org.jboss.resteasy.annotations.cache.NoCache Java Examples

@Path("/scopes")
@GET
@Produces("application/json")
@NoCache
public Response getScopes() {
    if (auth != null) {
        this.auth.realm().requireViewAuthorization();
    }

    if (policy == null) {
        return Response.status(Status.NOT_FOUND).build();
    }

    return Response.ok(policy.getScopes().stream().map(scope -> {
        ScopeRepresentation representation = new ScopeRepresentation();

        representation.setId(scope.getId());
        representation.setName(scope.getName());

        return representation;
    }).collect(Collectors.toList())).build();
}
 

/**
 * Generate a new certificate with new key pair
 *
 * @return
 */
@POST
@NoCache
@Path("generate")
@Produces(MediaType.APPLICATION_JSON)
public CertificateRepresentation generate() {
    auth.clients().requireConfigure(client);

    CertificateRepresentation info = KeycloakModelUtils.generateKeyPairCertificate(client.getClientId());

    CertificateInfoHelper.updateClientModelCertificateInfo(client, info, attributePrefix);

    adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).representation(info).success();

    return info;
}
 

@Path("/search")
@GET
@Produces(MediaType.APPLICATION_JSON)
@NoCache
public Response findByName(@QueryParam("name") String name, @QueryParam("fields") String fields) {
    if (auth != null) {
        this.auth.realm().requireViewAuthorization();
    }

    StoreFactory storeFactory = authorization.getStoreFactory();

    if (name == null) {
        return Response.status(Status.BAD_REQUEST).build();
    }

    Policy model = storeFactory.getPolicyStore().findByName(name, this.resourceServer.getId());

    if (model == null) {
        return Response.noContent().build();
    }

    return Response.ok(toRepresentation(model, fields, authorization)).build();
}
 

@GET
@NoCache
public Response build() {
    MultivaluedMap<String, String> params = session.getContext().getUri().getQueryParameters();
    String service = params.getFirst(CASLoginProtocol.SERVICE_PARAM);
    String ticket = params.getFirst(CASLoginProtocol.TICKET_PARAM);
    boolean renew = params.containsKey(CASLoginProtocol.RENEW_PARAM);

    event.event(EventType.CODE_TO_TOKEN);

    try {
        checkSsl();
        checkRealm();
        checkClient(service);

        checkTicket(ticket, renew);

        event.success();
        return successResponse();
    } catch (CASValidationException e) {
        return errorResponse(e);
    }
}
 

/**
 * Base path for retrieve providers with the configProperties properly filled
 *
 * @return
 */
@Path("providers")
@GET
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public List<ComponentTypeRepresentation> getProviders() {
    List<ProviderFactory> providerFactories = session.getKeycloakSessionFactory().getProviderFactories(ClientRegistrationPolicy.class);

    return providerFactories.stream().map((ProviderFactory factory) -> {

        ClientRegistrationPolicyFactory clientRegFactory = (ClientRegistrationPolicyFactory) factory;
        List<ProviderConfigProperty> configProps = clientRegFactory.getConfigProperties(session);

        ComponentTypeRepresentation rep = new ComponentTypeRepresentation();
        rep.setId(clientRegFactory.getId());
        rep.setHelpText(clientRegFactory.getHelpText());
        rep.setProperties(ModelToRepresentation.toRepresentation(configProps));
        return rep;

    }).collect(Collectors.toList());
}
 

/**
 * Get user sessions for client
 *
 * Returns a list of user sessions associated with this client
 *
 * @param firstResult Paging offset
 * @param maxResults Maximum results size (defaults to 100)
 * @return
 */
@Path("user-sessions")
@GET
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public List<UserSessionRepresentation> getUserSessions(@QueryParam("first") Integer firstResult, @QueryParam("max") Integer maxResults) {
    auth.clients().requireView(client);

    firstResult = firstResult != null ? firstResult : -1;
    maxResults = maxResults != null ? maxResults : Constants.DEFAULT_MAX_RESULTS;
    List<UserSessionRepresentation> sessions = new ArrayList<UserSessionRepresentation>();
    for (UserSessionModel userSession : session.sessions().getUserSessions(client.getRealm(), client, firstResult, maxResults)) {
        UserSessionRepresentation rep = ModelToRepresentation.toRepresentation(userSession);
        sessions.add(rep);
    }
    return sessions;
}
 

/**
 * Need this for admin console to display simple name of provider when displaying client detail
 *
 * KEYCLOAK-4328
 *
 * @param id
 * @return
 */
@GET
@Path("{id}/name")
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public Map<String, String> getSimpleName(@PathParam("id") String id) {
    auth.clients().requireList();

    ComponentModel model = realm.getComponent(id);
    if (model == null) {
        throw new NotFoundException("Could not find component");
    }
    if (!model.getProviderType().equals(ClientStorageProvider.class.getName())) {
        throw new NotFoundException("found, but not a ClientStorageProvider");
    }

    Map<String, String> data = new HashMap<>();
    data.put("id", model.getId());
    data.put("name", model.getName());
    return data;
}
 

/**
 * Get realm-level roles associated with the client's scope
 *
 * @return
 */
@Path("realm")
@GET
@Produces(MediaType.APPLICATION_JSON)
@NoCache
public List<RoleRepresentation> getRealmScopeMappings() {
    viewPermission.require();

    if (scopeContainer == null) {
        throw new NotFoundException("Could not find client");
    }

    Set<RoleModel> realmMappings = scopeContainer.getRealmScopeMappings();
    List<RoleRepresentation> realmMappingsRep = new ArrayList<RoleRepresentation>();
    for (RoleModel roleModel : realmMappings) {
        realmMappingsRep.add(ModelToRepresentation.toBriefRepresentation(roleModel));
    }
    return realmMappingsRep;
}
 

/**
 * Get effective client-level role mappings
 *
 * This recurses any composite roles
 *
 * @return
 */
@Path("composite")
@GET
@Produces(MediaType.APPLICATION_JSON)
@NoCache
public List<RoleRepresentation> getCompositeClientRoleMappings() {
    viewPermission.require();


    Set<RoleModel> roles = client.getRoles();
    List<RoleRepresentation> mapRep = new ArrayList<RoleRepresentation>();
    for (RoleModel roleModel : roles) {
        if (user.hasRole(roleModel)) mapRep.add(ModelToRepresentation.toBriefRepresentation(roleModel));
    }
    return mapRep;
}
 

/**
 * Unlink imported users from a storage provider
 *
 *
 * @param id
 * @return
 */
@POST
@Path("{id}/unlink-users")
@NoCache
public void unlinkUsers(@PathParam("id") String id) {
    auth.users().requireManage();

    ComponentModel model = realm.getComponent(id);
    if (model == null) {
        throw new NotFoundException("Could not find component");
    }
    if (!model.getProviderType().equals(UserStorageProvider.class.getName())) {
        throw new NotFoundException("found, but not a UserStorageProvider");
    }

    session.users().unlinkUsers(realm, id);
}
 

/**
 * Return object stating whether client Authorization permissions have been initialized or not and a reference
 *
 *
 * @return initialized manage permissions reference
 */
@Path("management/permissions")
@PUT
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
@NoCache
public ManagementPermissionReference setManagementPermissionsEnabled(ManagementPermissionReference ref) {
    auth.groups().requireManage(group);
    AdminPermissionManagement permissions = AdminPermissions.management(session, realm);
    permissions.groups().setPermissionsEnabled(group, ref.isEnabled());
    if (ref.isEnabled()) {
        return toMgmtRef(group, permissions);
    } else {
        return new ManagementPermissionReference();
    }
}
 

/**
 * Revoke consent and offline tokens for particular client from user
 *
 * @param clientId Client id
 */
@Path("consents/{client}")
@DELETE
@NoCache
public void revokeConsent(final @PathParam("client") String clientId) {
    auth.users().requireManage(user);

    ClientModel client = realm.getClientByClientId(clientId);
    if (client == null) {
        throw new NotFoundException("Client not found");
    }
    boolean revokedConsent = session.users().revokeConsentForClient(realm, user.getId(), client.getId());
    boolean revokedOfflineToken = new UserSessionManager(session).revokeOfflineToken(user, client);

    if (revokedConsent) {
        // Logout clientSessions for this user and client
        AuthenticationManager.backchannelLogoutUserFromClient(session, realm, user, client, session.getContext().getUri(), headers);
    }

    if (!revokedConsent && !revokedOfflineToken) {
        throw new NotFoundException("Consent nor offline token not found");
    }
    adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).success();
}
 

/**
 * Update the mapper
 *
 * @param id Mapper id
 * @param rep
 */
@PUT
@NoCache
@Path("models/{id}")
@Consumes(MediaType.APPLICATION_JSON)
public void update(@PathParam("id") String id, ProtocolMapperRepresentation rep) {
    managePermission.require();

    ProtocolMapperModel model = client.getProtocolMapperById(id);
    if (model == null) throw new NotFoundException("Model not found");
    model = RepresentationToModel.toModel(rep);

    validateModel(model);

    client.updateProtocolMapper(model);
    adminEvent.operation(OperationType.UPDATE).resourcePath(session.getContext().getUri()).representation(rep).success();
}
 

/**
 * Get mappers
 *
 * @return
 */
@GET
@NoCache
@Path("models")
@Produces(MediaType.APPLICATION_JSON)
public List<ProtocolMapperRepresentation> getMappers() {
    viewPermission.require();

    List<ProtocolMapperRepresentation> mappers = new LinkedList<ProtocolMapperRepresentation>();
    for (ProtocolMapperModel mapper : client.getProtocolMappers()) {
        if (isEnabled(session, mapper)) {
            mappers.add(ModelToRepresentation.toRepresentation(mapper));
        }
    }
    return mappers;
}
 

@Path("/search")
@GET
@NoCache
@Produces("application/json")
public Response find(@QueryParam("name") String name) {
    this.auth.realm().requireViewAuthorization();
    StoreFactory storeFactory = authorization.getStoreFactory();

    if (name == null) {
        return Response.status(Status.BAD_REQUEST).build();
    }

    Resource model = storeFactory.getResourceStore().findByName(name, this.resourceServer.getId());

    if (model == null) {
        return Response.status(Status.NO_CONTENT).build();
    }

    return Response.ok(toRepresentation(model, this.resourceServer, authorization)).build();
}
 

/**
 * Get Single Execution
 */
@Path("/executions/{executionId}")
@GET
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public Response getExecution(final @PathParam("executionId") String executionId) {
	//http://localhost:8080/auth/admin/realms/master/authentication/executions/cf26211b-9e68-4788-b754-1afd02e59d7f
    auth.realm().requireManageRealm();

    final Optional<AuthenticationExecutionModel> model = Optional.ofNullable(realm.getAuthenticationExecutionById(executionId));
    if (!model.isPresent()) {
        logger.debugv("Could not find execution by Id: {}", executionId);
        throw new NotFoundException("Illegal execution");
    }

    return Response.ok(model.get()).build();
}
 

@GET
@NoCache
@Path("groups/count")
@Produces(MediaType.APPLICATION_JSON)
public Map<String, Long> getGroupMembershipCount(@QueryParam("search") String search) {
    auth.users().requireView(user);
    Long results;

    if (Objects.nonNull(search)) {
        results = user.getGroupsCountByNameContaining(search);
    } else {
        results = user.getGroupsCount();
    }
    Map<String, Long> map = new HashMap<>();
    map.put("count", results);
    return map;
}
 

@Path("events")
@GET
@NoCache
@Produces(MediaType.APPLICATION_JSON)
List<EventRepresentation> getEvents(@QueryParam("type") List<String> types, @QueryParam("client") String client,
        @QueryParam("user") String user, @QueryParam("dateFrom") String dateFrom, @QueryParam("dateTo") String dateTo,
        @QueryParam("ipAddress") String ipAddress, @QueryParam("first") Integer firstResult,
        @QueryParam("max") Integer maxResults);
 

@GET
@Produces("application/json")
@NoCache
public List<String> getProducts() {
    ArrayList<String> rtn = new ArrayList<String>();
    rtn.add("iphone");
    rtn.add("ipad");
    rtn.add("ipod");
    return rtn;
}
 

/**
 * Get identity providers
 *
 * @return
 */
@GET
@Path("instances")
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public List<IdentityProviderRepresentation> getIdentityProviders() {
    this.auth.realm().requireViewIdentityProviders();

    List<IdentityProviderRepresentation> representations = new ArrayList<IdentityProviderRepresentation>();

    for (IdentityProviderModel identityProviderModel : realm.getIdentityProviders()) {
        representations.add(StripSecretsUtils.strip(ModelToRepresentation.toRepresentation(realm, identityProviderModel)));
    }
    return representations;
}
 

/**
 * CORS preflight
 *
 * @return
 */
@Path("/")
@OPTIONS
@NoCache
public Response preflight() {
    return Cors.add(request, Response.ok()).auth().preflight().build();
}
 

/**
 * Remove a credential of current user
 *
 * @param credentialId ID of the credential, which will be removed
 */
@Path("{credentialId}")
@DELETE
@NoCache
public void removeCredential(final @PathParam("credentialId") String credentialId) {
    auth.require(AccountRoles.MANAGE_ACCOUNT);
    CredentialModel credential = session.userCredentialManager().getStoredCredentialById(realm, user, credentialId);
    if (credential == null) {
        throw new NotFoundException("Credential not found");
    }
    session.userCredentialManager().removeStoredCredential(realm, user, credentialId);
}
 

/**
 * Trigger sync of mapper data related to ldap mapper (roles, groups, ...)
 *
 * direction is "fedToKeycloak" or "keycloakToFed"
 *
 * @return
 */
@POST
@Path("{parentId}/mappers/{id}/sync")
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public SynchronizationResult syncMapperData(@PathParam("parentId") String parentId, @PathParam("id") String mapperId, @QueryParam("direction") String direction) {
    auth.users().requireManage();

    ComponentModel parentModel = realm.getComponent(parentId);
    if (parentModel == null) throw new NotFoundException("Parent model not found");
    ComponentModel mapperModel = realm.getComponent(mapperId);
    if (mapperModel == null) throw new NotFoundException("Mapper model not found");

    LDAPStorageProvider ldapProvider = (LDAPStorageProvider) session.getProvider(UserStorageProvider.class, parentModel);
    LDAPStorageMapper mapper = session.getProvider(LDAPStorageMapper.class, mapperModel);

    ServicesLogger.LOGGER.syncingDataForMapper(mapperModel.getName(), mapperModel.getProviderId(), direction);

    SynchronizationResult syncResult;
    if ("fedToKeycloak".equals(direction)) {
        syncResult = mapper.syncDataFromFederationProviderToKeycloak(realm);
    } else if ("keycloakToFed".equals(direction)) {
        syncResult = mapper.syncDataFromKeycloakToFederationProvider(realm);
    } else {
        throw new BadRequestException("Unknown direction: " + direction);
    }

    Map<String, Object> eventRep = new HashMap<>();
    eventRep.put("action", direction);
    eventRep.put("result", syncResult);
    adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).representation(eventRep).success();
    return syncResult;
}
 

/**
 * Create JSON with payload of example access token
 *
 * @return
 */
@GET
@Path("generate-example-access-token")
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public AccessToken generateExampleAccessToken(@QueryParam("scope") String scopeParam, @QueryParam("userId") String userId) {
    auth.clients().requireView(client);

    if (userId == null) {
        throw new NotFoundException("No userId provided");
    }

    UserModel user = session.users().getUserById(userId, realm);
    if (user == null) {
        throw new NotFoundException("No user found");
    }

    logger.debugf("generateExampleAccessToken invoked. User: %s, Scope param: %s", user.getUsername(), scopeParam);

    AccessToken token = generateToken(user, scopeParam);
    return token;
}
 

/**
 * Lower required action's priority
 *
 * @param alias Alias of required action
 */
@Path("/required-actions/{alias}/lower-priority")
@POST
@NoCache
public void lowerRequiredActionPriority(@PathParam("alias") String alias) {
    auth.realm().requireManageRealm();

    RequiredActionProviderModel model = realm.getRequiredActionProviderByAlias(alias);
    if (model == null) {
        throw new NotFoundException("Failed to find required action.");
    }

    List<RequiredActionProviderModel> actions = realm.getRequiredActionProviders();
    int i = 0;
    for (i = 0; i < actions.size(); i++) {
        if (actions.get(i).getId().equals(model.getId())) {
            break;
        }
    }
    if (i + 1 >= actions.size()) return;
    RequiredActionProviderModel next = actions.get(i + 1);
    int tmp = model.getPriority();
    model.setPriority(next.getPriority());
    realm.updateRequiredActionProvider(model);
    next.setPriority(tmp);
    realm.updateRequiredActionProvider(next);

    adminEvent.operation(OperationType.UPDATE).resource(ResourceType.REQUIRED_ACTION).resourcePath(session.getContext().getUri()).success();
}
 

/**
 * Get groups by pagination params.
 * @param search max number of occurrences
 * @param first index of the first element
 * @param max max number of occurrences
 * @param briefRepresentation if false, return groups with their attributes
 * @return A list containing the slice of all groups.
 */
@GET
@NoCache
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
List<GroupRepresentation> groups(@QueryParam("search") String search,
                                 @QueryParam("first") Integer first,
                                 @QueryParam("max") Integer max,
                                 @QueryParam("briefRepresentation") @DefaultValue("true") boolean briefRepresentation);
 

/**
 * Get session information.
 *
 * @return
 */
@GET
@Produces(MediaType.APPLICATION_JSON)
@NoCache
public Response toRepresentation() {
    return Cors.add(request, Response.ok(session.sessions().getUserSessions(realm, user).stream()
            .map(this::toRepresentation).collect(Collectors.toList()))).auth().allowedOrigins(auth.getToken()).build();
}
 

/**
 * Get a keystore file for the client, containing private key and public certificate
 *
 * @param config Keystore configuration as JSON
 * @return
 */
@POST
@NoCache
@Path("/download")
@Produces(MediaType.APPLICATION_OCTET_STREAM)
@Consumes(MediaType.APPLICATION_JSON)
byte[] getKeystore(final KeyStoreConfig config);
 

/**
 * Adapter configuration for the admin console for this realm
 *
 * @return
 */
@Path("config")
@GET
@Produces(MediaType.APPLICATION_JSON)
@NoCache
public ClientManager.InstallationAdapterConfig config() {
    ClientModel consoleApp = realm.getClientByClientId(Constants.ADMIN_CONSOLE_CLIENT_ID);
    if (consoleApp == null) {
        throw new NotFoundException("Could not find admin console client");
    }
    return new ClientManager(new RealmManager(session)).toInstallationRepresentation(realm, consoleApp, session.getContext().getUri().getBaseUri());    }
 

/**
 * Delete execution
 *
 * @param execution Execution id
 */
@Path("/executions/{executionId}")
@DELETE
@NoCache
public void removeExecution(@PathParam("executionId") String execution) {
    auth.realm().requireManageRealm();

    AuthenticationExecutionModel model = realm.getAuthenticationExecutionById(execution);
    if (model == null) {
        session.getTransactionManager().setRollbackOnly();
        throw new NotFoundException("Illegal execution");

    }
    AuthenticationFlowModel parentFlow = getParentFlow(model);
    if (parentFlow.isBuiltIn()) {
        throw new BadRequestException("It is illegal to remove execution from a built in flow");
    }

    if(model.getFlowId() != null) {
    	AuthenticationFlowModel nonTopLevelFlow = realm.getAuthenticationFlowById(model.getFlowId());
    	realm.removeAuthenticationFlow(nonTopLevelFlow);
    }

    realm.removeAuthenticatorExecution(model);

    adminEvent.operation(OperationType.DELETE).resource(ResourceType.AUTH_EXECUTION).resourcePath(session.getContext().getUri()).success();
}