libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

remove clientmodel.getAgent()

Browse source
This commit is contained in:
Bill Burke 2014-02-27 16:48:34 -05:00
parent 3fc273070e
commit c78d1c90e4
22 changed files with 359 additions and 524 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
model/api/src/main/java/org/keycloak/models/ClientModel.java
View file

@ -21,8 +21,6 @@ public interface ClientModel {
*/
String getClientId();
UserModel getAgent();
long getAllowedClaimsMask();
void setAllowedClaimsMask(long mask);

135
model/jpa/src/main/java/org/keycloak/models/jpa/ApplicationAdapter.java
View file

@ -5,7 +5,6 @@ import org.keycloak.models.ClientModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleContainerModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.jpa.entities.*;
@ -21,16 +20,17 @@ import java.util.Set;
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class ApplicationAdapter implements ApplicationModel {
public class ApplicationAdapter extends ClientAdapter implements ApplicationModel {
protected EntityManager em;
protected ApplicationEntity entity;
protected ApplicationEntity applicationEntity;
protected RealmModel realm;
public ApplicationAdapter(RealmModel realm, EntityManager em, ApplicationEntity entity) {
public ApplicationAdapter(RealmModel realm, EntityManager em, ApplicationEntity applicationEntity) {
super(applicationEntity);
this.realm = realm;
this.em = em;
this.entity = entity;
this.applicationEntity = applicationEntity;
}
@Override
@ -38,21 +38,6 @@ public class ApplicationAdapter implements ApplicationModel {
em.flush();
}
@Override
public UserModel getAgent() {
return new UserAdapter(entity.getApplicationUser());
}
@Override
public String getId() {
return entity.getId();
}
@Override
public String getClientId() {
return getName();
}
@Override
public String getName() {
return entity.getName();
@ -63,54 +48,35 @@ public class ApplicationAdapter implements ApplicationModel {
entity.setName(name);
}
@Override
public boolean isEnabled() {
return entity.isEnabled();
}
@Override
public void setEnabled(boolean enabled) {
entity.setEnabled(enabled);
}
@Override
public long getAllowedClaimsMask() {
return entity.getAllowedClaimsMask();
}
@Override
public void setAllowedClaimsMask(long mask) {
entity.setAllowedClaimsMask(mask);
}
@Override
public boolean isSurrogateAuthRequired() {
return entity.isSurrogateAuthRequired();
return applicationEntity.isSurrogateAuthRequired();
}
@Override
public void setSurrogateAuthRequired(boolean surrogateAuthRequired) {
entity.setSurrogateAuthRequired(surrogateAuthRequired);
applicationEntity.setSurrogateAuthRequired(surrogateAuthRequired);
}
@Override
public String getManagementUrl() {
return entity.getManagementUrl();
return applicationEntity.getManagementUrl();
}
@Override
public void setManagementUrl(String url) {
entity.setManagementUrl(url);
applicationEntity.setManagementUrl(url);
}
@Override
public String getBaseUrl() {
return entity.getBaseUrl();
return applicationEntity.getBaseUrl();
}
@Override
public void setBaseUrl(String url) {
entity.setBaseUrl(url);
applicationEntity.setBaseUrl(url);
}
@Override
@ -129,9 +95,9 @@ public class ApplicationAdapter implements ApplicationModel {
if (role != null) return role;
ApplicationRoleEntity roleEntity = new ApplicationRoleEntity();
roleEntity.setName(name);
roleEntity.setApplication(entity);
roleEntity.setApplication(applicationEntity);
em.persist(roleEntity);
entity.getRoles().add(roleEntity);
applicationEntity.getRoles().add(roleEntity);
em.flush();
return new RoleAdapter(realm, em, roleEntity);
}
@ -145,10 +111,10 @@ public class ApplicationAdapter implements ApplicationModel {
ApplicationRoleEntity role = (ApplicationRoleEntity)roleAdapter.getRole();
entity.getRoles().remove(role);
entity.getDefaultRoles().remove(role);
applicationEntity.getRoles().remove(role);
applicationEntity.getDefaultRoles().remove(role);
em.createQuery("delete from " + UserScopeMappingEntity.class.getSimpleName() + " where role = :role").setParameter("role", role).executeUpdate();
em.createQuery("delete from " + ScopeMappingEntity.class.getSimpleName() + " where role = :role").setParameter("role", role).executeUpdate();
em.createQuery("delete from " + UserRoleMappingEntity.class.getSimpleName() + " where role = :role").setParameter("role", role).executeUpdate();
role.setApplication(null);
em.flush();
@ -160,7 +126,7 @@ public class ApplicationAdapter implements ApplicationModel {
@Override
public Set<RoleModel> getRoles() {
Set<RoleModel> list = new HashSet<RoleModel>();
Collection<ApplicationRoleEntity> roles = entity.getRoles();
Collection<ApplicationRoleEntity> roles = applicationEntity.getRoles();
if (roles == null) return list;
for (RoleEntity entity : roles) {
list.add(new RoleAdapter(realm, em, entity));
@ -221,7 +187,7 @@ public class ApplicationAdapter implements ApplicationModel {
@Override
public List<String> getDefaultRoles() {
Collection<RoleEntity> entities = entity.getDefaultRoles();
Collection<RoleEntity> entities = applicationEntity.getDefaultRoles();
List<String> roles = new ArrayList<String>();
if (entities == null) return roles;
for (RoleEntity entity : entities) {
@ -236,7 +202,7 @@ public class ApplicationAdapter implements ApplicationModel {
if (role == null) {
role = addRole(name);
}
Collection<RoleEntity> entities = entity.getDefaultRoles();
Collection<RoleEntity> entities = applicationEntity.getDefaultRoles();
for (RoleEntity entity : entities) {
if (entity.getId().equals(role.getId())) {
return;
@ -255,7 +221,7 @@ public class ApplicationAdapter implements ApplicationModel {
@Override
public void updateDefaultRoles(String[] defaultRoles) {
Collection<RoleEntity> entities = entity.getDefaultRoles();
Collection<RoleEntity> entities = applicationEntity.getDefaultRoles();
Set<String> already = new HashSet<String>();
List<RoleEntity> remove = new ArrayList<RoleEntity>();
for (RoleEntity rel : entities) {
@ -293,65 +259,4 @@ public class ApplicationAdapter implements ApplicationModel {
public String toString() {
return getName();
}
@Override
public Set<String> getWebOrigins() {
Set<String> result = new HashSet<String>();
result.addAll(entity.getWebOrigins());
return result;
}
@Override
public void setWebOrigins(Set<String> webOrigins) {
entity.setWebOrigins(webOrigins);
}
@Override
public void addWebOrigin(String webOrigin) {
entity.getWebOrigins().add(webOrigin);
}
@Override
public void removeWebOrigin(String webOrigin) {
entity.getWebOrigins().remove(webOrigin);
}
@Override
public Set<String> getRedirectUris() {
Set<String> result = new HashSet<String>();
result.addAll(entity.getRedirectUris());
return result;
}
@Override
public void setRedirectUris(Set<String> redirectUris) {
entity.setRedirectUris(redirectUris);
}
@Override
public void addRedirectUri(String redirectUri) {
entity.getRedirectUris().add(redirectUri);
}
@Override
public void removeRedirectUri(String redirectUri) {
entity.getRedirectUris().remove(redirectUri);
}
@Override
public String getSecret() {
return entity.getSecret();
}
@Override
public void setSecret(String secret) {
entity.setSecret(secret);
}
@Override
public boolean validateSecret(String secret) {
return secret.equals(entity.getSecret());
}
}

96
model/jpa/src/main/java/org/keycloak/models/jpa/ClientAdapter.java Executable file
View file

@ -0,0 +1,96 @@
package org.keycloak.models.jpa;
import org.keycloak.models.ClientModel;
import org.keycloak.models.jpa.entities.ClientEntity;
import org.keycloak.models.jpa.entities.OAuthClientEntity;
import java.util.HashSet;
import java.util.Set;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class ClientAdapter implements ClientModel {
protected ClientEntity entity;
public ClientAdapter(ClientEntity entity) {
this.entity = entity;
}
public ClientEntity getEntity() {
return entity;
}
public String getId() {
return entity.getId();
}
public String getClientId() {
return entity.getName();
}
public boolean isEnabled() {
return entity.isEnabled();
}
public void setEnabled(boolean enabled) {
entity.setEnabled(enabled);
}
public long getAllowedClaimsMask() {
return entity.getAllowedClaimsMask();
}
public void setAllowedClaimsMask(long mask) {
entity.setAllowedClaimsMask(mask);
}
public Set<String> getWebOrigins() {
Set<String> result = new HashSet<String>();
result.addAll(entity.getWebOrigins());
return result;
}
public void setWebOrigins(Set<String> webOrigins) {
entity.setWebOrigins(webOrigins);
}
public void addWebOrigin(String webOrigin) {
entity.getWebOrigins().add(webOrigin);
}
public void removeWebOrigin(String webOrigin) {
entity.getWebOrigins().remove(webOrigin);
}
public Set<String> getRedirectUris() {
Set<String> result = new HashSet<String>();
result.addAll(entity.getRedirectUris());
return result;
}
public void setRedirectUris(Set<String> redirectUris) {
entity.setRedirectUris(redirectUris);
}
public void addRedirectUri(String redirectUri) {
entity.getRedirectUris().add(redirectUri);
}
public void removeRedirectUri(String redirectUri) {
entity.getRedirectUris().remove(redirectUri);
}
public String getSecret() {
return entity.getSecret();
}
public void setSecret(String secret) {
entity.setSecret(secret);
}
public boolean validateSecret(String secret) {
return secret.equals(entity.getSecret());
}
}

109
model/jpa/src/main/java/org/keycloak/models/jpa/OAuthClientAdapter.java
View file

@ -11,114 +11,9 @@ import java.util.Set;
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class OAuthClientAdapter implements OAuthClientModel {
protected OAuthClientEntity entity;
public class OAuthClientAdapter extends ClientAdapter implements OAuthClientModel {
public OAuthClientAdapter(OAuthClientEntity entity) {
this.entity = entity;
super(entity);
}
public OAuthClientEntity getEntity() {
return entity;
}
@Override
public String getId() {
return entity.getId();
}
@Override
public String getClientId() {
return getAgent().getLoginName();
}
@Override
public boolean isEnabled() {
return getAgent().isEnabled();
}
@Override
public void setEnabled(boolean enabled) {
getAgent().setEnabled(enabled);
}
@Override
public UserModel getAgent() {
return new UserAdapter(entity.getAgent());
}
@Override
public long getAllowedClaimsMask() {
return entity.getAllowedClaimsMask();
}
@Override
public void setAllowedClaimsMask(long mask) {
entity.setAllowedClaimsMask(mask);
}
@Override
public Set<String> getWebOrigins() {
Set<String> result = new HashSet<String>();
result.addAll(entity.getWebOrigins());
return result;
}
@Override
public void setWebOrigins(Set<String> webOrigins) {
entity.setWebOrigins(webOrigins);
}
@Override
public void addWebOrigin(String webOrigin) {
entity.getWebOrigins().add(webOrigin);
}
@Override
public void removeWebOrigin(String webOrigin) {
entity.getWebOrigins().remove(webOrigin);
}
@Override
public Set<String> getRedirectUris() {
Set<String> result = new HashSet<String>();
result.addAll(entity.getRedirectUris());
return result;
}
@Override
public void setRedirectUris(Set<String> redirectUris) {
entity.setRedirectUris(redirectUris);
}
@Override
public void addRedirectUri(String redirectUri) {
entity.getRedirectUris().add(redirectUri);
}
@Override
public void removeRedirectUri(String redirectUri) {
entity.getRedirectUris().remove(redirectUri);
}
@Override
public String getSecret() {
return entity.getSecret();
}
@Override
public void setSecret(String secret) {
entity.setSecret(secret);
}
@Override
public boolean validateSecret(String secret) {
return secret.equals(entity.getSecret());
}
}

53
model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
View file

@ -9,10 +9,10 @@ import org.keycloak.models.jpa.entities.RealmEntity;
import org.keycloak.models.jpa.entities.RealmRoleEntity;
import org.keycloak.models.jpa.entities.RequiredCredentialEntity;
import org.keycloak.models.jpa.entities.RoleEntity;
import org.keycloak.models.jpa.entities.ScopeMappingEntity;
import org.keycloak.models.jpa.entities.SocialLinkEntity;
import org.keycloak.models.jpa.entities.UserEntity;
import org.keycloak.models.jpa.entities.UserRoleMappingEntity;
import org.keycloak.models.jpa.entities.UserScopeMappingEntity;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.models.utils.Pbkdf2PasswordEncoder;
import org.keycloak.models.ApplicationModel;
@ -376,7 +376,6 @@ public class RealmAdapter implements RealmModel {
}
private void removeUser(UserEntity user) {
em.createQuery("delete from " + UserScopeMappingEntity.class.getSimpleName() + " where user = :user").setParameter("user", user).executeUpdate();
em.createQuery("delete from " + UserRoleMappingEntity.class.getSimpleName() + " where user = :user").setParameter("user", user).executeUpdate();
em.createQuery("delete from " + SocialLinkEntity.class.getSimpleName() + " where user = :user").setParameter("user", user).executeUpdate();
em.remove(user);
@ -469,12 +468,6 @@ public class RealmAdapter implements RealmModel {
@Override
public ApplicationModel addApplication(String name) {
ApplicationEntity applicationData = new ApplicationEntity();
UserEntity user = new UserEntity();
user.setLoginName(name);
user.setRealm(realm);
user.setEnabled(true);
em.persist(user);
applicationData.setApplicationUser(user);
applicationData.setName(name);
applicationData.setEnabled(true);
applicationData.setRealm(realm);
@ -515,7 +508,8 @@ public class RealmAdapter implements RealmModel {
return false;
}
em.remove(applicationEntity);
removeUser(applicationEntity.getApplicationUser());
em.createQuery("delete from " + ScopeMappingEntity.class.getSimpleName() + " where client = :client").setParameter("client", applicationEntity).executeUpdate();
return true;
}
@ -664,12 +658,7 @@ public class RealmAdapter implements RealmModel {
@Override
public OAuthClientModel addOAuthClient(String name) {
OAuthClientEntity data = new OAuthClientEntity();
UserEntity user = new UserEntity();
user.setLoginName(name);
user.setRealm(realm);
user.setEnabled(true);
em.persist(user);
data.setAgent(user);
data.setEnabled(true);
data.setName(name);
data.setRealm(realm);
em.persist(data);
@ -680,9 +669,7 @@ public class RealmAdapter implements RealmModel {
@Override
public boolean removeOAuthClient(String id) {
OAuthClientEntity client = em.find(OAuthClientEntity.class, id);
em.createQuery("delete from " + UserScopeMappingEntity.class.getSimpleName() + " where user = :user").setParameter("user", client.getAgent()).executeUpdate();
em.createQuery("delete from " + UserRoleMappingEntity.class.getSimpleName() + " where user = :user").setParameter("user", client.getAgent()).executeUpdate();
removeUser(client.getAgent());
em.createQuery("delete from " + ScopeMappingEntity.class.getSimpleName() + " where client = :client").setParameter("client", client).executeUpdate();
em.remove(client);
return true;
}
@ -690,7 +677,7 @@ public class RealmAdapter implements RealmModel {
@Override
public OAuthClientModel getOAuthClient(String name) {
TypedQuery<OAuthClientEntity> query = em.createNamedQuery("findOAuthClientByUser", OAuthClientEntity.class);
TypedQuery<OAuthClientEntity> query = em.createNamedQuery("findOAuthClientByName", OAuthClientEntity.class);
query.setParameter("name", name);
query.setParameter("realm", realm);
List<OAuthClientEntity> entities = query.getResultList();
@ -775,7 +762,7 @@ public class RealmAdapter implements RealmModel {
realm.getDefaultRoles().remove(role);
em.createQuery("delete from " + UserRoleMappingEntity.class.getSimpleName() + " where role = :role").setParameter("role", roleEntity).executeUpdate();
em.createQuery("delete from " + UserScopeMappingEntity.class.getSimpleName() + " where role = :role").setParameter("role", roleEntity).executeUpdate();
em.createQuery("delete from " + ScopeMappingEntity.class.getSimpleName() + " where role = :role").setParameter("role", roleEntity).executeUpdate();
em.remove(roleEntity);
@ -904,11 +891,11 @@ public class RealmAdapter implements RealmModel {
@Override
public Set<RoleModel> getScopeMappings(ClientModel client) {
TypedQuery<UserScopeMappingEntity> query = em.createNamedQuery("userScopeMappings", UserScopeMappingEntity.class);
query.setParameter("user", ((UserAdapter)client.getAgent()).getUser());
List<UserScopeMappingEntity> entities = query.getResultList();
TypedQuery<ScopeMappingEntity> query = em.createNamedQuery("clientScopeMappings", ScopeMappingEntity.class);
query.setParameter("client", ((ClientAdapter)client).getEntity());
List<ScopeMappingEntity> entities = query.getResultList();
Set<RoleModel> roles = new HashSet<RoleModel>();
for (UserScopeMappingEntity entity : entities) {
for (ScopeMappingEntity entity : entities) {
roles.add(new RoleAdapter(this, em, entity.getRole()));
}
return roles;
@ -916,28 +903,26 @@ public class RealmAdapter implements RealmModel {
@Override
public void addScopeMapping(ClientModel client, RoleModel role) {
UserModel agent = client.getAgent();
if (hasScope(client, role)) return;
UserScopeMappingEntity entity = new UserScopeMappingEntity();
entity.setUser(((UserAdapter) agent).getUser());
ScopeMappingEntity entity = new ScopeMappingEntity();
entity.setClient(((ClientAdapter) client).getEntity());
entity.setRole(((RoleAdapter)role).getRole());
em.persist(entity);
}
@Override
public void deleteScopeMapping(ClientModel client, RoleModel role) {
UserModel agent = client.getAgent();
TypedQuery<UserScopeMappingEntity> query = getRealmScopeMappingQuery((UserAdapter) agent, (RoleAdapter) role);
List<UserScopeMappingEntity> results = query.getResultList();
TypedQuery<ScopeMappingEntity> query = getRealmScopeMappingQuery((ClientAdapter) client, (RoleAdapter) role);
List<ScopeMappingEntity> results = query.getResultList();
if (results.size() == 0) return;
for (UserScopeMappingEntity entity : results) {
for (ScopeMappingEntity entity : results) {
em.remove(entity);
}
}
protected TypedQuery<UserScopeMappingEntity> getRealmScopeMappingQuery(UserAdapter user, RoleAdapter role) {
TypedQuery<UserScopeMappingEntity> query = em.createNamedQuery("userHasScope", UserScopeMappingEntity.class);
query.setParameter("user", ((UserAdapter)user).getUser());
protected TypedQuery<ScopeMappingEntity> getRealmScopeMappingQuery(ClientAdapter client, RoleAdapter role) {
TypedQuery<ScopeMappingEntity> query = em.createNamedQuery("hasScope", ScopeMappingEntity.class);
query.setParameter("client", client.getEntity());
query.setParameter("role", ((RoleAdapter)role).getRole());
return query;
}

82
model/jpa/src/main/java/org/keycloak/models/jpa/entities/ApplicationEntity.java
View file

@ -23,30 +23,14 @@ import org.hibernate.annotations.GenericGenerator;
* @version $Revision: 1 $
*/
@Entity
public class ApplicationEntity {
@Id
@GenericGenerator(name="keycloak_generator", strategy="org.keycloak.models.jpa.utils.JpaIdGenerator")
@GeneratedValue(generator = "keycloak_generator")
private String id;
public class ApplicationEntity extends ClientEntity {
private String name;
private boolean enabled;
private boolean surrogateAuthRequired;
private String baseUrl;
private String managementUrl;
private String secret;
private long allowedClaimsMask;
@OneToOne(fetch = FetchType.EAGER)
private UserEntity applicationUser;
@ElementCollection
@CollectionTable
protected Set<String> webOrigins = new HashSet<String>();
@ElementCollection
@CollectionTable
protected Set<String> redirectUris = new HashSet<String>();
@ManyToOne()
private RealmEntity realm;
@OneToMany(fetch = FetchType.EAGER, cascade ={CascadeType.REMOVE}, orphanRemoval = true, mappedBy = "application")
Collection<ApplicationRoleEntity> roles = new ArrayList<ApplicationRoleEntity>();
@ -55,21 +39,6 @@ public class ApplicationEntity {
@JoinTable(name="ApplicationDefaultRoles")
Collection<RoleEntity> defaultRoles = new ArrayList<RoleEntity>();
@ManyToOne()
private RealmEntity realm;
public String getId() {
return id;
}
public boolean isEnabled() {
return enabled;
}
public void setEnabled(boolean enabled) {
this.enabled = enabled;
}
public boolean isSurrogateAuthRequired() {
return surrogateAuthRequired;
}
@ -94,14 +63,6 @@ public class ApplicationEntity {
this.managementUrl = managementUrl;
}
public UserEntity getApplicationUser() {
return applicationUser;
}
public void setApplicationUser(UserEntity applicationUser) {
this.applicationUser = applicationUser;
}
public Collection<ApplicationRoleEntity> getRoles() {
return roles;
}
@ -110,14 +71,6 @@ public class ApplicationEntity {
this.roles = roles;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public Collection<RoleEntity> getDefaultRoles() {
return defaultRoles;
}
@ -134,35 +87,6 @@ public class ApplicationEntity {
this.realm = realm;
}
public long getAllowedClaimsMask() {
return allowedClaimsMask;
}
public void setAllowedClaimsMask(long allowedClaimsMask) {
this.allowedClaimsMask = allowedClaimsMask;
}
public Set<String> getWebOrigins() {
return webOrigins;
}
public void setWebOrigins(Set<String> webOrigins) {
this.webOrigins = webOrigins;
}
public Set<String> getRedirectUris() {
return redirectUris;
}
public void setRedirectUris(Set<String> redirectUris) {
this.redirectUris = redirectUris;
}
public String getSecret() {
return secret;
}
public void setSecret(String secret) {
this.secret = secret;
}
}

95
model/jpa/src/main/java/org/keycloak/models/jpa/entities/ClientEntity.java Executable file
View file

@ -0,0 +1,95 @@
package org.keycloak.models.jpa.entities;
import org.hibernate.annotations.GenericGenerator;
import javax.persistence.CascadeType;
import javax.persistence.CollectionTable;
import javax.persistence.ElementCollection;
import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.GeneratedValue;
import javax.persistence.Id;
import javax.persistence.Inheritance;
import javax.persistence.InheritanceType;
import javax.persistence.ManyToOne;
import javax.persistence.OneToMany;
import java.util.HashSet;
import java.util.Set;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
@Entity
@Inheritance(strategy = InheritanceType.JOINED)
public class ClientEntity {
@Id
@GenericGenerator(name="keycloak_generator", strategy="org.keycloak.models.jpa.utils.JpaIdGenerator")
@GeneratedValue(generator = "keycloak_generator")
private String id;
private String name;
private boolean enabled;
private String secret;
private long allowedClaimsMask;
@ElementCollection
@CollectionTable
protected Set<String> webOrigins = new HashSet<String>();
@ElementCollection
@CollectionTable
protected Set<String> redirectUris = new HashSet<String>();
public String getId() {
return id;
}
public boolean isEnabled() {
return enabled;
}
public void setEnabled(boolean enabled) {
this.enabled = enabled;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public long getAllowedClaimsMask() {
return allowedClaimsMask;
}
public void setAllowedClaimsMask(long allowedClaimsMask) {
this.allowedClaimsMask = allowedClaimsMask;
}
public Set<String> getWebOrigins() {
return webOrigins;
}
public void setWebOrigins(Set<String> webOrigins) {
this.webOrigins = webOrigins;
}
public Set<String> getRedirectUris() {
return redirectUris;
}
public void setRedirectUris(Set<String> redirectUris) {
this.redirectUris = redirectUris;
}
public String getSecret() {
return secret;
}
public void setSecret(String secret) {
this.secret = secret;
}
}

78
model/jpa/src/main/java/org/keycloak/models/jpa/entities/OAuthClientEntity.java
View file

@ -21,55 +21,15 @@ import java.util.Set;
* @version $Revision: 1 $
*/
@NamedQueries({
@NamedQuery(name="findOAuthClientByUser", query="select o from OAuthClientEntity o where o.agent.loginName=:name and o.realm = :realm"),
@NamedQuery(name="findOAuthClientByName", query="select o from OAuthClientEntity o where o.name=:name and o.realm = :realm"),
@NamedQuery(name="findOAuthClientByRealm", query="select o from OAuthClientEntity o where o.realm = :realm")
})
@Entity
public class OAuthClientEntity {
@Id
@GenericGenerator(name="keycloak_generator", strategy="org.keycloak.models.jpa.utils.JpaIdGenerator")
@GeneratedValue(generator = "keycloak_generator")
private String id;
public class OAuthClientEntity extends ClientEntity {
private String name;
private String secret;
private long allowedClaimsMask;
@ElementCollection
@CollectionTable
protected Set<String> webOrigins = new HashSet<String>();
@ElementCollection
@CollectionTable
protected Set<String> redirectUris = new HashSet<String>();
@OneToOne(fetch = FetchType.EAGER)
private UserEntity agent;
@ManyToOne
protected RealmEntity realm;
public String getId() {
return id;
}
public UserEntity getAgent() {
return agent;
}
public void setAgent(UserEntity agent) {
this.agent = agent;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
@ManyToOne()
private RealmEntity realm;
public RealmEntity getRealm() {
return realm;
@ -79,35 +39,5 @@ public class OAuthClientEntity {
this.realm = realm;
}
public long getAllowedClaimsMask() {
return allowedClaimsMask;
}
public void setAllowedClaimsMask(long allowedClaimsMask) {
this.allowedClaimsMask = allowedClaimsMask;
}
public Set<String> getWebOrigins() {
return webOrigins;
}
public void setWebOrigins(Set<String> webOrigins) {
this.webOrigins = webOrigins;
}
public Set<String> getRedirectUris() {
return redirectUris;
}
public void setRedirectUris(Set<String> redirectUris) {
this.redirectUris = redirectUris;
}
public String getSecret() {
return secret;
}
public void setSecret(String secret) {
this.secret = secret;
}
}

55
model/jpa/src/main/java/org/keycloak/models/jpa/entities/ScopeMappingEntity.java Executable file
View file

@ -0,0 +1,55 @@
package org.keycloak.models.jpa.entities;
import org.hibernate.annotations.GenericGenerator;
import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
import javax.persistence.Id;
import javax.persistence.ManyToOne;
import javax.persistence.NamedQueries;
import javax.persistence.NamedQuery;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
@NamedQueries({
@NamedQuery(name="hasScope", query="select m from ScopeMappingEntity m where m.client = :client and m.role = :role"),
@NamedQuery(name="clientScopeMappings", query="select m from ScopeMappingEntity m where m.client = :client")
})
@Entity
public class ScopeMappingEntity {
@Id
@GenericGenerator(name="keycloak_generator", strategy="org.keycloak.models.jpa.utils.JpaIdGenerator")
@GeneratedValue(generator = "keycloak_generator")
protected String id;
@ManyToOne
protected ClientEntity client;
@ManyToOne
protected RoleEntity role;
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public ClientEntity getClient() {
return client;
}
public void setClient(ClientEntity client) {
this.client = client;
}
public RoleEntity getRole() {
return role;
}
public void setRole(RoleEntity role) {
this.role = role;
}
}

18
model/jpa/src/main/java/org/keycloak/models/jpa/entities/UserScopeMappingEntity.java
View file

@ -1,18 +0,0 @@
package org.keycloak.models.jpa.entities;
import javax.persistence.Entity;
import javax.persistence.NamedQueries;
import javax.persistence.NamedQuery;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
@NamedQueries({
@NamedQuery(name="userHasScope", query="select m from UserScopeMappingEntity m where m.user = :user and m.role = :role"),
@NamedQuery(name="userScopeMappings", query="select m from UserScopeMappingEntity m where m.user = :user")
})
@Entity
public class UserScopeMappingEntity extends AbstractRoleMappingEntity {
}

2
model/jpa/src/test/resources/META-INF/persistence.xml
View file

@ -15,7 +15,7 @@
<class>org.keycloak.models.jpa.entities.SocialLinkEntity</class>
<class>org.keycloak.models.jpa.entities.UserEntity</class>
<class>org.keycloak.models.jpa.entities.UserRoleMappingEntity</class>
<class>org.keycloak.models.jpa.entities.UserScopeMappingEntity</class>
<class>org.keycloak.models.jpa.entities.ScopeMappingEntity</class>
<exclude-unlisted-classes>true</exclude-unlisted-classes>

25
model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/ApplicationAdapter.java
View file

@ -24,16 +24,10 @@ import java.util.Set;
public class ApplicationAdapter extends AbstractAdapter implements ApplicationModel {
private final ApplicationEntity application;
private UserAdapter resourceUser;
public ApplicationAdapter(ApplicationEntity applicationEntity, MongoStoreInvocationContext invContext) {
this(applicationEntity, null, invContext);
}
public ApplicationAdapter(ApplicationEntity applicationEntity, UserAdapter resourceUser, MongoStoreInvocationContext invContext) {
super(invContext);
this.application = applicationEntity;
this.resourceUser = resourceUser;
}
@Override
@ -41,20 +35,6 @@ public class ApplicationAdapter extends AbstractAdapter implements ApplicationMo
getMongoStore().updateEntity(application, invocationContext);
}
@Override
public UserAdapter getAgent() {
// This is not thread-safe. Assumption is that ApplicationAdapter instance is per-client object
if (resourceUser == null) {
UserEntity userEntity = getMongoStore().loadEntity(UserEntity.class, application.getResourceUserId(), invocationContext);
if (userEntity == null) {
throw new IllegalStateException("User " + application.getResourceUserId() + " not found");
}
resourceUser = new UserAdapter(userEntity, invocationContext);
}
return resourceUser;
}
@Override
public String getId() {
return application.getId();
@ -202,14 +182,13 @@ public class ApplicationAdapter extends AbstractAdapter implements ApplicationMo
@Override
public void addScope(RoleModel role) {
UserAdapter appUser = getAgent();
getMongoStore().pushItemToList(appUser.getUser(), "scopeIds", role.getId(), true, invocationContext);
getMongoStore().pushItemToList(application, "scopeIds", role.getId(), true, invocationContext);
}
@Override
public Set<RoleModel> getApplicationScopeMappings(ClientModel client) {
Set<RoleModel> result = new HashSet<RoleModel>();
List<RoleEntity> roles = MongoModelUtils.getAllScopesOfUser(client.getAgent(), invocationContext);
List<RoleEntity> roles = MongoModelUtils.getAllScopesOfClient(client, invocationContext);
for (RoleEntity role : roles) {
if (getId().equals(role.getApplicationId())) {

26
model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/OAuthClientAdapter.java
View file

@ -18,16 +18,10 @@ import java.util.Set;
public class OAuthClientAdapter extends AbstractAdapter implements OAuthClientModel {
private final OAuthClientEntity delegate;
private UserAdapter oauthAgent;
public OAuthClientAdapter(OAuthClientEntity oauthClientEntity, UserAdapter oauthAgent, MongoStoreInvocationContext invContext) {
super(invContext);
this.delegate = oauthClientEntity;
this.oauthAgent = oauthAgent;
}
public OAuthClientAdapter(OAuthClientEntity oauthClientEntity, MongoStoreInvocationContext invContext) {
this(oauthClientEntity, null, invContext);
super(invContext);
this.delegate = oauthClientEntity;
}
@Override
@ -37,7 +31,7 @@ public class OAuthClientAdapter extends AbstractAdapter implements OAuthClientMo
@Override
public String getClientId() {
return getAgent().getLoginName();
return delegate.getName();
}
@Override
@ -52,22 +46,12 @@ public class OAuthClientAdapter extends AbstractAdapter implements OAuthClientMo
@Override
public boolean isEnabled() {
return getAgent().isEnabled();
return delegate.isEnabled();
}
@Override
public void setEnabled(boolean enabled) {
getAgent().setEnabled(enabled);
}
@Override
public UserModel getAgent() {
// This is not thread-safe. Assumption is that OAuthClientAdapter instance is per-client object
if (oauthAgent == null) {
UserEntity user = getMongoStore().loadEntity(UserEntity.class, delegate.getOauthAgentId(), invocationContext);
oauthAgent = user!=null ? new UserAdapter(user, invocationContext) : null;
}
return oauthAgent;
delegate.setEnabled(enabled);
}
@Override

24
model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
View file

@ -541,16 +541,13 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
@Override
public ApplicationModel addApplication(String name) {
UserAdapter resourceUser = addUserEntity(name);
ApplicationEntity appData = new ApplicationEntity();
appData.setName(name);
appData.setRealmId(getId());
appData.setEnabled(true);
appData.setResourceUserId(resourceUser.getUser().getId());
getMongoStore().insertEntity(appData, invocationContext);
return new ApplicationAdapter(appData, resourceUser, invocationContext);
return new ApplicationAdapter(appData, invocationContext);
}
@Override
@ -618,7 +615,7 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
@Override
public Set<RoleModel> getScopeMappings(ClientModel client) {
Set<RoleModel> result = new HashSet<RoleModel>();
List<RoleEntity> roles = MongoModelUtils.getAllScopesOfUser(client.getAgent(), invocationContext);
List<RoleEntity> roles = MongoModelUtils.getAllScopesOfClient(client, invocationContext);
for (RoleEntity role : roles) {
if (getId().equals(role.getRealmId())) {
@ -661,27 +658,22 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
@Override
public void addScopeMapping(ClientModel client, RoleModel role) {
UserEntity userEntity = ((UserAdapter)client.getAgent()).getUser();
getMongoStore().pushItemToList(userEntity, "scopeIds", role.getId(), true, invocationContext);
getMongoStore().pushItemToList(((AbstractAdapter)client).getMongoEntity(), "scopeIds", role.getId(), true, invocationContext);
}
@Override
public void deleteScopeMapping(ClientModel client, RoleModel role) {
UserEntity userEntity = ((UserAdapter)client.getAgent()).getUser();
getMongoStore().pullItemFromList(userEntity, "scopeIds", role.getId(), invocationContext);
getMongoStore().pullItemFromList(((AbstractAdapter)client).getMongoEntity(), "scopeIds", role.getId(), invocationContext);
}
@Override
public OAuthClientModel addOAuthClient(String name) {
UserAdapter oauthAgent = addUserEntity(name);
OAuthClientEntity oauthClient = new OAuthClientEntity();
oauthClient.setOauthAgentId(oauthAgent.getUser().getId());
oauthClient.setRealmId(getId());
oauthClient.setName(name);
getMongoStore().insertEntity(oauthClient, invocationContext);
return new OAuthClientAdapter(oauthClient, oauthAgent, invocationContext);
return new OAuthClientAdapter(oauthClient, invocationContext);
}
@Override
@ -691,14 +683,12 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
@Override
public OAuthClientModel getOAuthClient(String name) {
UserAdapter user = getUser(name);
if (user == null) return null;
DBObject query = new QueryBuilder()
.and("realmId").is(getId())
.and("oauthAgentId").is(user.getUser().getId())
.and("name").is(name)
.get();
OAuthClientEntity oauthClient = getMongoStore().loadSingleEntity(OAuthClientEntity.class, query, invocationContext);
return oauthClient == null ? null : new OAuthClientAdapter(oauthClient, user, invocationContext);
return oauthClient == null ? null : new OAuthClientAdapter(oauthClient, invocationContext);
}
@Override

17
model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/entities/ApplicationEntity.java
View file

@ -15,7 +15,7 @@ import org.keycloak.models.mongo.api.context.MongoStoreInvocationContext;
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
*/
@MongoCollection(collectionName = "applications")
public class ApplicationEntity extends AbstractMongoIdentifiableEntity implements MongoEntity {
public class ApplicationEntity extends AbstractMongoIdentifiableEntity implements MongoEntity, ScopedEntity {
private String name;
private boolean enabled;
@ -24,9 +24,9 @@ public class ApplicationEntity extends AbstractMongoIdentifiableEntity implement
private String baseUrl;
private String secret;
private String resourceUserId;
private String realmId;
private long allowedClaimsMask;
private List<String> scopeIds;
private List<String> webOrigins;
private List<String> redirectUris;
@ -79,13 +79,15 @@ public class ApplicationEntity extends AbstractMongoIdentifiableEntity implement
this.baseUrl = baseUrl;
}
@Override
@MongoField
public String getResourceUserId() {
return resourceUserId;
public List<String> getScopeIds() {
return scopeIds;
}
public void setResourceUserId(String resourceUserId) {
this.resourceUserId = resourceUserId;
@Override
public void setScopeIds(List<String> scopeIds) {
this.scopeIds = scopeIds;
}
@MongoField
@ -146,9 +148,6 @@ public class ApplicationEntity extends AbstractMongoIdentifiableEntity implement
@Override
public void afterRemove(MongoStoreInvocationContext context) {
// Remove resourceUser of this application
context.getMongoStore().removeEntity(UserEntity.class, resourceUserId, context);
// Remove all roles, which belongs to this application
DBObject query = new QueryBuilder()
.and("applicationId").is(getId())

26
model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/entities/OAuthClientEntity.java
View file

@ -12,14 +12,14 @@ import java.util.List;
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
*/
@MongoCollection(collectionName = "oauthClients")
public class OAuthClientEntity extends AbstractMongoIdentifiableEntity implements MongoEntity {
public class OAuthClientEntity extends AbstractMongoIdentifiableEntity implements MongoEntity, ScopedEntity {
private String name;
private String oauthAgentId;
private boolean enabled;
private String realmId;
private String secret;
private long allowedClaimsMask;
private List<String> scopeIds;
private List<String> webOrigins;
private List<String> redirectUris;
@ -33,12 +33,12 @@ public class OAuthClientEntity extends AbstractMongoIdentifiableEntity implement
}
@MongoField
public String getOauthAgentId() {
return oauthAgentId;
public boolean isEnabled() {
return enabled;
}
public void setOauthAgentId(String oauthUserId) {
this.oauthAgentId = oauthUserId;
public void setEnabled(boolean enabled) {
this.enabled = enabled;
}
@MongoField
@ -87,11 +87,19 @@ public class OAuthClientEntity extends AbstractMongoIdentifiableEntity implement
this.redirectUris = redirectUris;
}
@MongoField
public List<String> getScopeIds() {
return scopeIds;
}
public void setScopeIds(List<String> scopeIds) {
this.scopeIds = scopeIds;
}
@Override
public void afterRemove(MongoStoreInvocationContext context) {
// Remove user of this oauthClient
context.getMongoStore().removeEntity(UserEntity.class, oauthAgentId, context);
}
}

16
model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/entities/ScopedEntity.java Executable file
View file

@ -0,0 +1,16 @@
package org.keycloak.models.mongo.keycloak.entities;
import org.keycloak.models.mongo.api.MongoField;
import java.util.List;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public interface ScopedEntity {
@MongoField
List<String> getScopeIds();
void setScopeIds(List<String> scopeIds);
}

9
model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/entities/UserEntity.java
View file

@ -27,7 +27,6 @@ public class UserEntity extends AbstractMongoIdentifiableEntity implements Mongo
private String realmId;
private List<String> roleIds;
private List<String> scopeIds;
private Map<String, String> attributes;
private List<UserModel.RequiredAction> requiredActions;
@ -115,14 +114,6 @@ public class UserEntity extends AbstractMongoIdentifiableEntity implements Mongo
this.roleIds = roleIds;
}
@MongoField
public List<String> getScopeIds() {
return scopeIds;
}
public void setScopeIds(List<String> scopeIds) {
this.scopeIds = scopeIds;
}
@MongoField
public Map<String, String> getAttributes() {

9
model/mongo/src/main/java/org/keycloak/models/mongo/utils/MongoModelUtils.java Normal file → Executable file
View file

@ -8,10 +8,13 @@ import java.util.List;
import com.mongodb.DBObject;
import com.mongodb.QueryBuilder;
import org.bson.types.ObjectId;
import org.keycloak.models.ClientModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.mongo.api.context.MongoStoreInvocationContext;
import org.keycloak.models.mongo.keycloak.adapters.AbstractAdapter;
import org.keycloak.models.mongo.keycloak.adapters.UserAdapter;
import org.keycloak.models.mongo.keycloak.entities.RoleEntity;
import org.keycloak.models.mongo.keycloak.entities.ScopedEntity;
import org.keycloak.models.mongo.keycloak.entities.UserEntity;
/**
@ -35,9 +38,9 @@ public class MongoModelUtils {
}
// Get everything including both application and realm scopes
public static List<RoleEntity> getAllScopesOfUser(UserModel user, MongoStoreInvocationContext invContext) {
UserEntity userEntity = ((UserAdapter)user).getUser();
List<String> scopeIds = userEntity.getScopeIds();
public static List<RoleEntity> getAllScopesOfClient(ClientModel client, MongoStoreInvocationContext invContext) {
ScopedEntity scopedEntity = (ScopedEntity)((AbstractAdapter)client).getMongoEntity();
List<String> scopeIds = scopedEntity.getScopeIds();
if (scopeIds == null || scopeIds.isEmpty()) {
return Collections.EMPTY_LIST;

2
model/tests/src/test/java/org/keycloak/model/test/AdapterTest.java
View file

@ -404,7 +404,7 @@ public class AdapterTest extends AbstractModelTest {
RealmModel otherRealm = adapter.createRealm("other");
otherRealm.addUser("bburke");
Assert.assertEquals(2, otherRealm.getUsers().size());
Assert.assertEquals(1, otherRealm.getUsers().size());
Assert.assertEquals(1, otherRealm.searchForUser("bu").size());
}

2
server/src/main/resources/META-INF/persistence.xml
View file

@ -14,7 +14,7 @@
<class>org.keycloak.models.jpa.entities.SocialLinkEntity</class>
<class>org.keycloak.models.jpa.entities.UserEntity</class>
<class>org.keycloak.models.jpa.entities.UserRoleMappingEntity</class>
<class>org.keycloak.models.jpa.entities.UserScopeMappingEntity</class>
<class>org.keycloak.models.jpa.entities.ScopeMappingEntity</class>
<exclude-unlisted-classes>true</exclude-unlisted-classes>

2
testsuite/integration/src/main/resources/META-INF/persistence.xml
View file

@ -15,7 +15,7 @@
<class>org.keycloak.models.jpa.entities.SocialLinkEntity</class>
<class>org.keycloak.models.jpa.entities.UserEntity</class>
<class>org.keycloak.models.jpa.entities.UserRoleMappingEntity</class>
<class>org.keycloak.models.jpa.entities.UserScopeMappingEntity</class>
<class>org.keycloak.models.jpa.entities.ScopeMappingEntity</class>
<exclude-unlisted-classes>true</exclude-unlisted-classes>