Java Code Examples for org.keycloak.models.ClientModel#getSecret()

The following examples show how to use org.keycloak.models.ClientModel#getSecret() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: ClientManager.java    From keycloak with Apache License 2.0 5 votes vote down vote up 
public String toJBossSubsystemConfig(RealmModel realmModel, ClientModel clientModel, URI baseUri) {
    StringBuffer buffer = new StringBuffer();
    buffer.append("<secure-deployment name=\"WAR MODULE NAME.war\">\n");
    buffer.append("    <realm>").append(realmModel.getName()).append("</realm>\n");
    buffer.append("    <auth-server-url>").append(baseUri.toString()).append("</auth-server-url>\n");
    if (clientModel.isBearerOnly()){
        buffer.append("    <bearer-only>true</bearer-only>\n");

    } else if (clientModel.isPublicClient()) {
        buffer.append("    <public-client>true</public-client>\n");
    }
    buffer.append("    <ssl-required>").append(realmModel.getSslRequired().name()).append("</ssl-required>\n");
    buffer.append("    <resource>").append(clientModel.getClientId()).append("</resource>\n");
    String cred = clientModel.getSecret();
    if (showClientCredentialsAdapterConfig(clientModel)) {
        Map<String, Object> adapterConfig = getClientCredentialsAdapterConfig(clientModel);
        for (Map.Entry<String, Object> entry : adapterConfig.entrySet()) {
            buffer.append("    <credential name=\"" + entry.getKey() + "\">");

            Object value = entry.getValue();
            if (value instanceof Map) {
                buffer.append("\n");
                Map<String, Object> asMap = (Map<String, Object>) value;
                for (Map.Entry<String, Object> credEntry : asMap.entrySet()) {
                    buffer.append("        <" + credEntry.getKey() + ">" + credEntry.getValue().toString() + "</" + credEntry.getKey() + ">\n");
                }
                buffer.append("    </credential>\n");
            } else {
                buffer.append(value.toString()).append("</credential>\n");
            }
        }
    }
    if (clientModel.getRoles().size() > 0) {
        buffer.append("    <use-resource-role-mappings>true</use-resource-role-mappings>\n");
    }
    buffer.append("</secure-deployment>\n");
    return buffer.toString();
}
Example 2
Source File: ClientMacSignatureVerifierContext.java    From keycloak with Apache License 2.0 5 votes vote down vote up 
private static KeyWrapper getKey(KeycloakSession session, ClientModel client, String algorithm) throws VerificationException {
    if (algorithm == null) algorithm = Algorithm.HS256;
    String clientSecretString = client.getSecret();
    SecretKey clientSecret = new SecretKeySpec(clientSecretString.getBytes(StandardCharsets.UTF_8), JavaAlgorithm.getJavaAlgorithm(algorithm));
    KeyWrapper key = new KeyWrapper();
    key.setSecretKey(clientSecret);
    key.setUse(KeyUse.SIG);
    key.setType(KeyType.OCT);
    key.setAlgorithm(algorithm);
    return key;
}
Example 3
Source File: KeycloakOIDCJbossSubsystemClientInstallation.java    From keycloak with Apache License 2.0 4 votes vote down vote up 
@Override
public Response generateInstallation(KeycloakSession session, RealmModel realm, ClientModel client, URI baseUri) {
    StringBuffer buffer = new StringBuffer();
    buffer.append("<secure-deployment name=\"WAR MODULE NAME.war\">\n");
    buffer.append("    <realm>").append(realm.getName()).append("</realm>\n");
    buffer.append("    <auth-server-url>").append(baseUri.toString()).append("</auth-server-url>\n");
    if (client.isBearerOnly()){
        buffer.append("    <bearer-only>true</bearer-only>\n");

    } else if (client.isPublicClient()) {
        buffer.append("    <public-client>true</public-client>\n");
    }
    buffer.append("    <ssl-required>").append(realm.getSslRequired().name()).append("</ssl-required>\n");
    buffer.append("    <resource>").append(client.getClientId()).append("</resource>\n");

    if (KeycloakOIDCClientInstallation.showVerifyTokenAudience(client)) {
        buffer.append("    <verify-token-audience>true</verify-token-audience>\n");
    }

    String cred = client.getSecret();
    if (KeycloakOIDCClientInstallation.showClientCredentialsAdapterConfig(client)) {
        Map<String, Object> adapterConfig = KeycloakOIDCClientInstallation.getClientCredentialsAdapterConfig(session, client);
        for (Map.Entry<String, Object> entry : adapterConfig.entrySet()) {
            buffer.append("    <credential name=\"" + entry.getKey() + "\">");

            Object value = entry.getValue();
            if (value instanceof Map) {
                buffer.append("\n");
                Map<String, Object> asMap = (Map<String, Object>) value;
                for (Map.Entry<String, Object> credEntry : asMap.entrySet()) {
                    buffer.append("        <" + credEntry.getKey() + ">" + credEntry.getValue().toString() + "</" + credEntry.getKey() + ">\n");
                }
                buffer.append("    </credential>\n");
            } else {
                buffer.append(value.toString()).append("</credential>\n");
            }
        }
    }
    if (client.getRoles().size() > 0) {
        buffer.append("    <use-resource-role-mappings>true</use-resource-role-mappings>\n");
    }
    buffer.append("</secure-deployment>\n");
    return Response.ok(buffer.toString(), MediaType.TEXT_PLAIN_TYPE).build();
}