Java Code Examples for org.keycloak.models.RealmModel#getUserStorageProviders()
The following examples show how to use
org.keycloak.models.RealmModel#getUserStorageProviders() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: MigrateTo1_8_0.java From keycloak with Apache License 2.0 | 6 votes |
|
protected void migrateRealm(RealmModel realm) {
List<UserStorageProviderModel> federationProviders = realm.getUserStorageProviders();
for (UserStorageProviderModel fedProvider : federationProviders) {
if (fedProvider.getProviderId().equals(LDAPConstants.LDAP_PROVIDER)) {
if (isActiveDirectory(fedProvider)) {
// Create mapper for MSAD account controls
if (getMapperByName(realm, fedProvider, "MSAD account controls") == null) {
ComponentModel mapperModel = KeycloakModelUtils.createComponentModel("MSAD account controls", fedProvider.getId(), LDAPConstants.MSAD_USER_ACCOUNT_CONTROL_MAPPER, "org.keycloak.storage.ldap.mappers.LDAPStorageMapper");
realm.addComponentModel(mapperModel);
}
}
}
}
}
Example 2
| Source File: KeycloakModelUtils.java From keycloak with Apache License 2.0 | 5 votes |
|
public static UserStorageProviderModel findUserStorageProviderByName(String displayName, RealmModel realm) {
if (displayName == null) {
return null;
}
for (UserStorageProviderModel fedProvider : realm.getUserStorageProviders()) {
if (displayName.equals(fedProvider.getName())) {
return fedProvider;
}
}
return null;
}
Example 3
| Source File: KeycloakModelUtils.java From keycloak with Apache License 2.0 | 5 votes |
|
public static UserStorageProviderModel findUserStorageProviderById(String fedProviderId, RealmModel realm) {
for (UserStorageProviderModel fedProvider : realm.getUserStorageProviders()) {
if (fedProviderId.equals(fedProvider.getId())) {
return fedProvider;
}
}
return null;
}
Example 4
| Source File: RealmManager.java From keycloak with Apache License 2.0 | 5 votes |
|
public boolean removeRealm(RealmModel realm) {
ClientModel masterAdminClient = realm.getMasterAdminClient();
boolean removed = model.removeRealm(realm.getId());
if (removed) {
if (masterAdminClient != null) {
new ClientManager(this).removeClient(getKeycloakAdminstrationRealm(), masterAdminClient);
}
UserSessionProvider sessions = session.sessions();
if (sessions != null) {
sessions.onRealmRemoved(realm);
}
UserSessionPersisterProvider sessionsPersister = session.getProvider(UserSessionPersisterProvider.class);
if (sessionsPersister != null) {
sessionsPersister.onRealmRemoved(realm);
}
AuthenticationSessionProvider authSessions = session.authenticationSessions();
if (authSessions != null) {
authSessions.onRealmRemoved(realm);
}
// Refresh periodic sync tasks for configured storageProviders
List<UserStorageProviderModel> storageProviders = realm.getUserStorageProviders();
UserStorageSyncManager storageSync = new UserStorageSyncManager();
for (UserStorageProviderModel provider : storageProviders) {
storageSync.notifyToRefreshPeriodicSync(session, realm, provider, true);
}
}
return removed;
}
Example 5
| Source File: MigrateTo1_3_0.java From keycloak with Apache License 2.0 | 4 votes |
|
private void migrateLDAPProviders(KeycloakSession session, RealmModel realm) {
List<UserStorageProviderModel> federationProviders = realm.getUserStorageProviders();
for (UserStorageProviderModel fedProvider : federationProviders) {
if (fedProvider.getProviderId().equals(LDAPConstants.LDAP_PROVIDER)) {
fedProvider = new UserStorageProviderModel(fedProvider); // copy don't want to muck with cache
MultivaluedHashMap<String, String> config = fedProvider.getConfig();
// Update config properties for LDAP federation provider
if (config.get(LDAPConstants.SEARCH_SCOPE) == null) {
config.putSingle(LDAPConstants.SEARCH_SCOPE, String.valueOf(SearchControls.SUBTREE_SCOPE));
}
List<String> usersDn = config.remove("userDnSuffix");
if (usersDn != null && !usersDn.isEmpty() && config.getFirst(LDAPConstants.USERS_DN) == null) {
config.put(LDAPConstants.USERS_DN, usersDn);
}
String usernameLdapAttribute = config.getFirst(LDAPConstants.USERNAME_LDAP_ATTRIBUTE);
if (usernameLdapAttribute != null && config.getFirst(LDAPConstants.RDN_LDAP_ATTRIBUTE) == null) {
if (usernameLdapAttribute.equalsIgnoreCase(LDAPConstants.SAM_ACCOUNT_NAME)) {
config.putSingle(LDAPConstants.RDN_LDAP_ATTRIBUTE, LDAPConstants.CN);
} else {
config.putSingle(LDAPConstants.RDN_LDAP_ATTRIBUTE, usernameLdapAttribute);
}
}
if (config.getFirst(LDAPConstants.UUID_LDAP_ATTRIBUTE) == null) {
String uuidAttrName = LDAPConstants.getUuidAttributeName(config.getFirst(LDAPConstants.VENDOR));
config.putSingle(LDAPConstants.UUID_LDAP_ATTRIBUTE, uuidAttrName);
}
realm.updateComponent(fedProvider);
// Create default mappers for LDAP
List<ComponentModel> mappers = realm.getComponents(fedProvider.getId());
if (mappers.isEmpty()) {
ProviderFactory ldapFactory = session.getKeycloakSessionFactory().getProviderFactory(UserStorageProvider.class, LDAPConstants.LDAP_PROVIDER);
if (ldapFactory != null) {
((ComponentFactory) ldapFactory).onCreate(session, realm, fedProvider);
}
}
}
}
}
Example 6
| Source File: RealmManager.java From keycloak with Apache License 2.0 | 4 votes |
|
/**
* if "skipUserDependent" is true, then import of any models, which needs users already imported in DB, will be skipped. For example authorization
*/
public RealmModel importRealm(RealmRepresentation rep, boolean skipUserDependent) {
String id = rep.getId();
if (id == null) {
id = KeycloakModelUtils.generateId();
}
RealmModel realm = model.createRealm(id, rep.getRealm());
ReservedCharValidator.validate(rep.getRealm());
realm.setName(rep.getRealm());
// setup defaults
setupRealmDefaults(realm);
boolean postponeMasterClientSetup = postponeMasterClientSetup(rep);
if (!postponeMasterClientSetup) {
setupMasterAdminManagement(realm);
}
if (!hasRealmAdminManagementClient(rep)) setupRealmAdminManagement(realm);
if (!hasAccountManagementClient(rep)) setupAccountManagement(realm);
boolean postponeImpersonationSetup = false;
if (hasRealmAdminManagementClient(rep)) {
postponeImpersonationSetup = true;
} else {
setupImpersonationService(realm);
}
if (!hasBrokerClient(rep)) setupBrokerService(realm);
if (!hasAdminConsoleClient(rep)) setupAdminConsole(realm);
boolean postponeAdminCliSetup = false;
if (!hasAdminCliClient(rep)) {
if (hasRealmAdminManagementClient(rep)) {
postponeAdminCliSetup = true;
} else {
setupAdminCli(realm);
}
}
if (!hasRealmRole(rep, Constants.OFFLINE_ACCESS_ROLE) || !hasClientScope(rep, Constants.OFFLINE_ACCESS_ROLE)) {
setupOfflineTokens(realm, rep);
}
if (rep.getClientScopes() == null) {
createDefaultClientScopes(realm);
}
RepresentationToModel.importRealm(session, rep, realm, skipUserDependent);
List<ClientRepresentation> clients = rep.getClients();
setupClientServiceAccountsAndAuthorizationOnImport(rep, skipUserDependent);
setupAdminConsoleLocaleMapper(realm);
if (postponeMasterClientSetup) {
setupMasterAdminManagement(realm);
}
if (rep.getRoles() != null || hasRealmAdminManagementClient(rep)) {
// Assert all admin roles are available once import took place. This is needed due to import from previous version where JSON file may not contain all admin roles
checkMasterAdminManagementRoles(realm);
checkRealmAdminManagementRoles(realm);
}
// Could happen when migrating from older version and I have exported JSON file, which contains "realm-management" client but not "impersonation" client
// I need to postpone impersonation because it needs "realm-management" client and its roles set
if (postponeImpersonationSetup) {
setupImpersonationService(realm);
String realmAdminClientId = getRealmAdminClientId(realm);
}
if (postponeAdminCliSetup) {
setupAdminCli(realm);
}
setupAuthenticationFlows(realm);
setupRequiredActions(realm);
// Refresh periodic sync tasks for configured storageProviders
List<UserStorageProviderModel> storageProviders = realm.getUserStorageProviders();
UserStorageSyncManager storageSync = new UserStorageSyncManager();
for (UserStorageProviderModel provider : storageProviders) {
storageSync.notifyToRefreshPeriodicSync(session, realm, provider, false);
}
setupAuthorizationServices(realm);
setupClientRegistrations(realm);
if (rep.getKeycloakVersion() != null) {
MigrationModelManager.migrateImport(session, realm, rep, skipUserDependent);
}
fireRealmPostCreate(realm);
return realm;
}
Example 7
| Source File: UserStorageManager.java From keycloak with Apache License 2.0 | 4 votes |
|
public static List<UserStorageProviderModel> getStorageProviders(RealmModel realm) {
return realm.getUserStorageProviders();
}
