Package com.simplicite.util.tools

Class KeycloakTool.KeycloakAPI

  • Enclosing class:
    KeycloakTool
    public static class KeycloakTool.KeycloakAPI
extends java.lang.Object
    Keycloak API connector

    • Constructor Summary

      Constructors 
      Constructor Description
      KeycloakAPI​(java.lang.String provider)  

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      org.json.JSONObject authent()
      Connect to API and get a new session token
      java.lang.Object call​(java.lang.String service, java.lang.String method, java.util.Map<java.lang.String,​java.lang.String> params)
      Call the API
      org.json.JSONObject getClient​(java.lang.String client)
      Search a client
      org.json.JSONArray getClientRoles​(java.lang.String client, int max)
      List client's roles
      org.json.JSONArray getClientRoleUsers​(java.lang.String client, java.lang.String role, int max)
      List users with a client role
      org.json.JSONArray getClients()
      List all clients
      org.json.JSONObject getGroup​(java.lang.String group)
      Search a group
      org.json.JSONArray getGroupUsers​(java.lang.String group, int max)
      List users with a given group
      org.json.JSONArray getRoleUsers​(java.lang.String role, int max)
      List users with a given role
      org.json.JSONObject getSyncParameters()
      Get the setting of KEYCLOAK_SYNC provider
      java.lang.String getToken()
      Get a token to use API
      java.util.List<java.lang.String> getUserClientRoles​(java.lang.String userUID)
      List the user's roles within all clients
      java.util.List<java.lang.String> getUserClientRoles​(java.lang.String userUID, java.lang.String clientUID)
      List the user's roles within a client role-mappings
      java.util.List<java.lang.String> getUserGroups​(java.lang.String userUID, int max)
      List the user's groups
      org.json.JSONObject getUserInfo​(java.lang.String login)
      Get user info { id, enabled, username, email, firstName, lastName, attributes:{ key:[values]...
      java.util.List<java.lang.String> getUserRealmRoles​(java.lang.String userUID)
      List the user's roles on realm role-mappings
      boolean isDebug()
      Debug API access?
      void logout​(SessionInfo info)
      Logout a session
      org.json.JSONObject refresh()
      Refresh the access_token when the refresh_token has not expired
      org.json.JSONArray searchUsers​(java.lang.String filter, int max)
      User search
      void setDebug​(boolean b)
      Set the debug mode
      java.lang.String sync​(ObjectDB obj)
      Synchronize Keycloak users
      void sync​(org.json.JSONObject params, org.json.JSONArray users, java.lang.String name, ObjectDB obj)
      Import users from a Keycloak group/role
      void syncClient​(org.json.JSONObject params, java.lang.String client, ObjectDB obj)
      Import users from a Keycloak client roles
      java.lang.String syncClients​(org.json.JSONObject params, org.json.JSONArray clients, ObjectDB obj)
      Import users from KEYCLOAK_SYNC.clients
      void syncGroup​(org.json.JSONObject params, java.lang.String group, ObjectDB obj)
      Import users from a Keycloak group
      java.lang.String syncGroups​(org.json.JSONObject params, org.json.JSONArray groups, ObjectDB obj)
      Import users from KEYCLOAK_SYNC.groups
      void syncRole​(org.json.JSONObject params, java.lang.String role, ObjectDB obj)
      Import users from a Keycloak role
      java.lang.String syncRoles​(org.json.JSONObject params, org.json.JSONArray roles, ObjectDB obj)
      Import users from KEYCLOAK_SYNC.roles

      • Methods inherited from class java.lang.Object

        equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • KeycloakAPI

        public KeycloakAPI​(java.lang.String provider)

    • Method Detail

      • isDebug

        public boolean isDebug()
        Debug API access?
        Returns:
        true to debug calls

      • setDebug

        public void setDebug​(boolean b)
        Set the debug mode

      • authent

        public org.json.JSONObject authent()
        Connect to API and get a new session token
        Returns:
        JSONObject with access_token and refresh_token

      • getToken

        public java.lang.String getToken()
        Get a token to use API
        Returns:
        A bearer token if authorized, null if not authorized

      • refresh

        public org.json.JSONObject refresh()
        Refresh the access_token when the refresh_token has not expired
        Returns:
        JSONObject with access_token and refresh_token

      • call

        public java.lang.Object call​(java.lang.String service,
                             java.lang.String method,
                             java.util.Map<java.lang.String,​java.lang.String> params)
        Call the API
        Parameters:
        service - Service parameters
        method - HTTP method GET|POST|PUT|DELETE
        params - Optional parameters to POST
        Returns:
        response as JSONObject or JSONArray

      • logout

        public void logout​(SessionInfo info)
        Logout a session
        Parameters:
        info - Session info with access_token to invalidate

      • getRoleUsers

        public org.json.JSONArray getRoleUsers​(java.lang.String role,
                                       int max)
        List users with a given role
        Parameters:
        role - Role name
        max - Max result size
        Returns:
        Array of Keycloak users

      • getClientRoles

        public org.json.JSONArray getClientRoles​(java.lang.String client,
                                         int max)
        List client's roles
        Parameters:
        client - Client name
        max - Max result size
        Returns:
        Array of Keycloak roles

      • getClientRoleUsers

        public org.json.JSONArray getClientRoleUsers​(java.lang.String client,
                                             java.lang.String role,
                                             int max)
        List users with a client role
        Parameters:
        client - Client name
        role - Role name
        max - Max result size
        Returns:
        Array of Keycloak users

      • getGroup

        public org.json.JSONObject getGroup​(java.lang.String group)
        Search a group
        Parameters:
        group - Group name
        Returns:
        Keycloak group

      • getClient

        public org.json.JSONObject getClient​(java.lang.String client)
        Search a client
        Parameters:
        client - Client name
        Returns:
        Keycloak client

      • getClients

        public org.json.JSONArray getClients()
        List all clients
        Returns:
        Keycloak clients

      • getGroupUsers

        public org.json.JSONArray getGroupUsers​(java.lang.String group,
                                        int max)
        List users with a given group
        Parameters:
        group - Group name
        max - Max result size
        Returns:
        Array of Keycloak users

      • searchUsers

        public org.json.JSONArray searchUsers​(java.lang.String filter,
                                      int max)
        User search
        Parameters:
        filter - A String contained in username, first or last name, or email
        max - Max result size
        Returns:
        Array of Keycloak users

      • getUserInfo

        public org.json.JSONObject getUserInfo​(java.lang.String login)
        Get user info { id, enabled, username, email, firstName, lastName, attributes:{ key:[values]... }, ... }
        Parameters:
        login -
        Returns:
        JSON object

      • getUserRealmRoles

        public java.util.List<java.lang.String> getUserRealmRoles​(java.lang.String userUID)
        List the user's roles on realm role-mappings
        Parameters:
        userUID - User keycloak Id
        Returns:
        List of granted roles

      • getUserClientRoles

        public java.util.List<java.lang.String> getUserClientRoles​(java.lang.String userUID,
                                                           java.lang.String clientUID)
        List the user's roles within a client role-mappings
        Parameters:
        userUID - User keycloak Id
        clientUID - Client keycloak Id
        Returns:
        List of granted roles or null

      • getUserClientRoles

        public java.util.List<java.lang.String> getUserClientRoles​(java.lang.String userUID)
        List the user's roles within all clients
        Parameters:
        userUID - User keycloak Id
        Returns:
        List of granted roles or null

      • getUserGroups

        public java.util.List<java.lang.String> getUserGroups​(java.lang.String userUID,
                                                      int max)
        List the user's groups
        Parameters:
        userUID - User keycloak Id
        Returns:
        List of granted groups

      • syncGroups

        public java.lang.String syncGroups​(org.json.JSONObject params,
                                   org.json.JSONArray groups,
                                   ObjectDB obj)
        Import users from KEYCLOAK_SYNC.groups
        Parameters:
        params - Sync parameters
        groups - List of Keycloak group names
        obj - optional caller object (to stop asynchronous action)

      • syncRoles

        public java.lang.String syncRoles​(org.json.JSONObject params,
                                  org.json.JSONArray roles,
                                  ObjectDB obj)
        Import users from KEYCLOAK_SYNC.roles
        Parameters:
        params - Sync parameters
        roles - List of Keycloak role names
        obj - optional caller object (to stop asynchronous action)

      • syncClients

        public java.lang.String syncClients​(org.json.JSONObject params,
                                    org.json.JSONArray clients,
                                    ObjectDB obj)
        Import users from KEYCLOAK_SYNC.clients
        Parameters:
        params - Sync parameters
        clients - List of Keycloak client names
        obj - optional caller object (to stop asynchronous action)

      • syncGroup

        public void syncGroup​(org.json.JSONObject params,
                      java.lang.String group,
                      ObjectDB obj)
        Import users from a Keycloak group
        Parameters:
        params - Sync parameters
        group - Keycloak group name
        obj - optional caller object (to stop asynchronous action)

      • syncRole

        public void syncRole​(org.json.JSONObject params,
                     java.lang.String role,
                     ObjectDB obj)
        Import users from a Keycloak role
        Parameters:
        params - Sync parameters
        role - Keycloak role name
        obj - optional caller object (to stop asynchronous action)

      • syncClient

        public void syncClient​(org.json.JSONObject params,
                       java.lang.String client,
                       ObjectDB obj)
        Import users from a Keycloak client roles
        Parameters:
        params - Sync parameters
        client - Keycloak client name
        obj - optional caller object (to stop asynchronous action)

      • getSyncParameters

        public org.json.JSONObject getSyncParameters()
        Get the setting of KEYCLOAK_SYNC provider
        Returns:
        JSON or null if no SYNC is defined

      • sync

        public void sync​(org.json.JSONObject params,
                 org.json.JSONArray users,
                 java.lang.String name,
                 ObjectDB obj)
        Import users from a Keycloak group/role
        Parameters:
        params - Sync parameters
        name - role or group name
        obj - optional caller object (to stop asynchronous action)

      • sync

        public java.lang.String sync​(ObjectDB obj)
        Synchronize Keycloak users
        Parameters:
        obj - Optional caller object
        Returns:
        Message