/*
* Copyright 2016 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.models;
import org.keycloak.common.enums.SslRequired;
import org.keycloak.provider.ProviderEvent;
import java.security.Key;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.List;
import java.util.Map;
import java.util.Set;
/**
* @author Bill Burke
* @version $Revision: 1 $
*/
public interface RealmModel extends RoleContainerModel {
interface RealmCreationEvent extends ProviderEvent {
RealmModel getCreatedRealm();
}
interface RealmRemovedEvent extends ProviderEvent {
RealmModel getRealm();
KeycloakSession getKeycloakSession();
}
interface ClientCreationEvent extends ProviderEvent {
ClientModel getCreatedClient();
}
interface ClientRemovedEvent extends ProviderEvent {
ClientModel getClient();
KeycloakSession getKeycloakSession();
}
interface UserFederationProviderCreationEvent extends ProviderEvent {
UserFederationProviderModel getCreatedFederationProvider();
RealmModel getRealm();
}
String getId();
String getName();
void setName(String name);
String getDisplayName();
void setDisplayName(String displayName);
String getDisplayNameHtml();
void setDisplayNameHtml(String displayNameHtml);
boolean isEnabled();
void setEnabled(boolean enabled);
SslRequired getSslRequired();
void setSslRequired(SslRequired sslRequired);
boolean isRegistrationAllowed();
void setRegistrationAllowed(boolean registrationAllowed);
boolean isRegistrationEmailAsUsername();
void setRegistrationEmailAsUsername(boolean registrationEmailAsUsername);
boolean isRememberMe();
void setRememberMe(boolean rememberMe);
boolean isEditUsernameAllowed();
void setEditUsernameAllowed(boolean editUsernameAllowed);
//--- brute force settings
boolean isBruteForceProtected();
void setBruteForceProtected(boolean value);
int getMaxFailureWaitSeconds();
void setMaxFailureWaitSeconds(int val);
int getWaitIncrementSeconds();
void setWaitIncrementSeconds(int val);
int getMinimumQuickLoginWaitSeconds();
void setMinimumQuickLoginWaitSeconds(int val);
long getQuickLoginCheckMilliSeconds();
void setQuickLoginCheckMilliSeconds(long val);
int getMaxDeltaTimeSeconds();
void setMaxDeltaTimeSeconds(int val);
int getFailureFactor();
void setFailureFactor(int failureFactor);
//--- end brute force settings
boolean isVerifyEmail();
void setVerifyEmail(boolean verifyEmail);
boolean isResetPasswordAllowed();
void setResetPasswordAllowed(boolean resetPasswordAllowed);
boolean isRevokeRefreshToken();
void setRevokeRefreshToken(boolean revokeRefreshToken);
int getSsoSessionIdleTimeout();
void setSsoSessionIdleTimeout(int seconds);
int getSsoSessionMaxLifespan();
void setSsoSessionMaxLifespan(int seconds);
int getOfflineSessionIdleTimeout();
void setOfflineSessionIdleTimeout(int seconds);
int getAccessTokenLifespan();
void setAccessTokenLifespan(int seconds);
int getAccessTokenLifespanForImplicitFlow();
void setAccessTokenLifespanForImplicitFlow(int seconds);
int getAccessCodeLifespan();
void setAccessCodeLifespan(int seconds);
int getAccessCodeLifespanUserAction();
void setAccessCodeLifespanUserAction(int seconds);
int getAccessCodeLifespanLogin();
void setAccessCodeLifespanLogin(int seconds);
String getPublicKeyPem();
void setPublicKeyPem(String publicKeyPem);
String getPrivateKeyPem();
void setPrivateKeyPem(String privateKeyPem);
PublicKey getPublicKey();
void setPublicKey(PublicKey publicKey);
String getCodeSecret();
Key getCodeSecretKey();
void setCodeSecret(String codeSecret);
X509Certificate getCertificate();
void setCertificate(X509Certificate certificate);
String getCertificatePem();
void setCertificatePem(String certificate);
PrivateKey getPrivateKey();
void setPrivateKey(PrivateKey privateKey);
List getRequiredCredentials();
void addRequiredCredential(String cred);
PasswordPolicy getPasswordPolicy();
void setPasswordPolicy(PasswordPolicy policy);
OTPPolicy getOTPPolicy();
void setOTPPolicy(OTPPolicy policy);
RoleModel getRoleById(String id);
List getDefaultGroups();
void addDefaultGroup(GroupModel group);
void removeDefaultGroup(GroupModel group);
List getClients();
ClientModel addClient(String name);
ClientModel addClient(String id, String clientId);
boolean removeClient(String id);
ClientModel getClientById(String id);
ClientModel getClientByClientId(String clientId);
void updateRequiredCredentials(Set creds);
Map getBrowserSecurityHeaders();
void setBrowserSecurityHeaders(Map headers);
Map getSmtpConfig();
void setSmtpConfig(Map smtpConfig);
AuthenticationFlowModel getBrowserFlow();
void setBrowserFlow(AuthenticationFlowModel flow);
AuthenticationFlowModel getRegistrationFlow();
void setRegistrationFlow(AuthenticationFlowModel flow);
AuthenticationFlowModel getDirectGrantFlow();
void setDirectGrantFlow(AuthenticationFlowModel flow);
AuthenticationFlowModel getResetCredentialsFlow();
void setResetCredentialsFlow(AuthenticationFlowModel flow);
AuthenticationFlowModel getClientAuthenticationFlow();
void setClientAuthenticationFlow(AuthenticationFlowModel flow);
List getAuthenticationFlows();
AuthenticationFlowModel getFlowByAlias(String alias);
AuthenticationFlowModel addAuthenticationFlow(AuthenticationFlowModel model);
AuthenticationFlowModel getAuthenticationFlowById(String id);
void removeAuthenticationFlow(AuthenticationFlowModel model);
void updateAuthenticationFlow(AuthenticationFlowModel model);
List getAuthenticationExecutions(String flowId);
AuthenticationExecutionModel getAuthenticationExecutionById(String id);
AuthenticationExecutionModel addAuthenticatorExecution(AuthenticationExecutionModel model);
void updateAuthenticatorExecution(AuthenticationExecutionModel model);
void removeAuthenticatorExecution(AuthenticationExecutionModel model);
List getAuthenticatorConfigs();
AuthenticatorConfigModel addAuthenticatorConfig(AuthenticatorConfigModel model);
void updateAuthenticatorConfig(AuthenticatorConfigModel model);
void removeAuthenticatorConfig(AuthenticatorConfigModel model);
AuthenticatorConfigModel getAuthenticatorConfigById(String id);
AuthenticatorConfigModel getAuthenticatorConfigByAlias(String alias);
List getRequiredActionProviders();
RequiredActionProviderModel addRequiredActionProvider(RequiredActionProviderModel model);
void updateRequiredActionProvider(RequiredActionProviderModel model);
void removeRequiredActionProvider(RequiredActionProviderModel model);
RequiredActionProviderModel getRequiredActionProviderById(String id);
RequiredActionProviderModel getRequiredActionProviderByAlias(String alias);
List getIdentityProviders();
IdentityProviderModel getIdentityProviderByAlias(String alias);
void addIdentityProvider(IdentityProviderModel identityProvider);
void removeIdentityProviderByAlias(String alias);
void updateIdentityProvider(IdentityProviderModel identityProvider);
Set getIdentityProviderMappers();
Set getIdentityProviderMappersByAlias(String brokerAlias);
IdentityProviderMapperModel addIdentityProviderMapper(IdentityProviderMapperModel model);
void removeIdentityProviderMapper(IdentityProviderMapperModel mapping);
void updateIdentityProviderMapper(IdentityProviderMapperModel mapping);
public IdentityProviderMapperModel getIdentityProviderMapperById(String id);
public IdentityProviderMapperModel getIdentityProviderMapperByName(String brokerAlias, String name);
// Should return list sorted by UserFederationProviderModel.priority
List getUserFederationProviders();
UserFederationProviderModel addUserFederationProvider(String providerName, Map config, int priority, String displayName, int fullSyncPeriod, int changedSyncPeriod, int lastSync);
void updateUserFederationProvider(UserFederationProviderModel provider);
void removeUserFederationProvider(UserFederationProviderModel provider);
void setUserFederationProviders(List providers);
Set getUserFederationMappers();
Set getUserFederationMappersByFederationProvider(String federationProviderId);
UserFederationMapperModel addUserFederationMapper(UserFederationMapperModel mapper);
void removeUserFederationMapper(UserFederationMapperModel mapper);
void updateUserFederationMapper(UserFederationMapperModel mapper);
UserFederationMapperModel getUserFederationMapperById(String id);
UserFederationMapperModel getUserFederationMapperByName(String federationProviderId, String name);
String getLoginTheme();
void setLoginTheme(String name);
String getAccountTheme();
void setAccountTheme(String name);
String getAdminTheme();
void setAdminTheme(String name);
String getEmailTheme();
void setEmailTheme(String name);
/**
* Time in seconds since epoc
*
* @return
*/
int getNotBefore();
void setNotBefore(int notBefore);
boolean removeRoleById(String id);
boolean isEventsEnabled();
void setEventsEnabled(boolean enabled);
// boolean isPersistUserSessions();
//
// void setPersistUserSessions();
long getEventsExpiration();
void setEventsExpiration(long expiration);
Set getEventsListeners();
void setEventsListeners(Set listeners);
Set getEnabledEventTypes();
void setEnabledEventTypes(Set enabledEventTypes);
boolean isAdminEventsEnabled();
void setAdminEventsEnabled(boolean enabled);
boolean isAdminEventsDetailsEnabled();
void setAdminEventsDetailsEnabled(boolean enabled);
ClientModel getMasterAdminClient();
void setMasterAdminClient(ClientModel client);
boolean isIdentityFederationEnabled();
boolean isInternationalizationEnabled();
void setInternationalizationEnabled(boolean enabled);
Set getSupportedLocales();
void setSupportedLocales(Set locales);
String getDefaultLocale();
void setDefaultLocale(String locale);
GroupModel createGroup(String name);
GroupModel createGroup(String id, String name);
/**
* Move Group to top realm level. Basically just sets group parent to null. You need to call this though
* to make sure caches are set properly
*
* @param subGroup
*/
void addTopLevelGroup(GroupModel subGroup);
GroupModel getGroupById(String id);
List getGroups();
List getTopLevelGroups();
boolean removeGroup(GroupModel group);
void moveGroup(GroupModel group, GroupModel toParent);
List getClientTemplates();
ClientTemplateModel addClientTemplate(String name);
ClientTemplateModel addClientTemplate(String id, String name);
boolean removeClientTemplate(String id);
ClientTemplateModel getClientTemplateById(String id);
}