Java Code Examples for org.keycloak.models.RealmModel#isDuplicateEmailsAllowed()

protected void ensureEmailConstraint(List<UserEntity> users, RealmModel realm) {
    UserEntity user = users.get(0);

    if (users.size() > 1) {
        // Realm settings have been changed from allowing duplicate emails to not allowing them
        // but duplicates haven't been removed.
        throw new ModelDuplicateException("Multiple users with email '" + user.getEmail() + "' exist in Keycloak.");
    }

    if (realm.isDuplicateEmailsAllowed()) {
        return;
    }

    if (user.getEmail() != null && !user.getEmail().equals(user.getEmailConstraint())) {
        // Realm settings have been changed from allowing duplicate emails to not allowing them.
        // We need to update the email constraint to reflect this change in the user entities.
        user.setEmailConstraint(user.getEmail());
        em.persist(user);
    }
}
 

@Override
public String getModelId(RealmModel realm, KeycloakSession session, UserRepresentation user) {
    if (createdIds.containsKey(getName(user))) return createdIds.get(getName(user));

    String userName = user.getUsername();
    if (userName != null) {
        return session.users().getUserByUsername(userName, realm).getId();
    } else if (!realm.isDuplicateEmailsAllowed()) {
        String email = user.getEmail();
        return session.users().getUserByEmail(email, realm).getId();
    }
    
    return null;
}
 

@Override
public String existsMessage(RealmModel realm, UserRepresentation user) {
    if (user.getEmail() == null || !realm.isDuplicateEmailsAllowed()) {
        return "User with user name " + getName(user) + " already exists.";
    }

    return "User with user name " + getName(user) + " or with email " + user.getEmail() + " already exists.";
}
 

@Override
public void remove(RealmModel realm, KeycloakSession session, UserRepresentation user) {
    UserModel userModel = session.users().getUserByUsername(user.getUsername(), realm);
    if (userModel == null && !realm.isDuplicateEmailsAllowed()) {
        userModel = session.users().getUserByEmail(user.getEmail(), realm);
    }
    if (userModel != null) {
        boolean success = new UserManager(session).removeUser(realm, userModel);
        if (!success) throw new RuntimeException("Unable to overwrite user " + getName(user));
    }
}
 

protected void checkDuplicateEmail(String userModelAttrName, String email, RealmModel realm, KeycloakSession session, UserModel user) {
    if (email == null || realm.isDuplicateEmailsAllowed()) return;
    if (UserModel.EMAIL.equalsIgnoreCase(userModelAttrName)) {
        // lowercase before search
        email = KeycloakModelUtils.toLowerCaseSafe(email);

        UserModel that = session.userLocalStorage().getUserByEmail(email, realm);
        if (that != null && !that.getId().equals(user.getId())) {
            session.getTransactionManager().setRollbackOnly();
            String exceptionMessage = String.format("Can't import user '%s' from LDAP because email '%s' already exists in Keycloak. Existing user with this email is '%s'", user.getUsername(), email, that.getUsername());
            throw new ModelDuplicateException(exceptionMessage, UserModel.EMAIL);
        }
    }
}
 

private boolean userEmailExists(RealmModel realm, KeycloakSession session, UserRepresentation user) {
    return (user.getEmail() != null) && !realm.isDuplicateEmailsAllowed() &&
           (session.users().getUserByEmail(user.getEmail(), realm) != null);
}