Java Code Examples for org.keycloak.representations.idm.ClientRepresentation#getProtocolMappers()

The following examples show how to use org.keycloak.representations.idm.ClientRepresentation#getProtocolMappers() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: ClientManager.java    From keycloak with Apache License 2.0 6 votes vote down vote up 
/**
 * Should not be called from an import.  This really expects that the client is created from the admin console.
 *
 * @param session
 * @param realm
 * @param rep
 * @param addDefaultRoles
 * @return
 */
public static ClientModel createClient(KeycloakSession session, RealmModel realm, ClientRepresentation rep, boolean addDefaultRoles) {
    ClientModel client = RepresentationToModel.createClient(session, realm, rep, addDefaultRoles);

    if (rep.getProtocol() != null) {
        LoginProtocolFactory providerFactory = (LoginProtocolFactory) session.getKeycloakSessionFactory().getProviderFactory(LoginProtocol.class, rep.getProtocol());
        providerFactory.setupClientDefaults(rep, client);
    }


    // remove default mappers if there is a template
    if (rep.getProtocolMappers() == null && rep.getClientTemplate() != null) {
        Set<ProtocolMapperModel> mappers = client.getProtocolMappers();
        for (ProtocolMapperModel mapper : mappers) client.removeProtocolMapper(mapper);
    }
    return client;

}
Example 2
Source File: ClientImportService.java    From keycloak-config-cli with Apache License 2.0 5 votes vote down vote up 
private void updateClient(String realm, ClientRepresentation patchedClient) {
    try {
        clientRepository.update(realm, patchedClient);
    } catch (WebApplicationException error) {
        String errorMessage = ResponseUtil.getErrorMessage(error);
        throw new ImportProcessingException("Cannot update client '" + patchedClient.getClientId() + "' for realm '" + realm + "': " + errorMessage, error);
    }

    List<ProtocolMapperRepresentation> protocolMappers = patchedClient.getProtocolMappers();
    if (protocolMappers != null) {
        String clientId = patchedClient.getId();
        updateProtocolMappers(realm, clientId, protocolMappers);
    }
}
Example 3
Source File: ClientImportService.java    From keycloak-config-cli with Apache License 2.0 5 votes vote down vote up 
private void updateProtocolMappers(String realm, String clientId, List<ProtocolMapperRepresentation> protocolMappers) {
    ClientRepresentation existingClient = clientRepository.getClientById(realm, clientId);

    List<ProtocolMapperRepresentation> existingProtocolMappers = existingClient.getProtocolMappers();

    List<ProtocolMapperRepresentation> protocolMappersToAdd = ProtocolMapperUtil.estimateProtocolMappersToAdd(protocolMappers, existingProtocolMappers);
    List<ProtocolMapperRepresentation> protocolMappersToRemove = ProtocolMapperUtil.estimateProtocolMappersToRemove(protocolMappers, existingProtocolMappers);
    List<ProtocolMapperRepresentation> protocolMappersToUpdate = ProtocolMapperUtil.estimateProtocolMappersToUpdate(protocolMappers, existingProtocolMappers);

    clientRepository.addProtocolMappers(realm, clientId, protocolMappersToAdd);
    clientRepository.removeProtocolMappers(realm, clientId, protocolMappersToRemove);
    clientRepository.updateProtocolMappers(realm, clientId, protocolMappersToUpdate);
}
Example 4
Source File: RepresentationToModel.java    From keycloak with Apache License 2.0 5 votes vote down vote up 
public static void updateClientProtocolMappers(ClientRepresentation rep, ClientModel resource) {

        if (rep.getProtocolMappers() != null) {
            Map<String,ProtocolMapperModel> existingProtocolMappers = new HashMap<>();
            for (ProtocolMapperModel existingProtocolMapper : resource.getProtocolMappers()) {
                existingProtocolMappers.put(generateProtocolNameKey(existingProtocolMapper.getProtocol(), existingProtocolMapper.getName()), existingProtocolMapper);
            }

            for (ProtocolMapperRepresentation protocolMapperRepresentation : rep.getProtocolMappers()) {
                String protocolNameKey = generateProtocolNameKey(protocolMapperRepresentation.getProtocol(), protocolMapperRepresentation.getName());
                ProtocolMapperModel existingMapper = existingProtocolMappers.get(protocolNameKey);
                    if (existingMapper != null) {
                        ProtocolMapperModel updatedProtocolMapperModel = toModel(protocolMapperRepresentation);
                        updatedProtocolMapperModel.setId(existingMapper.getId());
                        resource.updateProtocolMapper(updatedProtocolMapperModel);

                        existingProtocolMappers.remove(protocolNameKey);

                } else {
                    resource.addProtocolMapper(toModel(protocolMapperRepresentation));
                }
            }

            for (Map.Entry<String, ProtocolMapperModel> entryToDelete : existingProtocolMappers.entrySet()) {
                resource.removeProtocolMapper(entryToDelete.getValue());
            }
        }
    }
Example 5
Source File: ClientsPartialImport.java    From keycloak with Apache License 2.0 5 votes vote down vote up 
@Override
public void create(RealmModel realm, KeycloakSession session, ClientRepresentation clientRep) {
    clientRep.setId(KeycloakModelUtils.generateId());

    List<ProtocolMapperRepresentation> mappers = clientRep.getProtocolMappers();
    if (mappers != null) {
        for (ProtocolMapperRepresentation mapper : mappers) {
            mapper.setId(KeycloakModelUtils.generateId());
        }
    }

    ClientModel client = RepresentationToModel.createClient(session, realm, clientRep, true);
    RepresentationToModel.importAuthorizationSettings(clientRep, client, session);
}
Example 6
Source File: ClientTest.java    From keycloak with Apache License 2.0 4 votes vote down vote up 
@Test
@AuthServerContainerExclude(AuthServer.REMOTE)
public void updateClientWithProtocolMapper() {
    ClientRepresentation rep = new ClientRepresentation();
    rep.setClientId("my-app");

    ProtocolMapperRepresentation fooMapper = new ProtocolMapperRepresentation();
    fooMapper.setName("foo");
    fooMapper.setProtocol("openid-connect");
    fooMapper.setProtocolMapper("oidc-hardcoded-claim-mapper");
    rep.setProtocolMappers(Collections.singletonList(fooMapper));

    Response response = realm.clients().create(rep);
    response.close();
    String id = ApiUtil.getCreatedId(response);
    getCleanup().addClientUuid(id);

    ClientResource clientResource = realm.clients().get(id);
    assertNotNull(clientResource);
    ClientRepresentation client = clientResource.toRepresentation();
    List<ProtocolMapperRepresentation> protocolMappers = client.getProtocolMappers();
    assertEquals(1, protocolMappers.size());
    ProtocolMapperRepresentation mapper = protocolMappers.get(0);
    assertEquals("foo", mapper.getName());

    ClientRepresentation newClient = new ClientRepresentation();
    newClient.setId(client.getId());
    newClient.setClientId(client.getClientId());

    ProtocolMapperRepresentation barMapper = new ProtocolMapperRepresentation();
    barMapper.setName("bar");
    barMapper.setProtocol("openid-connect");
    barMapper.setProtocolMapper("oidc-hardcoded-role-mapper");
    protocolMappers.add(barMapper);
    newClient.setProtocolMappers(protocolMappers);

    realm.clients().get(client.getId()).update(newClient);

    ClientRepresentation storedClient = realm.clients().get(client.getId()).toRepresentation();
    assertClient(client, storedClient);
}
Example 7
Source File: AccessTokenTest.java    From keycloak with Apache License 2.0 4 votes vote down vote up 
@Test
public void testKeycloak2221() throws Exception {
    Client client = javax.ws.rs.client.ClientBuilder.newClient();
    UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT);
    URI grantUri = OIDCLoginProtocolService.tokenUrl(builder).build("test");
    WebTarget grantTarget = client.target(grantUri);

    ClientResource clientResource;

    {

        clientResource = findClientByClientId(adminClient.realm("test"), "test-app");
        clientResource.getProtocolMappers().createMapper(createRoleNameMapper("rename-role", "user", "realm-user"));
        clientResource.getProtocolMappers().createMapper(createRoleNameMapper("rename-role2", "admin", "the-admin"));

    }

    {
        Response response = executeGrantRequest(grantTarget, "no-permissions", "password");
        assertEquals(200, response.getStatus());
        org.keycloak.representations.AccessTokenResponse tokenResponse = response.readEntity(org.keycloak.representations.AccessTokenResponse.class);
        AccessToken accessToken = getAccessToken(tokenResponse);
        assertEquals(accessToken.getRealmAccess().getRoles().size(), 1);
        assertTrue(accessToken.getRealmAccess().getRoles().contains("realm-user"));

        response.close();
    }

    // undo mappers
    {
        ClientResource app = findClientByClientId(adminClient.realm("test"), "test-app");
        ClientRepresentation clientRepresentation = app.toRepresentation();
        for (ProtocolMapperRepresentation protocolRep : clientRepresentation.getProtocolMappers()) {
            if (protocolRep.getName().startsWith("rename-role")) {
                clientResource.getProtocolMappers().delete(protocolRep.getId());
            }
        }
    }

    events.clear();

}