Java Code Examples for org.keycloak.adapters.KeycloakDeployment#getResourceName()

The following examples show how to use org.keycloak.adapters.KeycloakDeployment#getResourceName() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: JWTClientSecretCredentialsProvider.java    From keycloak with Apache License 2.0 6 votes vote down vote up
@Override
public void init(KeycloakDeployment deployment, Object config) {
    if (!(config instanceof Map)) {
        throw new RuntimeException("Configuration of jwt credentials by client secret is missing or incorrect for client '" + deployment.getResourceName() + "'. Check your adapter configuration");
    }

    Map<String, Object> cfg = (Map<String, Object>) config;
    String clientSecretString = (String) cfg.get("secret");
    if (clientSecretString == null) {
        throw new RuntimeException("Missing parameter secret-jwt in configuration of jwt for client " + deployment.getResourceName());
    }

    String clientSecretJwtAlg = (String) cfg.get("algorithm");
    if (clientSecretJwtAlg == null) {
        // "algorithm" field is optional. fallback to HS256.
        setClientSecret(clientSecretString); 
    } else if (isValidClientSecretJwtAlg(clientSecretJwtAlg)) {
        setClientSecret(clientSecretString, clientSecretJwtAlg); 
    } else {
        // invalid "algorithm" field
        throw new RuntimeException("Invalid parameter secret-jwt in configuration of jwt for client " + deployment.getResourceName());
    }
}
 
Example 2
Source File: JWTClientCredentialsProvider.java    From keycloak with Apache License 2.0 5 votes vote down vote up
@Override
public void init(KeycloakDeployment deployment, Object config) {
    if (!(config instanceof Map)) {
        throw new RuntimeException("Configuration of jwt credentials is missing or incorrect for client '" + deployment.getResourceName() + "'. Check your adapter configuration");
    }

    Map<String, Object> cfg = (Map<String, Object>) config;

    String clientKeystoreFile =  (String) cfg.get("client-keystore-file");
    if (clientKeystoreFile == null) {
        throw new RuntimeException("Missing parameter client-keystore-file in configuration of jwt for client " + deployment.getResourceName());
    }

    String clientKeystoreType = (String) cfg.get("client-keystore-type");
    KeystoreUtil.KeystoreFormat clientKeystoreFormat = clientKeystoreType==null ? KeystoreUtil.KeystoreFormat.JKS : Enum.valueOf(KeystoreUtil.KeystoreFormat.class, clientKeystoreType.toUpperCase());

    String clientKeystorePassword =  (String) cfg.get("client-keystore-password");
    if (clientKeystorePassword == null) {
        throw new RuntimeException("Missing parameter client-keystore-password in configuration of jwt for client " + deployment.getResourceName());
    }

    String clientKeyPassword = (String) cfg.get("client-key-password");
    if (clientKeyPassword == null) {
        clientKeyPassword = clientKeystorePassword;
    }

    String clientKeyAlias =  (String) cfg.get("client-key-alias");
    if (clientKeyAlias == null) {
        clientKeyAlias = deployment.getResourceName();
    }

    KeyPair keyPair = KeystoreUtil.loadKeyPairFromKeystore(clientKeystoreFile, clientKeystorePassword, clientKeyPassword, clientKeyAlias, clientKeystoreFormat);
    setupKeyPair(keyPair);

    this.tokenTimeout = asInt(cfg, "token-timeout", 10);
}
 
Example 3
Source File: ClientIdAndSecretCredentialsProvider.java    From keycloak with Apache License 2.0 5 votes vote down vote up
@Override
public void setClientCredentials(KeycloakDeployment deployment, Map<String, String> requestHeaders, Map<String, String> formParams) {
    String clientId = deployment.getResourceName();

    if (!deployment.isPublicClient()) {
        if (clientSecret != null) {
            String authorization = BasicAuthHelper.createHeader(clientId, clientSecret);
            requestHeaders.put("Authorization", authorization);
        } else {
            logger.warnf("Client '%s' doesn't have secret available", clientId);
        }
    } else {
        formParams.put(OAuth2Constants.CLIENT_ID, clientId);
    }
}
 
Example 4
Source File: ClientCredentialsProviderUtils.java    From keycloak with Apache License 2.0 5 votes vote down vote up
public static ClientCredentialsProvider bootstrapClientAuthenticator(KeycloakDeployment deployment) {
    String clientId = deployment.getResourceName();
    Map<String, Object> clientCredentials = deployment.getResourceCredentials();

    String authenticatorId;
    if (clientCredentials == null || clientCredentials.isEmpty()) {
        authenticatorId = ClientIdAndSecretCredentialsProvider.PROVIDER_ID;
    } else {
        authenticatorId = (String) clientCredentials.get("provider");
        if (authenticatorId == null) {
            // If there is just one credential type, use provider from it
            if (clientCredentials.size() == 1) {
                authenticatorId = clientCredentials.keySet().iterator().next();
            } else {
                throw new RuntimeException("Can't identify clientAuthenticator from the configuration of client '" + clientId + "' . Check your adapter configurations");
            }
        }
    }

    logger.debugf("Using provider '%s' for authentication of client '%s'", authenticatorId, clientId);

    Map<String, ClientCredentialsProvider> authenticators = new HashMap<>();
    loadAuthenticators(authenticators, ClientCredentialsProviderUtils.class.getClassLoader());
    loadAuthenticators(authenticators, Thread.currentThread().getContextClassLoader());

    ClientCredentialsProvider authenticator = authenticators.get(authenticatorId);
    if (authenticator == null) {
        throw new RuntimeException("Couldn't find ClientCredentialsProvider implementation class with id: " + authenticatorId + ". Loaded authentication providers: " + authenticators.keySet());
    }

    Object config = (clientCredentials==null) ? null : clientCredentials.get(authenticatorId);
    authenticator.init(deployment, config);

    return authenticator;
}