keycloak-service
公開メンバ関数 | 静的公開メンバ関数 | 静的関数 | 非公開メンバ関数 | 全メンバ一覧
org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation クラス
org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation の継承関係図
Inheritance graph
org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation 連携図
Collaboration graph

公開メンバ関数

Response generateInstallation (KeycloakSession session, RealmModel realm, ClientModel client, URI baseUri)
 
String getProtocol ()
 
String getDisplayType ()
 
String getHelpText ()
 
void close ()
 
ClientInstallationProvider create (KeycloakSession session)
 
void init (Config.Scope config)
 
void postInit (KeycloakSessionFactory factory)
 
String getId ()
 
boolean isDownloadOnly ()
 
String getFilename ()
 
String getMediaType ()
 

静的公開メンバ関数

static Map< String, Object > getClientCredentialsAdapterConfig (KeycloakSession session, ClientModel client)
 
static boolean showClientCredentialsAdapterConfig (ClientModel client)
 

静的関数

static boolean showVerifyTokenAudience (ClientModel client)
 

非公開メンバ関数

void configureAuthorizationSettings (KeycloakSession session, ClientModel client, ClientManager.InstallationAdapterConfig rep)
 

詳解

著者
Bill Burke
バージョン
Revision
1

関数詳解

◆ close()

void org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation.close ( )
inline
140  {
141 
142  }

◆ configureAuthorizationSettings()

void org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation.configureAuthorizationSettings ( KeycloakSession  session,
ClientModel  client,
ClientManager.InstallationAdapterConfig  rep 
)
inlineprivate
179  {
180  if (new AuthorizationService(session, client, null, null).isEnabled()) {
181  PolicyEnforcerConfig enforcerConfig = new PolicyEnforcerConfig();
182 
183  enforcerConfig.setEnforcementMode(null);
184  enforcerConfig.setLazyLoadPaths(null);
185 
186  rep.setEnforcerConfig(enforcerConfig);
187 
188  Set<RoleModel> clientRoles = client.getRoles();
189 
190  if (clientRoles.size() == 1) {
191  if (clientRoles.iterator().next().getName().equals(Constants.AUTHZ_UMA_PROTECTION)) {
192  rep.setUseResourceRoleMappings(null);
193  }
194  }
195  }
196  }

◆ create()

ClientInstallationProvider org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation.create ( KeycloakSession  session)
inline
145  {
146  return this;
147  }

◆ generateInstallation()

Response org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation.generateInstallation ( KeycloakSession  session,
RealmModel  realm,
ClientModel  client,
URI  baseUri 
)
inline
54  {
55  ClientManager.InstallationAdapterConfig rep = new ClientManager.InstallationAdapterConfig();
56  rep.setAuthServerUrl(baseUri.toString());
57  rep.setRealm(realm.getName());
58  rep.setSslRequired(realm.getSslRequired().name().toLowerCase());
59 
60  if (client.isPublicClient() && !client.isBearerOnly()) rep.setPublicClient(true);
61  if (client.isBearerOnly()) rep.setBearerOnly(true);
62  if (client.getRoles().size() > 0) rep.setUseResourceRoleMappings(true);
63 
64  rep.setResource(client.getClientId());
65 
66  if (showClientCredentialsAdapterConfig(client)) {
67  Map<String, Object> adapterConfig = getClientCredentialsAdapterConfig(session, client);
68  rep.setCredentials(adapterConfig);
69  }
70 
71  if (showVerifyTokenAudience(client)) {
72  rep.setVerifyTokenAudience(true);
73  }
74 
75  configureAuthorizationSettings(session, client, rep);
76 
77  String json = null;
78  try {
79  json = JsonSerialization.writeValueAsPrettyString(rep);
80  } catch (IOException e) {
81  throw new RuntimeException(e);
82  }
83  return Response.ok(json, MediaType.TEXT_PLAIN_TYPE).build();
84  }
org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation.getClientCredentialsAdapterConfig
static Map< String, Object > getClientCredentialsAdapterConfig(KeycloakSession session, ClientModel client)
Definition: KeycloakOIDCClientInstallation.java:86
org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation.configureAuthorizationSettings
void configureAuthorizationSettings(KeycloakSession session, ClientModel client, ClientManager.InstallationAdapterConfig rep)
Definition: KeycloakOIDCClientInstallation.java:179
org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation.showClientCredentialsAdapterConfig
static boolean showClientCredentialsAdapterConfig(ClientModel client)
Definition: KeycloakOIDCClientInstallation.java:93
org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation.showVerifyTokenAudience
static boolean showVerifyTokenAudience(ClientModel client)
Definition: KeycloakOIDCClientInstallation.java:107

◆ getClientCredentialsAdapterConfig()

static Map<String, Object> org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation.getClientCredentialsAdapterConfig ( KeycloakSession  session,
ClientModel  client 
)
inlinestatic
86  {
87  String clientAuthenticator = client.getClientAuthenticatorType();
88  ClientAuthenticatorFactory authenticator = (ClientAuthenticatorFactory) session.getKeycloakSessionFactory().getProviderFactory(ClientAuthenticator.class, clientAuthenticator);
89  return authenticator.getAdapterConfiguration(client);
90  }

◆ getDisplayType()

String org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation.getDisplayType ( )
inline
130  {
131  return "Keycloak OIDC JSON";
132  }

◆ getFilename()

String org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation.getFilename ( )
inline
170  {
171  return "keycloak.json";
172  }

◆ getHelpText()

String org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation.getHelpText ( )
inline
135  {
136  return "keycloak.json file used by the Keycloak OIDC client adapter to configure clients. This must be saved to a keycloak.json file and put in your WEB-INF directory of your WAR file. You may also want to tweak this file after you download it.";
137  }

◆ getId()

String org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation.getId ( )
inline
160  {
161  return "keycloak-oidc-keycloak-json";
162  }

◆ getMediaType()

String org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation.getMediaType ( )
inline
175  {
176  return MediaType.APPLICATION_JSON;
177  }

◆ getProtocol()

String org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation.getProtocol ( )
inline
125  {
126  return OIDCLoginProtocol.LOGIN_PROTOCOL;
127  }

◆ init()

void org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation.init ( Config.Scope  config)
inline
150  {
151 
152  }

◆ isDownloadOnly()

boolean org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation.isDownloadOnly ( )
inline
165  {
166  return false;
167  }

◆ postInit()

void org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation.postInit ( KeycloakSessionFactory  factory)
inline
155  {
156 
157  }

◆ showClientCredentialsAdapterConfig()

static boolean org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation.showClientCredentialsAdapterConfig ( ClientModel  client)
inlinestatic
93  {
94  if (client.isPublicClient()) {
95  return false;
96  }
97 
98  if (client.isBearerOnly() && !client.isServiceAccountsEnabled() && client.getNodeReRegistrationTimeout() <= 0) {
99  return false;
100  }
101 
102  return true;
103  }

◆ showVerifyTokenAudience()

static boolean org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation.showVerifyTokenAudience ( ClientModel  client)
inlinestaticpackage
107  {
108  String clientId = client.getClientId();
109  ClientScopeModel clientScope = KeycloakModelUtils.getClientScopeByName(client.getRealm(), clientId);
110  if (clientScope == null) {
111  return false;
112  }
113 
114  for (ProtocolMapperModel protocolMapper : clientScope.getProtocolMappers()) {
115  if (AudienceProtocolMapper.PROVIDER_ID.equals(protocolMapper.getProtocolMapper()) && (clientId.equals(protocolMapper.getConfig().get(AudienceProtocolMapper.INCLUDED_CLIENT_AUDIENCE)))) {
116  return true;
117  }
118  }
119 
120  return false;
121  }
このクラス詳解は次のファイルから抽出されました:
2018年11月18日(日) 14時00分19秒作成 - keycloak-service / 構成:   doxygen 1.8.13