npm - keycloakify - Versions diffs - 9.0.0-rc.1 → 9.1.0 - Mend

keycloakify 9.0.0-rc.1 → 9.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (71) hide show

package/src/bin/keycloakify/generateJavaStackFiles/account-v1-java/forms/account/freemarker/FreeMarkerAccountProviderFactory.java DELETED Viewed

@@ -1,51 +0,0 @@
-/*
- * Copyright 2016 Red Hat, Inc. and/or its affiliates
- * and other contributors as indicated by the @author tags.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.keycloak.forms.account.freemarker;
-import com.google.auto.service.AutoService;
-import org.keycloak.Config;
-import org.keycloak.forms.account.AccountProvider;
-import org.keycloak.forms.account.AccountProviderFactory;
-import org.keycloak.models.KeycloakSession;
-import org.keycloak.models.KeycloakSessionFactory;
-/**
- * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
- */
-@AutoService(AccountProviderFactory.class)
-public class FreeMarkerAccountProviderFactory implements AccountProviderFactory {
-  @Override
-  public AccountProvider create(KeycloakSession session) {
-    return new FreeMarkerAccountProvider(session);
-  }
-  @Override
-  public void init(Config.Scope config) {}
-  @Override
-  public void postInit(KeycloakSessionFactory factory) {}
-  @Override
-  public void close() {}
-  @Override
-  public String getId() {
-    return "freemarker";
-  }
-}

package/src/bin/keycloakify/generateJavaStackFiles/account-v1-java/forms/account/freemarker/Templates.java DELETED Viewed

@@ -1,51 +0,0 @@
-/*
- * Copyright 2016 Red Hat, Inc. and/or its affiliates
- * and other contributors as indicated by the @author tags.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.keycloak.forms.account.freemarker;
-import org.keycloak.forms.account.AccountPages;
-/**
- * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
- */
-public class Templates {
-  public static String getTemplate(AccountPages page) {
-    switch (page) {
-      case ACCOUNT:
-        return "account.ftl";
-      case PASSWORD:
-        return "password.ftl";
-      case TOTP:
-        return "totp.ftl";
-      case FEDERATED_IDENTITY:
-        return "federatedIdentity.ftl";
-      case LOG:
-        return "log.ftl";
-      case SESSIONS:
-        return "sessions.ftl";
-      case APPLICATIONS:
-        return "applications.ftl";
-      case RESOURCES:
-        return "resources.ftl";
-      case RESOURCE_DETAIL:
-        return "resource-detail.ftl";
-      default:
-        throw new IllegalArgumentException();
-    }
-  }
-}

package/src/bin/keycloakify/generateJavaStackFiles/account-v1-java/forms/account/freemarker/model/AccountBean.java DELETED Viewed

@@ -1,91 +0,0 @@
-/*
- * Copyright 2016 Red Hat, Inc. and/or its affiliates
- * and other contributors as indicated by the @author tags.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.keycloak.forms.account.freemarker.model;
-import jakarta.ws.rs.core.MultivaluedMap;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import org.jboss.logging.Logger;
-import org.keycloak.models.Constants;
-import org.keycloak.models.UserModel;
-/**
- * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
- */
-public class AccountBean {
-  private static final Logger logger = Logger.getLogger(AccountBean.class);
-  private final UserModel user;
-  private final MultivaluedMap<String, String> profileFormData;
-  // TODO: More proper multi-value attribute support
-  private final Map<String, String> attributes = new HashMap<>();
-  public AccountBean(UserModel user, MultivaluedMap<String, String> profileFormData) {
-    this.user = user;
-    this.profileFormData = profileFormData;
-    for (Map.Entry<String, List<String>> attr : user.getAttributes().entrySet()) {
-      List<String> attrValue = attr.getValue();
-      if (attrValue.size() > 0) {
-        attributes.put(attr.getKey(), attrValue.get(0));
-      }
-      if (attrValue.size() > 1) {
-        logger.warnf(
-            "There are more values for attribute '%s' of user '%s' . Will display just first value",
-            attr.getKey(), user.getUsername());
-      }
-    }
-    if (profileFormData != null) {
-      for (String key : profileFormData.keySet()) {
-        if (key.startsWith(Constants.USER_ATTRIBUTES_PREFIX)) {
-          String attribute = key.substring(Constants.USER_ATTRIBUTES_PREFIX.length());
-          attributes.put(attribute, profileFormData.getFirst(key));
-        }
-      }
-    }
-  }
-  public String getFirstName() {
-    return profileFormData != null ? profileFormData.getFirst("firstName") : user.getFirstName();
-  }
-  public String getLastName() {
-    return profileFormData != null ? profileFormData.getFirst("lastName") : user.getLastName();
-  }
-  public String getUsername() {
-    if (profileFormData != null && profileFormData.containsKey("username")) {
-      return profileFormData.getFirst("username");
-    } else {
-      return user.getUsername();
-    }
-  }
-  public String getEmail() {
-    return profileFormData != null ? profileFormData.getFirst("email") : user.getEmail();
-  }
-  public Map<String, String> getAttributes() {
-    return attributes;
-  }
-}

package/src/bin/keycloakify/generateJavaStackFiles/account-v1-java/forms/account/freemarker/model/AccountFederatedIdentityBean.java DELETED Viewed

@@ -1,157 +0,0 @@
-/*
- * Copyright 2016 Red Hat, Inc. and/or its affiliates
- * and other contributors as indicated by the @author tags.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.keycloak.forms.account.freemarker.model;
-import java.net.URI;
-import java.util.List;
-import java.util.Objects;
-import java.util.concurrent.atomic.AtomicInteger;
-import java.util.stream.Collectors;
-import java.util.stream.Stream;
-import org.keycloak.models.FederatedIdentityModel;
-import org.keycloak.models.IdentityProviderModel;
-import org.keycloak.models.KeycloakSession;
-import org.keycloak.models.OrderedModel;
-import org.keycloak.models.RealmModel;
-import org.keycloak.models.UserModel;
-import org.keycloak.models.utils.KeycloakModelUtils;
-import org.keycloak.services.resources.account.AccountFormService;
-/**
- * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
- * @author <a href="mailto:velias@redhat.com">Vlastimil Elias</a>
- */
-public class AccountFederatedIdentityBean {
-  private static OrderedModel.OrderedModelComparator<FederatedIdentityEntry>
-      IDP_COMPARATOR_INSTANCE = new OrderedModel.OrderedModelComparator<>();
-  private final List<FederatedIdentityEntry> identities;
-  private final boolean removeLinkPossible;
-  private final KeycloakSession session;
-  public AccountFederatedIdentityBean(
-      KeycloakSession session, RealmModel realm, UserModel user, URI baseUri, String stateChecker) {
-    this.session = session;
-    AtomicInteger availableIdentities = new AtomicInteger(0);
-    this.identities =
-        realm
-            .getIdentityProvidersStream()
-            .filter(IdentityProviderModel::isEnabled)
-            .map(
-                provider -> {
-                  String providerId = provider.getAlias();
-                  FederatedIdentityModel identity =
-                      getIdentity(
-                          session.users().getFederatedIdentitiesStream(realm, user), providerId);
-                  if (identity != null) {
-                    availableIdentities.getAndIncrement();
-                  }
-                  String displayName =
-                      KeycloakModelUtils.getIdentityProviderDisplayName(session, provider);
-                  return new FederatedIdentityEntry(
-                      identity,
-                      displayName,
-                      provider.getAlias(),
-                      provider.getAlias(),
-                      provider.getConfig() != null ? provider.getConfig().get("guiOrder") : null);
-                })
-            .sorted(IDP_COMPARATOR_INSTANCE)
-            .collect(Collectors.toList());
-    // Removing last social provider is not possible if you don't have other possibility to
-    // authenticate
-    this.removeLinkPossible =
-        availableIdentities.get() > 1
-            || user.getFederationLink() != null
-            || AccountFormService.isPasswordSet(session, realm, user);
-  }
-  private FederatedIdentityModel getIdentity(
-      Stream<FederatedIdentityModel> identities, String providerId) {
-    return identities
-        .filter(
-            federatedIdentityModel ->
-                Objects.equals(federatedIdentityModel.getIdentityProvider(), providerId))
-        .findFirst()
-        .orElse(null);
-  }
-  public List<FederatedIdentityEntry> getIdentities() {
-    return identities;
-  }
-  public boolean isRemoveLinkPossible() {
-    return removeLinkPossible;
-  }
-  public static class FederatedIdentityEntry implements OrderedModel {
-    private FederatedIdentityModel federatedIdentityModel;
-    private final String providerId;
-    private final String providerName;
-    private final String guiOrder;
-    private final String displayName;
-    public FederatedIdentityEntry(
-        FederatedIdentityModel federatedIdentityModel,
-        String displayName,
-        String providerId,
-        String providerName,
-        String guiOrder) {
-      this.federatedIdentityModel = federatedIdentityModel;
-      this.displayName = displayName;
-      this.providerId = providerId;
-      this.providerName = providerName;
-      this.guiOrder = guiOrder;
-    }
-    public String getProviderId() {
-      return providerId;
-    }
-    public String getProviderName() {
-      return providerName;
-    }
-    public String getUserId() {
-      return federatedIdentityModel != null ? federatedIdentityModel.getUserId() : null;
-    }
-    public String getUserName() {
-      return federatedIdentityModel != null ? federatedIdentityModel.getUserName() : null;
-    }
-    public boolean isConnected() {
-      return federatedIdentityModel != null;
-    }
-    @Override
-    public String getGuiOrder() {
-      return guiOrder;
-    }
-    public String getDisplayName() {
-      return displayName;
-    }
-  }
-}

package/src/bin/keycloakify/generateJavaStackFiles/account-v1-java/forms/account/freemarker/model/ApplicationsBean.java DELETED Viewed

@@ -1,258 +0,0 @@
-/*
- * Copyright 2016 Red Hat, Inc. and/or its affiliates
- * and other contributors as indicated by the @author tags.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.keycloak.forms.account.freemarker.model;
-import java.util.ArrayList;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Objects;
-import java.util.Set;
-import java.util.function.Predicate;
-import java.util.stream.Collectors;
-import java.util.stream.Stream;
-import org.keycloak.common.util.MultivaluedHashMap;
-import org.keycloak.models.ClientModel;
-import org.keycloak.models.ClientScopeModel;
-import org.keycloak.models.Constants;
-import org.keycloak.models.KeycloakSession;
-import org.keycloak.models.OrderedModel;
-import org.keycloak.models.RealmModel;
-import org.keycloak.models.RoleModel;
-import org.keycloak.models.UserConsentModel;
-import org.keycloak.models.UserModel;
-import org.keycloak.protocol.oidc.TokenManager;
-import org.keycloak.services.managers.UserSessionManager;
-import org.keycloak.services.resources.admin.permissions.AdminPermissions;
-import org.keycloak.services.util.ResolveRelative;
-import org.keycloak.storage.StorageId;
-/**
- * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
- */
-public class ApplicationsBean {
-  private List<ApplicationEntry> applications = new LinkedList<>();
-  public ApplicationsBean(KeycloakSession session, RealmModel realm, UserModel user) {
-    Set<ClientModel> offlineClients =
-        new UserSessionManager(session).findClientsWithOfflineToken(realm, user);
-    this.applications =
-        this.getApplications(session, realm, user)
-            .filter(
-                client ->
-                    !isAdminClient(client)
-                        || AdminPermissions.realms(session, realm, user).isAdmin())
-            .map(client -> toApplicationEntry(session, realm, user, client, offlineClients))
-            .filter(Objects::nonNull)
-            .collect(Collectors.toList());
-  }
-  public static boolean isAdminClient(ClientModel client) {
-    return client.getClientId().equals(Constants.ADMIN_CLI_CLIENT_ID)
-        || client.getClientId().equals(Constants.ADMIN_CONSOLE_CLIENT_ID);
-  }
-  private Stream<ClientModel> getApplications(
-      KeycloakSession session, RealmModel realm, UserModel user) {
-    Predicate<ClientModel> bearerOnly = ClientModel::isBearerOnly;
-    Stream<ClientModel> clients = realm.getClientsStream().filter(bearerOnly.negate());
-    Predicate<ClientModel> isLocal = client -> new StorageId(client.getId()).isLocal();
-    return Stream.concat(
-            clients,
-            session
-                .users()
-                .getConsentsStream(realm, user.getId())
-                .map(UserConsentModel::getClient)
-                .filter(isLocal.negate()))
-        .distinct();
-  }
-  private void processRoles(
-      Set<RoleModel> inputRoles,
-      List<RoleModel> realmRoles,
-      MultivaluedHashMap<String, ClientRoleEntry> clientRoles) {
-    for (RoleModel role : inputRoles) {
-      if (role.getContainer() instanceof RealmModel) {
-        realmRoles.add(role);
-      } else {
-        ClientModel currentClient = (ClientModel) role.getContainer();
-        ClientRoleEntry clientRole =
-            new ClientRoleEntry(
-                currentClient.getClientId(),
-                currentClient.getName(),
-                role.getName(),
-                role.getDescription());
-        clientRoles.add(currentClient.getClientId(), clientRole);
-      }
-    }
-  }
-  public List<ApplicationEntry> getApplications() {
-    return applications;
-  }
-  public static class ApplicationEntry {
-    private KeycloakSession session;
-    private final List<RoleModel> realmRolesAvailable;
-    private final MultivaluedHashMap<String, ClientRoleEntry> resourceRolesAvailable;
-    private final ClientModel client;
-    private final List<String> clientScopesGranted;
-    private final List<String> additionalGrants;
-    public ApplicationEntry(
-        KeycloakSession session,
-        List<RoleModel> realmRolesAvailable,
-        MultivaluedHashMap<String, ClientRoleEntry> resourceRolesAvailable,
-        ClientModel client,
-        List<String> clientScopesGranted,
-        List<String> additionalGrants) {
-      this.session = session;
-      this.realmRolesAvailable = realmRolesAvailable;
-      this.resourceRolesAvailable = resourceRolesAvailable;
-      this.client = client;
-      this.clientScopesGranted = clientScopesGranted;
-      this.additionalGrants = additionalGrants;
-    }
-    public List<RoleModel> getRealmRolesAvailable() {
-      return realmRolesAvailable;
-    }
-    public MultivaluedHashMap<String, ClientRoleEntry> getResourceRolesAvailable() {
-      return resourceRolesAvailable;
-    }
-    public List<String> getClientScopesGranted() {
-      return clientScopesGranted;
-    }
-    public String getEffectiveUrl() {
-      return ResolveRelative.resolveRelativeUri(
-          session, getClient().getRootUrl(), getClient().getBaseUrl());
-    }
-    public ClientModel getClient() {
-      return client;
-    }
-    public List<String> getAdditionalGrants() {
-      return additionalGrants;
-    }
-  }
-  // Same class used in OAuthGrantBean as well. Maybe should be merged into common-freemarker...
-  public static class ClientRoleEntry {
-    private final String clientId;
-    private final String clientName;
-    private final String roleName;
-    private final String roleDescription;
-    public ClientRoleEntry(
-        String clientId, String clientName, String roleName, String roleDescription) {
-      this.clientId = clientId;
-      this.clientName = clientName;
-      this.roleName = roleName;
-      this.roleDescription = roleDescription;
-    }
-    public String getClientId() {
-      return clientId;
-    }
-    public String getClientName() {
-      return clientName;
-    }
-    public String getRoleName() {
-      return roleName;
-    }
-    public String getRoleDescription() {
-      return roleDescription;
-    }
-  }
-  /**
-   * Constructs a {@link ApplicationEntry} from the specified parameters.
-   *
-   * @param session a reference to the {@code Keycloak} session.
-   * @param realm a reference to the realm.
-   * @param user a reference to the user.
-   * @param client a reference to the client that contains the applications.
-   * @param offlineClients a {@link Set} containing the offline clients.
-   * @return the constructed {@link ApplicationEntry} instance or {@code null} if the user can't
-   *     access the applications in the specified client.
-   */
-  private ApplicationEntry toApplicationEntry(
-      final KeycloakSession session,
-      final RealmModel realm,
-      final UserModel user,
-      final ClientModel client,
-      final Set<ClientModel> offlineClients) {
-    // Construct scope parameter with all optional scopes to see all potentially available roles
-    Stream<ClientScopeModel> allClientScopes =
-        Stream.concat(
-            client.getClientScopes(true).values().stream(),
-            client.getClientScopes(false).values().stream());
-    allClientScopes = Stream.concat(allClientScopes, Stream.of(client)).distinct();
-    Set<RoleModel> availableRoles = TokenManager.getAccess(user, client, allClientScopes);
-    // Don't show applications, which user doesn't have access into (any available roles)
-    // unless this is can be changed by approving/revoking consent
-    if (!isAdminClient(client) && availableRoles.isEmpty() && !client.isConsentRequired()) {
-      return null;
-    }
-    List<RoleModel> realmRolesAvailable = new LinkedList<>();
-    MultivaluedHashMap<String, ClientRoleEntry> resourceRolesAvailable = new MultivaluedHashMap<>();
-    processRoles(availableRoles, realmRolesAvailable, resourceRolesAvailable);
-    List<ClientScopeModel> orderedScopes = new LinkedList<>();
-    if (client.isConsentRequired()) {
-      UserConsentModel consent =
-          session.users().getConsentByClient(realm, user.getId(), client.getId());
-      if (consent != null) {
-        orderedScopes.addAll(consent.getGrantedClientScopes());
-      }
-    }
-    List<String> clientScopesGranted =
-        orderedScopes.stream()
-            .sorted(OrderedModel.OrderedModelComparator.getInstance())
-            .map(ClientScopeModel::getConsentScreenText)
-            .collect(Collectors.toList());
-    List<String> additionalGrants = new ArrayList<>();
-    if (offlineClients.contains(client)) {
-      additionalGrants.add("${offlineToken}");
-    }
-    return new ApplicationEntry(
-        session,
-        realmRolesAvailable,
-        resourceRolesAvailable,
-        client,
-        clientScopesGranted,
-        additionalGrants);
-  }
-}