Java Code Examples for org.keycloak.models.ClientModel#getProtocol()
The following examples show how to use
org.keycloak.models.ClientModel#getProtocol() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: MigrateTo6_0_0.java From keycloak with Apache License 2.0 | 6 votes |
|
protected void migrateRealm(KeycloakSession session, RealmModel realm, boolean jsn) {
MigrationProvider migrationProvider = session.getProvider(MigrationProvider.class);
// create 'microprofile-jwt' optional client scope in the realm.
ClientScopeModel mpJWTScope = migrationProvider.addOIDCMicroprofileJWTClientScope(realm);
LOG.debugf("Added '%s' optional client scope", mpJWTScope.getName());
// assign 'microprofile-jwt' optional client scope to all the OIDC clients.
for (ClientModel client : realm.getClients()) {
if ((client.getProtocol() == null || "openid-connect".equals(client.getProtocol())) && (!client.isBearerOnly())) {
client.addClientScope(mpJWTScope, false);
}
}
LOG.debugf("Client scope '%s' assigned to all the clients", mpJWTScope.getName());
}
Example 2
| Source File: MigrateTo4_6_0.java From keycloak with Apache License 2.0 | 6 votes |
|
protected void migrateRealm(KeycloakSession session, RealmModel realm, boolean json) {
MigrationProvider migrationProvider = session.getProvider(MigrationProvider.class);
// Create "roles" and "web-origins" clientScopes
ClientScopeModel rolesScope = migrationProvider.addOIDCRolesClientScope(realm);
ClientScopeModel webOriginsScope = migrationProvider.addOIDCWebOriginsClientScope(realm);
LOG.debugf("Added '%s' and '%s' default client scopes", rolesScope.getName(), webOriginsScope.getName());
// Assign "roles" and "web-origins" clientScopes to all the OIDC clients
for (ClientModel client : realm.getClients()) {
if ((client.getProtocol()==null || "openid-connect".equals(client.getProtocol())) && (!client.isBearerOnly())) {
client.addClientScope(rolesScope, true);
client.addClientScope(webOriginsScope, true);
}
}
LOG.debugf("Client scope '%s' assigned to all the clients", rolesScope.getName());
}
Example 3
| Source File: AuthorizeClientUtil.java From keycloak with Apache License 2.0 | 5 votes |
|
public static ClientAuthResult authorizeClient(KeycloakSession session, EventBuilder event) {
AuthenticationProcessor processor = getAuthenticationProcessor(session, event);
Response response = processor.authenticateClient();
if (response != null) {
throw new WebApplicationException(response);
}
ClientModel client = processor.getClient();
if (client == null) {
throw new ErrorResponseException(Errors.INVALID_CLIENT, "Client authentication ended, but client is null", Response.Status.BAD_REQUEST);
}
String protocol = client.getProtocol();
if (protocol == null) {
logger.warnf("Client '%s' doesn't have protocol set. Fallback to openid-connect. Please fix client configuration", client.getClientId());
protocol = OIDCLoginProtocol.LOGIN_PROTOCOL;
}
if (!protocol.equals(OIDCLoginProtocol.LOGIN_PROTOCOL)) {
event.error(Errors.INVALID_CLIENT);
throw new ErrorResponseException(Errors.INVALID_CLIENT, "Wrong client protocol.", Response.Status.BAD_REQUEST);
}
session.getContext().setClient(client);
return new ClientAuthResult(client, processor.getClientAuthAttributes());
}
Example 4
| Source File: ResourceAdminManager.java From keycloak with Apache License 2.0 | 5 votes |
|
protected boolean sendPushRevocationPolicyRequest(RealmModel realm, ClientModel resource, int notBefore, String managementUrl) {
String protocol = resource.getProtocol();
if (protocol == null) {
protocol = OIDCLoginProtocol.LOGIN_PROTOCOL;
}
LoginProtocol loginProtocol = (LoginProtocol) session.getProvider(LoginProtocol.class, protocol);
return loginProtocol == null
? false
: loginProtocol.sendPushRevocationPolicyRequest(realm, resource, notBefore, managementUrl);
}
