auth spi datamodel

keycloak · May 22, 2015 · 68976f5 · 68976f5
1 parent 3851a2f
commit 68976f5
Show file tree

Hide file tree

Showing 33 changed files with 1,992 additions and 108 deletions.
diff --git a/connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-1.3.0.Beta1.xml b/connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-1.3.0.Beta1.xml
@@ -21,6 +21,44 @@
             <column name="REPRESENTATION" type="VARCHAR(25500)"/>
             <column name="ERROR" type="VARCHAR(255)"/>
         </createTable>
+        <createTable tableName="AUTHENTICATOR">
+            <column name="ID" type="VARCHAR(36)">
+                <constraints nullable="false"/>
+            </column>
+            <column name="ALIAS" type="VARCHAR(255)"/>
+            <column name="REALM_ID" type="VARCHAR(36)"/>
+            <column name="PROVIDER_ID" type="VARCHAR(36)"/>
+        </createTable>
+        <createTable tableName="AUTHENTICATION_FLOW">
+            <column name="ID" type="VARCHAR(36)">
+                <constraints nullable="false"/>
+            </column>
+            <column name="ALIAS" type="VARCHAR(255)"/>
+            <column name="DESCRIPTION" type="VARCHAR(255)"/>
+            <column name="REALM_ID" type="VARCHAR(36)"/>
+        </createTable>
+        <createTable tableName="AUTHENTICATION_EXECUTION">
+            <column name="ID" type="VARCHAR(36)">
+                <constraints nullable="false"/>
+            </column>
+            <column name="ALIAS" type="VARCHAR(255)"/>
+            <column name="AUTHENTICATOR" type="VARCHAR(36)"/>
+            <column name="REALM_ID" type="VARCHAR(36)"/>
+            <column name="FLOW_ID" type="VARCHAR(36)"/>
+            <column name="REQUIREMENT" type="INT"/>
+            <column name="PRIORITY" type="INT"/>
+            <column name="USER_SETUP_ALLOWED" type="BOOLEAN" defaultValueBoolean="false"/>
+            <column name="AUTHENTICATOR_FLOW" type="BOOLEAN" defaultValueBoolean="false"/>
+        </createTable>
+        <createTable tableName="AUTHENTICATOR_CONFIG">
+            <column name="AUTHENTICATOR_ID" type="VARCHAR(36)">
+                <constraints nullable="false"/>
+            </column>
+            <column name="VALUE" type="CLOB"/>
+            <column name="NAME" type="VARCHAR(255)">
+                <constraints nullable="false"/>
+            </column>
+        </createTable>
         <addColumn tableName="REALM">
             <column name="ADMIN_EVENTS_ENABLED" type="BOOLEAN" defaultValueBoolean="false">
                 <constraints nullable="false"/>
@@ -30,7 +68,7 @@
             </column>
         </addColumn>
         <createTable tableName="CLIENT_SESSION_AUTH_STATUS">
-            <column name="AUTHENTICATOR" type="VARCHAR(32)">
+            <column name="AUTHENTICATOR" type="VARCHAR(36)">
                 <constraints nullable="false"/>
             </column>
             <column name="STATUS" type="INT"/>
@@ -39,10 +77,10 @@
             </column>
         </createTable>
         <addColumn tableName="CLIENT_SESSION">
-            <column name="AUTH_USER_ID" type="VARCHAR(32)"/>
+            <column name="AUTH_USER_ID" type="VARCHAR(36)"/>
         </addColumn>
         <addColumn tableName="USER_REQUIRED_ACTION">
-            <column name="REQUIRED_ACTION" type="VARCHAR(32)">
+            <column name="REQUIRED_ACTION" type="VARCHAR(36)">
                 <constraints nullable="false"/>
             </column>
         </addColumn>
@@ -63,10 +101,18 @@
             <column name="REQUIRED_ACTION" value="UPDATE_PASSWORD"/>
             <where>ACTION = 3</where>
         </update>
+        <addPrimaryKey columnNames="ID" constraintName="CONSTRAINT_AUTHENTICATOR_PK" tableName="AUTHENTICATOR"/>
+        <addPrimaryKey columnNames="ID" constraintName="CONSTRAINT_AUTHENTICATION_FLOW_PK" tableName="AUTHENTICATION_FLOW"/>
+        <addPrimaryKey columnNames="ID" constraintName="CONSTRAINT_AUTHENTICATION_EXECUTION_PK" tableName="AUTHENTICATION_EXECUTION"/>
+        <addPrimaryKey columnNames="AUTHENTICATOR_ID, NAME" constraintName="CONSTRAINT_AUTHENTICATOR_CONFIG_PK" tableName="AUTHENTICATOR_CONFIG"/>
         <dropPrimaryKey constraintName="CONSTRAINT_2" tableName="USER_REQUIRED_ACTION"/>
         <dropColumn tableName="USER_REQUIRED_ACTION" columnName="ACTION"/>
         <addPrimaryKey columnNames="REQUIRED_ACTION, USER_ID" constraintName="CONSTRAINT_REQUIRED_ACTION" tableName="USER_REQUIRED_ACTION"/>
         <addPrimaryKey columnNames="CLIENT_SESSION, AUTHENTICATOR" constraintName="CONSTRAINT_AUTH_STATUS_PK" tableName="CLIENT_SESSION_AUTH_STATUS"/>
         <addForeignKeyConstraint baseColumnNames="CLIENT_SESSION" baseTableName="CLIENT_SESSION_AUTH_STATUS" constraintName="AUTH_STATUS_CONSTRAINT" referencedColumnNames="ID" referencedTableName="CLIENT_SESSION"/>
+        <addForeignKeyConstraint baseColumnNames="REALM_ID" baseTableName="AUTHENTICATOR" constraintName="FK_AUTHENTICATOR_REALM" referencedColumnNames="ID" referencedTableName="REALM"/>
+        <addForeignKeyConstraint baseColumnNames="REALM_ID" baseTableName="AUTHENTICATION_FLOW" constraintName="FK_AUTHENTICATION_FLOW_REALM" referencedColumnNames="ID" referencedTableName="REALM"/>
+        <addForeignKeyConstraint baseColumnNames="REALM_ID" baseTableName="AUTHENTICATION_EXECUTION" constraintName="FK_AUTHENTICATION_EXECUTION_REALM" referencedColumnNames="ID" referencedTableName="REALM"/>
+        <addForeignKeyConstraint baseColumnNames="FLOW_ID" baseTableName="AUTHENTICATION_EXECUTION" constraintName="FK_AUTHENTICATION_EXECUTION_FLOW" referencedColumnNames="ID" referencedTableName="AUTHENTICATION_FLOW"/>
     </changeSet>
 </databaseChangeLog>
diff --git a/connections/jpa/src/main/resources/META-INF/persistence.xml b/connections/jpa/src/main/resources/META-INF/persistence.xml
@@ -24,6 +24,9 @@
         <class>org.keycloak.models.jpa.entities.UserConsentEntity</class>
         <class>org.keycloak.models.jpa.entities.UserConsentRoleEntity</class>
         <class>org.keycloak.models.jpa.entities.UserConsentProtocolMapperEntity</class>
+        <class>org.keycloak.models.jpa.entities.AuthenticationFlowEntity</class>
+        <class>org.keycloak.models.jpa.entities.AuthenticationExecutionEntity</class>
+        <class>org.keycloak.models.jpa.entities.AuthenticatorEntity</class>
 
         <!-- JpaUserSessionProvider -->
         <class>org.keycloak.models.sessions.jpa.entities.ClientSessionEntity</class>

diff --git a/model/api/src/main/java/org/keycloak/models/AuthenticationExecutionModel.java b/model/api/src/main/java/org/keycloak/models/AuthenticationExecutionModel.java
@@ -0,0 +1,83 @@
+package org.keycloak.models;
+
+/**
+* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
+* @version $Revision: 1 $
+*/
+public class AuthenticationExecutionModel {
+
+    private String id;
+    private String authenticator;
+    private boolean autheticatorFlow;
+    private Requirement requirement;
+    private boolean userSetupAllowed;
+    private int priority;
+    private String parentFlow;
+
+    public String getId() {
+        return id;
+    }
+
+    public void setId(String id) {
+        this.id = id;
+    }
+
+    public String getAuthenticator() {
+        return authenticator;
+    }
+
+    public void setAuthenticator(String authenticator) {
+        this.authenticator = authenticator;
+    }
+
+    public Requirement getRequirement() {
+        return requirement;
+    }
+
+    public void setRequirement(Requirement requirement) {
+        this.requirement = requirement;
+    }
+
+    public int getPriority() {
+        return priority;
+    }
+
+    public void setPriority(int priority) {
+        this.priority = priority;
+    }
+
+    public boolean isUserSetupAllowed() {
+        return userSetupAllowed;
+    }
+
+    public void setUserSetupAllowed(boolean userSetupAllowed) {
+        this.userSetupAllowed = userSetupAllowed;
+    }
+
+    public String getParentFlow() {
+        return parentFlow;
+    }
+
+    public void setParentFlow(String parentFlow) {
+        this.parentFlow = parentFlow;
+    }
+
+    /**
+     * Is the referenced authenticator a flow?
+     *
+     * @return
+     */
+    public boolean isAutheticatorFlow() {
+        return autheticatorFlow;
+    }
+
+    public void setAutheticatorFlow(boolean autheticatorFlow) {
+        this.autheticatorFlow = autheticatorFlow;
+    }
+
+    public enum Requirement {
+        REQUIRED,
+        OPTIONAL,
+        ALTERNATIVE
+    }
+}
diff --git a/model/api/src/main/java/org/keycloak/models/AuthenticationFlowModel.java b/model/api/src/main/java/org/keycloak/models/AuthenticationFlowModel.java
@@ -0,0 +1,35 @@
+package org.keycloak.models;
+
+/**
+ * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
+ * @version $Revision: 1 $
+ */
+public class AuthenticationFlowModel {
+    private String id;
+    private String alias;
+    private String description;
+
+    public String getId() {
+        return id;
+    }
+
+    public void setId(String id) {
+        this.id = id;
+    }
+
+    public String getAlias() {
+        return alias;
+    }
+
+    public void setAlias(String alias) {
+        this.alias = alias;
+    }
+
+    public String getDescription() {
+        return description;
+    }
+
+    public void setDescription(String description) {
+        this.description = description;
+    }
+}
diff --git a/model/api/src/main/java/org/keycloak/models/AuthenticatorModel.java b/model/api/src/main/java/org/keycloak/models/AuthenticatorModel.java
@@ -9,23 +9,9 @@
 */
 public class AuthenticatorModel {
 
-    public enum Requirement {
-        REQUIRED,
-        OPTIONAL,
-        ALTERNATIVE
-    }
-
     private String id;
     private String alias;
     private String providerId;
-    private boolean masterAuthenticator;
-    private boolean formBased;
-    private String inputPage;
-    private String actionUrl;
-    private String setupUrl;
-    private Requirement requirement;
-    private boolean userSetupAllowed;
-    private int priority;
     private Map<String, String> config = new HashMap<String, String>();
 
 
@@ -53,70 +39,6 @@ public void setProviderId(String providerId) {
         this.providerId = providerId;
     }
 
-    public boolean isFormBased() {
-        return formBased;
-    }
-
-    public void setFormBased(boolean formBased) {
-        this.formBased = formBased;
-    }
-
-    public String getInputPage() {
-        return inputPage;
-    }
-
-    public void setInputPage(String inputPage) {
-        this.inputPage = inputPage;
-    }
-
-    public String getActionUrl() {
-        return actionUrl;
-    }
-
-    public void setActionUrl(String actionUrl) {
-        this.actionUrl = actionUrl;
-    }
-
-    public String getSetupUrl() {
-        return setupUrl;
-    }
-
-    public void setSetupUrl(String setupUrl) {
-        this.setupUrl = setupUrl;
-    }
-
-    public Requirement getRequirement() {
-        return requirement;
-    }
-
-    public void setRequirement(Requirement requirement) {
-        this.requirement = requirement;
-    }
-
-    public int getPriority() {
-        return priority;
-    }
-
-    public void setPriority(int priority) {
-        this.priority = priority;
-    }
-
-    public boolean isUserSetupAllowed() {
-        return userSetupAllowed;
-    }
-
-    public void setUserSetupAllowed(boolean userSetupAllowed) {
-        this.userSetupAllowed = userSetupAllowed;
-    }
-
-    public boolean isMasterAuthenticator() {
-        return masterAuthenticator;
-    }
-
-    public void setMasterAuthenticator(boolean masterAuthenticator) {
-        this.masterAuthenticator = masterAuthenticator;
-    }
-
     public Map<String, String> getConfig() {
         return config;
     }

diff --git a/model/api/src/main/java/org/keycloak/models/RealmModel.java b/model/api/src/main/java/org/keycloak/models/RealmModel.java
@@ -168,6 +168,25 @@ interface ClientCreationEvent extends ProviderEvent {
 
     void setSmtpConfig(Map<String, String> smtpConfig);
 
+    List<AuthenticationFlowModel> getAuthenticationFlows();
+    AuthenticationFlowModel addAuthenticationFlow(AuthenticationFlowModel model);
+    AuthenticationFlowModel getAuthenticationFlowById(String id);
+    void removeAuthenticationFlow(AuthenticationFlowModel model);
+    void updateAuthenticationFlow(AuthenticationFlowModel model);
+
+    List<AuthenticationExecutionModel> getAuthenticationExecutions(String flowId);
+    AuthenticationExecutionModel getAuthenticationExecutionById(String id);
+    AuthenticationExecutionModel addAuthenticatorExecution(AuthenticationExecutionModel model);
+    void updateAuthenticatorExecution(AuthenticationExecutionModel model);
+    void removeAuthenticatorExecution(AuthenticationExecutionModel model);
+
+
+    List<AuthenticatorModel> getAuthenticators();
+    AuthenticatorModel addAuthenticator(AuthenticatorModel model);
+    void updateAuthenticator(AuthenticatorModel model);
+    void removeAuthenticator(AuthenticatorModel model);
+    AuthenticatorModel getAuthenticatorById(String id);
+
     List<IdentityProviderModel> getIdentityProviders();
     IdentityProviderModel getIdentityProviderByAlias(String alias);
     void addIdentityProvider(IdentityProviderModel identityProvider);