2023-11-29 15:12:56 +01:00
|
|
|
package eu.eudat.service.keycloak;
|
|
|
|
|
|
|
|
import com.google.common.collect.Lists;
|
|
|
|
import eu.eudat.configurations.keycloak.KeycloakResourcesConfiguration;
|
|
|
|
import eu.eudat.data.TenantEntity;
|
|
|
|
import gr.cite.commons.web.keycloak.api.KeycloakAdminRestApi;
|
2023-12-08 10:48:32 +01:00
|
|
|
import gr.cite.commons.web.keycloak.api.configuration.KeycloakClientConfiguration;
|
2023-11-29 15:12:56 +01:00
|
|
|
import gr.cite.tools.logging.LoggerService;
|
|
|
|
import org.jetbrains.annotations.NotNull;
|
|
|
|
import org.keycloak.representations.idm.GroupRepresentation;
|
2023-12-08 10:48:32 +01:00
|
|
|
import org.keycloak.representations.idm.UserRepresentation;
|
2023-11-29 15:12:56 +01:00
|
|
|
import org.slf4j.LoggerFactory;
|
|
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
|
|
import org.springframework.stereotype.Service;
|
|
|
|
|
2023-12-08 10:48:32 +01:00
|
|
|
import java.util.*;
|
2023-11-29 15:12:56 +01:00
|
|
|
|
|
|
|
@Service
|
|
|
|
public class KeycloakServiceImpl implements KeycloakService {
|
|
|
|
|
|
|
|
private static final LoggerService logger = new LoggerService(LoggerFactory.getLogger(KeycloakServiceImpl.class));
|
2023-12-08 10:48:32 +01:00
|
|
|
private final MyKeycloakAdminRestApi api;
|
2023-11-29 15:12:56 +01:00
|
|
|
private final KeycloakResourcesConfiguration configuration;
|
2023-12-08 10:48:32 +01:00
|
|
|
private final KeycloakClientConfiguration clientConfiguration;
|
2023-11-29 15:12:56 +01:00
|
|
|
|
|
|
|
@Autowired
|
2023-12-08 10:48:32 +01:00
|
|
|
public KeycloakServiceImpl(MyKeycloakAdminRestApi api, KeycloakResourcesConfiguration configuration, KeycloakClientConfiguration clientConfiguration) {
|
2023-11-29 15:12:56 +01:00
|
|
|
this.api = api;
|
|
|
|
this.configuration = configuration;
|
2023-11-30 13:09:20 +01:00
|
|
|
//logger.info("Keycloak service initialized. Tenant authorities configured -> {}", configuration.getProperties().getAuthorities().size());
|
2023-12-08 10:48:32 +01:00
|
|
|
this.clientConfiguration = clientConfiguration;
|
2023-11-29 15:12:56 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
|
|
|
public HashMap<String, GroupRepresentation> createTenantGroups(TenantEntity tenant) {
|
|
|
|
HashMap<String, GroupRepresentation> groups = new HashMap<>();
|
|
|
|
|
|
|
|
configuration.getProperties().getAuthorities().keySet().forEach(key -> {
|
|
|
|
GroupRepresentation group = new GroupRepresentation();
|
|
|
|
group.setName(configuration.getGroupName(tenant.getCode(), tenant.getId().toString()));
|
|
|
|
HashMap<String, List<String>> user_attributes = new HashMap<>();
|
|
|
|
user_attributes.put("auth", Lists.newArrayList(configuration.getAuthorityName(tenant.getCode(), key)));
|
|
|
|
group.setAttributes(user_attributes);
|
|
|
|
groups.put(key, api.groups().addGroupWithParent(group, configuration.getProperties().getAuthorities().get(key).getParent()));
|
|
|
|
});
|
|
|
|
|
|
|
|
return groups;
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
|
|
|
public void addUserToGroup(@NotNull UUID subjectId, String groupId) {
|
|
|
|
api.users().removeUserFromGroup(subjectId.toString(), configuration.getProperties().getGuestsGroup());
|
|
|
|
api.users().addUserToGroup(subjectId.toString(), groupId);
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
|
|
|
public void removeUserFromGroup(@NotNull UUID subjectId, String groupId) {
|
|
|
|
api.users().removeUserFromGroup(subjectId.toString(), groupId);
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
|
|
|
public void addUserToAdministratorsGroup(@NotNull UUID subjectId) {
|
|
|
|
api.users().removeUserFromGroup(subjectId.toString(), configuration.getProperties().getGuestsGroup());
|
|
|
|
api.users().addUserToGroup(subjectId.toString(), configuration.getProperties().getAdministratorsGroup());
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
|
|
|
public void removeUserFromAdministratorsGroup(@NotNull UUID subjectId) {
|
|
|
|
api.users().removeUserFromGroup(subjectId.toString(), configuration.getProperties().getAdministratorsGroup());
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
|
|
|
public void addUserToTenantAuthorityGroup(UUID subjectId, TenantEntity tenant, String key) {
|
|
|
|
api.users().removeUserFromGroup(subjectId.toString(), configuration.getProperties().getGuestsGroup());
|
|
|
|
GroupRepresentation group = api.groups().findGroupByPath(getTenantAuthorityParentPath(key) + "/" + configuration.getGroupName(tenant.getCode(), tenant.getId().toString()));
|
|
|
|
addUserToGroup(subjectId, group.getId());
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
|
|
|
public void removeUserFromTenantAuthorityGroup(UUID subjectId, TenantEntity tenant, String key) {
|
|
|
|
GroupRepresentation group = api.groups().findGroupByPath(getTenantAuthorityParentPath(key) + "/" + configuration.getGroupName(tenant.getCode(), tenant.getId().toString()));
|
|
|
|
removeUserFromGroup(subjectId, group.getId());
|
|
|
|
}
|
|
|
|
|
2023-12-08 10:48:32 +01:00
|
|
|
@Override
|
|
|
|
public void assignClientRoleToUser(UUID subjectId, String clientId, KeycloakRole role) {
|
|
|
|
if (clientId == null) clientId = clientConfiguration.getProperties().getClientId();
|
|
|
|
UserRepresentation user = api.users().findUserById(subjectId.toString());
|
|
|
|
user.getClientRoles().computeIfAbsent(clientId, k -> Lists.newArrayList());
|
|
|
|
Set<String> clientRoles = new HashSet<>(Set.copyOf(user.getClientRoles().get(clientId)));
|
|
|
|
clientRoles.add(role.name());
|
|
|
|
user.getClientRoles().get(clientId).clear();
|
|
|
|
user.getClientRoles().get(clientId).addAll(clientRoles);
|
|
|
|
api.users().updateUser(subjectId.toString(), user);
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
|
|
|
public void removeClientRoleFromUser(UUID subjectId, String clientId, KeycloakRole role) {
|
|
|
|
if (clientId == null) clientId = clientConfiguration.getProperties().getClientId();
|
|
|
|
UserRepresentation user = api.users().findUserById(subjectId.toString());
|
|
|
|
user.getClientRoles().computeIfAbsent(clientId, k -> Lists.newArrayList());
|
|
|
|
Set<String> clientRoles = new HashSet<>(Set.copyOf(user.getClientRoles().get(clientId)));
|
|
|
|
clientRoles.remove(role.name());
|
|
|
|
user.getClientRoles().get(clientId).clear();
|
|
|
|
user.getClientRoles().get(clientId).addAll(clientRoles);
|
|
|
|
api.users().updateUser(subjectId.toString(), user);
|
|
|
|
}
|
|
|
|
|
2023-11-29 15:12:56 +01:00
|
|
|
public List<GroupRepresentation> getUserGroups(UUID subjectId) {
|
|
|
|
return api.users().getGroups(subjectId.toString());
|
|
|
|
}
|
|
|
|
|
|
|
|
private String getTenantAuthorityParentPath(String key) {
|
|
|
|
GroupRepresentation parent = api.groups().findGroupById(configuration.getProperties().getAuthorities().get(key).getParent());
|
|
|
|
return parent.getPath();
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|