-
Notifications
You must be signed in to change notification settings - Fork 126
/
LegacyProvider.java
91 lines (76 loc) · 3.27 KB
/
LegacyProvider.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
package com.danielfrak.code.keycloak.providers.rest;
import com.danielfrak.code.keycloak.providers.rest.remote.LegacyUser;
import com.danielfrak.code.keycloak.providers.rest.remote.LegacyUserService;
import com.danielfrak.code.keycloak.providers.rest.remote.UserModelFactory;
import org.jboss.logging.Logger;
import org.keycloak.credential.CredentialInput;
import org.keycloak.credential.CredentialInputValidator;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.credential.PasswordCredentialModel;
import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.user.UserLookupProvider;
import java.util.Collections;
import java.util.Optional;
import java.util.Set;
import java.util.function.Supplier;
/**
* Provides legacy user migration functionality
*/
public class LegacyProvider implements UserStorageProvider, UserLookupProvider, CredentialInputValidator {
private static final Logger log = Logger.getLogger(LegacyProvider.class);
private static final Set<String> supportedCredentialTypes = Collections.singleton(PasswordCredentialModel.TYPE);
private final KeycloakSession session;
private final LegacyUserService legacyUserService;
private final UserModelFactory userModelFactory;
public LegacyProvider(KeycloakSession session, LegacyUserService legacyUserService,
UserModelFactory userModelFactory) {
this.session = session;
this.legacyUserService = legacyUserService;
this.userModelFactory = userModelFactory;
}
@Override
public UserModel getUserByUsername(String username, RealmModel realm) {
return getUserModel(realm, username, () -> legacyUserService.findByUsername(username));
}
private UserModel getUserModel(RealmModel realm, String username, Supplier<Optional<LegacyUser>> user) {
return user.get()
.map(u -> userModelFactory.create(u, realm))
.orElseGet(() -> {
log.warnf("User not found in external repository: %s", username);
return null;
});
}
@Override
public UserModel getUserByEmail(String email, RealmModel realm) {
return getUserModel(realm, email, () -> legacyUserService.findByEmail(email));
}
@Override
public boolean isValid(RealmModel realmModel, UserModel userModel, CredentialInput input) {
if (!supportsCredentialType(input.getType())) {
return false;
}
if (legacyUserService.isPasswordValid(userModel.getUsername(), input.getChallengeResponse())) {
session.userCredentialManager().updateCredential(realmModel, userModel, input);
userModel.setFederationLink(null);
return true;
}
return false;
}
@Override
public boolean supportsCredentialType(String s) {
return supportedCredentialTypes.contains(s);
}
@Override
public UserModel getUserById(String id, RealmModel realm) {
throw new RuntimeException("User lookup by id not implemented");
}
@Override
public boolean isConfiguredFor(RealmModel realmModel, UserModel userModel, String s) {
return false;
}
@Override
public void close() {
}
}