Beispiel #1
0
  public static List<RoleRepresentation> getRealmRoles(HttpServletRequest req) throws Failure {
    KeycloakSecurityContext session =
        (KeycloakSecurityContext) req.getAttribute(KeycloakSecurityContext.class.getName());

    HttpClient client = new HttpClientBuilder().disableTrustManager().build();
    try {
      HttpGet get =
          new HttpGet(
              AdapterUtils.getOriginForRestCalls(req.getRequestURL().toString(), session)
                  + "/auth/admin/realms/demo/roles");
      get.addHeader("Authorization", "Bearer " + session.getTokenString());
      try {
        HttpResponse response = client.execute(get);
        if (response.getStatusLine().getStatusCode() != 200) {
          throw new Failure(response.getStatusLine().getStatusCode());
        }
        HttpEntity entity = response.getEntity();
        InputStream is = entity.getContent();
        try {
          return JsonSerialization.readValue(is, TypedList.class);
        } finally {
          is.close();
        }
      } catch (IOException e) {
        throw new RuntimeException(e);
      }
    } finally {
      client.getConnectionManager().shutdown();
    }
  }
 protected boolean corsRequest() {
   if (!deployment.isCors()) return false;
   KeycloakSecurityContext securityContext = facade.getSecurityContext();
   String origin = facade.getRequest().getHeader(CorsHeaders.ORIGIN);
   String requestOrigin = UriUtils.getOrigin(facade.getRequest().getURI());
   log.debugv("Origin: {0} uri: {1}", origin, facade.getRequest().getURI());
   if (securityContext != null && origin != null && !origin.equals(requestOrigin)) {
     AccessToken token = securityContext.getToken();
     Set<String> allowedOrigins = token.getAllowedOrigins();
     if (log.isDebugEnabled()) {
       for (String a : allowedOrigins) log.debug("   " + a);
     }
     if (allowedOrigins == null
         || (!allowedOrigins.contains("*") && !allowedOrigins.contains(origin))) {
       if (allowedOrigins == null) {
         log.debugv("allowedOrigins was null in token");
       } else {
         log.debugv("allowedOrigins did not contain origin");
       }
       facade.getResponse().setStatus(403);
       facade.getResponse().end();
       return true;
     }
     log.debugv("returning origin: {0}", origin);
     facade.getResponse().setStatus(200);
     facade.getResponse().setHeader(CorsHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, origin);
     facade.getResponse().setHeader(CorsHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
   } else {
     log.debugv(
         "cors validation not needed as we're not a secure session or origin header was null: {0}",
         facade.getRequest().getURI());
   }
   return false;
 }
Beispiel #3
0
  public static String sendRequest(HttpServletRequest req) throws CxfRsClient.Failure {
    KeycloakSecurityContext session =
        (KeycloakSecurityContext) req.getAttribute(KeycloakSecurityContext.class.getName());

    HttpClient client = new HttpClientBuilder().disableTrustManager().build();
    try {
      HttpGet get = new HttpGet("http://localhost:8383/admin-camel-endpoint");
      get.addHeader("Authorization", "Bearer " + session.getTokenString());
      try {
        HttpResponse response = client.execute(get);
        if (response.getStatusLine().getStatusCode() != 200) {
          return "There was a failure processing request.  You either didn't configure Keycloak properly or you don't have enought permission? Status code is "
              + response.getStatusLine().getStatusCode();
        }
        HttpEntity entity = response.getEntity();
        InputStream is = entity.getContent();
        try {
          return getStringFromInputStream(is);
        } finally {
          is.close();
        }
      } catch (IOException e) {
        throw new RuntimeException(e);
      }
    } finally {
      client.getConnectionManager().shutdown();
    }
  }
  @Override
  protected void doGet(HttpServletRequest req, HttpServletResponse resp)
      throws ServletException, IOException {
    Client client = ClientBuilder.newBuilder().build();
    WebTarget target = client.target("http://localhost:8080/video-rest/list");
    GenericType<List<VideoImpl>> listGenericType = new GenericType<List<VideoImpl>>() {};
    KeycloakSecurityContext ksc =
        (KeycloakSecurityContext) req.getAttribute(KeycloakSecurityContext.class.getName());
    List<VideoImpl> list =
        target
            .request()
            .header("Authorization", "Bearer " + ksc.getTokenString())
            .get(listGenericType);

    // merge lists
    List<Video> mergeList = new ArrayList<>();
    mergeList.addAll(list);
    mergeList.addAll(videoService.list());

    req.setAttribute("list", mergeList);
    req.setAttribute("ksc", ksc);
    getServletContext().getRequestDispatcher("/WEB-INF/jsp/list.jsp").forward(req, resp);
  }
 public static IDToken getIDToken(HttpServletRequest req) {
   KeycloakSecurityContext session =
       (KeycloakSecurityContext) req.getAttribute(KeycloakSecurityContext.class.getName());
   return session.getIdToken();
 }