59 ClientRepresentation client =
new ClientRepresentation();
61 client.setClientId(clientOIDC.getClientId());
62 client.setName(clientOIDC.getClientName());
63 client.setRedirectUris(clientOIDC.getRedirectUris());
64 client.setBaseUrl(clientOIDC.getClientUri());
66 List<String> oidcResponseTypes = clientOIDC.getResponseTypes();
67 if (oidcResponseTypes == null || oidcResponseTypes.isEmpty()) {
68 oidcResponseTypes = Collections.singletonList(OIDCResponseType.CODE);
70 List<String> oidcGrantTypes = clientOIDC.getGrantTypes();
73 OIDCResponseType responseType = OIDCResponseType.parse(oidcResponseTypes);
74 client.setStandardFlowEnabled(responseType.hasResponseType(OIDCResponseType.CODE));
75 client.setImplicitFlowEnabled(responseType.isImplicitOrHybridFlow());
77 client.setPublicClient(responseType.isImplicitFlow());
79 if (oidcGrantTypes != null) {
80 client.setDirectAccessGrantsEnabled(oidcGrantTypes.contains(OAuth2Constants.PASSWORD));
81 client.setServiceAccountsEnabled(oidcGrantTypes.contains(OAuth2Constants.CLIENT_CREDENTIALS));
83 }
catch (IllegalArgumentException iae) {
84 throw new ClientRegistrationException(iae.getMessage(), iae);
87 String authMethod = clientOIDC.getTokenEndpointAuthMethod();
88 ClientAuthenticatorFactory clientAuthFactory;
89 if (authMethod == null) {
90 clientAuthFactory = (ClientAuthenticatorFactory) session.getKeycloakSessionFactory().getProviderFactory(ClientAuthenticator.class, KeycloakModelUtils.getDefaultClientAuthenticatorType());
92 clientAuthFactory = AuthorizeClientUtil.findClientAuthenticatorForOIDCAuthMethod(session, authMethod);
95 if (clientAuthFactory == null) {
96 throw new ClientRegistrationException(
"Not found clientAuthenticator for requested token_endpoint_auth_method");
98 client.setClientAuthenticatorType(clientAuthFactory.getId());
100 boolean publicKeySet =
setPublicKey(clientOIDC, client);
101 if (authMethod != null && authMethod.equals(OIDCLoginProtocol.PRIVATE_KEY_JWT) && !publicKeySet) {
102 throw new ClientRegistrationException(
"Didn't find key of supported keyType for use " + JWK.Use.SIG.asString());
105 OIDCAdvancedConfigWrapper configWrapper = OIDCAdvancedConfigWrapper.fromClientRepresentation(client);
106 if (clientOIDC.getUserinfoSignedResponseAlg() != null) {
107 Algorithm algorithm = Enum.valueOf(Algorithm.class, clientOIDC.getUserinfoSignedResponseAlg());
108 configWrapper.setUserInfoSignedResponseAlg(algorithm);
111 if (clientOIDC.getRequestObjectSigningAlg() != null) {
112 Algorithm algorithm = Enum.valueOf(Algorithm.class, clientOIDC.getRequestObjectSigningAlg());
113 configWrapper.setRequestObjectSignatureAlg(algorithm);
118 Boolean tlsClientCertificateBoundAccessTokens = clientOIDC.getTlsClientCertificateBoundAccessTokens();
119 if (tlsClientCertificateBoundAccessTokens != null) {
120 if (tlsClientCertificateBoundAccessTokens.booleanValue()) configWrapper.setUseMtlsHoKToken(
true);
121 else configWrapper.setUseMtlsHoKToken(
false);
124 if (clientOIDC.getIdTokenSignedResponseAlg() != null) {
125 configWrapper.setIdTokenSignedResponseAlg(clientOIDC.getIdTokenSignedResponseAlg());
static boolean setPublicKey(OIDCClientRepresentation clientOIDC, ClientRepresentation clientRep)
Definition: DescriptionConverter.java:132