Java Code Examples for org.keycloak.component.ComponentModel#get()

The following examples show how to use org.keycloak.component.ComponentModel#get() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: AbstractGeneratedSecretKeyProviderFactory.java    From keycloak with Apache License 2.0 6 votes vote down vote up
@Override
public void validateConfiguration(KeycloakSession session, RealmModel realm, ComponentModel model) throws ComponentValidationException {
    ConfigurationValidationHelper validation = SecretKeyProviderUtils.validateConfiguration(model);
    validation.checkList(Attributes.SECRET_SIZE_PROPERTY, false);

    int size = model.get(Attributes.SECRET_SIZE_KEY, getDefaultKeySize());

    if (!(model.contains(Attributes.SECRET_KEY))) {
        generateSecret(model, size);
        logger().debugv("Generated secret for {0}", realm.getName());
    } else {
        int currentSize = Base64Url.decode(model.get(Attributes.SECRET_KEY)).length;
        if (currentSize != size) {
            generateSecret(model, size);
            logger().debugv("Secret size changed, generating new secret for {0}", realm.getName());
        }
    }
}
 
Example 2
Source File: GeneratedRsaKeyProviderFactory.java    From keycloak with Apache License 2.0 6 votes vote down vote up
@Override
public void validateConfiguration(KeycloakSession session, RealmModel realm, ComponentModel model) throws ComponentValidationException {
    super.validateConfiguration(session, realm, model);

    ConfigurationValidationHelper.check(model).checkList(Attributes.KEY_SIZE_PROPERTY, false);

    int size = model.get(Attributes.KEY_SIZE_KEY, 2048);

    if (!(model.contains(Attributes.PRIVATE_KEY_KEY) && model.contains(Attributes.CERTIFICATE_KEY))) {
        generateKeys(realm, model, size);

        logger.debugv("Generated keys for {0}", realm.getName());
    } else {
        PrivateKey privateKey = PemUtils.decodePrivateKey(model.get(Attributes.PRIVATE_KEY_KEY));
        int currentSize = ((RSAPrivateKey) privateKey).getModulus().bitLength();
        if (currentSize != size) {
            generateKeys(realm, model, size);

            logger.debugv("Key size changed, generating new keys for {0}", realm.getName());
        }
    }
}
 
Example 3
Source File: GeneratedEcdsaKeyProviderFactory.java    From keycloak with Apache License 2.0 6 votes vote down vote up
@Override
public void validateConfiguration(KeycloakSession session, RealmModel realm, ComponentModel model) throws ComponentValidationException {
    super.validateConfiguration(session, realm, model);

    ConfigurationValidationHelper.check(model).checkList(ECDSA_ELLIPTIC_CURVE_PROPERTY, false);

    String ecInNistRep = model.get(ECDSA_ELLIPTIC_CURVE_KEY);
    if (ecInNistRep == null) ecInNistRep = DEFAULT_ECDSA_ELLIPTIC_CURVE;

    if (!(model.contains(ECDSA_PRIVATE_KEY_KEY) && model.contains(ECDSA_PUBLIC_KEY_KEY))) {
        generateKeys(model, ecInNistRep);
        logger.debugv("Generated keys for {0}", realm.getName());
    } else {
        String currentEc = model.get(ECDSA_ELLIPTIC_CURVE_KEY);
        if (!ecInNistRep.equals(currentEc)) {
            generateKeys(model, ecInNistRep);
            logger.debugv("Elliptic Curve changed, generating new keys for {0}", realm.getName());
        }
    }
}
 
Example 4
Source File: AbstractGeneratedSecretKeyProvider.java    From keycloak with Apache License 2.0 5 votes vote down vote up
public AbstractGeneratedSecretKeyProvider(ComponentModel model, KeyUse use, String type, String algorithm) {
    this.status = KeyStatus.from(model.get(Attributes.ACTIVE_KEY, true), model.get(Attributes.ENABLED_KEY, true));
    this.kid = model.get(Attributes.KID_KEY);
    this.model = model;
    this.use = use;
    this.type = type;
    this.algorithm = algorithm;

    if (model.hasNote(SecretKey.class.getName())) {
        secretKey = model.getNote(SecretKey.class.getName());
    } else {
        secretKey = KeyUtils.loadSecretKey(Base64Url.decode(model.get(Attributes.SECRET_KEY)), JavaAlgorithm.getJavaAlgorithm(algorithm));
        model.setNote(SecretKey.class.getName(), secretKey);
    }
}
 
Example 5
Source File: AbstractRsaKeyProvider.java    From keycloak with Apache License 2.0 5 votes vote down vote up
public AbstractRsaKeyProvider(RealmModel realm, ComponentModel model) {
    this.model = model;
    this.status = KeyStatus.from(model.get(Attributes.ACTIVE_KEY, true), model.get(Attributes.ENABLED_KEY, true));
    this.algorithm = model.get(Attributes.ALGORITHM_KEY, Algorithm.RS256);

    if (model.hasNote(KeyWrapper.class.getName())) {
        key = model.getNote(KeyWrapper.class.getName());
    } else {
        key = loadKey(realm, model);
        model.setNote(KeyWrapper.class.getName(), key);
    }
}
 
Example 6
Source File: CertificateLDAPStorageMapperFactory.java    From keycloak with Apache License 2.0 5 votes vote down vote up
@Override
public void validateConfiguration(KeycloakSession session, RealmModel realm, ComponentModel config) throws ComponentValidationException {
  super.validateConfiguration(session, realm, config);

  boolean isBinaryAttribute = config.get(UserAttributeLDAPStorageMapper.IS_BINARY_ATTRIBUTE, false);
  boolean isDerFormatted = config.get(CertificateLDAPStorageMapper.IS_DER_FORMATTED, false);
  if (isDerFormatted && !isBinaryAttribute) {
    throw new ComponentValidationException("With DER formatted certificate enabled, the ''Is Binary Attribute'' option must be enabled too");
  }

}
 
Example 7
Source File: UserAttributeLDAPStorageMapperFactory.java    From keycloak with Apache License 2.0 5 votes vote down vote up
@Override
public void validateConfiguration(KeycloakSession session, RealmModel realm, ComponentModel config) throws ComponentValidationException {
    checkMandatoryConfigAttribute(UserAttributeLDAPStorageMapper.USER_MODEL_ATTRIBUTE, "User Model Attribute", config);
    checkMandatoryConfigAttribute(UserAttributeLDAPStorageMapper.LDAP_ATTRIBUTE, "LDAP Attribute", config);

    boolean isBinaryAttribute = config.get(UserAttributeLDAPStorageMapper.IS_BINARY_ATTRIBUTE, false);
    boolean alwaysReadValueFromLDAP = config.get(UserAttributeLDAPStorageMapper.ALWAYS_READ_VALUE_FROM_LDAP, false);
    if (isBinaryAttribute && !alwaysReadValueFromLDAP) {
        throw new ComponentValidationException("With Binary attribute enabled, the ''Always read value from LDAP'' must be enabled too");
    }

}
 
Example 8
Source File: UserAttributeLDAPStorageMapperFactory.java    From keycloak with Apache License 2.0 5 votes vote down vote up
@Override
public void updateLDAPConfig(LDAPConfig ldapConfig, ComponentModel mapperModel) {
    boolean isBinaryAttribute = mapperModel.get(UserAttributeLDAPStorageMapper.IS_BINARY_ATTRIBUTE, false);
    if (isBinaryAttribute) {
        String ldapAttrName = mapperModel.getConfig().getFirst(UserAttributeLDAPStorageMapper.LDAP_ATTRIBUTE);
        ldapConfig.addBinaryAttribute(ldapAttrName);
    }
}
 
Example 9
Source File: GeneratedHmacKeyProvider.java    From keycloak with Apache License 2.0 4 votes vote down vote up
public GeneratedHmacKeyProvider(ComponentModel model) {
    super(model, KeyUse.SIG, KeyType.OCT, model.get(Attributes.ALGORITHM_KEY, Algorithm.HS256));
}