• Home
• org.infinispan
• infinispan-server-runtime
• 15.1.0.Dev04
• source code
• TokenRealmConfiguration.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.infinispan.server.configuration.security.TokenRealmConfiguration Maven / Gradle / Ivy

package org.infinispan.server.configuration.security;

import java.util.EnumSet;
import java.util.Properties;

import org.infinispan.commons.configuration.attributes.AttributeDefinition;
import org.infinispan.commons.configuration.attributes.AttributeSet;
import org.infinispan.commons.configuration.attributes.ConfigurationElement;
import org.infinispan.server.configuration.Attribute;
import org.infinispan.server.configuration.Element;
import org.infinispan.server.security.KeycloakRoleDecoder;
import org.infinispan.server.security.ServerSecurityRealm;
import org.wildfly.security.auth.realm.token.TokenSecurityRealm;
import org.wildfly.security.auth.server.SecurityDomain;
import org.wildfly.security.auth.server.SecurityRealm;

/**
 * @since 10.0
 */
public class TokenRealmConfiguration extends ConfigurationElement implements RealmProvider {

   static final AttributeDefinition NAME = AttributeDefinition.builder(Attribute.NAME, "token", String.class).build();
   static final AttributeDefinition AUTH_SERVER_URL = AttributeDefinition.builder(Attribute.AUTH_SERVER_URL, null, String.class).build();
   static final AttributeDefinition CLIENT_ID = AttributeDefinition.builder(Attribute.CLIENT_ID, null, String.class).build();
   static final AttributeDefinition PRINCIPAL_CLAIM = AttributeDefinition.builder(Attribute.PRINCIPAL_CLAIM, null, String.class).build();

   private final JwtConfiguration jwtConfiguration;
   private final OAuth2Configuration oauth2Configuration;

   static AttributeSet attributeDefinitionSet() {
      return new AttributeSet(TokenRealmConfiguration.class, NAME, AUTH_SERVER_URL, CLIENT_ID, PRINCIPAL_CLAIM);
   }

   TokenRealmConfiguration(JwtConfiguration jwtConfiguration, OAuth2Configuration oAuth2Configuration, AttributeSet attributes) {
      super(Element.TOKEN_REALM, attributes);
      this.jwtConfiguration = jwtConfiguration;
      this.oauth2Configuration = oAuth2Configuration;
   }

   public String name() {
      return attributes.attribute(NAME).get();
   }

   public String authServerUrl() {
      return attributes.attribute(AUTH_SERVER_URL).get();
   }

   public String clientId() {
      return attributes.attribute(CLIENT_ID).get();
   }

   public JwtConfiguration jwtConfiguration() {
      return jwtConfiguration;
   }

   public OAuth2Configuration oauth2Configuration() {
      return oauth2Configuration;
   }

   @Override
   public SecurityRealm build(SecurityConfiguration security, RealmConfiguration realm, SecurityDomain.Builder domainBuilder, Properties properties) {
      TokenSecurityRealm.Builder tokenRealmBuilder = TokenSecurityRealm.builder();
      tokenRealmBuilder.validator(oauth2Configuration().isModified() ? oauth2Configuration.getValidator(security, realm) : jwtConfiguration.getValidator(security, realm));
      TokenSecurityRealm securityRealm = tokenRealmBuilder.build();
      domainBuilder.setRoleDecoder(new KeycloakRoleDecoder());
      return securityRealm;
   }

   @Override
   public void applyFeatures(EnumSet features) {
      features.add(ServerSecurityRealm.Feature.TOKEN);
   }
}