57 lines
2.2 KiB
Java
57 lines
2.2 KiB
Java
// Copied from https://github.com/keycloak/keycloak/blob/main/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/authentication/ConditionalUserAttributeValue.java
|
|
package ca.uwaterloo.csclub.keycloakspi.authenticator;
|
|
|
|
import org.keycloak.authentication.AuthenticationFlowContext;
|
|
import org.keycloak.authentication.AuthenticationFlowError;
|
|
import org.keycloak.authentication.AuthenticationFlowException;
|
|
import org.keycloak.authentication.authenticators.conditional.ConditionalAuthenticator;
|
|
import org.keycloak.models.KeycloakSession;
|
|
import org.keycloak.models.RealmModel;
|
|
import org.keycloak.models.UserModel;
|
|
|
|
import java.util.Map;
|
|
import java.util.Objects;
|
|
|
|
|
|
public class ConditionalUserAttributeValue implements ConditionalAuthenticator {
|
|
|
|
static final ConditionalUserAttributeValue SINGLETON = new ConditionalUserAttributeValue();
|
|
|
|
@Override
|
|
public boolean matchCondition(AuthenticationFlowContext context) {
|
|
// Retrieve configuration
|
|
Map<String, String> config = context.getAuthenticatorConfig().getConfig();
|
|
String attributeName = config.get(ConditionalUserAttributeValueFactory.CONF_ATTRIBUTE_NAME);
|
|
String attributeValue = config.get(ConditionalUserAttributeValueFactory.CONF_ATTRIBUTE_EXPECTED_VALUE);
|
|
boolean negateOutput = Boolean.parseBoolean(config.get(ConditionalUserAttributeValueFactory.CONF_NOT));
|
|
|
|
UserModel user = context.getUser();
|
|
if (user == null) {
|
|
throw new AuthenticationFlowException("authenticator: " + ConditionalUserAttributeValueFactory.PROVIDER_ID, AuthenticationFlowError.UNKNOWN_USER);
|
|
}
|
|
|
|
boolean result = user.getAttributeStream(attributeName).anyMatch(attr -> Objects.equals(attr, attributeValue));
|
|
return negateOutput != result;
|
|
}
|
|
|
|
@Override
|
|
public void action(AuthenticationFlowContext context) {
|
|
// Not used
|
|
}
|
|
|
|
@Override
|
|
public boolean requiresUser() {
|
|
return true;
|
|
}
|
|
|
|
@Override
|
|
public void setRequiredActions(KeycloakSession session, RealmModel realm, UserModel user) {
|
|
// Not used
|
|
}
|
|
|
|
@Override
|
|
public void close() {
|
|
// Does nothing
|
|
}
|
|
}
|