keycloak
静的公開メンバ関数 | 全メンバ一覧
org.keycloak.migration.migrators.MigrationUtils クラス
org.keycloak.migration.migrators.MigrationUtils 連携図
Collaboration graph

静的公開メンバ関数

static void addAdminRole (RealmModel realm, String roleName)
 
static void updateOTPRequiredAction (RequiredActionProviderModel otpAction)
 
static void updateProtocolMappers (ProtocolMapperContainerModel client)
 
static void migrateOldOfflineToken (KeycloakSession session, RealmModel realm, ClientModel client, UserModel user) throws OAuthErrorException
 

詳解

著者
Stian Thorgersen

関数詳解

◆ addAdminRole()

static void org.keycloak.migration.migrators.MigrationUtils.addAdminRole ( RealmModel  realm,
String  roleName 
)
inlinestatic
47  {
48  ClientModel client = realm.getMasterAdminClient();
49  if (client != null && client.getRole(roleName) == null) {
50  RoleModel role = client.addRole(roleName);
51  role.setDescription("${role_" + roleName + "}");
52 
53  client.getRealm().getRole(AdminRoles.ADMIN).addCompositeRole(role);
54  }
55 
56  if (!realm.getName().equals(Config.getAdminRealm())) {
57  client = realm.getClientByClientId(Constants.REALM_MANAGEMENT_CLIENT_ID);
58  if (client != null && client.getRole(roleName) == null) {
59  RoleModel role = client.addRole(roleName);
60  role.setDescription("${role_" + roleName + "}");
61 
62  client.getRole(AdminRoles.REALM_ADMIN).addCompositeRole(role);
63  }
64  }
65  }

◆ migrateOldOfflineToken()

static void org.keycloak.migration.migrators.MigrationUtils.migrateOldOfflineToken ( KeycloakSession  session,
RealmModel  realm,
ClientModel  client,
UserModel  user 
) throws OAuthErrorException
inlinestatic
91  {
92  ClientScopeModel offlineScope = KeycloakModelUtils.getClientScopeByName(realm, OAuth2Constants.OFFLINE_ACCESS);
93  if (offlineScope == null) {
94  throw new OAuthErrorException(OAuthErrorException.INVALID_GRANT, "Offline Access scope not found");
95  }
96 
97  if (client.isConsentRequired()) {
98  // Automatically add consents for client and for offline_access. We know that both were defacto approved by user already and offlineSession is still valid
99  UserConsentModel consent = session.users().getConsentByClient(realm, user.getId(), client.getId());
100  if (consent != null) {
101  if (client.isDisplayOnConsentScreen()) {
102  consent.addGrantedClientScope(client);
103  }
104  if (offlineScope.isDisplayOnConsentScreen()) {
105  consent.addGrantedClientScope(offlineScope);
106  }
107  session.users().updateConsent(realm, user.getId(), consent);
108  }
109  }
110  }

◆ updateOTPRequiredAction()

static void org.keycloak.migration.migrators.MigrationUtils.updateOTPRequiredAction ( RequiredActionProviderModel  otpAction)
inlinestatic
67  {
68  if (otpAction == null) return;
69  if (!UserModel.RequiredAction.CONFIGURE_TOTP.name().equals(otpAction.getProviderId())) return;
70  if (!"Configure Totp".equals(otpAction.getName())) return;
71 
72  otpAction.setName("Configure OTP");
73  }

◆ updateProtocolMappers()

static void org.keycloak.migration.migrators.MigrationUtils.updateProtocolMappers ( ProtocolMapperContainerModel  client)
inlinestatic
75  {
76  List<ProtocolMapperModel> toUpdate = new LinkedList<>();
77  for (ProtocolMapperModel mapper : client.getProtocolMappers()) {
78  if (!mapper.getConfig().containsKey("userinfo.token.claim") && mapper.getConfig().containsKey("id.token.claim")) {
79  mapper.getConfig().put("userinfo.token.claim", mapper.getConfig().get("id.token.claim"));
80  toUpdate.add(mapper);
81  }
82  }
83 
84  for (ProtocolMapperModel mapper : toUpdate) {
85  client.updateProtocolMapper(mapper);
86  }
87  }
このクラス詳解は次のファイルから抽出されました:
2018年10月29日(月) 00時34分51秒作成 - keycloak / 構成:   doxygen 1.8.13