribute == null || attribute.getValue() == null)
return null;
return attribute.getValue().toString();
}
@Override
public Map<String, String> getAttributes() {
Map<String, String> attributes = new HashMap<String, String>();
for (Attribute<?> attribute : user.getAttributes()) {
if (attribute.getValue() != null)
attributes.put(attribute.getName(), attribute.getValue().toString());
}
return attributes;
}
@Override
public Set<RequiredAction> getRequiredActions() {
return getAttributeSet(REQUIRED_ACTIONS_ATTR);
}
@Override
public void addRequiredAction(RequiredAction action) {
addToAttributeSet(REQUIRED_ACTIONS_ATTR, action);
}
@Override
public void removeRequiredAction(RequiredAction action) {
removeFromAttributeSet(REQUIRED_ACTIONS_ATTR, action);
}
@Override
public Set<String> getRedirectUris() {
return getAttributeSet(REDIRECT_URIS);
}
@Override
public void setRedirectUris(Set<String> redirectUris) {
setAttributeSet(REDIRECT_URIS, redirectUris);
}
@Override
public void addRedirectUri(String redirectUri) {
addToAttributeSet(REDIRECT_URIS, redirectUri);
}
@Override
public void removeRedirectUri(String redirectUri) {
removeFromAttributeSet(REDIRECT_URIS, redirectUri);
}
@Override
public Set<String> getWebOrigins() {
return getAttributeSet(WEB_ORIGINS);
}
@Override
public void setWebOrigins(Set<String> webOrigins) {
setAttributeSet(WEB_ORIGINS, webOrigins);
}
@Override
public void addWebOrigin(String webOrigin) {
addToAttributeSet(WEB_ORIGINS, webOrigin);
}
@Override
public void removeWebOrigin(String webOrigin) {
removeFromAttributeSet(WEB_ORIGINS, webOrigin);
}
@Override
public boolean isTotp() {
Attribute<Boolean> a = user.getAttribute(KEYCLOAK_TOTP_ATTR);
return a != null ? a.getValue() : false;
}
@Override
public void setTotp(boolean totp) {
user.setAttribute(new Attribute<Boolean>(KEYCLOAK_TOTP_ATTR, totp));
idm.update(user);
}
@SuppressWarnings("unchecked")
private <T extends Serializable> Set<T> getAttributeSet(String name) {
Attribute<Serializable> a = user.getAttribute(name);
Set<Serializable> s = new HashSet<Serializable>();
if (a != null) {
Serializable o = a.getValue();
if (o instanceof Serializable[]) {
for (Serializable t : (Serializable[]) o) {
s.add(t);
}
} else {
s.add(o);
}
}
return (Set<T>) s;
}
private <T extends Serializable> void setAttributeSet(String name, Set<T> set) {
if (set.isEmpty()) {
user.removeAttribute(name);
} else {
user.setAttribute(new Attribute<Serializable[]>(name, set.toArray(new Serializable[set.size()])));
}
idm.update(user);
}
private <T extends Serializable> void addToAttributeSet(String name, T t) {
Set<Serializable> set = getAttributeSet(name);
if (set == null) {
set = new HashSet<Serializable>();
}
if (set.add(t)) {
setAttributeSet(name, set);
idm.update(user);
}
}
private <T extends Serializable> void removeFromAttributeSet(String name, T t) {
Set<Serializable> set = getAttributeSet(name);
if (set == null) {
return;
}
if (set.remove(t)) {
setAttributeSet(name, set);
idm.update(user);
}
}
}

View file

@ -1,89 +0,0 @@
package org.keycloak.models.picketlink.mappings;
import org.picketlink.idm.model.AbstractPartition;
import org.picketlink.idm.model.annotation.AttributeProperty;
import org.picketlink.idm.model.sample.User;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class ApplicationData extends AbstractPartition {
private String resourceName;
private boolean enabled;
private boolean surrogateAuthRequired;
private String managementUrl;
private String baseUrl;
private User resourceUser;
private String[] defaultRoles;
public ApplicationData() {
super(null);
}
public ApplicationData(String name) {
super(name);
}
@AttributeProperty
public String getResourceName() {
return resourceName;
}
public void setResourceName(String resourceName) {
this.resourceName = resourceName;
}
public User getResourceUser() {
return resourceUser;
}
public void setResourceUser(User resourceUser) {
this.resourceUser = resourceUser;
}
@AttributeProperty
public boolean isEnabled() {
return enabled;
}
public void setEnabled(boolean enabled) {
this.enabled = enabled;
}
@AttributeProperty
public boolean isSurrogateAuthRequired() {
return surrogateAuthRequired;
}
public void setSurrogateAuthRequired(boolean surrogateAuthRequired) {
this.surrogateAuthRequired = surrogateAuthRequired;
}
@AttributeProperty
public String getBaseUrl() {
return baseUrl;
}
public void setBaseUrl(String baseUrl) {
this.baseUrl = baseUrl;
}
@AttributeProperty
public String getManagementUrl() {
return managementUrl;
}
public void setManagementUrl(String managementUrl) {
this.managementUrl = managementUrl;
}
@AttributeProperty
public String[] getDefaultRoles() {
return defaultRoles;
}
public void setDefaultRoles(String[] defaultRoles) {
this.defaultRoles = defaultRoles;
}
}

View file

@ -1,101 +0,0 @@
package org.keycloak.models.picketlink.mappings;
import org.picketlink.idm.jpa.annotations.AttributeValue;
import org.picketlink.idm.jpa.annotations.OwnerReference;
import org.picketlink.idm.jpa.annotations.entity.IdentityManaged;
import org.picketlink.idm.jpa.model.sample.simple.AccountTypeEntity;
import org.picketlink.idm.jpa.model.sample.simple.PartitionTypeEntity;
import javax.persistence.Entity;
import javax.persistence.Id;
import javax.persistence.OneToOne;
import java.io.Serializable;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
@IdentityManaged(ApplicationData.class)
@Entity
public class ApplicationEntity implements Serializable {
@OneToOne
@Id
@OwnerReference
private PartitionTypeEntity partitionTypeEntity;
@AttributeValue
private String resourceName;
@AttributeValue
private boolean enabled;
@AttributeValue
private boolean surrogateAuthRequired;
@AttributeValue
private String managementUrl;
@AttributeValue
private String baseUrl;
@AttributeValue
private String[] defaultRoles;
@OneToOne
@AttributeValue
AccountTypeEntity resourceUser;
public PartitionTypeEntity getPartitionTypeEntity() {
return partitionTypeEntity;
}
public void setPartitionTypeEntity(PartitionTypeEntity partitionTypeEntity) {
this.partitionTypeEntity = partitionTypeEntity;
}
public String getResourceName() {
return resourceName;
}
public void setResourceName(String realmName) {
this.resourceName = realmName;
}
public boolean isEnabled() {
return enabled;
}
public void setEnabled(boolean enabled) {
this.enabled = enabled;
}
public boolean isSurrogateAuthRequired() {
return surrogateAuthRequired;
}
public void setSurrogateAuthRequired(boolean surrogateAuthRequired) {
this.surrogateAuthRequired = surrogateAuthRequired;
}
public String getManagementUrl() {
return managementUrl;
}
public void setManagementUrl(String managementUrl) {
this.managementUrl = managementUrl;
}
public AccountTypeEntity getResourceUser() {
return resourceUser;
}
public void setResourceUser(AccountTypeEntity resourceUser) {
this.resourceUser = resourceUser;
}
public String[] getDefaultRoles() {
return defaultRoles;
}
public void setDefaultRoles(String[] defaultRoles) {
this.defaultRoles = defaultRoles;
}
}

View file

@ -1,208 +0,0 @@
package org.keycloak.models.picketlink.mappings;
import org.picketlink.idm.model.AbstractPartition;
import org.picketlink.idm.model.annotation.AttributeProperty;
import java.util.Map;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class RealmData extends AbstractPartition {
private String realmName;
private boolean enabled;
private boolean sslNotRequired;
private boolean registrationAllowed;
private boolean verifyEmail;
private boolean resetPasswordAllowed;
private boolean social;
private boolean updateProfileOnInitialSocialLogin;
private int tokenLifespan;
private int accessCodeLifespan;
private int accessCodeLifespanUserAction;
private String publicKeyPem;
private String privateKeyPem;
private String[] defaultRoles;
private Map<String, String> smtpConfig;
private Map<String, String> socialConfig;
private String passwordPolicy;
private String loginTheme;
private String accountTheme;
public RealmData() {
super(null);
}
public RealmData(String name) {
super(name);
}
@AttributeProperty
public String getRealmName() {
return realmName;
}
public void setRealmName(String realmName) {
this.realmName = realmName;
}
@AttributeProperty
public boolean isEnabled() {
return enabled;
}
public void setEnabled(boolean enabled) {
this.enabled = enabled;
}
@AttributeProperty
public boolean isSocial() {
return social;
}
public void setSocial(boolean social) {
this.social = social;
}
@AttributeProperty
public boolean isUpdateProfileOnInitialSocialLogin() {
return updateProfileOnInitialSocialLogin;
}
public void setUpdateProfileOnInitialSocialLogin(boolean updateProfileOnInitialSocialLogin) {
this.updateProfileOnInitialSocialLogin = updateProfileOnInitialSocialLogin;
}
@AttributeProperty
public boolean isSslNotRequired() {
return sslNotRequired;
}
public void setSslNotRequired(boolean sslNotRequired) {
this.sslNotRequired = sslNotRequired;
}
@AttributeProperty
public boolean isRegistrationAllowed() {
return registrationAllowed;
}
public void setRegistrationAllowed(boolean registrationAllowed) {
this.registrationAllowed = registrationAllowed;
}
public boolean isVerifyEmail() {
return verifyEmail;
}
public void setVerifyEmail(boolean verifyEmail) {
this.verifyEmail = verifyEmail;
}
public boolean isResetPasswordAllowed() {
return resetPasswordAllowed;
}
public void setResetPasswordAllowed(boolean resetPassword) {
this.resetPasswordAllowed = resetPassword;
}
@AttributeProperty
public int getTokenLifespan() {
return tokenLifespan;
}
public void setTokenLifespan(int tokenLifespan) {
this.tokenLifespan = tokenLifespan;
}
@AttributeProperty
public int getAccessCodeLifespan() {
return accessCodeLifespan;
}
public void setAccessCodeLifespan(int accessCodeLifespan) {
this.accessCodeLifespan = accessCodeLifespan;
}
@AttributeProperty
public int getAccessCodeLifespanUserAction() {
return accessCodeLifespanUserAction;
}
public void setAccessCodeLifespanUserAction(int accessCodeLifespanUserAction) {
this.accessCodeLifespanUserAction = accessCodeLifespanUserAction;
}
@AttributeProperty
public String getPublicKeyPem() {
return publicKeyPem;
}
public void setPublicKeyPem(String publicKeyPem) {
this.publicKeyPem = publicKeyPem;
}
@AttributeProperty
public String getPrivateKeyPem() {
return privateKeyPem;
}
public void setPrivateKeyPem(String privateKeyPem) {
this.privateKeyPem = privateKeyPem;
}
@AttributeProperty
public String[] getDefaultRoles() {
return defaultRoles;
}
public void setDefaultRoles(String[] defaultRoles) {
this.defaultRoles = defaultRoles;
}
@AttributeProperty
public Map<String, String> getSmtpConfig() {
return smtpConfig;
}
public void setSmtpConfig(Map<String, String> smtpConfig) {
this.smtpConfig = smtpConfig;
}
@AttributeProperty
public Map<String, String> getSocialConfig() {
return socialConfig;
}
public void setSocialConfig(Map<String, String> socialConfig) {
this.socialConfig = socialConfig;
}
@AttributeProperty
public String getPasswordPolicy() {
return passwordPolicy;
}
public void setPasswordPolicy(String passwordPolicy) {
this.passwordPolicy = passwordPolicy;
}
@AttributeProperty
public String getLoginTheme() {
return loginTheme;
}
public void setLoginTheme(String theme) {
this.loginTheme = theme;
}
@AttributeProperty
public String getAccountTheme() {
return accountTheme;
}
public void setAccountTheme(String theme) {
this.accountTheme = theme;
}
}

View file

@ -1,204 +0,0 @@
package org.keycloak.models.picketlink.mappings;
import org.picketlink.idm.jpa.annotations.AttributeValue;
import org.picketlink.idm.jpa.annotations.OwnerReference;
import org.picketlink.idm.jpa.annotations.entity.IdentityManaged;
import org.picketlink.idm.jpa.model.sample.simple.PartitionTypeEntity;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.Id;
import javax.persistence.Lob;
import javax.persistence.OneToOne;
import java.io.Serializable;
import java.util.HashMap;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
@IdentityManaged(RealmData.class)
@Entity
public class RealmEntity implements Serializable {
@OneToOne
@Id
@OwnerReference
private PartitionTypeEntity partitionTypeEntity;
@AttributeValue
private String realmName;
@AttributeValue
private boolean enabled;
@AttributeValue
private boolean sslNotRequired;
@AttributeValue
private boolean registrationAllowed;
@AttributeValue
private boolean verifyEmail;
@AttributeValue
private boolean resetPasswordAllowed;
@AttributeValue
private boolean social;
@AttributeValue
private boolean updateProfileOnInitialSocialLogin;
@AttributeValue
private int tokenLifespan;
@AttributeValue
private int accessCodeLifespan;
@AttributeValue
private int accessCodeLifespanUserAction;
@AttributeValue
@Column(length = 2048)
private String publicKeyPem;
@AttributeValue
@Column(length = 2048)
private String privateKeyPem;
@AttributeValue
private String[] defaultRoles;
@AttributeValue
@Lob
private HashMap<String, String> smtpConfig;
@AttributeValue
@Lob
private HashMap<String, String> socialConfig;
@AttributeValue
private String theme;
public PartitionTypeEntity getPartitionTypeEntity() {
return partitionTypeEntity;
}
public void setPartitionTypeEntity(PartitionTypeEntity partitionTypeEntity) {
this.partitionTypeEntity = partitionTypeEntity;
}
public String getRealmName() {
return realmName;
}
public void setRealmName(String realmName) {
this.realmName = realmName;
}
public boolean isEnabled() {
return enabled;
}
public void setEnabled(boolean enabled) {
this.enabled = enabled;
}
public boolean isSslNotRequired() {
return sslNotRequired;
}
public void setSslNotRequired(boolean sslNotRequired) {
this.sslNotRequired = sslNotRequired;
}
public boolean isRegistrationAllowed() {
return registrationAllowed;
}
public void setRegistrationAllowed(boolean registrationAllowed) {
this.registrationAllowed = registrationAllowed;
}
public boolean isVerifyEmail() {
return verifyEmail;
}
public void setVerifyEmail(boolean verifyEmail) {
this.verifyEmail = verifyEmail;
}
public boolean isResetPasswordAllowed() {
return resetPasswordAllowed;
}
public void setResetPasswordAllowed(boolean resetPassword) {
this.resetPasswordAllowed = resetPassword;
}
public boolean isSocial() {
return social;
}
public void setSocial(boolean social) {
this.social = social;
}
public boolean isUpdateProfileOnInitialSocialLogin() {
return updateProfileOnInitialSocialLogin;
}
public void setUpdateProfileOnInitialSocialLogin(boolean updateProfileOnInitialSocialLogin) {
this.updateProfileOnInitialSocialLogin = updateProfileOnInitialSocialLogin;
}
public int getTokenLifespan() {
return tokenLifespan;
}
public void setTokenLifespan(int tokenLifespan) {
this.tokenLifespan = tokenLifespan;
}
public int getAccessCodeLifespan() {
return accessCodeLifespan;
}
public void setAccessCodeLifespan(int accessCodeLifespan) {
this.accessCodeLifespan = accessCodeLifespan;
}
public int getAccessCodeLifespanUserAction() {
return accessCodeLifespanUserAction;
}
public void setAccessCodeLifespanUserAction(int accessCodeLifespanUserAction) {
this.accessCodeLifespanUserAction = accessCodeLifespanUserAction;
}
public String getPublicKeyPem() {
return publicKeyPem;
}
public void setPublicKeyPem(String publicKeyPem) {
this.publicKeyPem = publicKeyPem;
}
public String getPrivateKeyPem() {
return privateKeyPem;
}
public void setPrivateKeyPem(String privateKeyPem) {
this.privateKeyPem = privateKeyPem;
}
public HashMap<String, String> getSmtpConfig() {
return smtpConfig;
}
public void setSmtpConfig(HashMap<String, String> smtpConfig) {
this.smtpConfig = smtpConfig;
}
public HashMap<String, String> getSocialConfig() {
return socialConfig;
}
public void setSocialConfig(HashMap<String, String> socialConfig) {
this.socialConfig = socialConfig;
}
public String getTheme() {
return theme;
}
public void setTheme(String theme) {
this.theme = theme;
}
}

View file

@ -1,41 +0,0 @@
package org.keycloak.models.picketlink.relationships;
import org.picketlink.idm.model.AbstractAttributedType;
import org.picketlink.idm.model.Attribute;
import org.picketlink.idm.model.Relationship;
import org.picketlink.idm.model.annotation.AttributeProperty;
import org.picketlink.idm.query.AttributeParameter;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class ApplicationRelationship extends AbstractAttributedType implements Relationship {
private static final long serialVersionUID = 1L;
public static final AttributeParameter REALM = new AttributeParameter("realm");
public static final AttributeParameter APPLICATION = new AttributeParameter("application");
public ApplicationRelationship() {
}
@AttributeProperty
public String getRealm() {
return (String)getAttribute("realm").getValue();
}
public void setRealm(String realm) {
setAttribute(new Attribute<String>("realm", realm));
}
@AttributeProperty
public String getApplication() {
return (String)getAttribute("application").getValue();
}
public void setApplication(String app) {
setAttribute(new Attribute<String>("application", app));
}
}

View file

@ -1,57 +0,0 @@
package org.keycloak.models.picketlink.relationships;
import org.picketlink.idm.model.AbstractAttributedType;
import org.picketlink.idm.model.Attribute;
import org.picketlink.idm.model.Relationship;
import org.picketlink.idm.model.annotation.AttributeProperty;
import org.picketlink.idm.model.sample.User;
import org.picketlink.idm.query.AttributeParameter;
import org.picketlink.idm.query.RelationshipQueryParameter;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class OAuthClientRelationship extends AbstractAttributedType implements Relationship {
private static final long serialVersionUID = 1L;
public static final AttributeParameter REALM = new AttributeParameter("realm");
public static final RelationshipQueryParameter OAUTH_AGENT = new RelationshipQueryParameter() {
@Override
public String getName() {
return "oauthAgent";
}
};
protected User oauthAgent;
public OAuthClientRelationship() {
}
public String getRealm() {
return (String)getAttribute("realm").getValue();
}
public void setRealm(String realm) {
setAttribute(new Attribute<String>("realm", realm));
}
public User getOauthAgent() {
return oauthAgent;
}
public void setOauthAgent(User oauthAgent) {
this.oauthAgent = oauthAgent;
}
@AttributeProperty
public String getBaseUrl() {
return (String)getAttribute("baseUrl").getValue();
}
public void setBaseUrl(String base) {
setAttribute(new Attribute<String>("baseUrl", base));
}
}

View file

@ -1,8 +0,0 @@
package org.keycloak.models.picketlink.relationships;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class OAuthClientRequiredCredentialRelationship extends RequiredCredentialRelationship {
}

View file

@ -1,45 +0,0 @@
package org.keycloak.models.picketlink.relationships;
import org.picketlink.idm.model.AbstractAttributedType;
import org.picketlink.idm.model.Attribute;
import org.picketlink.idm.model.Relationship;
import org.picketlink.idm.model.sample.User;
import org.picketlink.idm.query.AttributeParameter;
import org.picketlink.idm.query.RelationshipQueryParameter;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class RealmAdminRelationship extends AbstractAttributedType implements Relationship {
private static final long serialVersionUID = 1L;
public static final AttributeParameter REALM = new AttributeParameter("realm");
public static final RelationshipQueryParameter ADMIN = new RelationshipQueryParameter() {
@Override
public String getName() {
return "admin";
}
};
//protected String realm;
protected User admin;
public String getRealm() {
return (String)getAttribute("realm").getValue();
}
public void setRealm(String realm) {
setAttribute(new Attribute<String>("realm", realm));
}
public User getAdmin() {
return admin;
}
public void setAdmin(User admin) {
this.admin = admin;
}
}

View file

@ -1,26 +0,0 @@
package org.keycloak.models.picketlink.relationships;
import org.picketlink.idm.model.AbstractAttributedType;
import org.picketlink.idm.model.Attribute;
import org.picketlink.idm.model.Relationship;
import org.picketlink.idm.query.AttributeParameter;
/**
* Picketlink doesn't allow you to query for all partitions, thus this stupid relationship...
*
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class RealmListingRelationship extends AbstractAttributedType implements Relationship {
private static final long serialVersionUID = 1L;
public static final AttributeParameter REALM = new AttributeParameter("realm");
public String getRealm() {
return (String)getAttribute("realm").getValue();
}
public void setRealm(String realm) {
setAttribute(new Attribute<String>("realm", realm));
}
}

View file

@ -1,8 +0,0 @@
package org.keycloak.models.picketlink.relationships;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class RequiredApplicationCredentialRelationship extends RequiredCredentialRelationship {
}

View file

@ -1,81 +0,0 @@
package org.keycloak.models.picketlink.relationships;
import org.picketlink.idm.model.AbstractAttributedType;
import org.picketlink.idm.model.Attribute;
import org.picketlink.idm.model.Relationship;
import org.picketlink.idm.model.annotation.AttributeProperty;
import org.picketlink.idm.query.AttributeParameter;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class RequiredCredentialRelationship extends AbstractAttributedType implements Relationship {
private static final long serialVersionUID = 1L;
public static final AttributeParameter REALM = new AttributeParameter("realm");
//protected String realm;
//protected String credentialType;
//protected boolean input;
//protected boolean secret;
public RequiredCredentialRelationship() {
}
/*
@AttributeProperty
public String getRealm() {
return realm;
}
public void setRealm(String realm) {
this.realm = realm;
}*/
public String getRealm() {
return (String)getAttribute("realm").getValue();
}
public void setRealm(String realm) {
setAttribute(new Attribute<String>("realm", realm));
}
@AttributeProperty
public String getCredentialType() {
return (String)getAttribute("credentialType").getValue();
}
public void setCredentialType(String credentialType) {
setAttribute(new Attribute<String>("credentialType", credentialType));
}
@AttributeProperty
public boolean isInput() {
return (Boolean)getAttribute("input").getValue();
}
public void setInput(boolean input) {
setAttribute(new Attribute<Boolean>("input", input));
}
@AttributeProperty
public boolean isSecret() {
return (Boolean)getAttribute("secret").getValue();
}
public void setSecret(boolean secret) {
setAttribute(new Attribute<Boolean>("secret", secret));
}
@AttributeProperty
public String getFormLabel() {
return (String)getAttribute("formLabel").getValue();
}
public void setFormLabel(String label) {
setAttribute(new Attribute<String>("formLabel", label));
}
}

View file

@ -1,51 +0,0 @@
package org.keycloak.models.picketlink.relationships;
import org.picketlink.idm.model.AbstractAttributedType;
import org.picketlink.idm.model.Relationship;
import org.picketlink.idm.model.sample.Role;
import org.picketlink.idm.model.sample.User;
import org.picketlink.idm.query.RelationshipQueryParameter;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class ScopeRelationship extends AbstractAttributedType implements Relationship {
private static final long serialVersionUID = 1L;
public static final RelationshipQueryParameter CLIENT = new RelationshipQueryParameter() {
@Override
public String getName() {
return "client";
}
};
public static final RelationshipQueryParameter SCOPE = new RelationshipQueryParameter() {
@Override
public String getName() {
return OAuth2Constants.SCOPE;
}
};
protected User client;
protected Role scope;
public User getClient() {
return client;
}
public void setClient(User client) {
this.client = client;
}
public Role getScope() {
return scope;
}
public void setScope(Role scope) {
this.scope = scope;
}
}

View file

@ -1,73 +0,0 @@
package org.keycloak.models.picketlink.relationships;
import org.picketlink.idm.model.AbstractAttributedType;
import org.picketlink.idm.model.Attribute;
import org.picketlink.idm.model.Relationship;
import org.picketlink.idm.model.annotation.AttributeProperty;
import org.picketlink.idm.model.sample.User;
import org.picketlink.idm.query.AttributeParameter;
import org.picketlink.idm.query.RelationshipQueryParameter;
/**
* Binding between user and his social username for particular Social provider
*
* Example: Keycloak user "john" has username "john123" in social provider "facebook"
*
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
*/
public class SocialLinkRelationship extends AbstractAttributedType implements Relationship {
private static final long serialVersionUID = 154879L;
public static final AttributeParameter SOCIAL_PROVIDER = new AttributeParameter("socialProvider");
public static final AttributeParameter SOCIAL_USERID = new AttributeParameter("socialUserId");
// realm is needed to allow searching as combination socialUserId+socialProvider may not be unique
// (Same user could have mapped same facebook account to username "foo" in "realm1" and to username "bar" in "realm2")
public static final AttributeParameter REALM = new AttributeParameter("realm");
public static final RelationshipQueryParameter USER = new RelationshipQueryParameter() {
@Override
public String getName() {
return "user";
}
};
private User user;
public User getUser() {
return user;
}
public void setUser(User user) {
this.user = user;
}
@AttributeProperty
public String getSocialProvider() {
return (String)getAttribute("socialProvider").getValue();
}
public void setSocialProvider(String socialProvider) {
setAttribute(new Attribute<String>("socialProvider", socialProvider));
}
@AttributeProperty
public String getSocialUserId() {
return (String)getAttribute("socialUserId").getValue();
}
public void setSocialUserId(String socialUserId) {
setAttribute(new Attribute<String>("socialUserId", socialUserId));
}
@AttributeProperty
public String getRealm() {
return (String)getAttribute("realm").getValue();
}
public void setRealm(String realm) {
setAttribute(new Attribute<String>("realm", realm));
}
}

View file

@ -1 +0,0 @@
org.keycloak.models.picketlink.PicketlinkModelProvider

View file

@ -61,8 +61,7 @@ public class FederationProvidersIntegrationTest {
ldapConfig.put(LDAPConstants.VENDOR, ldapServer.getVendor());
UserFederationProviderModel ldapProvider = new UserFederationProviderModel(null, LDAPFederationProviderFactory.PROVIDER_NAME, ldapConfig);
appRealm.setUserFederationProviders(Arrays.asList(ldapProvider));
appRealm.addUserFederationProvider(LDAPFederationProviderFactory.PROVIDER_NAME, ldapConfig, 0);
// Configure LDAP
ldapRule.getEmbeddedServer().setupLdapInRealm(appRealm);