Java Code Examples for org.keycloak.models.RealmModel#getClients()

The following examples show how to use org.keycloak.models.RealmModel#getClients() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: MigrateTo1_5_0.java    From keycloak with Apache License 2.0 6 votes vote down vote up 
protected void migrateRealm(RealmModel realm) {
    DefaultAuthenticationFlows.migrateFlows(realm); // add reset credentials flo
    realm.setOTPPolicy(OTPPolicy.DEFAULT_POLICY);
    realm.setBrowserFlow(realm.getFlowByAlias(DefaultAuthenticationFlows.BROWSER_FLOW));
    realm.setRegistrationFlow(realm.getFlowByAlias(DefaultAuthenticationFlows.REGISTRATION_FLOW));
    realm.setDirectGrantFlow(realm.getFlowByAlias(DefaultAuthenticationFlows.DIRECT_GRANT_FLOW));

    AuthenticationFlowModel resetFlow = realm.getFlowByAlias(DefaultAuthenticationFlows.RESET_CREDENTIALS_FLOW);
    if (resetFlow == null) {
        DefaultAuthenticationFlows.resetCredentialsFlow(realm);
    } else {
        realm.setResetCredentialsFlow(resetFlow);
    }

    AuthenticationFlowModel clientAuthFlow = realm.getFlowByAlias(DefaultAuthenticationFlows.CLIENT_AUTHENTICATION_FLOW);
    if (clientAuthFlow == null) {
        DefaultAuthenticationFlows.clientAuthFlow(realm);
    } else {
        realm.setClientAuthenticationFlow(clientAuthFlow);
    }

    for (ClientModel client : realm.getClients()) {
        client.setClientAuthenticatorType(KeycloakModelUtils.getDefaultClientAuthenticatorType());
    }
}
Example 2
Source File: MigrateTo6_0_0.java    From keycloak with Apache License 2.0 6 votes vote down vote up 
protected void migrateRealm(KeycloakSession session, RealmModel realm, boolean jsn) {
    MigrationProvider migrationProvider = session.getProvider(MigrationProvider.class);

    // create 'microprofile-jwt' optional client scope in the realm.
    ClientScopeModel mpJWTScope = migrationProvider.addOIDCMicroprofileJWTClientScope(realm);

    LOG.debugf("Added '%s' optional client scope", mpJWTScope.getName());

    // assign 'microprofile-jwt' optional client scope to all the OIDC clients.
    for (ClientModel client : realm.getClients()) {
        if ((client.getProtocol() == null || "openid-connect".equals(client.getProtocol())) && (!client.isBearerOnly())) {
            client.addClientScope(mpJWTScope, false);
        }
    }

    LOG.debugf("Client scope '%s' assigned to all the clients", mpJWTScope.getName());
}
Example 3
Source File: MigrateTo4_6_0.java    From keycloak with Apache License 2.0 6 votes vote down vote up 
protected void migrateRealm(KeycloakSession session, RealmModel realm, boolean json) {
    MigrationProvider migrationProvider = session.getProvider(MigrationProvider.class);

    // Create "roles" and "web-origins" clientScopes
    ClientScopeModel rolesScope = migrationProvider.addOIDCRolesClientScope(realm);
    ClientScopeModel webOriginsScope = migrationProvider.addOIDCWebOriginsClientScope(realm);

    LOG.debugf("Added '%s' and '%s' default client scopes", rolesScope.getName(), webOriginsScope.getName());

    // Assign "roles" and "web-origins" clientScopes to all the OIDC clients
    for (ClientModel client : realm.getClients()) {
        if ((client.getProtocol()==null || "openid-connect".equals(client.getProtocol())) && (!client.isBearerOnly())) {
            client.addClientScope(rolesScope, true);
            client.addClientScope(webOriginsScope, true);
        }
    }

    LOG.debugf("Client scope '%s' assigned to all the clients", rolesScope.getName());
}
Example 4
Source File: KeycloakModelUtils.java    From keycloak with Apache License 2.0 6 votes vote down vote up 
public static ClientScopeModel getClientScopeByName(RealmModel realm, String clientScopeName) {
    for (ClientScopeModel clientScope : realm.getClientScopes()) {
        if (clientScopeName.equals(clientScope.getName())) {
            return clientScope;
        }
    }
    // check if we are referencing a client instead of a scope
    if (realm.getClients() != null) {
        for (ClientModel client : realm.getClients()) {
            if (clientScopeName.equals(client.getClientId())) {
                return client;
            }
        }
    }
    return null;
}
Example 5
Source File: MigrateTo2_3_0.java    From keycloak with Apache License 2.0 5 votes vote down vote up 
protected void migrateRealm(RealmModel realm) {
    for (ClientModel client : realm.getClients()) {
        MigrationUtils.updateProtocolMappers(client);
    }

    for (ClientScopeModel clientScope : realm.getClientScopes()) {
        MigrationUtils.updateProtocolMappers(clientScope);
    }
}
Example 6
Source File: KeycloakModelUtils.java    From keycloak with Apache License 2.0 5 votes vote down vote up 
public static boolean isClientScopeUsed(RealmModel realm, ClientScopeModel clientScope) {
    for (ClientModel client : realm.getClients()) {
        if ((client.getClientScopes(true, false).containsKey(clientScope.getName())) ||
                (client.getClientScopes(false, false).containsKey(clientScope.getName()))) {
            return true;
        }
    }
    return false;
}
Example 7
Source File: TestCacheUtils.java    From keycloak with Apache License 2.0 5 votes vote down vote up 
public static void cacheRealmWithEverything(KeycloakSession session, String realmName) {
    RealmModel realm  = session.realms().getRealmByName(realmName);

    for (ClientModel client : realm.getClients()) {
        realm.getClientById(client.getId());
        realm.getClientByClientId(client.getClientId());

        cacheRoles(session, realm, client);
    }

    cacheRoles(session, realm, realm);

    for (GroupModel group : realm.getTopLevelGroups()) {
        cacheGroupRecursive(realm, group);
    }

    for (ClientScopeModel clientScope : realm.getClientScopes()) {
        realm.getClientScopeById(clientScope.getId());
    }

    for (UserModel user : session.users().getUsers(realm)) {
        session.users().getUserById(user.getId(), realm);
        if (user.getEmail() != null) {
            session.users().getUserByEmail(user.getEmail(), realm);
        }
        session.users().getUserByUsername(user.getUsername(), realm);

        session.users().getConsents(realm, user.getId());

        for (FederatedIdentityModel fedIdentity : session.users().getFederatedIdentities(user, realm)) {
            session.users().getUserByFederatedIdentity(fedIdentity, realm);
        }
    }
}
Example 8
Source File: ResourceAdminManager.java    From keycloak with Apache License 2.0 5 votes vote down vote up 
public GlobalRequestResult logoutAll(RealmModel realm) {
    realm.setNotBefore(Time.currentTime());
    List<ClientModel> resources = realm.getClients();
    logger.debugv("logging out {0} resources ", resources.size());

    GlobalRequestResult finalResult = new GlobalRequestResult();
    for (ClientModel resource : resources) {
        GlobalRequestResult currentResult = logoutClient(realm, resource, realm.getNotBefore());
        finalResult.addAll(currentResult);
    }
    return finalResult;
}
Example 9
Source File: ResourceAdminManager.java    From keycloak with Apache License 2.0 5 votes vote down vote up 
public GlobalRequestResult pushRealmRevocationPolicy(RealmModel realm) {
    GlobalRequestResult finalResult = new GlobalRequestResult();
    for (ClientModel client : realm.getClients()) {
        GlobalRequestResult currentResult = pushRevocationPolicy(realm, client, realm.getNotBefore());
        finalResult.addAll(currentResult);
    }
    return finalResult;
}