Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
f5e301f
commit a1f7cfa
Showing
6 changed files
with
262 additions
and
53 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
27 changes: 27 additions & 0 deletions
27
model/api/src/main/java/org/keycloak/migration/migrators/MigrateTo1_3_0_Beta1.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
package org.keycloak.migration.migrators; | ||
|
||
import org.keycloak.migration.ModelVersion; | ||
import org.keycloak.models.KeycloakSession; | ||
import org.keycloak.models.RealmModel; | ||
import org.keycloak.models.utils.DefaultAuthenticationFlows; | ||
|
||
import java.util.List; | ||
|
||
/** | ||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a> | ||
* @version $Revision: 1 $ | ||
*/ | ||
public class MigrateTo1_3_0_Beta1 { | ||
public static final ModelVersion VERSION = new ModelVersion("1.3.0.Beta1"); | ||
|
||
|
||
public void migrate(KeycloakSession session) { | ||
List<RealmModel> realms = session.realms().getRealms(); | ||
for (RealmModel realm : realms) { | ||
if (realm.getAuthenticationFlows().size() == 0) { | ||
DefaultAuthenticationFlows.addFlows(realm); | ||
} | ||
} | ||
|
||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
92 changes: 92 additions & 0 deletions
92
model/api/src/main/java/org/keycloak/models/utils/DefaultAuthenticationFlows.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,92 @@ | ||
package org.keycloak.models.utils; | ||
|
||
import org.keycloak.models.AuthenticationExecutionModel; | ||
import org.keycloak.models.AuthenticationFlowModel; | ||
import org.keycloak.models.AuthenticatorModel; | ||
import org.keycloak.models.RealmModel; | ||
|
||
/** | ||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a> | ||
* @version $Revision: 1 $ | ||
*/ | ||
public class DefaultAuthenticationFlows { | ||
public static void addFlows(RealmModel realm) { | ||
AuthenticatorModel model = new AuthenticatorModel(); | ||
model.setProviderId("auth-cookie"); | ||
model.setAlias("Cookie"); | ||
AuthenticatorModel cookieAuth = realm.addAuthenticator(model); | ||
model = new AuthenticatorModel(); | ||
model.setProviderId("auth-login-form-otp"); | ||
model.setAlias("Login Form OTP"); | ||
AuthenticatorModel loginFormOtp = realm.addAuthenticator(model); | ||
model = new AuthenticatorModel(); | ||
model.setProviderId("auth-login-form-password"); | ||
model.setAlias("Login Form Password"); | ||
AuthenticatorModel password = realm.addAuthenticator(model); | ||
model = new AuthenticatorModel(); | ||
model.setProviderId("auth-login-form-username"); | ||
model.setAlias("Login Form Username"); | ||
AuthenticatorModel username = realm.addAuthenticator(model); | ||
model = new AuthenticatorModel(); | ||
model.setProviderId("auth-otp-form"); | ||
model.setAlias("Single OTP Form"); | ||
AuthenticatorModel otp = realm.addAuthenticator(model); | ||
|
||
AuthenticationFlowModel browser = new AuthenticationFlowModel(); | ||
browser.setAlias("browser"); | ||
browser.setDescription("browser based authentication"); | ||
browser = realm.addAuthenticationFlow(browser); | ||
AuthenticationExecutionModel execution = new AuthenticationExecutionModel(); | ||
execution.setParentFlow(browser.getId()); | ||
execution.setRequirement(AuthenticationExecutionModel.Requirement.ALTERNATIVE); | ||
execution.setAuthenticator(cookieAuth.getId()); | ||
execution.setPriority(0); | ||
execution.setUserSetupAllowed(false); | ||
execution.setAutheticatorFlow(false); | ||
realm.addAuthenticatorExecution(execution); | ||
AuthenticationFlowModel forms = new AuthenticationFlowModel(); | ||
forms.setAlias("forms"); | ||
forms.setDescription("Username, password, otp and other auth forms."); | ||
forms = realm.addAuthenticationFlow(forms); | ||
execution = new AuthenticationExecutionModel(); | ||
execution.setParentFlow(browser.getId()); | ||
execution.setRequirement(AuthenticationExecutionModel.Requirement.ALTERNATIVE); | ||
execution.setAuthenticator(forms.getId()); | ||
execution.setPriority(1); | ||
execution.setUserSetupAllowed(false); | ||
execution.setAutheticatorFlow(true); | ||
realm.addAuthenticatorExecution(execution); | ||
|
||
// forms | ||
// Username processing | ||
execution = new AuthenticationExecutionModel(); | ||
execution.setParentFlow(forms.getId()); | ||
execution.setRequirement(AuthenticationExecutionModel.Requirement.REQUIRED); | ||
execution.setAuthenticator(username.getId()); | ||
execution.setPriority(10); | ||
execution.setUserSetupAllowed(false); | ||
execution.setAutheticatorFlow(false); | ||
realm.addAuthenticatorExecution(execution); | ||
|
||
// password processing | ||
execution = new AuthenticationExecutionModel(); | ||
execution.setParentFlow(forms.getId()); | ||
execution.setRequirement(AuthenticationExecutionModel.Requirement.REQUIRED); | ||
execution.setAuthenticator(password.getId()); | ||
execution.setPriority(11); | ||
execution.setUserSetupAllowed(false); | ||
execution.setAutheticatorFlow(false); | ||
realm.addAuthenticatorExecution(execution); | ||
|
||
// otp processing | ||
execution = new AuthenticationExecutionModel(); | ||
execution.setParentFlow(forms.getId()); | ||
execution.setRequirement(AuthenticationExecutionModel.Requirement.OPTIONAL); | ||
execution.setAuthenticator(otp.getId()); | ||
execution.setPriority(12); | ||
execution.setUserSetupAllowed(true); | ||
execution.setAutheticatorFlow(false); | ||
realm.addAuthenticatorExecution(execution); | ||
|
||
} | ||
} |
Oops, something went wrong.