KEYCLOAK-904 offline tokens - migration
This commit is contained in:
parent
a048cfc102
commit
95fe2fe74b
1 changed files with 17 additions and 8 deletions
|
@ -4,9 +4,11 @@ import java.util.List;
|
|||
|
||||
import org.keycloak.migration.ModelVersion;
|
||||
import org.keycloak.models.ClientModel;
|
||||
import org.keycloak.models.Constants;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.models.RoleModel;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.models.utils.KeycloakModelUtils;
|
||||
|
||||
/**
|
||||
|
@ -19,17 +21,24 @@ public class MigrateTo1_6_0 {
|
|||
public void migrate(KeycloakSession session) {
|
||||
List<RealmModel> realms = session.realms().getRealms();
|
||||
for (RealmModel realm : realms) {
|
||||
if (realm.getRole(Constants.OFFLINE_ACCESS_ROLE) == null) {
|
||||
for (RoleModel realmRole : realm.getRoles()) {
|
||||
realmRole.setScopeParamRequired(false);
|
||||
}
|
||||
for (ClientModel client : realm.getClients()) {
|
||||
for (RoleModel clientRole : client.getRoles()) {
|
||||
clientRole.setScopeParamRequired(false);
|
||||
}
|
||||
}
|
||||
|
||||
for (RoleModel realmRole : realm.getRoles()) {
|
||||
realmRole.setScopeParamRequired(false);
|
||||
}
|
||||
for (ClientModel client : realm.getClients()) {
|
||||
for (RoleModel clientRole : client.getRoles()) {
|
||||
clientRole.setScopeParamRequired(false);
|
||||
KeycloakModelUtils.setupOfflineTokens(realm);
|
||||
RoleModel role = realm.getRole(Constants.OFFLINE_ACCESS_ROLE);
|
||||
|
||||
// Check if possible to avoid iterating over users
|
||||
for (UserModel user : session.userStorage().getUsers(realm, true)) {
|
||||
user.grantRole(role);
|
||||
}
|
||||
}
|
||||
|
||||
KeycloakModelUtils.setupOfflineTokens(realm);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue