Пример #1
0
  public static void removeAllLDAPUsers(LDAPFederationProvider ldapProvider, RealmModel realm) {
    LDAPIdentityStore ldapStore = ldapProvider.getLdapIdentityStore();
    LDAPQuery ldapQuery = LDAPUtils.createQueryForUserSearch(ldapProvider, realm);
    List<LDAPObject> allUsers = ldapQuery.getResultList();

    for (LDAPObject ldapUser : allUsers) {
      ldapStore.remove(ldapUser);
    }
  }
  protected LDAPObject queryByEmail(RealmModel realm, String email) {
    LDAPQuery ldapQuery = LDAPUtils.createQueryForUserSearch(this, realm);
    LDAPQueryConditionsBuilder conditionsBuilder = new LDAPQueryConditionsBuilder();

    // Mapper should replace "email" in parameter name with correct LDAP mapped attribute
    Condition emailCondition = conditionsBuilder.equal(new QueryParameter(UserModel.EMAIL), email);
    ldapQuery.where(emailCondition);

    return ldapQuery.getFirstResult();
  }
Пример #3
0
 public static void removeAllLDAPGroups(
     KeycloakSession session,
     RealmModel appRealm,
     UserFederationProviderModel ldapModel,
     String mapperName) {
   UserFederationMapperModel mapperModel =
       appRealm.getUserFederationMapperByName(ldapModel.getId(), mapperName);
   LDAPFederationProvider ldapProvider = FederationTestUtils.getLdapProvider(session, ldapModel);
   LDAPQuery roleQuery = getGroupMapper(mapperModel, ldapProvider, appRealm).createGroupQuery();
   List<LDAPObject> ldapRoles = roleQuery.getResultList();
   for (LDAPObject ldapRole : ldapRoles) {
     ldapProvider.getLdapIdentityStore().remove(ldapRole);
   }
 }
Пример #4
0
  public LDAPObject loadLDAPUserByUsername(RealmModel realm, String username) {
    LDAPQuery ldapQuery = LDAPUtils.createQueryForUserSearch(this, realm);
    LDAPQueryConditionsBuilder conditionsBuilder = new LDAPQueryConditionsBuilder();

    String usernameMappedAttribute = this.ldapIdentityStore.getConfig().getUsernameLdapAttribute();
    Condition usernameCondition = conditionsBuilder.equal(usernameMappedAttribute, username);
    ldapQuery.addWhereCondition(usernameCondition);

    LDAPObject ldapUser = ldapQuery.getFirstResult();
    if (ldapUser == null) {
      return null;
    }

    return ldapUser;
  }
  protected List<LDAPObject> searchLDAP(
      RealmModel realm, Map<String, String> attributes, int maxResults) {

    List<LDAPObject> results = new ArrayList<LDAPObject>();
    if (attributes.containsKey(USERNAME)) {
      LDAPObject user = loadLDAPUserByUsername(realm, attributes.get(USERNAME));
      if (user != null) {
        results.add(user);
      }
    }

    if (attributes.containsKey(EMAIL)) {
      LDAPObject user = queryByEmail(realm, attributes.get(EMAIL));
      if (user != null) {
        results.add(user);
      }
    }

    if (attributes.containsKey(FIRST_NAME) || attributes.containsKey(LAST_NAME)) {
      LDAPQuery ldapQuery = LDAPUtils.createQueryForUserSearch(this, realm);
      LDAPQueryConditionsBuilder conditionsBuilder = new LDAPQueryConditionsBuilder();

      // Mapper should replace parameter with correct LDAP mapped attributes
      if (attributes.containsKey(FIRST_NAME)) {
        ldapQuery.where(
            conditionsBuilder.equal(new QueryParameter(FIRST_NAME), attributes.get(FIRST_NAME)));
      }
      if (attributes.containsKey(LAST_NAME)) {
        ldapQuery.where(
            conditionsBuilder.equal(new QueryParameter(LAST_NAME), attributes.get(LAST_NAME)));
      }

      List<LDAPObject> ldapObjects = ldapQuery.getResultList();
      results.addAll(ldapObjects);
    }

    return results;
  }