forked from p2-inc/keycloak-orgs
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
p2-inc#235 Update to latest HomeIdpDiscovery API
- Loading branch information
Showing
39 changed files
with
1,231 additions
and
375 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
134 changes: 134 additions & 0 deletions
134
src/main/java/io/phasetwo/service/auth/idp/AbstractHomeIdpDiscoveryAuthenticatorFactory.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,134 @@ | ||
//package de.sventorben.keycloak.authentication.hidpd; | ||
package io.phasetwo.service.auth.idp; | ||
|
||
import org.keycloak.Config; | ||
import org.keycloak.authentication.Authenticator; | ||
import org.keycloak.authentication.AuthenticatorFactory; | ||
import org.keycloak.models.AuthenticationExecutionModel; | ||
import org.keycloak.models.KeycloakSession; | ||
import org.keycloak.models.KeycloakSessionFactory; | ||
import org.keycloak.provider.ProviderConfigProperty; | ||
import org.keycloak.provider.ServerInfoAwareProviderFactory; | ||
import io.phasetwo.service.auth.idp.discovery.spi.HomeIdpDiscoverer; | ||
|
||
import java.util.List; | ||
import java.util.Map; | ||
import java.util.stream.Collectors; | ||
import java.util.stream.Stream; | ||
|
||
import static org.keycloak.models.AuthenticationExecutionModel.Requirement.ALTERNATIVE; | ||
import static org.keycloak.models.AuthenticationExecutionModel.Requirement.DISABLED; | ||
import static org.keycloak.models.AuthenticationExecutionModel.Requirement.REQUIRED; | ||
|
||
/** | ||
* Provides a base implementation for authenticator factories that integrate custom identity provider | ||
* discovery mechanisms within authentication flow of this extension. This abstract class simplifies | ||
* the creation of authenticator instances by encapsulating common logic and providing a framework | ||
* for extending the discovery functionality through custom {@link HomeIdpDiscoverer} implementations. | ||
* <p> | ||
* Implementors of this class need to provide their own {@link DiscovererConfig}, which includes | ||
* the discovery logic specifics and configuration properties. This approach ensures flexibility and | ||
* customizability, enabling developers to tailor the identity provider discovery process to specific | ||
* organizational needs or authentication scenarios. | ||
* </p> | ||
* <p> | ||
* By inheriting from this class, developers can focus on the specifics of their discovery logic | ||
* without worrying about the boilerplate associated with UI integration and redirection logic. | ||
* </p> | ||
* | ||
* @apiNote This interface is part of the public API, but is currently unstable and may change in future releases. | ||
* | ||
* @see HomeIdpDiscoverer | ||
* @see DiscovererConfig | ||
*/ | ||
@PublicAPI(unstable = true) | ||
public abstract class AbstractHomeIdpDiscoveryAuthenticatorFactory implements AuthenticatorFactory, ServerInfoAwareProviderFactory { | ||
private static final AuthenticationExecutionModel.Requirement[] REQUIREMENT_CHOICES = new AuthenticationExecutionModel.Requirement[]{REQUIRED, ALTERNATIVE, DISABLED}; | ||
|
||
private final DiscovererConfig discovererConfig; | ||
|
||
protected AbstractHomeIdpDiscoveryAuthenticatorFactory(DiscovererConfig discovererConfig) { | ||
this.discovererConfig = discovererConfig; | ||
} | ||
|
||
@Override | ||
public final boolean isConfigurable() { | ||
return true; | ||
} | ||
|
||
@Override | ||
public final AuthenticationExecutionModel.Requirement[] getRequirementChoices() { | ||
return REQUIREMENT_CHOICES; | ||
} | ||
|
||
@Override | ||
public final boolean isUserSetupAllowed() { | ||
return false; | ||
} | ||
|
||
@Override | ||
public final List<ProviderConfigProperty> getConfigProperties() { | ||
return Stream.concat( | ||
HomeIdpForwarderConfigProperties.CONFIG_PROPERTIES.stream(), | ||
discovererConfig.getProperties().stream()) | ||
.collect(Collectors.toList()); | ||
} | ||
|
||
@Override | ||
public final Authenticator create(KeycloakSession session) { | ||
return new HomeIdpDiscoveryAuthenticator(discovererConfig); | ||
} | ||
|
||
@Override | ||
public final void init(Config.Scope config) { | ||
} | ||
|
||
@Override | ||
public final void postInit(KeycloakSessionFactory factory) { | ||
} | ||
|
||
@Override | ||
public final void close() { | ||
} | ||
|
||
@Override | ||
public final Map<String, String> getOperationalInfo() { | ||
return OperationalInfo.get(); | ||
} | ||
|
||
/** | ||
* Represents the configuration settings for a {@link HomeIdpDiscoverer} implementation. This interface | ||
* is designed to allow for dynamic specification of configuration properties necessary for the | ||
* discovery of home Identity Providers (IdPs). The configurations defined by an implementation of | ||
* this interface provide the parameters and metadata required by a discoverer to properly integrate | ||
* with {@link HomeIdpDiscoveryAuthenticator}. | ||
* | ||
* @apiNote This interface is part of the public API, but is currently unstable and may change in future releases. | ||
* | ||
* @see HomeIdpDiscoverer | ||
*/ | ||
@PublicAPI(unstable = true) | ||
public interface DiscovererConfig { | ||
/** | ||
* Retrieves a list of {@link ProviderConfigProperty} objects that define the configuration | ||
* properties available for the discoverer. Each {@code ProviderConfigProperty} includes metadata | ||
* such as the property name, type, label, default value, and other attributes necessary for | ||
* configuring the discoverer identified by {@link #getProviderId()} dynamically at runtime. | ||
* | ||
* @return a list of {@link ProviderConfigProperty} that describes each configuration property | ||
* required by the discoverer. If no home properties are need for configuration, this method must | ||
* return an empty list. | ||
*/ | ||
List<ProviderConfigProperty> getProperties(); | ||
|
||
/** | ||
* Returns the unique provider ID associated with the discoverer. This ID is used to uniquely | ||
* identify and reference the specific discoverer implementation within the Keycloak system. | ||
* The provider ID should be unique across all discoverer configurations to prevent conflicts | ||
* and ensure correct operation. | ||
* | ||
* @return the unique string identifier for the discoverer provider. | ||
*/ | ||
String getProviderId(); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.