package eu.eudat.service.keycloak; import gr.cite.commons.web.keycloak.api.configuration.KeycloakClientConfiguration; import gr.cite.tools.logging.LoggerService; import org.jetbrains.annotations.NotNull; import org.keycloak.representations.idm.GroupRepresentation; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import java.util.*; @Service public class KeycloakServiceImpl implements KeycloakService { private static final LoggerService logger = new LoggerService(LoggerFactory.getLogger(KeycloakServiceImpl.class)); private final MyKeycloakAdminRestApi api; private final KeycloakResourcesConfiguration configuration; private final KeycloakClientConfiguration clientConfiguration; @Autowired public KeycloakServiceImpl(MyKeycloakAdminRestApi api, KeycloakResourcesConfiguration configuration, KeycloakClientConfiguration clientConfiguration) { this.api = api; this.configuration = configuration; this.clientConfiguration = clientConfiguration; } @Override public void addUserToGroup(@NotNull String subjectId, String groupId) { api.users().addUserToGroup(subjectId, groupId); } @Override public void removeUserFromGroup(@NotNull String subjectId, String groupId) { api.users().removeUserFromGroup(subjectId, groupId); } @Override public void addUserToGlobalRoleGroup(String subjectId, String role) { KeycloakAuthorityProperties properties = this.configuration.getProperties().getAuthorities().get(role); if (properties != null) addUserToGroup(subjectId, properties.getGroupId()); } @Override public void removeUserGlobalRoleGroup(@NotNull String subjectId, String role) { KeycloakAuthorityProperties properties = this.configuration.getProperties().getAuthorities().get(role); if (properties != null) removeUserFromGroup(subjectId, properties.getGroupId()); } // // @Override // public void assignClientRoleToUser(UUID subjectId, String clientId, KeycloakRole role) { // if (clientId == null) // clientId = clientConfiguration.getProperties().getClientId(); // UserRepresentation user = api.users().findUserById(subjectId.toString()); // user.getClientRoles().computeIfAbsent(clientId, k -> new ArrayList<>()); // Set clientRoles = new HashSet<>(Set.copyOf(user.getClientRoles().get(clientId))); // clientRoles.add(role.name()); // user.getClientRoles().get(clientId).clear(); // user.getClientRoles().get(clientId).addAll(clientRoles); // api.users().updateUser(subjectId.toString(), user); // } // // @Override // public void removeClientRoleFromUser(UUID subjectId, String clientId, KeycloakRole role) { // if (clientId == null) clientId = clientConfiguration.getProperties().getClientId(); // UserRepresentation user = api.users().findUserById(subjectId.toString()); // user.getClientRoles().computeIfAbsent(clientId, k -> new ArrayList<>()); // Set clientRoles = new HashSet<>(Set.copyOf(user.getClientRoles().get(clientId))); // clientRoles.remove(role.name()); // user.getClientRoles().get(clientId).clear(); // user.getClientRoles().get(clientId).addAll(clientRoles); // api.users().updateUser(subjectId.toString(), user); // } // // public List getUserGroups(UUID subjectId) { // return api.users().getGroups(subjectId.toString()); // } @Override public void addUserToTenantRoleGroup(String subjectId, String tenantCode, String tenantRole) { GroupRepresentation group = api.groups().findGroupByPath(getTenantAuthorityParentPath(tenantRole) + "/" + configuration.getTenantGroupName(tenantCode)); addUserToGroup(subjectId, group.getId()); } @Override public void removeUserTenantRoleGroup(String subjectId, String tenantCode, String tenantRole) { GroupRepresentation group = api.groups().findGroupByPath(getTenantAuthorityParentPath(tenantRole) + "/" + configuration.getTenantGroupName(tenantCode)); removeUserFromGroup(subjectId, group.getId()); } private String getTenantAuthorityParentPath(String tenantRole) { GroupRepresentation parent = api.groups().findGroupById(configuration.getProperties().getTenantAuthorities().get(tenantRole).getParent()); return parent.getPath(); } @Override public void createTenantGroups(String tenantCode) { for (Map.Entry entry :configuration.getProperties().getTenantAuthorities().entrySet()){ GroupRepresentation group = new GroupRepresentation(); group.setName(configuration.getTenantGroupName(tenantCode)); HashMap> user_attributes = new HashMap<>(); user_attributes.put(this.configuration.getProperties().getTenantRoleAttributeName(), List.of(configuration.getTenantRoleAttributeValue(tenantCode, entry.getKey()))); group.setAttributes(user_attributes); api.groups().addGroupWithParent(group, configuration.getProperties().getTenantAuthorities().get(entry.getKey()).getParent()); } } }