Example #1
0
  /**
   * Base path for the admin REST API for one particular realm.
   *
   * @param headers
   * @param name realm name (not id!)
   * @return
   */
  @Path("{realm}")
  public RealmAdminResource getRealmAdmin(
      @Context final HttpHeaders headers, @PathParam("realm") final String name) {
    RealmManager realmManager = new RealmManager(session);
    RealmModel realm = realmManager.getRealmByName(name);
    if (realm == null) throw new NotFoundException("Realm not found.");

    if (!auth.getRealm().equals(realmManager.getKeycloakAdminstrationRealm())
        && !auth.getRealm().equals(realm)) {
      throw new ForbiddenException();
    }
    RealmAuth realmAuth;

    if (auth.getRealm().equals(realmManager.getKeycloakAdminstrationRealm())) {
      realmAuth = new RealmAuth(auth, realm.getMasterAdminClient());
    } else {
      realmAuth =
          new RealmAuth(
              auth, realm.getClientByClientId(realmManager.getRealmAdminClientId(auth.getRealm())));
    }

    AdminEventBuilder adminEvent = new AdminEventBuilder(realm, auth, session, clientConnection);
    session.getContext().setRealm(realm);

    RealmAdminResource adminResource =
        new RealmAdminResource(realmAuth, realm, tokenManager, adminEvent);
    ResteasyProviderFactory.getInstance().injectProperties(adminResource);
    // resourceContext.initResource(adminResource);
    return adminResource;
  }
Example #2
0
  private void grantPermissionsToRealmCreator(RealmModel realm) {
    if (auth.hasRealmRole(AdminRoles.ADMIN)) {
      return;
    }

    RealmModel adminRealm = new RealmManager(session).getKeycloakAdminstrationRealm();
    ClientModel realmAdminApp = realm.getMasterAdminClient();
    for (String r : AdminRoles.ALL_REALM_ROLES) {
      RoleModel role = realmAdminApp.getRole(r);
      auth.getUser().grantRole(role);
    }
  }
Example #3
0
  /**
   * Get accessible realms
   *
   * <p>Returns a list of accessible realms. The list is filtered based on what realms the caller is
   * allowed to view.
   *
   * @return
   */
  @GET
  @NoCache
  @Produces(MediaType.APPLICATION_JSON)
  public List<RealmRepresentation> getRealms() {
    RealmManager realmManager = new RealmManager(session);
    List<RealmRepresentation> reps = new ArrayList<RealmRepresentation>();
    if (auth.getRealm().equals(realmManager.getKeycloakAdminstrationRealm())) {
      List<RealmModel> realms = session.realms().getRealms();
      for (RealmModel realm : realms) {
        addRealmRep(reps, realm, realm.getMasterAdminClient());
      }
    } else {
      ClientModel adminApp =
          auth.getRealm().getClientByClientId(realmManager.getRealmAdminClientId(auth.getRealm()));
      addRealmRep(reps, auth.getRealm(), adminApp);
    }

    if (reps.isEmpty()) {
      throw new ForbiddenException();
    }

    logger.debug(("getRealms()"));
    return reps;
  }