/**
   * Update the top-level information of the realm
   *
   * <p>Any user, roles or client information in the representation will be ignored. This will only
   * update top-level attributes of the realm.
   *
   * @param rep
   * @return
   */
  @PUT
  @Consumes(MediaType.APPLICATION_JSON)
  public Response updateRealm(final RealmRepresentation rep) {
    auth.requireManage();

    logger.debug("updating realm: " + realm.getName());

    if (Config.getAdminRealm().equals(realm.getName())
        && (rep.getRealm() != null && !rep.getRealm().equals(Config.getAdminRealm()))) {
      return ErrorResponse.error("Can't rename master realm", Status.BAD_REQUEST);
    }

    try {
      if (!Constants.GENERATE.equals(rep.getPublicKey())
          && (rep.getPrivateKey() != null && rep.getPublicKey() != null)) {
        try {
          KeyPairVerifier.verify(rep.getPrivateKey(), rep.getPublicKey());
        } catch (VerificationException e) {
          return ErrorResponse.error(e.getMessage(), Status.BAD_REQUEST);
        }
      }

      if (!Constants.GENERATE.equals(rep.getPublicKey()) && (rep.getCertificate() != null)) {
        try {
          X509Certificate cert = PemUtils.decodeCertificate(rep.getCertificate());
          if (cert == null) {
            return ErrorResponse.error("Failed to decode certificate", Status.BAD_REQUEST);
          }
        } catch (Exception e) {
          return ErrorResponse.error("Failed to decode certificate", Status.BAD_REQUEST);
        }
      }

      RepresentationToModel.updateRealm(rep, realm, session);

      // Refresh periodic sync tasks for configured federationProviders
      List<UserStorageProviderModel> federationProviders = realm.getUserStorageProviders();
      UserStorageSyncManager usersSyncManager = new UserStorageSyncManager();
      for (final UserStorageProviderModel fedProvider : federationProviders) {
        usersSyncManager.notifyToRefreshPeriodicSync(session, realm, fedProvider, false);
      }

      adminEvent
          .operation(OperationType.UPDATE)
          .representation(StripSecretsUtils.strip(rep))
          .success();
      return Response.noContent().build();
    } catch (PatternSyntaxException e) {
      return ErrorResponse.error(
          "Specified regex pattern(s) is invalid.", Response.Status.BAD_REQUEST);
    } catch (ModelDuplicateException e) {
      return ErrorResponse.exists("Realm with same name exists");
    } catch (Exception e) {
      logger.error(e.getMessage(), e);
      return ErrorResponse.error("Failed to update realm", Response.Status.INTERNAL_SERVER_ERROR);
    }
  }
示例#2
0
 public void importRealm(RealmRepresentation realm) {
   log.debug("importing realm: " + realm.getRealm());
   try { // TODO - figure out a way how to do this without try-catch
     RealmResource realmResource = adminClient.realms().realm(realm.getRealm());
     RealmRepresentation rRep = realmResource.toRepresentation();
     log.debug("realm already exists on server, re-importing");
     realmResource.remove();
   } catch (NotFoundException nfe) {
     // expected when realm does not exist
   }
   adminClient.realms().create(realm);
 }
示例#3
0
  @POST
  @Consumes("application/json")
  public Response importRealm(@Context final UriInfo uriInfo, final RealmRepresentation rep) {
    logger.debug("importRealm: {0}", rep.getRealm());
    RealmManager realmManager = new RealmManager(session);
    if (realmManager.getRealm(rep.getRealm()) != null) {
      return Flows.errors().exists("Realm " + rep.getRealm() + " already exists");
    }

    RealmModel realm = realmManager.importRealm(rep, admin);
    URI location = realmUrl(uriInfo).build(realm.getId());
    logger.debug("imported realm success, sending back: {0}", location.toString());
    return Response.created(location).build();
  }
示例#4
0
  /**
   * Import a realm
   *
   * <p>Imports a realm from a full representation of that realm. Realm name must be unique.
   *
   * @param uriInfo
   * @param rep JSON representation of the realm
   * @return
   */
  @POST
  @Consumes(MediaType.APPLICATION_JSON)
  public Response importRealm(@Context final UriInfo uriInfo, final RealmRepresentation rep) {
    RealmManager realmManager = new RealmManager(session);
    realmManager.setContextPath(keycloak.getContextPath());
    if (!auth.getRealm().equals(realmManager.getKeycloakAdminstrationRealm())) {
      throw new ForbiddenException();
    }
    if (!auth.hasRealmRole(AdminRoles.CREATE_REALM)) {
      throw new ForbiddenException();
    }

    logger.debugv("importRealm: {0}", rep.getRealm());

    try {
      RealmModel realm = realmManager.importRealm(rep);
      grantPermissionsToRealmCreator(realm);

      URI location = AdminRoot.realmsUrl(uriInfo).path(realm.getName()).build();
      logger.debugv("imported realm success, sending back: {0}", location.toString());

      return Response.created(location).build();
    } catch (ModelDuplicateException e) {
      return ErrorResponse.exists("Realm with same name exists");
    }
  }
示例#5
0
  @Test
  public void install2() throws Exception {
    RealmManager manager = realmManager;
    RealmRepresentation rep = AbstractModelTest.loadJson("testrealm-demo.json");
    RealmModel realm = manager.createRealm("demo", rep.getRealm());
    manager.importRealm(rep, realm);

    Assert.assertFalse(realm.isUpdateProfileOnInitialSocialLogin());
    Assert.assertEquals(600, realm.getAccessCodeLifespanUserAction());
    verifyRequiredCredentials(realm.getRequiredCredentials(), "password");
  }
示例#6
0
  @PUT
  @Consumes("application/json")
  public Response updateRealm(final RealmRepresentation rep) {
    auth.requireManage();

    logger.debug("updating realm: " + realm.getName());
    try {
      new RealmManager(session).updateRealm(rep, realm);
      return Response.noContent().build();
    } catch (ModelDuplicateException e) {
      return Flows.errors().exists("Realm " + rep.getRealm() + " already exists");
    }
  }
示例#7
0
  @Test
  public void install() throws Exception {
    RealmRepresentation rep = AbstractModelTest.loadJson("testrealm.json");
    RealmModel realm = realmManager.createRealm("demo", rep.getRealm());
    realmManager.importRealm(rep, realm);

    // Commit after import
    commit();

    realm = realmManager.getRealm("demo");
    assertDataImportedInRealm(realm);

    commit();

    realm = realmManager.getRealm("demo");
    realmManager.removeRealm(realm);
  }
  /**
   * Update the top-level information of the realm
   *
   * <p>Any user, roles or client information in the representation will be ignored. This will only
   * update top-level attributes of the realm.
   *
   * @param rep
   * @return
   */
  @PUT
  @Consumes(MediaType.APPLICATION_JSON)
  public Response updateRealm(final RealmRepresentation rep) {
    auth.requireManage();

    logger.debug("updating realm: " + realm.getName());
    try {
      RepresentationToModel.updateRealm(rep, realm);
      if (rep.isRealmCacheEnabled() != null && session.realms() instanceof CacheRealmProvider) {
        CacheRealmProvider cacheRealmProvider = (CacheRealmProvider) session.realms();
        cacheRealmProvider.setEnabled(rep.isRealmCacheEnabled());
      }
      if (rep.isUserCacheEnabled() != null && session.userStorage() instanceof CacheUserProvider) {
        CacheUserProvider cache = (CacheUserProvider) session.userStorage();
        cache.setEnabled(rep.isUserCacheEnabled());
      }

      // Refresh periodic sync tasks for configured federationProviders
      List<UserFederationProviderModel> federationProviders = realm.getUserFederationProviders();
      UsersSyncManager usersSyncManager = new UsersSyncManager();
      for (final UserFederationProviderModel fedProvider : federationProviders) {
        usersSyncManager.refreshPeriodicSyncForProvider(
            session.getKeycloakSessionFactory(),
            session.getProvider(TimerProvider.class),
            fedProvider,
            realm.getId());
      }

      adminEvent.operation(OperationType.UPDATE).representation(rep).success();
      return Response.noContent().build();
    } catch (PatternSyntaxException e) {
      return ErrorResponse.error(
          "Specified regex pattern(s) is invalid.", Response.Status.BAD_REQUEST);
    } catch (ModelDuplicateException e) {
      throw e;
    } catch (Exception e) {
      logger.error(e);
      return ErrorResponse.error(
          "Failed to update " + rep.getRealm() + " Realm.", Response.Status.INTERNAL_SERVER_ERROR);
    }
  }
示例#9
0
 public void removeRealm(RealmRepresentation realm) {
   removeRealm(realm.getRealm());
 }
示例#10
0
 public void install(RealmManager manager) {
   RealmRepresentation rep = loadJson("META-INF/testrealm.json");
   RealmModel realm = manager.createRealm("demo", rep.getRealm());
   manager.importRealm(rep, realm);
 }