Java Code Examples for org.keycloak.representations.idm.ClientRepresentation#getAttributes()
The following examples show how to use
org.keycloak.representations.idm.ClientRepresentation#getAttributes() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: KcSamlSignedBrokerTest.java From keycloak with Apache License 2.0 | 6 votes |
|
@Override
public List<ClientRepresentation> createProviderClients() {
List<ClientRepresentation> clientRepresentationList = super.createProviderClients();
String consumerCert = KeyUtils.getActiveKey(adminClient.realm(consumerRealmName()).keys().getKeyMetadata(), Algorithm.RS256).getCertificate();
Assert.assertThat(consumerCert, Matchers.notNullValue());
for (ClientRepresentation client : clientRepresentationList) {
client.setClientAuthenticatorType("client-secret");
client.setSurrogateAuthRequired(false);
Map<String, String> attributes = client.getAttributes();
if (attributes == null) {
attributes = new HashMap<>();
client.setAttributes(attributes);
}
attributes.put(SamlConfigAttributes.SAML_ASSERTION_SIGNATURE, "true");
attributes.put(SamlConfigAttributes.SAML_SERVER_SIGNATURE, "true");
attributes.put(SamlConfigAttributes.SAML_CLIENT_SIGNATURE_ATTRIBUTE, "true");
attributes.put(SamlConfigAttributes.SAML_SIGNATURE_ALGORITHM, "RSA_SHA256");
attributes.put(SamlConfigAttributes.SAML_SIGNING_CERTIFICATE_ATTRIBUTE, consumerCert);
}
return clientRepresentationList;
}
Example 2
| Source File: KcSamlSignedDocumentOnlyBrokerTest.java From keycloak with Apache License 2.0 | 6 votes |
|
@Override
public List<ClientRepresentation> createProviderClients() {
List<ClientRepresentation> clientRepresentationList = super.createProviderClients();
for (ClientRepresentation client : clientRepresentationList) {
client.setClientAuthenticatorType("client-secret");
client.setSurrogateAuthRequired(false);
Map<String, String> attributes = client.getAttributes();
if (attributes == null) {
attributes = new HashMap<>();
client.setAttributes(attributes);
}
attributes.put("saml.assertion.signature", "false");
attributes.put("saml.server.signature", "true");
attributes.put("saml.client.signature", "true");
attributes.put("saml.signature.algorithm", "RSA_SHA256");
attributes.put("saml.signing.private.key", IDP_SAML_SIGN_KEY);
attributes.put("saml.signing.certificate", IDP_SAML_SIGN_CERT);
}
return clientRepresentationList;
}
Example 3
| Source File: KcOidcBrokerPrivateKeyJwtTest.java From keycloak with Apache License 2.0 | 5 votes |
|
@Override
public List<ClientRepresentation> createProviderClients() {
List<ClientRepresentation> clientsRepList = super.createProviderClients();
log.info("Update provider clients to accept JWT authentication");
KeyMetadataRepresentation keyRep = KeyUtils.getActiveKey(adminClient.realm(consumerRealmName()).keys().getKeyMetadata(), Algorithm.RS256);
for (ClientRepresentation client: clientsRepList) {
client.setClientAuthenticatorType(JWTClientAuthenticator.PROVIDER_ID);
if (client.getAttributes() == null) {
client.setAttributes(new HashMap<String, String>());
}
client.getAttributes().put(JWTClientAuthenticator.CERTIFICATE_ATTR, keyRep.getCertificate());
}
return clientsRepList;
}
Example 4
| Source File: ClientManager.java From keycloak with Apache License 2.0 | 5 votes |
|
public void updateAttribute(String attribute, String value) {
ClientRepresentation app = clientResource.toRepresentation();
if (app.getAttributes() == null) {
app.setAttributes(new LinkedHashMap<String, String>());
}
app.getAttributes().put(attribute, value);
clientResource.update(app);
}
Example 5
| Source File: ClientSettingsForm.java From keycloak with Apache License 2.0 | 5 votes |
|
public void setValues(ClientRepresentation client) {
waitUntilElement(fineGrainCollapsor).is().visible();
Map<String, String> attributes = client.getAttributes();
samlAuthnStatement.setOn("true".equals(attributes.get(SAML_AUTHNSTATEMENT)));
samlOneTimeUseCondition.setOn("true".equals(attributes.get(SAML_ONETIMEUSE_CONDITION)));
samlServerSignature.setOn("true".equals(attributes.get(SAML_SERVER_SIGNATURE)));
samlAssertionSignature.setOn("true".equals(attributes.get(SAML_ASSERTION_SIGNATURE)));
if (samlServerSignature.isOn() || samlAssertionSignature.isOn()) {
signatureAlgorithm.selectByVisibleText(attributes.get(SAML_SIGNATURE_ALGORITHM));
canonicalization.selectByValue("string:" + attributes.get(SAML_SIGNATURE_CANONICALIZATION_METHOD));
samlServerSignatureKeyInfoExt.setOn("true".equals(attributes.get(SAML_SERVER_SIGNATURE_KEYINFO_EXT)));
}
samlEncrypt.setOn("true".equals(attributes.get(SAML_ENCRYPT)));
samlClientSignature.setOn("true".equals(attributes.get(SAML_CLIENT_SIGNATURE)));
samlForcePostBinding.setOn("true".equals(attributes.get(SAML_FORCE_POST_BINDING)));
frontchannelLogout.setOn(client.isFrontchannelLogout());
samlForceNameIdFormat.setOn("true".equals(attributes.get(SAML_FORCE_NAME_ID_FORMAT)));
samlNameIdFormat.selectByVisibleText(attributes.get(SAML_NAME_ID_FORMAT));
fineGrainCollapsor.click();
waitUntilElement(consumerServicePostInput).is().present();
UIUtils.setTextInputValue(consumerServicePostInput, attributes.get(SAML_ASSERTION_CONSUMER_URL_POST));
UIUtils.setTextInputValue(consumerServiceRedirectInput, attributes.get(SAML_ASSERTION_CONSUMER_URL_REDIRECT));
UIUtils.setTextInputValue(logoutPostBindingInput, attributes.get(SAML_SINGLE_LOGOUT_SERVICE_URL_POST));
UIUtils.setTextInputValue(logoutRedirectBindingInput, attributes.get(SAML_SINGLE_LOGOUT_SERVICE_URL_REDIRECT));
}
Example 6
| Source File: CertificateInfoHelper.java From keycloak with Apache License 2.0 | 5 votes |
|
private static void setOrRemoveAttr(ClientRepresentation client, String attrName, String attrValue) {
if (attrValue != null) {
if (client.getAttributes() == null) {
client.setAttributes(new HashMap<>());
}
client.getAttributes().put(attrName, attrValue);
} else {
if (client.getAttributes() != null) {
client.getAttributes().remove(attrName);
}
}
}
Example 7
| Source File: SamlProtocolFactory.java From keycloak with Apache License 2.0 | 4 votes |
|
@Override
public void setupClientDefaults(ClientRepresentation clientRep, ClientModel newClient) {
SamlRepresentationAttributes rep = new SamlRepresentationAttributes(clientRep.getAttributes());
SamlClient client = new SamlClient(newClient);
if (clientRep.isStandardFlowEnabled() == null) newClient.setStandardFlowEnabled(true);
if (rep.getCanonicalizationMethod() == null) {
client.setCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE);
}
if (rep.getSignatureAlgorithm() == null) {
client.setSignatureAlgorithm(SignatureAlgorithm.RSA_SHA256);
}
if (rep.getNameIDFormat() == null) {
client.setNameIDFormat("username");
}
if (rep.getIncludeAuthnStatement() == null) {
client.setIncludeAuthnStatement(true);
}
if (rep.getForceNameIDFormat() == null) {
client.setForceNameIDFormat(false);
}
if (rep.getSamlServerSignature() == null) {
client.setRequiresRealmSignature(true);
}
if (rep.getForcePostBinding() == null) {
client.setForcePostBinding(true);
}
if (rep.getClientSignature() == null) {
client.setRequiresClientSignature(true);
}
if (client.requiresClientSignature() && client.getClientSigningCertificate() == null) {
CertificateRepresentation info = KeycloakModelUtils.generateKeyPairCertificate(newClient.getClientId());
client.setClientSigningCertificate(info.getCertificate());
client.setClientSigningPrivateKey(info.getPrivateKey());
}
if (clientRep.isFrontchannelLogout() == null) {
newClient.setFrontchannelLogout(true);
}
}
