@Override
  public void init(KeycloakDeployment deployment, Object config) {
    if (config == null || !(config instanceof Map)) {
      throw new RuntimeException(
          "Configuration of jwt credentials is missing or incorrect for client '"
              + deployment.getResourceName()
              + "'. Check your adapter configuration");
    }

    Map<String, Object> cfg = (Map<String, Object>) config;

    String clientKeystoreFile = (String) cfg.get("client-keystore-file");
    if (clientKeystoreFile == null) {
      throw new RuntimeException(
          "Missing parameter client-keystore-file in configuration of jwt for client "
              + deployment.getResourceName());
    }

    String clientKeystoreType = (String) cfg.get("client-keystore-type");
    KeystoreUtil.KeystoreFormat clientKeystoreFormat =
        clientKeystoreType == null
            ? KeystoreUtil.KeystoreFormat.JKS
            : Enum.valueOf(KeystoreUtil.KeystoreFormat.class, clientKeystoreType.toUpperCase());

    String clientKeystorePassword = (String) cfg.get("client-keystore-password");
    if (clientKeystorePassword == null) {
      throw new RuntimeException(
          "Missing parameter client-keystore-password in configuration of jwt for client "
              + deployment.getResourceName());
    }

    String clientKeyPassword = (String) cfg.get("client-key-password");
    if (clientKeyPassword == null) {
      clientKeyPassword = clientKeystorePassword;
    }

    String clientKeyAlias = (String) cfg.get("client-key-alias");
    if (clientKeyAlias == null) {
      clientKeyAlias = deployment.getResourceName();
    }
    this.privateKey =
        KeystoreUtil.loadPrivateKeyFromKeystore(
            clientKeystoreFile,
            clientKeystorePassword,
            clientKeyPassword,
            clientKeyAlias,
            clientKeystoreFormat);

    this.tokenTimeout = asInt(cfg, "token-timeout", 10);
  }
  @Override
  public void setClientCredentials(
      KeycloakDeployment deployment,
      Map<String, String> requestHeaders,
      Map<String, String> formParams) {
    String signedToken =
        createSignedRequestToken(deployment.getResourceName(), deployment.getRealmInfoUrl());

    formParams.put(
        OAuth2Constants.CLIENT_ASSERTION_TYPE, OAuth2Constants.CLIENT_ASSERTION_TYPE_JWT);
    formParams.put(OAuth2Constants.CLIENT_ASSERTION, signedToken);
  }
  @Override
  public void setClientCredentials(
      KeycloakDeployment deployment,
      Map<String, String> requestHeaders,
      Map<String, String> formParams) {
    String clientId = deployment.getResourceName();

    if (!deployment.isPublicClient()) {
      if (clientSecret != null) {
        String authorization = BasicAuthHelper.createHeader(clientId, clientSecret);
        requestHeaders.put("Authorization", authorization);
      } else {
        logger.warnf("Client '%s' doesn't have secret available", clientId);
      }
    } else {
      formParams.put(OAuth2Constants.CLIENT_ID, clientId);
    }
  }
示例#4
0
 @Override
 public String getResourceName() {
   return delegate.getResourceName();
 }