org.keycloak.provider.ProviderConfigProperty Java Examples

The following examples show how to use org.keycloak.provider.ProviderConfigProperty. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: DynamicIdpRedirectAuthenticatorFactory.java    From keycloak-extension-playground with Apache License 2.0 6 votes vote down vote up
@Override
public List<ProviderConfigProperty> getConfigProperties() {

    ProviderConfigProperty emailToIdpMapping = new ProviderConfigProperty();
    emailToIdpMapping.setType(ProviderConfigProperty.STRING_TYPE);
    emailToIdpMapping.setName(DynamicIdpRedirectAuthenticator.EMAIL_TO_IDP_MAPPING_CONFIG_PROPERTY);
    emailToIdpMapping.setLabel("Email IDP Mapping");
    emailToIdpMapping.setHelpText("Email Suffix pattern to IDP Mapping. email-suffix/idp-id, multiple patterns can be delimited via ';', c.f.: example.com/idp1;.*foo.com/idp2;.*bar.(com|de)/idp3");

    ProviderConfigProperty fallbackToAuthFlow = new ProviderConfigProperty();
    fallbackToAuthFlow.setType(ProviderConfigProperty.BOOLEAN_TYPE);
    fallbackToAuthFlow.setName(DynamicIdpRedirectAuthenticator.FALLBACK_TO_AUTHFLOW_CONFIG_PROPERTY);
    fallbackToAuthFlow.setLabel("Fallback to Authflow");
    fallbackToAuthFlow.setHelpText("Fall back to Authflow if no target IdP could be identified.");
    fallbackToAuthFlow.setDefaultValue("true");

    return Arrays.asList(emailToIdpMapping, fallbackToAuthFlow);
}
 
Example #2
Source File: ConditionalUserAttributeValueFactory.java    From keycloak with Apache License 2.0 6 votes vote down vote up
@Override
public List<ProviderConfigProperty> getConfigProperties() {
    ProviderConfigProperty authNoteName = new ProviderConfigProperty();
    authNoteName.setType(ProviderConfigProperty.STRING_TYPE);
    authNoteName.setName(CONF_ATTRIBUTE_NAME);
    authNoteName.setLabel("Attribute name");
    authNoteName.setHelpText("Name of the attribute to check");

    ProviderConfigProperty authNoteExpectedValue = new ProviderConfigProperty();
    authNoteExpectedValue.setType(ProviderConfigProperty.STRING_TYPE);
    authNoteExpectedValue.setName(CONF_ATTRIBUTE_EXPECTED_VALUE);
    authNoteExpectedValue.setLabel("Expected attribute value");
    authNoteExpectedValue.setHelpText("Expected value in the attribute");

    ProviderConfigProperty negateOutput = new ProviderConfigProperty();
    negateOutput.setType(ProviderConfigProperty.BOOLEAN_TYPE);
    negateOutput.setName(CONF_NOT);
    negateOutput.setLabel("Negate output");
    negateOutput.setHelpText("Apply a not to the check result");

    return Arrays.asList(authNoteName, authNoteExpectedValue, negateOutput);
}
 
Example #3
Source File: AdHocAuthenticatorFactory.java    From keycloak-extension-playground with Apache License 2.0 6 votes vote down vote up
@Override
public List<ProviderConfigProperty> getConfigProperties() {
    return ProviderConfigurationBuilder
            .create()
            .property().name("customRole")
            .type(ProviderConfigProperty.ROLE_TYPE)
            .label("Some Role")
            .defaultValue("none")
            .helpText("Select some Role")
            .add()
            .property().name("otherProp")
            .type(ProviderConfigProperty.STRING_TYPE)
            .label("Some value")
            .defaultValue("test")
            .helpText("Enter some value")
            .add().build();
}
 
Example #4
Source File: KcOidcBrokerTest.java    From keycloak with Apache License 2.0 6 votes vote down vote up
@Test
public void testInvalidIssuedFor() {
    loginUser();
    logoutFromRealm(getProviderRoot(), bc.providerRealmName());
    logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());

    log.debug("Clicking social " + bc.getIDPAlias());
    loginPage.clickSocial(bc.getIDPAlias());
    waitForPage(driver, "log in to", true);

    RealmResource realm = adminClient.realm(bc.providerRealmName());
    ClientRepresentation rep = realm.clients().findByClientId(BrokerTestConstants.CLIENT_ID).get(0);
    ClientResource clientResource = realm.clients().get(rep.getId());
    ProtocolMapperRepresentation hardCodedAzp = createHardcodedClaim("hard", "azp", "invalid-azp", ProviderConfigProperty.STRING_TYPE, true, true);
    clientResource.getProtocolMappers().createMapper(hardCodedAzp);

    log.debug("Logging in");
    loginPage.login(bc.getUserLogin(), bc.getUserPassword());
    errorPage.assertCurrent();
}
 
Example #5
Source File: SessionPropagationAuthenticatorFactory.java    From keycloak-extension-playground with Apache License 2.0 6 votes vote down vote up
@Override
public List<ProviderConfigProperty> getConfigProperties() {
    return ProviderConfigurationBuilder
            .create()
            .property().name(SessionPropagationAuthenticator.ENCRYPTION_KEY)
            .type(ProviderConfigProperty.PASSWORD)
            .label("Encryption Key")
            .defaultValue("changeme")
            .helpText("Encryption key")
            .add()
            .property().name(SessionPropagationAuthenticator.SESSION_REFERENCE_MAX_AGE_SECONDS)
            .type(ProviderConfigProperty.STRING_TYPE)
            .label("Session Reference Mag Age")
            .defaultValue("30")
            .helpText("Maximum age of session reference in seconds")
            .add().property().name(SessionPropagationAuthenticator.SESSION_VALIDATION_SERVICE_URL)
            .type(ProviderConfigProperty.STRING_TYPE)
            .label("Session Validation URL")
            .defaultValue("")
            .helpText("Url to validate the encrypted session token against. " +
                    "The URI placeholder {sessionHandle} will be replaced with the encrypted sessionHandle. " +
                    "The URI placeholder {sessionHandleSalt} will be replaced with the salt used for the encrypted sessionHandle. " +
                    "An example URI can look like this: http://myserver/myapp/sessions/keycloak?sessionHandle={sessionHandle}&sessionHandleSalt={sessionHandleSalt}")
            .add().build();
}
 
Example #6
Source File: AuthenticationManagementResource.java    From keycloak with Apache License 2.0 6 votes vote down vote up
/**
 * Get authenticator provider's configuration description
 */
@Path("config-description/{providerId}")
@GET
@Produces(MediaType.APPLICATION_JSON)
@NoCache
public AuthenticatorConfigInfoRepresentation getAuthenticatorConfigDescription(@PathParam("providerId") String providerId) {
    auth.realm().requireViewRealm();

    ConfigurableAuthenticatorFactory factory = CredentialHelper.getConfigurableAuthenticatorFactory(session, providerId);
    if (factory == null) {
        throw new NotFoundException("Could not find authenticator provider");
    }
    AuthenticatorConfigInfoRepresentation rep = new AuthenticatorConfigInfoRepresentation();
    rep.setProviderId(providerId);
    rep.setName(factory.getDisplayType());
    rep.setHelpText(factory.getHelpText());
    rep.setProperties(new LinkedList<>());
    List<ProviderConfigProperty> configProperties = factory.getConfigProperties();
    for (ProviderConfigProperty prop : configProperties) {
        ConfigPropertyRepresentation propRep = getConfigPropertyRep(prop);
        rep.getProperties().add(propRep);
    }
    return rep;
}
 
Example #7
Source File: ScriptBasedMapper.java    From keycloak with Apache License 2.0 6 votes vote down vote up
@Override
public void validateConfig(KeycloakSession session, RealmModel realm, ProtocolMapperContainerModel client, ProtocolMapperModel mapperModel) throws ProtocolMapperConfigException {

    String scriptCode = mapperModel.getConfig().get(ProviderConfigProperty.SCRIPT_TYPE);
    if (scriptCode == null) {
        return;
    }

    ScriptingProvider scripting = session.getProvider(ScriptingProvider.class);
    ScriptModel scriptModel = scripting.createScript(realm.getId(), ScriptModel.TEXT_JAVASCRIPT, mapperModel.getName() + "-script", scriptCode, "");

    try {
        scripting.prepareEvaluatableScript(scriptModel);
    } catch (ScriptCompilationException ex) {
        throw new ProtocolMapperConfigException("error", "{0}", ex.getMessage());
    }
}
 
Example #8
Source File: PairwiseSubMapperHelper.java    From keycloak with Apache License 2.0 5 votes vote down vote up
public static ProviderConfigProperty createSectorIdentifierConfig() {
    ProviderConfigProperty property = new ProviderConfigProperty();
    property.setName(SECTOR_IDENTIFIER_URI);
    property.setType(ProviderConfigProperty.STRING_TYPE);
    property.setLabel(SECTOR_IDENTIFIER_URI_LABEL);
    property.setHelpText(SECTOR_IDENTIFIER_URI_HELP_TEXT);
    return property;
}
 
Example #9
Source File: RequireGroupAuthenticatorFactory.java    From keycloak-extension-playground with Apache License 2.0 5 votes vote down vote up
@Override
public List<ProviderConfigProperty> getConfigProperties() {

    // TODO add support for selecting an existing group, similar to role selection

    ProviderConfigProperty group = new ProviderConfigProperty();
    group.setType(ProviderConfigProperty.STRING_TYPE);
    group.setName(GROUP);
    group.setLabel("Group");
    group.setHelpText("Required group");

    return Arrays.asList(group);
}
 
Example #10
Source File: MinPasswordAgeAuthenticatorFactory.java    From keycloak-extension-playground with Apache License 2.0 5 votes vote down vote up
@Override
public List<ProviderConfigProperty> getConfigProperties() {
    return ProviderConfigurationBuilder
            .create()
            .property().name(MinPasswordAgeAuthenticator.MIN_PASSWORD_AGE_DURATION)
            .type(ProviderConfigProperty.STRING_TYPE)
            .label("Min Password duration")
            .defaultValue("PT15M")
            .helpText("Min password duration")
            .add().build();
}
 
Example #11
Source File: AddressMapper.java    From keycloak with Apache License 2.0 5 votes vote down vote up
protected static ProviderConfigProperty createConfigProperty(String claimName) {
    ProviderConfigProperty property = new ProviderConfigProperty();
    property.setName(getModelPropertyName(claimName));
    property.setLabel("addressClaim." + claimName + ".label");
    property.setHelpText("addressClaim." + claimName + ".tooltip");
    property.setType(ProviderConfigProperty.STRING_TYPE);
    property.setDefaultValue(claimName);
    return property;
}
 
Example #12
Source File: AuthenticationManagementResource.java    From keycloak with Apache License 2.0 5 votes vote down vote up
/**
 *  Get configuration descriptions for all clients
 */
@Path("per-client-config-description")
@GET
@Produces(MediaType.APPLICATION_JSON)
@NoCache
public Map<String, List<ConfigPropertyRepresentation>> getPerClientConfigDescription() {
    auth.realm().requireViewClientAuthenticatorProviders();

    List<ProviderFactory> factories = session.getKeycloakSessionFactory().getProviderFactories(ClientAuthenticator.class);

    Map<String, List<ConfigPropertyRepresentation>> toReturn = new HashMap<>();
    for (ProviderFactory clientAuthenticatorFactory : factories) {
        String providerId = clientAuthenticatorFactory.getId();
        ConfigurableAuthenticatorFactory factory = CredentialHelper.getConfigurableAuthenticatorFactory(session, providerId);
        ClientAuthenticatorFactory clientAuthFactory = (ClientAuthenticatorFactory) factory;
        List<ProviderConfigProperty> perClientConfigProps = clientAuthFactory.getConfigPropertiesPerClient();
        List<ConfigPropertyRepresentation> result = new LinkedList<>();
        for (ProviderConfigProperty prop : perClientConfigProps) {
            ConfigPropertyRepresentation propRep = getConfigPropertyRep(prop);
            result.add(propRep);
        }

        toReturn.put(providerId, result);
    }

    return toReturn;
}
 
Example #13
Source File: ModelToRepresentation.java    From keycloak with Apache License 2.0 5 votes vote down vote up
public static ConfigPropertyRepresentation toRepresentation(ProviderConfigProperty prop) {
    ConfigPropertyRepresentation propRep = new ConfigPropertyRepresentation();
    propRep.setName(prop.getName());
    propRep.setLabel(prop.getLabel());
    propRep.setType(prop.getType());
    propRep.setDefaultValue(prop.getDefaultValue());
    propRep.setOptions(prop.getOptions());
    propRep.setHelpText(prop.getHelpText());
    propRep.setSecret(prop.isSecret());
    return propRep;
}
 
Example #14
Source File: ScriptBasedAuthenticatorFactory.java    From keycloak with Apache License 2.0 5 votes vote down vote up
@Override
public List<ProviderConfigProperty> getConfigProperties() {

    ProviderConfigProperty name = new ProviderConfigProperty();
    name.setType(STRING_TYPE);
    name.setName(SCRIPT_NAME);
    name.setLabel("Script Name");
    name.setHelpText("The name of the script used to authenticate.");

    ProviderConfigProperty description = new ProviderConfigProperty();
    description.setType(STRING_TYPE);
    description.setName(SCRIPT_DESCRIPTION);
    description.setLabel("Script Description");
    description.setHelpText("The description of the script used to authenticate.");

    ProviderConfigProperty script = new ProviderConfigProperty();
    script.setType(SCRIPT_TYPE);
    script.setName(SCRIPT_CODE);
    script.setLabel("Script Source");

    String scriptTemplate = "//enter your script code here";
    try {
        scriptTemplate = StreamUtil.readString(getClass().getResourceAsStream("/scripts/authenticator-template.js"));
    } catch (IOException ioe) {
        LOGGER.warn(ioe);
    }
    script.setDefaultValue(scriptTemplate);
    script.setHelpText("The script used to authenticate. Scripts must at least define a function with the name 'authenticate(context)' that accepts a context (AuthenticationFlowContext) parameter.\n" +
            "This authenticator exposes the following additional variables: 'script', 'realm', 'user', 'session', 'authenticationSession', 'httpRequest', 'LOG'");

    return asList(name, description, script);
}
 
Example #15
Source File: OpenshiftClientStorageProviderFactory.java    From keycloak with Apache License 2.0 5 votes vote down vote up
public OpenshiftClientStorageProviderFactory() {
    CONFIG_PROPERTIES = ProviderConfigurationBuilder.create()
            .property().name(CONFIG_PROPERTY_ACCESS_TOKEN)
            .type(ProviderConfigProperty.STRING_TYPE)
            .label("Access Token")
            .helpText("Bearer token that will be used to invoke on Openshift api server.  Must have privilege to lookup oauth clients, service accounts, and invoke on token review interface")
            .add()
            .property().name(CONFIG_PROPERTY_OPENSHIFT_URI)
            .type(ProviderConfigProperty.STRING_TYPE)
            .label("Openshift URL")
            .helpText("Openshift api server URL base endpoint.")
            .add()
            .property().name(CONFIG_PROPERTY_DEFAULT_NAMESPACE)
            .type(ProviderConfigProperty.STRING_TYPE)
            .label("Default Namespace")
            .helpText("The default namespace to use when the server is not able to resolve the namespace from the client identifier. Useful when clients in Openshift don't have names with the following pattern: " + SERVICE_ACCOUNT_PATTERN.pattern())
            .add()
            .property().name(CONFIG_PROPERTY_REQUIRE_USER_CONSENT)
            .type(ProviderConfigProperty.BOOLEAN_TYPE)
            .defaultValue("true")
            .label("Require User Consent")
            .helpText("If set to true, clients from this storage will ask the end-user for any scope requested during the authorization flow")
            .add()
            .property().name(CONFIG_PROPERTY_DISPLAY_SCOPE_CONSENT_TEXT)
            .type(ProviderConfigProperty.BOOLEAN_TYPE)
            .defaultValue("true")
            .label("Display Scopes Consent Text")
            .helpText("If set to true, the consent page will display texts from the message bundle for scopes. Otherwise, the scope name will be displayed.")
            .add()
            .build();
}
 
Example #16
Source File: SyncDummyUserFederationProviderFactory.java    From keycloak with Apache License 2.0 5 votes vote down vote up
public List<ProviderConfigProperty> getConfigProperties() {
    return ProviderConfigurationBuilder.create()
            .property().name("important.config")
            .type(ProviderConfigProperty.STRING_TYPE)
            .add()
            .property().name(WAIT_TIME)
            .type(ProviderConfigProperty.STRING_TYPE)
            .add()
            .build();
}
 
Example #17
Source File: PairwiseSubMapperHelper.java    From keycloak with Apache License 2.0 5 votes vote down vote up
public static ProviderConfigProperty createSaltConfig() {
    ProviderConfigProperty property = new ProviderConfigProperty();
    property.setName(PAIRWISE_SUB_ALGORITHM_SALT);
    property.setType(ProviderConfigProperty.STRING_TYPE);
    property.setLabel(PAIRWISE_SUB_ALGORITHM_SALT_LABEL);
    property.setHelpText(PAIRWISE_SUB_ALGORITHM_SALT_HELP_TEXT);
    return property;
}
 
Example #18
Source File: SecretQuestionAuthenticatorFactory.java    From keycloak with Apache License 2.0 4 votes vote down vote up
@Override
public List<ProviderConfigProperty> getConfigProperties() {
    return configProperties;
}
 
Example #19
Source File: ConditionalOnScopePresentAuthenticatorFactory.java    From keycloak-extension-playground with Apache License 2.0 4 votes vote down vote up
@Override
public List<ProviderConfigProperty> getConfigProperties() {
    return providerConfigProperties;
}
 
Example #20
Source File: ClientStorageProviderFactory.java    From keycloak with Apache License 2.0 4 votes vote down vote up
/**
 * configuration properties that are common across all UserStorageProvider implementations
 *
 * @return
 */
@Override
default
List<ProviderConfigProperty> getCommonProviderConfigProperties() {
    return ClientStorageProviderSpi.commonConfig();
}
 
Example #21
Source File: CrossRealmClientAuthMapper.java    From keycloak-extension-playground with Apache License 2.0 4 votes vote down vote up
@Override
public List<ProviderConfigProperty> getConfigProperties() {
    return CONFIG_PROPERTIES;
}
 
Example #22
Source File: RepresentationToModel.java    From keycloak with Apache License 2.0 4 votes vote down vote up
public static void updateComponent(KeycloakSession session, ComponentRepresentation rep, ComponentModel component, boolean internal) {
    if (rep.getName() != null) {
        component.setName(rep.getName());
    }

    if (rep.getParentId() != null) {
        component.setParentId(rep.getParentId());
    }

    if (rep.getProviderType() != null) {
        component.setProviderType(rep.getProviderType());
    }

    if (rep.getProviderId() != null) {
        component.setProviderId(rep.getProviderId());
    }

    if (rep.getSubType() != null) {
        component.setSubType(rep.getSubType());
    }

    Map<String, ProviderConfigProperty> providerConfiguration = null;
    if (!internal) {
        providerConfiguration = ComponentUtil.getComponentConfigProperties(session, component);
    }

    if (rep.getConfig() != null) {
        Set<String> keys = new HashSet<>(rep.getConfig().keySet());
        for (String k : keys) {
            if (!internal && !providerConfiguration.containsKey(k)) {
                break;
            }

            List<String> values = rep.getConfig().get(k);
            if (values == null || values.isEmpty() || values.get(0) == null || values.get(0).trim().isEmpty()) {
                component.getConfig().remove(k);
            } else {
                ListIterator<String> itr = values.listIterator();
                while (itr.hasNext()) {
                    String v = itr.next();
                    if (v == null || v.trim().isEmpty() || v.equals(ComponentRepresentation.SECRET_VALUE)) {
                        itr.remove();
                    }
                }

                if (!values.isEmpty()) {
                    component.getConfig().put(k, values);
                }
            }
        }
    }
}
 
Example #23
Source File: RegistrationRecaptcha.java    From keycloak with Apache License 2.0 4 votes vote down vote up
@Override
public List<ProviderConfigProperty> getConfigProperties() {
    return CONFIG_PROPERTIES;
}
 
Example #24
Source File: DockerAuthV2ProtocolMapper.java    From keycloak with Apache License 2.0 4 votes vote down vote up
@Override
public List<ProviderConfigProperty> getConfigProperties() {
    return Collections.emptyList();
}
 
Example #25
Source File: ImportedRsaKeyProviderFactory.java    From keycloak with Apache License 2.0 4 votes vote down vote up
@Override
public List<ProviderConfigProperty> getConfigProperties() {
    return CONFIG_PROPERTIES;
}
 
Example #26
Source File: RoleNameMapper.java    From keycloak with Apache License 2.0 4 votes vote down vote up
public List<ProviderConfigProperty> getConfigProperties() {
    return configProperties;
}
 
Example #27
Source File: PassThroughClientAuthenticator.java    From keycloak with Apache License 2.0 4 votes vote down vote up
@Override
public List<ProviderConfigProperty> getConfigProperties() {
    return new LinkedList<>();
}
 
Example #28
Source File: WebAuthnAuthenticatorFactory.java    From keycloak with Apache License 2.0 4 votes vote down vote up
@Override
public List<ProviderConfigProperty> getConfigProperties() {
    return null;
}
 
Example #29
Source File: PushButtonAuthenticatorFactory.java    From keycloak with Apache License 2.0 4 votes vote down vote up
@Override
public List<ProviderConfigProperty> getConfigProperties() {
    return configProperties;
}
 
Example #30
Source File: GroupMembershipMapper.java    From keycloak with Apache License 2.0 4 votes vote down vote up
public List<ProviderConfigProperty> getConfigProperties() {
    return configProperties;
}