Convert authz entities into interfaces

Closes #9740
This commit is contained in:
Michal Hajas 2022-01-27 10:47:54 +01:00 committed by Hynek Mlnařík
parent dc814b85c7
commit c648e121ed
16 changed files with 262 additions and 555 deletions

View file

@ -165,7 +165,10 @@ public abstract class AbstractGenerateEntityImplementationsProcessor extends Abs
}
protected boolean isImmutableFinalType(TypeMirror fieldType) {
return isPrimitiveType(fieldType) || isBoxedPrimitiveType(fieldType) || Objects.equals("java.lang.String", fieldType.toString());
return isPrimitiveType(fieldType)
|| isBoxedPrimitiveType(fieldType)
|| isEnumType(fieldType)
|| Objects.equals("java.lang.String", fieldType.toString());
}
protected boolean isKnownCollectionOfImmutableFinalTypes(TypeMirror fieldType) {
@ -208,6 +211,10 @@ public abstract class AbstractGenerateEntityImplementationsProcessor extends Abs
return "deepClone(" + parameterName + ")";
}
protected boolean isEnumType(TypeMirror fieldType) {
return types.asElement(fieldType).getKind() == ElementKind.ENUM;
}
protected boolean isPrimitiveType(TypeMirror fieldType) {
try {
types.getPrimitiveType(fieldType.getKind());

View file

@ -29,6 +29,7 @@ import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.map.authorization.adapter.MapPermissionTicketAdapter;
import org.keycloak.models.map.authorization.entity.MapPermissionTicketEntity;
import org.keycloak.models.map.authorization.entity.MapPermissionTicketEntityImpl;
import org.keycloak.models.map.storage.MapKeycloakTransaction;
import org.keycloak.models.map.storage.MapStorage;
@ -108,7 +109,7 @@ public class MapPermissionTicketStore implements PermissionTicketStore {
+ ", Resource: " + resourceId + ", owner: " + owner + ", scopeId: " + scopeId + " already exists.");
}
MapPermissionTicketEntity entity = new MapPermissionTicketEntity();
MapPermissionTicketEntity entity = new MapPermissionTicketEntityImpl();
entity.setResourceId(resourceId);
entity.setRequester(requester);
entity.setCreatedTimestamp(System.currentTimeMillis());

View file

@ -27,6 +27,7 @@ import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.map.authorization.adapter.MapPolicyAdapter;
import org.keycloak.models.map.authorization.entity.MapPolicyEntity;
import org.keycloak.models.map.authorization.entity.MapPolicyEntityImpl;
import org.keycloak.models.map.storage.MapKeycloakTransaction;
import org.keycloak.models.map.storage.MapStorage;
import org.keycloak.models.map.storage.ModelCriteriaBuilder.Operator;
@ -84,7 +85,8 @@ public class MapPolicyStore implements PolicyStore {
}
String uid = representation.getId();
MapPolicyEntity entity = new MapPolicyEntity(uid);
MapPolicyEntity entity = new MapPolicyEntityImpl();
entity.setId(uid);
entity.setType(representation.getType());
entity.setName(representation.getName());
entity.setResourceServerId(resourceServer.getId());

View file

@ -34,6 +34,7 @@ import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.ModelException;
import org.keycloak.models.map.authorization.adapter.MapResourceServerAdapter;
import org.keycloak.models.map.authorization.entity.MapResourceServerEntity;
import org.keycloak.models.map.authorization.entity.MapResourceServerEntityImpl;
import org.keycloak.models.map.storage.MapKeycloakTransaction;
import org.keycloak.models.map.storage.MapStorage;
import org.keycloak.storage.StorageId;
@ -74,7 +75,8 @@ public class MapResourceServerStore implements ResourceServerStore {
throw new ModelDuplicateException("Resource server already exists: " + clientId);
}
MapResourceServerEntity entity = new MapResourceServerEntity(clientId);
MapResourceServerEntity entity = new MapResourceServerEntityImpl();
entity.setId(clientId);
return entityToAdapter(tx.create(entity));
}

View file

@ -27,6 +27,7 @@ import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.map.authorization.adapter.MapResourceAdapter;
import org.keycloak.models.map.authorization.entity.MapResourceEntity;
import org.keycloak.models.map.authorization.entity.MapResourceEntityImpl;
import org.keycloak.models.map.storage.MapKeycloakTransaction;
import org.keycloak.models.map.storage.MapStorage;
@ -82,8 +83,8 @@ public class MapResourceStore implements ResourceStore {
throw new ModelDuplicateException("Resource with name '" + name + "' for " + resourceServer.getId() + " already exists for request owner " + owner);
}
MapResourceEntity entity = new MapResourceEntity(id);
MapResourceEntity entity = new MapResourceEntityImpl();
entity.setId(id);
entity.setName(name);
entity.setResourceServerId(resourceServer.getId());
entity.setOwner(owner);

View file

@ -27,6 +27,7 @@ import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.map.authorization.adapter.MapScopeAdapter;
import org.keycloak.models.map.authorization.entity.MapScopeEntity;
import org.keycloak.models.map.authorization.entity.MapScopeEntityImpl;
import org.keycloak.models.map.storage.MapKeycloakTransaction;
import org.keycloak.models.map.storage.MapStorage;
@ -81,8 +82,8 @@ public class MapScopeStore implements ScopeStore {
throw new ModelDuplicateException("Scope with name '" + name + "' for " + resourceServer.getId() + " already exists");
}
MapScopeEntity entity = new MapScopeEntity(id);
MapScopeEntity entity = new MapScopeEntityImpl();
entity.setId(id);
entity.setName(name);
entity.setResourceServerId(resourceServer.getId());

View file

@ -26,6 +26,7 @@ import org.keycloak.models.map.authorization.entity.MapPolicyEntity;
import org.keycloak.representations.idm.authorization.DecisionStrategy;
import org.keycloak.representations.idm.authorization.Logic;
import java.util.Collections;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
@ -48,7 +49,8 @@ public class MapPolicyAdapter extends AbstractPolicyModel<MapPolicyEntity> {
@Override
public DecisionStrategy getDecisionStrategy() {
return entity.getDecisionStrategy();
DecisionStrategy ds = entity.getDecisionStrategy();
return ds == null ? DecisionStrategy.UNANIMOUS : ds;
}
@Override
@ -59,7 +61,8 @@ public class MapPolicyAdapter extends AbstractPolicyModel<MapPolicyEntity> {
@Override
public Logic getLogic() {
return entity.getLogic();
Logic l = entity.getLogic();
return l == null ? Logic.POSITIVE : l;
}
@Override
@ -70,13 +73,14 @@ public class MapPolicyAdapter extends AbstractPolicyModel<MapPolicyEntity> {
@Override
public Map<String, String> getConfig() {
return entity.getConfig();
Map<String, String> c = entity.getConfigs();
return c == null ? Collections.emptyMap() : c;
}
@Override
public void setConfig(Map<String, String> config) {
throwExceptionIfReadonly();
entity.setConfig(config);
entity.setConfigs(config);
}
@Override
@ -88,7 +92,7 @@ public class MapPolicyAdapter extends AbstractPolicyModel<MapPolicyEntity> {
@Override
public void putConfig(String name, String value) {
throwExceptionIfReadonly();
entity.putConfig(name, value);
entity.setConfig(name, value);
}
@Override
@ -121,7 +125,8 @@ public class MapPolicyAdapter extends AbstractPolicyModel<MapPolicyEntity> {
@Override
public Set<Policy> getAssociatedPolicies() {
String resourceServerId = entity.getResourceServerId();
return entity.getAssociatedPoliciesIds().stream()
Set<String> ids = entity.getAssociatedPolicyIds();
return ids == null ? Collections.emptySet() : ids.stream()
.map(policyId -> storeFactory.getPolicyStore().findById(policyId, resourceServerId))
.collect(Collectors.toSet());
}
@ -129,7 +134,8 @@ public class MapPolicyAdapter extends AbstractPolicyModel<MapPolicyEntity> {
@Override
public Set<Resource> getResources() {
String resourceServerId = entity.getResourceServerId();
return entity.getResourceIds().stream()
Set<String> ids = entity.getResourceIds();
return ids == null ? Collections.emptySet() : ids.stream()
.map(resourceId -> storeFactory.getResourceStore().findById(resourceId, resourceServerId))
.collect(Collectors.toSet());
}
@ -137,7 +143,8 @@ public class MapPolicyAdapter extends AbstractPolicyModel<MapPolicyEntity> {
@Override
public Set<Scope> getScopes() {
String resourceServerId = entity.getResourceServerId();
return entity.getScopeIds().stream()
Set<String> ids = entity.getScopeIds();
return ids == null ? Collections.emptySet() : ids.stream()
.map(scopeId -> storeFactory.getScopeStore().findById(scopeId, resourceServerId))
.collect(Collectors.toSet());
}
@ -156,37 +163,37 @@ public class MapPolicyAdapter extends AbstractPolicyModel<MapPolicyEntity> {
@Override
public void addScope(Scope scope) {
throwExceptionIfReadonly();
entity.addScope(scope.getId());
entity.addScopeId(scope.getId());
}
@Override
public void removeScope(Scope scope) {
throwExceptionIfReadonly();
entity.removeScope(scope.getId());
entity.removeScopeId(scope.getId());
}
@Override
public void addAssociatedPolicy(Policy associatedPolicy) {
throwExceptionIfReadonly();
entity.addAssociatedPolicy(associatedPolicy.getId());
entity.addAssociatedPolicyId(associatedPolicy.getId());
}
@Override
public void removeAssociatedPolicy(Policy associatedPolicy) {
throwExceptionIfReadonly();
entity.removeAssociatedPolicy(associatedPolicy.getId());
entity.removeAssociatedPolicyId(associatedPolicy.getId());
}
@Override
public void addResource(Resource resource) {
throwExceptionIfReadonly();
entity.addResource(resource.getId());
entity.addResourceId(resource.getId());
}
@Override
public void removeResource(Resource resource) {
throwExceptionIfReadonly();
entity.removeResource(resource.getId());
entity.removeResourceId(resource.getId());
}
@Override

View file

@ -63,7 +63,8 @@ public class MapResourceAdapter extends AbstractResourceModel<MapResourceEntity>
@Override
public Set<String> getUris() {
return entity.getUris();
Set<String> uris = entity.getUris();
return uris == null ? Collections.emptySet() : entity.getUris();
}
@Override
@ -85,7 +86,8 @@ public class MapResourceAdapter extends AbstractResourceModel<MapResourceEntity>
@Override
public List<Scope> getScopes() {
return entity.getScopeIds().stream()
Set<String> ids = entity.getScopeIds();
return ids == null ? Collections.emptyList() : ids.stream()
.map(id -> storeFactory
.getScopeStore().findById(id, entity.getResourceServerId()))
.collect(Collectors.toList());
@ -114,7 +116,8 @@ public class MapResourceAdapter extends AbstractResourceModel<MapResourceEntity>
@Override
public boolean isOwnerManagedAccess() {
return entity.isOwnerManagedAccess();
Boolean isOMA = entity.isOwnerManagedAccess();
return isOMA == null ? false : isOMA;
}
@Override
@ -131,7 +134,8 @@ public class MapResourceAdapter extends AbstractResourceModel<MapResourceEntity>
@Override
public Map<String, List<String>> getAttributes() {
return Collections.unmodifiableMap(new HashMap<>(entity.getAttributes()));
Map<String, List<String>> attrs = entity.getAttributes();
return attrs == null ? Collections.emptyMap() : Collections.unmodifiableMap(new HashMap<>(attrs));
}
@Override

View file

@ -36,7 +36,8 @@ public class MapResourceServerAdapter extends AbstractResourceServerModel<MapRes
@Override
public boolean isAllowRemoteResourceManagement() {
return entity.isAllowRemoteResourceManagement();
Boolean isARRM = entity.isAllowRemoteResourceManagement();
return isARRM == null ? false : isARRM;
}
@Override
@ -47,7 +48,8 @@ public class MapResourceServerAdapter extends AbstractResourceServerModel<MapRes
@Override
public PolicyEnforcementMode getPolicyEnforcementMode() {
return entity.getPolicyEnforcementMode();
PolicyEnforcementMode pem = entity.getPolicyEnforcementMode();
return pem == null ? PolicyEnforcementMode.ENFORCING : pem;
}
@Override
@ -64,7 +66,8 @@ public class MapResourceServerAdapter extends AbstractResourceServerModel<MapRes
@Override
public DecisionStrategy getDecisionStrategy() {
return entity.getDecisionStrategy();
DecisionStrategy ds = entity.getDecisionStrategy();
return ds == null ? DecisionStrategy.UNANIMOUS : ds;
}
@Override

View file

@ -1,5 +1,5 @@
/*
* Copyright 2021 Red Hat, Inc. and/or its affiliates
* Copyright 2022 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
@ -17,115 +17,55 @@
package org.keycloak.models.map.authorization.entity;
import org.keycloak.models.map.annotations.GenerateEntityImplementations;
import org.keycloak.models.map.common.AbstractEntity;
import org.keycloak.models.map.common.DeepCloner;
import org.keycloak.models.map.common.UpdatableEntity;
import java.util.Objects;
public class MapPermissionTicketEntity extends UpdatableEntity.Impl implements AbstractEntity {
@GenerateEntityImplementations(
inherits = "org.keycloak.models.map.authorization.entity.MapPermissionTicketEntity.AbstractMapPermissionTicketEntity"
)
@DeepCloner.Root
public interface MapPermissionTicketEntity extends UpdatableEntity, AbstractEntity {
private String id;
private String owner;
private String requester;
private Long createdTimestamp;
private Long grantedTimestamp;
private String resourceId;
private String scopeId;
private String resourceServerId;
private String policyId;
public abstract class AbstractMapPermissionTicketEntity extends UpdatableEntity.Impl implements MapPermissionTicketEntity {
public MapPermissionTicketEntity(String id) {
this.id = id;
private String id;
@Override
public String getId() {
return this.id;
}
@Override
public void setId(String id) {
if (this.id != null) throw new IllegalStateException("Id cannot be changed");
this.id = id;
this.updated |= id != null;
}
}
public MapPermissionTicketEntity() {}
String getOwner();
void setOwner(String owner);
@Override
public String getId() {
return id;
}
String getRequester();
void setRequester(String requester);
@Override
public void setId(String id) {
if (this.id != null) throw new IllegalStateException("Id cannot be changed");
this.id = id;
this.updated |= id != null;
}
Long getCreatedTimestamp();
void setCreatedTimestamp(Long createdTimestamp);
public String getOwner() {
return owner;
}
Long getGrantedTimestamp();
void setGrantedTimestamp(Long grantedTimestamp);
public void setOwner(String owner) {
this.updated |= !Objects.equals(this.owner, owner);
this.owner = owner;
}
String getResourceId();
void setResourceId(String resourceId);
public String getRequester() {
return requester;
}
String getScopeId();
void setScopeId(String scopeId);
public void setRequester(String requester) {
this.updated |= !Objects.equals(this.requester, requester);
this.requester = requester;
}
String getResourceServerId();
void setResourceServerId(String resourceServerId);
public Long getCreatedTimestamp() {
return createdTimestamp;
}
public void setCreatedTimestamp(Long createdTimestamp) {
this.updated |= !Objects.equals(this.createdTimestamp, createdTimestamp);
this.createdTimestamp = createdTimestamp;
}
public Long getGrantedTimestamp() {
return grantedTimestamp;
}
public void setGrantedTimestamp(Long grantedTimestamp) {
this.updated |= !Objects.equals(this.grantedTimestamp, grantedTimestamp);
this.grantedTimestamp = grantedTimestamp;
}
public String getResourceId() {
return resourceId;
}
public void setResourceId(String resourceId) {
this.updated |= !Objects.equals(this.resourceId, resourceId);
this.resourceId = resourceId;
}
public String getScopeId() {
return scopeId;
}
public void setScopeId(String scopeId) {
this.updated |= !Objects.equals(this.scopeId, scopeId);
this.scopeId = scopeId;
}
public String getResourceServerId() {
return resourceServerId;
}
public void setResourceServerId(String resourceServerId) {
this.updated |= !Objects.equals(this.resourceServerId, resourceServerId);
this.resourceServerId = resourceServerId;
}
public String getPolicyId() {
return policyId;
}
public void setPolicyId(String policyId) {
this.updated |= !Objects.equals(this.policyId, policyId);
this.policyId = policyId;
}
@Override
public String toString() {
return String.format("%s@%08x", getId(), System.identityHashCode(this));
}
String getPolicyId();
void setPolicyId(String policyId);
}

View file

@ -1,5 +1,5 @@
/*
* Copyright 2021 Red Hat, Inc. and/or its affiliates
* Copyright 2022 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
@ -17,177 +17,75 @@
package org.keycloak.models.map.authorization.entity;
import org.keycloak.models.map.annotations.GenerateEntityImplementations;
import org.keycloak.models.map.common.AbstractEntity;
import org.keycloak.models.map.common.DeepCloner;
import org.keycloak.models.map.common.UpdatableEntity;
import org.keycloak.representations.idm.authorization.DecisionStrategy;
import org.keycloak.representations.idm.authorization.Logic;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Set;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
public class MapPolicyEntity extends UpdatableEntity.Impl implements AbstractEntity {
@GenerateEntityImplementations(
inherits = "org.keycloak.models.map.authorization.entity.MapPolicyEntity.AbstractMapPolicyEntity"
)
@DeepCloner.Root
public interface MapPolicyEntity extends UpdatableEntity, AbstractEntity {
private String id;
private String name;
private String description;
private String type;
private DecisionStrategy decisionStrategy = DecisionStrategy.UNANIMOUS;
private Logic logic = Logic.POSITIVE;
private final Map<String, String> config = new HashMap<>();
private String resourceServerId;
private final Set<String> associatedPoliciesIds = new HashSet<>();
private final Set<String> resourceIds = new HashSet<>();
private final Set<String> scopeIds = new HashSet<>();
private String owner;
public abstract class AbstractMapPolicyEntity extends UpdatableEntity.Impl implements MapPolicyEntity {
public MapPolicyEntity(String id) {
this.id = id;
}
private String id;
public MapPolicyEntity() {}
@Override
public String getId() {
return this.id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.updated |= !Objects.equals(this.name, name);
this.name = name;
}
public String getDescription() {
return description;
}
public void setDescription(String description) {
this.updated |= !Objects.equals(this.description, description);
this.description = description;
}
public String getType() {
return type;
}
public void setType(String type) {
this.updated |= !Objects.equals(this.type, type);
this.type = type;
}
public DecisionStrategy getDecisionStrategy() {
return decisionStrategy;
}
public void setDecisionStrategy(DecisionStrategy decisionStrategy) {
this.updated |= !Objects.equals(this.decisionStrategy, decisionStrategy);
this.decisionStrategy = decisionStrategy;
}
public Logic getLogic() {
return logic;
}
public void setLogic(Logic logic) {
this.updated |= !Objects.equals(this.logic, logic);
this.logic = logic;
}
public Map<String, String> getConfig() {
return config;
}
public String getConfigValue(String name) {
return config.get(name);
}
public void setConfig(Map<String, String> config) {
if (Objects.equals(this.config, config)) return;
this.updated = true;
this.config.clear();
if (config != null) {
this.config.putAll(config);
@Override
public void setId(String id) {
if (this.id != null) throw new IllegalStateException("Id cannot be changed");
this.id = id;
this.updated |= id != null;
}
}
public void removeConfig(String name) {
this.updated |= this.config.remove(name) != null;
}
String getName();
void setName(String name);
public void putConfig(String name, String value) {
this.updated |= !Objects.equals(value, this.config.put(name, value));
}
String getDescription();
void setDescription(String description);
public String getResourceServerId() {
return resourceServerId;
}
String getType();
void setType(String type);
public void setResourceServerId(String resourceServerId) {
this.updated |= !Objects.equals(this.resourceServerId, resourceServerId);
this.resourceServerId = resourceServerId;
}
DecisionStrategy getDecisionStrategy();
void setDecisionStrategy(DecisionStrategy decisionStrategy);
public Set<String> getAssociatedPoliciesIds() {
return associatedPoliciesIds;
}
Logic getLogic();
void setLogic(Logic logic);
public void addAssociatedPolicy(String policyId) {
this.updated |= this.associatedPoliciesIds.add(policyId);
}
Map<String, String> getConfigs();
void setConfigs(Map<String, String> config);
String getConfig(String name);
void setConfig(String name, String value);
void removeConfig(String name);
public void removeAssociatedPolicy(String policyId) {
this.updated |= this.associatedPoliciesIds.remove(policyId);
}
String getResourceServerId();
void setResourceServerId(String resourceServerId);
public Set<String> getResourceIds() {
return resourceIds;
}
Set<String> getAssociatedPolicyIds();
void addAssociatedPolicyId(String policyId);
void removeAssociatedPolicyId(String policyId);
public void addResource(String resourceId) {
this.updated |= this.resourceIds.add(resourceId);
}
Set<String> getResourceIds();
void addResourceId(String resourceId);
void removeResourceId(String resourceId);
public void removeResource(String resourceId) {
this.updated |= this.resourceIds.remove(resourceId);
}
Set<String> getScopeIds();
void addScopeId(String scopeId);
void removeScopeId(String scopeId);
public Set<String> getScopeIds() {
return scopeIds;
}
public void addScope(String scopeId) {
this.updated |= this.scopeIds.add(scopeId);
}
public void removeScope(String scopeId) {
this.updated |= this.scopeIds.remove(scopeId);
}
public String getOwner() {
return owner;
}
public void setOwner(String owner) {
this.updated |= !Objects.equals(this.owner, owner);
this.owner = owner;
}
@Override
public String getId() {
return id;
}
@Override
public void setId(String id) {
if (this.id != null) throw new IllegalStateException("Id cannot be changed");
this.id = id;
this.updated |= id != null;
}
@Override
public String toString() {
return String.format("%s@%08x", getId(), System.identityHashCode(this));
}
String getOwner();
void setOwner(String owner);
}

View file

@ -1,5 +1,5 @@
/*
* Copyright 2021 Red Hat, Inc. and/or its affiliates
* Copyright 2022 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
@ -17,175 +17,61 @@
package org.keycloak.models.map.authorization.entity;
import org.keycloak.models.map.annotations.GenerateEntityImplementations;
import org.keycloak.models.map.common.AbstractEntity;
import org.keycloak.models.map.common.DeepCloner;
import org.keycloak.models.map.common.EntityWithAttributes;
import org.keycloak.models.map.common.UpdatableEntity;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
public class MapResourceEntity extends UpdatableEntity.Impl implements AbstractEntity, EntityWithAttributes {
@GenerateEntityImplementations(
inherits = "org.keycloak.models.map.authorization.entity.MapResourceEntity.AbstractMapResourceEntity"
)
@DeepCloner.Root
public interface MapResourceEntity extends UpdatableEntity, AbstractEntity, EntityWithAttributes {
private String id;
private String name;
private String displayName;
private final Set<String> uris = new HashSet<>();
private String type;
private String iconUri;
private String owner;
private boolean ownerManagedAccess;
private String resourceServerId;
private final Set<String> scopeIds = new HashSet<>();
private final Set<String> policyIds = new HashSet<>();
private final Map<String, List<String>> attributes = new HashMap<>();
public abstract class AbstractMapResourceEntity extends UpdatableEntity.Impl implements MapResourceEntity {
public MapResourceEntity(String id) {
this.id = id;
}
private String id;
public MapResourceEntity() {}
@Override
public String getId() {
return this.id;
}
@Override
public String getId() {
return id;
}
@Override
public void setId(String id) {
if (this.id != null) throw new IllegalStateException("Id cannot be changed");
this.id = id;
this.updated |= id != null;
}
public String getName() {
return name;
}
public void setName(String name) {
this.updated |= !Objects.equals(this.name, name);
this.name = name;
}
public String getDisplayName() {
return displayName;
}
public void setDisplayName(String displayName) {
this.updated |= !Objects.equals(this.displayName, displayName);
this.displayName = displayName;
}
public Set<String> getUris() {
return uris;
}
public void setUris(Set<String> uris) {
if (Objects.equals(this.uris, uris)) return;
this.updated = true;
this.uris.clear();
if (uris != null) {
this.uris.addAll(uris);
@Override
public void setId(String id) {
if (this.id != null) throw new IllegalStateException("Id cannot be changed");
this.id = id;
this.updated |= id != null;
}
}
public String getType() {
return type;
}
String getName();
void setName(String name);
public void setType(String type) {
this.updated |= !Objects.equals(this.type, type);
this.type = type;
}
String getDisplayName();
void setDisplayName(String displayName);
public String getIconUri() {
return iconUri;
}
Set<String> getUris();
void setUris(Set<String> uris);
public void setIconUri(String iconUri) {
this.updated |= !Objects.equals(this.iconUri, iconUri);
this.iconUri = iconUri;
}
String getType();
void setType(String type);
public String getOwner() {
return owner;
}
String getIconUri();
void setIconUri(String iconUri);
public void setOwner(String owner) {
this.updated |= !Objects.equals(this.owner, owner);
this.owner = owner;
}
String getOwner();
void setOwner(String owner);
public boolean isOwnerManagedAccess() {
return ownerManagedAccess;
}
Boolean isOwnerManagedAccess();
void setOwnerManagedAccess(Boolean ownerManagedAccess);
public void setOwnerManagedAccess(boolean ownerManagedAccess) {
this.updated |= this.ownerManagedAccess != ownerManagedAccess;
this.ownerManagedAccess = ownerManagedAccess;
}
void setResourceServerId(String resourceServerId);
String getResourceServerId();
public String getResourceServerId() {
return resourceServerId;
}
public void setResourceServerId(String resourceServerId) {
this.updated |= !Objects.equals(this.resourceServerId, resourceServerId);
this.resourceServerId = resourceServerId;
}
public Set<String> getScopeIds() {
return scopeIds;
}
public void setScopeIds(Set<String> scopeIds) {
if (Objects.equals(this.scopeIds, scopeIds)) return;
this.updated = true;
this.scopeIds.clear();
if (scopeIds != null) {
this.scopeIds.addAll(scopeIds);
}
}
public Set<String> getPolicyIds() {
return policyIds;
}
@Override
public Map<String, List<String>> getAttributes() {
return attributes;
}
@Override
public void setAttributes(Map<String, List<String>> attributes) {
this.updated |= ! Objects.equals(this.attributes, attributes);
this.attributes.clear();
this.attributes.putAll(attributes);
}
@Override
public List<String> getAttribute(String name) {
return attributes.get(name);
}
@Override
public void setAttribute(String name, List<String> value) {
this.updated |= !Objects.equals(this.attributes.put(name, value), value);
}
@Override
public void removeAttribute(String name) {
this.updated |= this.attributes.remove(name) != null;
}
@Override
public String toString() {
return String.format("%s@%08x", getId(), System.identityHashCode(this));
}
Set<String> getScopeIds();
void setScopeIds(Set<String> scopeIds);
}

View file

@ -1,5 +1,5 @@
/*
* Copyright 2021 Red Hat, Inc. and/or its affiliates
* Copyright 2022 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
@ -17,68 +17,42 @@
package org.keycloak.models.map.authorization.entity;
import org.keycloak.models.map.annotations.GenerateEntityImplementations;
import org.keycloak.models.map.common.AbstractEntity;
import org.keycloak.models.map.common.DeepCloner;
import org.keycloak.models.map.common.UpdatableEntity;
import org.keycloak.representations.idm.authorization.DecisionStrategy;
import org.keycloak.representations.idm.authorization.PolicyEnforcementMode;
import java.util.Objects;
@GenerateEntityImplementations(
inherits = "org.keycloak.models.map.authorization.entity.MapResourceServerEntity.AbstractMapResourceServerEntity"
)
@DeepCloner.Root
public interface MapResourceServerEntity extends UpdatableEntity, AbstractEntity {
public class MapResourceServerEntity extends UpdatableEntity.Impl implements AbstractEntity {
public abstract class AbstractMapResourceServerEntity extends UpdatableEntity.Impl implements MapResourceServerEntity {
private String id;
private String id;
private boolean allowRemoteResourceManagement;
private PolicyEnforcementMode policyEnforcementMode = PolicyEnforcementMode.ENFORCING;
private DecisionStrategy decisionStrategy = DecisionStrategy.UNANIMOUS;
@Override
public String getId() {
return this.id;
}
public MapResourceServerEntity(String id) {
this.id = id;
@Override
public void setId(String id) {
if (this.id != null) throw new IllegalStateException("Id cannot be changed");
this.id = id;
this.updated |= id != null;
}
}
public MapResourceServerEntity() {}
Boolean isAllowRemoteResourceManagement();
void setAllowRemoteResourceManagement(Boolean allowRemoteResourceManagement);
@Override
public String getId() {
return id;
}
PolicyEnforcementMode getPolicyEnforcementMode();
void setPolicyEnforcementMode(PolicyEnforcementMode policyEnforcementMode);
@Override
public void setId(String id) {
if (this.id != null) throw new IllegalStateException("Id cannot be changed");
this.id = id;
this.updated |= id != null;
}
public boolean isAllowRemoteResourceManagement() {
return allowRemoteResourceManagement;
}
public void setAllowRemoteResourceManagement(boolean allowRemoteResourceManagement) {
this.updated |= this.allowRemoteResourceManagement != allowRemoteResourceManagement;
this.allowRemoteResourceManagement = allowRemoteResourceManagement;
}
public PolicyEnforcementMode getPolicyEnforcementMode() {
return policyEnforcementMode;
}
public void setPolicyEnforcementMode(PolicyEnforcementMode policyEnforcementMode) {
this.updated |= !Objects.equals(this.policyEnforcementMode, policyEnforcementMode);
this.policyEnforcementMode = policyEnforcementMode;
}
public DecisionStrategy getDecisionStrategy() {
return decisionStrategy;
}
public void setDecisionStrategy(DecisionStrategy decisionStrategy) {
this.updated |= !Objects.equals(this.decisionStrategy, decisionStrategy);
this.decisionStrategy = decisionStrategy;
}
@Override
public String toString() {
return String.format("%s@%08x", getId(), System.identityHashCode(this));
}
DecisionStrategy getDecisionStrategy();
void setDecisionStrategy(DecisionStrategy decisionStrategy);
}

View file

@ -1,5 +1,5 @@
/*
* Copyright 2021 Red Hat, Inc. and/or its affiliates
* Copyright 2022 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
@ -17,75 +17,43 @@
package org.keycloak.models.map.authorization.entity;
import org.keycloak.models.map.annotations.GenerateEntityImplementations;
import org.keycloak.models.map.common.AbstractEntity;
import org.keycloak.models.map.common.DeepCloner;
import org.keycloak.models.map.common.UpdatableEntity;
import java.util.Objects;
public class MapScopeEntity extends UpdatableEntity.Impl implements AbstractEntity {
@GenerateEntityImplementations(
inherits = "org.keycloak.models.map.authorization.entity.MapScopeEntity.AbstractMapScopeEntity"
)
@DeepCloner.Root
public interface MapScopeEntity extends UpdatableEntity, AbstractEntity {
private String id;
private String name;
private String displayName;
private String iconUri;
private String resourceServerId;
public abstract class AbstractMapScopeEntity extends UpdatableEntity.Impl implements MapScopeEntity {
public MapScopeEntity(String id) {
this.id = id;
private String id;
@Override
public String getId() {
return this.id;
}
@Override
public void setId(String id) {
if (this.id != null) throw new IllegalStateException("Id cannot be changed");
this.id = id;
this.updated |= id != null;
}
}
public MapScopeEntity() {}
String getName();
void setName(String name);
@Override
public String getId() {
return id;
}
String getDisplayName();
void setDisplayName(String displayName);
@Override
public void setId(String id) {
if (this.id != null) throw new IllegalStateException("Id cannot be changed");
this.id = id;
this.updated |= id != null;
}
String getIconUri();
void setIconUri(String iconUri);
public String getName() {
return name;
}
public void setName(String name) {
this.updated |= !Objects.equals(this.name, name);
this.name = name;
}
public String getDisplayName() {
return displayName;
}
public void setDisplayName(String displayName) {
this.updated |= !Objects.equals(this.displayName, displayName);
this.displayName = displayName;
}
public String getIconUri() {
return iconUri;
}
public void setIconUri(String iconUri) {
this.updated |= !Objects.equals(this.iconUri, iconUri);
this.iconUri = iconUri;
}
public String getResourceServerId() {
return resourceServerId;
}
public void setResourceServerId(String resourceServerId) {
this.updated |= !Objects.equals(this.resourceServerId, resourceServerId);
this.resourceServerId = resourceServerId;
}
@Override
public String toString() {
return String.format("%s@%08x", getId(), System.identityHashCode(this));
}
String getResourceServerId();
void setResourceServerId(String resourceServerId);
}

View file

@ -16,6 +16,14 @@
*/
package org.keycloak.models.map.storage.chm;
import org.keycloak.models.map.authorization.entity.MapPermissionTicketEntity;
import org.keycloak.models.map.authorization.entity.MapPermissionTicketEntityImpl;
import org.keycloak.models.map.authorization.entity.MapPolicyEntity;
import org.keycloak.models.map.authorization.entity.MapPolicyEntityImpl;
import org.keycloak.models.map.authorization.entity.MapResourceEntityImpl;
import org.keycloak.models.map.authorization.entity.MapResourceServerEntityImpl;
import org.keycloak.models.map.authorization.entity.MapScopeEntity;
import org.keycloak.models.map.authorization.entity.MapScopeEntityImpl;
import org.keycloak.models.map.common.StringKeyConvertor;
import org.keycloak.component.AmphibianProviderFactory;
import org.keycloak.Config.Scope;
@ -94,6 +102,11 @@ public class ConcurrentHashMapStorageProviderFactory implements AmphibianProvide
.constructor(MapUserFederatedIdentityEntityImpl.class, MapUserFederatedIdentityEntityImpl::new)
.constructor(MapUserConsentEntityImpl.class, MapUserConsentEntityImpl::new)
.constructor(MapClientScopeEntityImpl.class, MapClientScopeEntityImpl::new)
.constructor(MapResourceServerEntityImpl.class, MapResourceServerEntityImpl::new)
.constructor(MapResourceEntityImpl.class, MapResourceEntityImpl::new)
.constructor(MapScopeEntity.class, MapScopeEntityImpl::new)
.constructor(MapPolicyEntity.class, MapPolicyEntityImpl::new)
.constructor(MapPermissionTicketEntity.class, MapPermissionTicketEntityImpl::new)
.build();
private static final Map<String, StringKeyConvertor> KEY_CONVERTORS = new HashMap<>();

View file

@ -341,10 +341,10 @@ public class MapFieldPredicates {
getter = re -> re.getUris() != null && !re.getUris().isEmpty();
} else if (op == Operator.IN && values != null && values.length == 1 && (values[0] instanceof Collection)) {
Collection<?> c = (Collection<?>) values[0];
getter = re -> re.getUris().stream().anyMatch(c::contains);
getter = re -> Optional.ofNullable(re.getUris()).orElseGet(Collections::emptySet).stream().anyMatch(c::contains);
} else {
String uri = ensureEqSingleValue(Resource.SearchableFields.URI, "uri", op, values);
getter = re -> re.getUris().contains(uri);
getter = re -> Optional.ofNullable(re.getUris()).orElseGet(Collections::emptySet).contains(uri);
}
return mcb.fieldCompare(Boolean.TRUE::equals, getter);
@ -355,10 +355,10 @@ public class MapFieldPredicates {
if (op == Operator.IN && values != null && values.length == 1 && (values[0] instanceof Collection)) {
Collection<?> c = (Collection<?>) values[0];
getter = re -> re.getScopeIds().stream().map(Object::toString).anyMatch(c::contains);
getter = re -> Optional.ofNullable(re.getScopeIds()).orElseGet(Collections::emptySet).stream().map(Object::toString).anyMatch(c::contains);
} else {
String scope = ensureEqSingleValue(Resource.SearchableFields.URI, "scope_id", op, values);
getter = re -> re.getScopeIds().stream().map(Object::toString).anyMatch(scope::equals);
getter = re -> Optional.ofNullable(re.getScopeIds()).orElseGet(Collections::emptySet).stream().map(Object::toString).anyMatch(scope::equals);
}
return mcb.fieldCompare(Boolean.TRUE::equals, getter);
@ -368,13 +368,13 @@ public class MapFieldPredicates {
Function<MapPolicyEntity, ?> getter;
if (op == Operator.NOT_EXISTS) {
getter = re -> re.getResourceIds().isEmpty();
getter = re -> re.getResourceIds() == null || re.getResourceIds().isEmpty();
} else if (op == Operator.IN && values != null && values.length == 1 && (values[0] instanceof Collection)) {
Collection<?> c = (Collection<?>) values[0];
getter = re -> re.getResourceIds().stream().map(Object::toString).anyMatch(c::contains);
getter = re -> Optional.ofNullable(re.getResourceIds()).orElseGet(Collections::emptySet).stream().map(Object::toString).anyMatch(c::contains);
} else {
String scope = ensureEqSingleValue(Policy.SearchableFields.RESOURCE_ID, "resource_id", op, values, String.class);
getter = re -> re.getResourceIds().stream().map(Object::toString).anyMatch(scope::equals);
getter = re -> Optional.ofNullable(re.getResourceIds()).orElseGet(Collections::emptySet).stream().map(Object::toString).anyMatch(scope::equals);
}
return mcb.fieldCompare(Boolean.TRUE::equals, getter);
@ -385,10 +385,10 @@ public class MapFieldPredicates {
if (op == Operator.IN && values != null && values.length == 1 && (values[0] instanceof Collection)) {
Collection<?> c = (Collection<?>) values[0];
getter = re -> re.getScopeIds().stream().map(Object::toString).anyMatch(c::contains); // TODO: Use KeyConverter
getter = re -> Optional.ofNullable(re.getScopeIds()).orElseGet(Collections::emptySet).stream().map(Object::toString).anyMatch(c::contains); // TODO: Use KeyConverter
} else {
String scope = ensureEqSingleValue(Policy.SearchableFields.CONFIG, "scope_id", op, values);
getter = re -> re.getScopeIds().stream().map(Object::toString).anyMatch(scope::equals);
getter = re -> Optional.ofNullable(re.getScopeIds()).orElseGet(Collections::emptySet).stream().map(Object::toString).anyMatch(scope::equals);
}
return mcb.fieldCompare(Boolean.TRUE::equals, getter);
@ -407,7 +407,7 @@ public class MapFieldPredicates {
System.arraycopy(values, 1, realValues, 0, values.length - 1);
Predicate<Object> valueComparator = CriteriaOperator.predicateFor(op, realValues);
getter = pe -> {
final String configValue = pe.getConfigValue(attrNameS);
final String configValue = pe.getConfig(attrNameS);
return valueComparator.test(configValue);
};
@ -419,10 +419,10 @@ public class MapFieldPredicates {
if (op == Operator.IN && values != null && values.length == 1 && (values[0] instanceof Collection)) {
Collection<?> c = (Collection<?>) values[0];
getter = re -> re.getAssociatedPoliciesIds().stream().map(Object::toString).anyMatch(c::contains);
getter = re -> Optional.ofNullable(re.getAssociatedPolicyIds()).orElseGet(Collections::emptySet).stream().map(Object::toString).anyMatch(c::contains);
} else {
String policyId = ensureEqSingleValue(Policy.SearchableFields.ASSOCIATED_POLICY_ID, "associated_policy_id", op, values);
getter = re -> re.getAssociatedPoliciesIds().stream().map(Object::toString).anyMatch(policyId::equals);
getter = re -> Optional.ofNullable(re.getAssociatedPolicyIds()).orElseGet(Collections::emptySet).stream().map(Object::toString).anyMatch(policyId::equals);
}
return mcb.fieldCompare(Boolean.TRUE::equals, getter);