本文整理汇总了Java中org.keycloak.adapters.KeycloakDeployment类的典型用法代码示例。如果您正苦于以下问题:Java KeycloakDeployment类的具体用法?Java KeycloakDeployment怎么用?Java KeycloakDeployment使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
KeycloakDeployment类属于org.keycloak.adapters包,在下文中一共展示了KeycloakDeployment类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: adapterDeploymentContext
import org.keycloak.adapters.KeycloakDeployment; //导入依赖的package包/类
@Bean
@ConditionalOnProperty(name="shiny.proxy.authentication", havingValue="keycloak")
protected AdapterDeploymentContext adapterDeploymentContext() throws Exception {
AdapterConfig cfg = new AdapterConfig();
cfg.setRealm(environment.getProperty("shiny.proxy.keycloak.realm"));
cfg.setAuthServerUrl(environment.getProperty("shiny.proxy.keycloak.auth-server-url"));
cfg.setResource(environment.getProperty("shiny.proxy.keycloak.resource"));
Map<String,Object> credentials = new HashMap<>();
credentials.put("secret", environment.getProperty("shiny.proxy.keycloak.credentials-secret"));
cfg.setCredentials(credentials);
KeycloakDeployment dep = KeycloakDeploymentBuilder.build(cfg);
AdapterDeploymentContextFactoryBean factoryBean = new AdapterDeploymentContextFactoryBean(new KeycloakConfigResolver() {
@Override
public KeycloakDeployment resolve(Request facade) {
return dep;
}
});
factoryBean.afterPropertiesSet();
return factoryBean.getObject();
}
示例2: handle
import org.keycloak.adapters.KeycloakDeployment; //导入依赖的package包/类
@Override
public void handle(Context context) {
OIDCFilterSessionStore.SerializableKeycloakAccount account = context.removeSession(KeycloakAccount.class.getName());
if (account != null) {
// Logout of the Keycloak server
KeycloakDeployment deployment = account.getKeycloakSecurityContext().getDeployment();
account.getKeycloakSecurityContext().logout(deployment);
}
// Cleanup the session of Keycloak metadata
context.removeSession(KeycloakSecurityContext.class.getName());
context.removeSession(REDIRECT_URI);
context.removeSession(SAVED_METHOD);
context.removeSession(SAVED_HEADERS);
context.removeSession(SAVED_BODY);
super.handle(context);
}
示例3: createKeycloakSecurityContext
import org.keycloak.adapters.KeycloakDeployment; //导入依赖的package包/类
/**
* Creates a new {@link RefreshableKeycloakSecurityContext} from the given {@link KeycloakDeployment} and {@link AccessTokenResponse}.
*
* @param deployment the <code>KeycloakDeployment</code> for which to create a <code>RefreshableKeycloakSecurityContext</code> (required)
* @param accessTokenResponse the <code>AccessTokenResponse</code> from which to create a RefreshableKeycloakSecurityContext (required)
*
* @return a <code>RefreshableKeycloakSecurityContext</code> created from the given <code>accessTokenResponse</code>
* @throws VerificationException if the given <code>AccessTokenResponse</code> contains an invalid {@link IDToken}
*/
public static RefreshableKeycloakSecurityContext createKeycloakSecurityContext(KeycloakDeployment deployment, AccessTokenResponse accessTokenResponse) throws VerificationException {
String tokenString = accessTokenResponse.getToken();
String idTokenString = accessTokenResponse.getIdToken();
AccessToken accessToken = RSATokenVerifier
.verifyToken(tokenString, deployment.getRealmKey(), deployment.getRealmInfoUrl());
IDToken idToken;
try {
JWSInput input = new JWSInput(idTokenString);
idToken = input.readJsonContent(IDToken.class);
} catch (JWSInputException e) {
throw new VerificationException("Unable to verify ID token", e);
}
// FIXME: does it make sense to pass null for the token store?
return new RefreshableKeycloakSecurityContext(deployment, null, tokenString, accessToken, idTokenString, idToken, accessTokenResponse.getRefreshToken());
}
示例4: resolve
import org.keycloak.adapters.KeycloakDeployment; //导入依赖的package包/类
public KeycloakDeployment resolve(final HttpFacade.Request request) {
Assert.requireNonNull(request, "request");
final String realmName = Optional.ofNullable(request.getHeader(REALM_NAME_HEADER)).
orElse(configuration.getRealmName());
final String applicationName = Optional.ofNullable(request.getHeader(APPLICATION_NAME_HEADER)).
orElse(configuration.getApplicationName());
final String authEndPoint = configuration.getAuthEndpoint();
Optional.ofNullable(realmName).orElseThrow(() -> new SecurityException("Realm name for security check is not configured!"));
Optional.ofNullable(applicationName).orElseThrow(() -> new SecurityException("Application name for security check is not configured!"));
Optional.ofNullable(authEndPoint).orElseThrow(() -> new SecurityException("Auth endpoint for security check is not configured!"));
final AdapterConfig adapterConfig = new AdapterConfig();
adapterConfig.setRealm(realmName);
adapterConfig.setResource(applicationName);
adapterConfig.setAuthServerUrl(authEndPoint);
Optional.ofNullable(request.getHeader(BEARER_ONLY_HEADER)).
ifPresent(v -> adapterConfig.setBearerOnly(true));
return KeycloakDeploymentBuilder.build(adapterConfig);
}
示例5: getTokenStore
import org.keycloak.adapters.KeycloakDeployment; //导入依赖的package包/类
public static AdapterTokenStore getTokenStore(HttpServletRequest request, HttpFacade facade, KeycloakDeployment resolvedDeployment) {
AdapterTokenStore store = (AdapterTokenStore) request.getAttribute(TOKEN_STORE_NOTE);
if (store != null) {
return store;
}
Request r = Request.getBaseRequest(request);
if (resolvedDeployment.getTokenStore() == TokenStore.SESSION) {
store = new JettySessionTokenStore(r, resolvedDeployment, new JettyAdapterSessionStore(r));
} else {
store = new JettyCookieTokenStore(r, facade, resolvedDeployment);
}
request.setAttribute(TOKEN_STORE_NOTE, store);
return store;
}
示例6: run
import org.keycloak.adapters.KeycloakDeployment; //导入依赖的package包/类
@Override
public void run(LotteryConfiguration configuration, Environment environment)
throws ClassNotFoundException, IOException {
// tag::keycloak[]
KeycloakDeployment keycloakDeployment = KeycloakDeploymentBuilder.build(configuration.getKeycloakConfiguration());
JaxrsBearerTokenFilterImpl filter = new DropwizardBearerTokenFilterImpl(keycloakDeployment);
environment.jersey().register(filter);
// end::keycloak[]
environment.jersey().register(new DrawRessource());
// support annotation @RolesAllowed
// tag::roles[]
environment.jersey().register(RolesAllowedDynamicFeature.class);
// end::roles[]
}
示例7: getKeycloakDeployment
import org.keycloak.adapters.KeycloakDeployment; //导入依赖的package包/类
private synchronized KeycloakDeployment getKeycloakDeployment() throws IOException {
if (keycloakDeployment == null || keycloakDeployment.getClient() == null) {
AdapterConfig adapterConfig = JsonSerialization.readValue(getKeycloakJson(), AdapterConfig.class);
keycloakDeployment = KeycloakDeploymentBuilder.build(adapterConfig);
}
return keycloakDeployment;
}
示例8: validateRequest
import org.keycloak.adapters.KeycloakDeployment; //导入依赖的package包/类
public void validateRequest(final ContainerRequestContext requestContext) {
if(requestContext.getSecurityContext().getUserPrincipal() != null) {
// the user is already authenticated, further processing is not necessary
return;
}
Request request = Request.getBaseRequest((ServletRequest) requestContext.getProperty(HttpServletRequest.class.getName()));
JaxrsHttpFacade facade = new JaxrsHttpFacade(requestContext, requestContext.getSecurityContext());
request.setAttribute(AdapterDeploymentContext.class.getName(), deploymentContext);
KeycloakDeployment deployment = deploymentContext.resolveDeployment(facade);
if (deployment == null || !deployment.isConfigured()) {
return;
}
AdapterTokenStore tokenStore = getTokenStore(request, facade, deployment);
tokenStore.checkCurrentToken();
JettyRequestAuthenticator authenticator = createRequestAuthenticator(request, facade, deployment, tokenStore);
AuthOutcome outcome = authenticator.authenticate();
if (outcome == AuthOutcome.AUTHENTICATED) {
return;
}
AuthChallenge challenge = authenticator.getChallenge();
if (challenge != null) {
challenge.challenge(facade);
if (!adapterConfig.isBearerOnly()) {
// create session and set cookie for client
facade.getResponse().setCookie("JSESSIONID", request.getSession().getId(), "/", null, -1, false, false);
}
facade.getResponse().end();
}
}
示例9: resolve
import org.keycloak.adapters.KeycloakDeployment; //导入依赖的package包/类
public KeycloakDeployment resolve(String uri) {
String dbId = databaseId(uri);
KeycloakDeployment deployment = cacheByDb.get(dbId);
if (deployment == null) {
// Find the realm name and its deployment ...
String realmName = realmName(dbId);
if (realmName == null) {
// There is no realm for this database ..
logger.error("Failed to find realm for database '{}'", dbId);
throw new DebeziumAuthorizationException();
}
deployment = cacheByRealm.get(realmName);
if (deployment == null) {
// We have to read in the deployment ...
try (InputStream stream = loadRealmConfiguration(realmName)) {
if (stream == null) {
logger.error("Failed to find configuration for realm '{}' for database '{}'", realmName, dbId);
throw new DebeziumAuthorizationException();
}
realmLoads.incrementAndGet();
deployment = KeycloakDeploymentBuilder.build(stream);
cacheByRealm.put(realmName, deployment);
} catch (IOException e) {
throw new IllegalStateException("Unable to read the configuration for realm '" + realmName + "'");
}
}
cacheByDb.put(dbId, deployment);
}
return deployment;
}
示例10: loadKeycloakDeployment
import org.keycloak.adapters.KeycloakDeployment; //导入依赖的package包/类
private KeycloakDeployment loadKeycloakDeployment() {
if(!UNSET.equals(keycloakConfigFile)) {
return KeycloakDeploymentBuilder.build(loadConfigFile());
}
else {
return KeycloakDeploymentBuilder.build(getAdapterConfig());
}
}
示例11: getAuthServerBaseUrl
import org.keycloak.adapters.KeycloakDeployment; //导入依赖的package包/类
private String getAuthServerBaseUrl(HttpServletRequest req) {
AdapterDeploymentContext deploymentContext = (AdapterDeploymentContext) req.getServletContext().getAttribute(AdapterDeploymentContext.class.getName());
KeycloakDeployment deployment = deploymentContext.resolveDeployment(null);
return deployment.getAuthServerBaseUrl();
}
示例12: getKeycloakDeployment
import org.keycloak.adapters.KeycloakDeployment; //导入依赖的package包/类
public KeycloakDeployment getKeycloakDeployment() {
return keycloakDeployment;
}
示例13: getKeycloakDeployment
import org.keycloak.adapters.KeycloakDeployment; //导入依赖的package包/类
public KeycloakDeployment getKeycloakDeployment() {
return keycloakDeployment;
}
示例14: registerKeycloakDeployment
import org.keycloak.adapters.KeycloakDeployment; //导入依赖的package包/类
public void registerKeycloakDeployment(KeycloakDeployment keycloakDeployment) {
nodesRegistrationManagement.tryRegister(keycloakDeployment);
}
示例15: handle
import org.keycloak.adapters.KeycloakDeployment; //导入依赖的package包/类
@Override
public void handle(Context context) {
HttpServletRequest request = context.getRequest().getHttpServletRequest();
HttpServletResponse response = context.getResponse().getHttpServletResponse();
OIDCServletHttpFacade facade = new OIDCServletHttpFacade(request, response);
KeycloakDeployment deployment = deploymentContext.resolveDeployment(facade);
if (deployment == null || !deployment.isConfigured()) {
context.getResponse().forbidden();
log.warn("Keycloak is not properly configured");
return;
}
PreAuthActionsHandler preActions = new PreAuthActionsHandler(keycloakRealm, deploymentContext, facade);
if (preActions.handleRequest()) {
return;
}
keycloakRealm.registerKeycloakDeployment(deployment);
OIDCFilterSessionStore tokenStore = new OIDCFilterSessionStore(request, facade, 100000, deployment, keycloakRealm.getSessionIdMapper());
tokenStore.checkCurrentToken();
FilterRequestAuthenticator authenticator = new FilterRequestAuthenticator(deployment, tokenStore, facade, request, 8443);
final AuthOutcome outcome = authenticator.authenticate();
if (outcome == AuthOutcome.AUTHENTICATED) {
log.trace("Keycloak authenticated request");
KeycloakSecurityContext securityContext = (KeycloakSecurityContext) context.getRequest()
.getHttpServletRequest().getAttribute(KeycloakSecurityContext.class.getName());
// configure Context and conditionally the Session with Fathom Security Account
if (keycloakRealm.getKeycloakConfig().isAlwaysRefreshToken()
|| context.getSession(AuthConstants.ACCOUNT_ATTRIBUTE) == null) {
Account account = securityManager.authenticate(new KeycloakToken(securityContext.getToken()));
context.setLocal(AuthConstants.ACCOUNT_ATTRIBUTE, account);
if (context.hasSession()) {
context.setSession(AuthConstants.ACCOUNT_ATTRIBUTE, account);
}
log.trace("{} logged in via Keycloak", account.getUsername());
}
if (facade.isEnded()) {
// Set Context status to match the underlying servlet response status.
// This is necessary for the Pippo request dispatcher.
context.status(response.getStatus());
return;
}
AuthenticatedActionsHandler actions = new AuthenticatedActionsHandler(deployment, facade);
if (actions.handledRequest()) {
return;
}
// HttpServletRequestWrapper requestWrapper = tokenStore.buildWrapper();
// ClassUtil.setField(context.getRequest(), "httpServletRequest", requestWrapper);
context.next();
return;
}
AuthChallenge challenge = authenticator.getChallenge();
if (challenge != null) {
log.trace("Redirecting to Keycloak");
challenge.challenge(facade);
// Set Context status to match the underlying servlet response status.
// This is necessary for the Pippo request dispatcher.
context.status(response.getStatus());
return;
}
// Request is forbidden
context.getResponse().forbidden();
}