mirror of
https://github.com/keycloak/keycloak.git
synced 2026-05-24 02:10:34 -05:00
KEYCLOAK-7044 KEYCLOAK-7046
This commit is contained in:
Bill Burke
@@ -20,4 +20,14 @@ if [ "x$RESOLVED_NAME" = "x" ]; then
|
||||
fi
|
||||
|
||||
DIRNAME=`dirname "$RESOLVED_NAME"`
|
||||
java $KC_OPTS -cp $DIRNAME/client/keycloak-admin-cli-${project.version}.jar org.keycloak.client.admin.cli.KcAdmMain "$@"
|
||||
|
||||
|
||||
# Uncomment out these lines if you are integrating with `kcinit`
|
||||
#if [ "$1" = "config" ]; then
|
||||
# java $KC_OPTS -cp $DIRNAME/client/keycloak-admin-cli-${project.version}.jar org.keycloak.client.admin.cli.KcAdmMain "$@"
|
||||
#else
|
||||
# java $KC_OPTS -cp $DIRNAME/client/keycloak-admin-cli-${project.version}.jar org.keycloak.client.admin.cli.KcAdmMain "$@" --noconfig --token $(kcinit token admin-cli) --server $(kcinit show server)
|
||||
#fi
|
||||
# Remove the next line if you have enabled kcinit
|
||||
java $KC_OPTS -cp $DIRNAME/client/keycloak-admin-cli-${project.version}.jar org.keycloak.client.admin.cli.KcAdmMain "$@"
|
||||
|
||||
|
||||
+13
-3
@@ -89,6 +89,9 @@ public abstract class AbstractAuthOptionsCmd extends AbstractGlobalOptionsCmd {
|
||||
@Option(name = "trustpass", description = "Truststore password (prompted for if not specified and --truststore is used)")
|
||||
String trustPass;
|
||||
|
||||
@Option(name = "token", description = "Token to use for invocations. With this option set, every other authentication option is ignored")
|
||||
String externalToken;
|
||||
|
||||
|
||||
protected void initFromParent(AbstractAuthOptionsCmd parent) {
|
||||
|
||||
@@ -108,6 +111,7 @@ public abstract class AbstractAuthOptionsCmd extends AbstractGlobalOptionsCmd {
|
||||
alias = parent.alias;
|
||||
trustStore = parent.trustStore;
|
||||
trustPass = parent.trustPass;
|
||||
externalToken = parent.externalToken;
|
||||
}
|
||||
|
||||
protected void applyDefaultOptionValues() {
|
||||
@@ -117,7 +121,7 @@ public abstract class AbstractAuthOptionsCmd extends AbstractGlobalOptionsCmd {
|
||||
}
|
||||
|
||||
protected boolean noOptions() {
|
||||
return server == null && realm == null && clientId == null && secret == null &&
|
||||
return externalToken == null && server == null && realm == null && clientId == null && secret == null &&
|
||||
user == null && password == null &&
|
||||
keystore == null && storePass == null && keyPass == null && alias == null &&
|
||||
trustStore == null && trustPass == null && config == null && (args == null || args.size() == 0);
|
||||
@@ -215,8 +219,8 @@ public abstract class AbstractAuthOptionsCmd extends AbstractGlobalOptionsCmd {
|
||||
}
|
||||
|
||||
protected boolean requiresLogin() {
|
||||
return user != null || password != null || secret != null || keystore != null
|
||||
|| keyPass != null || storePass != null || alias != null;
|
||||
return externalToken == null && (user != null || password != null || secret != null || keystore != null
|
||||
|| keyPass != null || storePass != null || alias != null);
|
||||
}
|
||||
|
||||
protected ConfigData copyWithServerInfo(ConfigData config) {
|
||||
@@ -229,6 +233,9 @@ public abstract class AbstractAuthOptionsCmd extends AbstractGlobalOptionsCmd {
|
||||
if (realm != null) {
|
||||
result.setRealm(realm);
|
||||
}
|
||||
if (externalToken != null) {
|
||||
result.setExternalToken(externalToken);
|
||||
}
|
||||
|
||||
checkServerInfo(result);
|
||||
return result;
|
||||
@@ -241,6 +248,9 @@ public abstract class AbstractAuthOptionsCmd extends AbstractGlobalOptionsCmd {
|
||||
data.setRealm(realm);
|
||||
if (trustStore != null)
|
||||
data.setTruststore(trustStore);
|
||||
if (externalToken != null) {
|
||||
data.setExternalToken(externalToken);
|
||||
}
|
||||
|
||||
RealmConfigData rdata = data.sessionRealmConfigData();
|
||||
if (clientId != null)
|
||||
|
||||
+1
@@ -339,6 +339,7 @@ public class AddRolesCmd extends AbstractAuthOptionsCmd {
|
||||
out.println(" -x Print full stack trace when exiting with error");
|
||||
out.println(" --config Path to the config file (" + DEFAULT_CONFIG_FILE_STRING + " by default)");
|
||||
out.println(" --no-config Don't use config file - no authentication info is loaded or saved");
|
||||
out.println(" --token Token to use to invoke on Keycloak. Other credential may be ignored if this flag is set.");
|
||||
out.println(" --truststore PATH Path to a truststore containing trusted certificates");
|
||||
out.println(" --trustpass PASSWORD Truststore password (prompted for if not specified and --truststore is used)");
|
||||
out.println(" CREDENTIALS OPTIONS Same set of options as accepted by '" + CMD + " config credentials' in order to establish");
|
||||
|
||||
+1
@@ -100,6 +100,7 @@ public class CreateCmd extends AbstractRequestCmd {
|
||||
out.println(" -x Print full stack trace when exiting with error");
|
||||
out.println(" --config Path to the config file (" + DEFAULT_CONFIG_FILE_STRING + " by default)");
|
||||
out.println(" --no-config Don't use config file - no authentication info is loaded or saved");
|
||||
out.println(" --token Token to use to invoke on Keycloak. Other credential may be ignored if this flag is set.");
|
||||
out.println(" --truststore PATH Path to a truststore containing trusted certificates");
|
||||
out.println(" --trustpass PASSWORD Truststore password (prompted for if not specified and --truststore is used)");
|
||||
out.println(" CREDENTIALS OPTIONS Same set of options as accepted by '" + CMD + " config credentials' in order to establish");
|
||||
|
||||
+1
@@ -67,6 +67,7 @@ public class DeleteCmd extends CreateCmd {
|
||||
out.println(" -x Print full stack trace when exiting with error");
|
||||
out.println(" --config Path to the config file (" + DEFAULT_CONFIG_FILE_STRING + " by default)");
|
||||
out.println(" --no-config Don't use config file - no authentication info is loaded or saved");
|
||||
out.println(" --token Token to use to invoke on Keycloak. Other credential may be ignored if this flag is set.");
|
||||
out.println(" --truststore PATH Path to a truststore containing trusted certificates");
|
||||
out.println(" --trustpass PASSWORD Truststore password (prompted for if not specified and --truststore is used)");
|
||||
out.println(" CREDENTIALS OPTIONS Same set of options as accepted by '" + CMD + " config credentials' in order to establish");
|
||||
|
||||
+1
@@ -99,6 +99,7 @@ public class GetCmd extends AbstractRequestCmd {
|
||||
out.println(" -x Print full stack trace when exiting with error");
|
||||
out.println(" --config Path to the config file (" + DEFAULT_CONFIG_FILE_STRING + " by default)");
|
||||
out.println(" --no-config Don't use config file - no authentication info is loaded or saved");
|
||||
out.println(" --token Token to use to invoke on Keycloak. Other credential may be ignored if this flag is set.");
|
||||
out.println(" --truststore PATH Path to a truststore containing trusted certificates");
|
||||
out.println(" --trustpass PASSWORD Truststore password (prompted for if not specified and --truststore is used)");
|
||||
out.println(" CREDENTIALS OPTIONS Same set of options as accepted by '" + CMD + " config credentials' in order to establish");
|
||||
|
||||
+1
@@ -343,6 +343,7 @@ public class GetRolesCmd extends GetCmd {
|
||||
out.println(" -x Print full stack trace when exiting with error");
|
||||
out.println(" --config Path to the config file (" + DEFAULT_CONFIG_FILE_STRING + " by default)");
|
||||
out.println(" --no-config Don't use config file - no authentication info is loaded or saved");
|
||||
out.println(" --token Token to use to invoke on Keycloak. Other credential may be ignored if this flag is set.");
|
||||
out.println(" --truststore PATH Path to a truststore containing trusted certificates");
|
||||
out.println(" --trustpass PASSWORD Truststore password (prompted for if not specified and --truststore is used)");
|
||||
out.println(" CREDENTIALS OPTIONS Same set of options as accepted by '" + CMD + " config credentials' in order to establish");
|
||||
|
||||
+1
@@ -339,6 +339,7 @@ public class RemoveRolesCmd extends AbstractAuthOptionsCmd {
|
||||
out.println(" -x Print full stack trace when exiting with error");
|
||||
out.println(" --config Path to the config file (" + DEFAULT_CONFIG_FILE_STRING + " by default)");
|
||||
out.println(" --no-config Don't use config file - no authentication info is loaded or saved");
|
||||
out.println(" --token Token to use to invoke on Keycloak. Other credential may be ignored if this flag is set.");
|
||||
out.println(" --truststore PATH Path to a truststore containing trusted certificates");
|
||||
out.println(" --trustpass PASSWORD Truststore password (prompted for if not specified and --truststore is used)");
|
||||
out.println(" CREDENTIALS OPTIONS Same set of options as accepted by '" + CMD + " config credentials' in order to establish");
|
||||
|
||||
+1
@@ -151,6 +151,7 @@ public class SetPasswordCmd extends AbstractAuthOptionsCmd {
|
||||
out.println(" -x Print full stack trace when exiting with error");
|
||||
out.println(" --config Path to the config file (" + DEFAULT_CONFIG_FILE_STRING + " by default)");
|
||||
out.println(" --no-config Don't use config file - no authentication info is loaded or saved");
|
||||
out.println(" --token Token to use to invoke on Keycloak. Other credential may be ignored if this flag is set.");
|
||||
out.println(" --truststore PATH Path to a truststore containing trusted certificates");
|
||||
out.println(" --trustpass PASSWORD Truststore password (prompted for if not specified and --truststore is used)");
|
||||
out.println(" CREDENTIALS OPTIONS Same set of options as accepted by '" + CMD + " config credentials' in order to establish");
|
||||
|
||||
+1
@@ -108,6 +108,7 @@ public class UpdateCmd extends AbstractRequestCmd {
|
||||
out.println(" -x Print full stack trace when exiting with error");
|
||||
out.println(" --config Path to the config file (" + DEFAULT_CONFIG_FILE_STRING + " by default)");
|
||||
out.println(" --no-config Don't use config file - no authentication info is loaded or saved");
|
||||
out.println(" --token Token to use to invoke on Keycloak. Other credential may be ignored if this flag is set.");
|
||||
out.println(" --truststore PATH Path to a truststore containing trusted certificates");
|
||||
out.println(" --trustpass PASSWORD Truststore password (prompted for if not specified and --truststore is used)");
|
||||
out.println(" CREDENTIALS OPTIONS Same set of options as accepted by '" + CMD + " config credentials' in order to establish");
|
||||
|
||||
+14
@@ -16,6 +16,7 @@
|
||||
*/
|
||||
package org.keycloak.client.admin.cli.config;
|
||||
|
||||
import com.fasterxml.jackson.annotation.JsonIgnore;
|
||||
import org.keycloak.util.JsonSerialization;
|
||||
|
||||
import java.io.IOException;
|
||||
@@ -27,6 +28,9 @@ import java.util.Map;
|
||||
*/
|
||||
public class ConfigData {
|
||||
|
||||
@JsonIgnore
|
||||
private String externalToken;
|
||||
|
||||
private String serverUrl;
|
||||
|
||||
private String realm;
|
||||
@@ -46,6 +50,16 @@ public class ConfigData {
|
||||
this.serverUrl = serverUrl;
|
||||
}
|
||||
|
||||
@JsonIgnore
|
||||
public String getExternalToken() {
|
||||
return externalToken;
|
||||
}
|
||||
|
||||
@JsonIgnore
|
||||
public void setExternalToken(String externalToken) {
|
||||
this.externalToken = externalToken;
|
||||
}
|
||||
|
||||
public String getRealm() {
|
||||
return realm;
|
||||
}
|
||||
|
||||
+3
@@ -46,6 +46,9 @@ import static org.keycloak.client.admin.cli.util.HttpUtil.urlencode;
|
||||
public class AuthUtil {
|
||||
|
||||
public static String ensureToken(ConfigData config) {
|
||||
if (config.getExternalToken() != null) {
|
||||
return config.getExternalToken();
|
||||
}
|
||||
|
||||
checkAuthInfo(config);
|
||||
|
||||
|
||||
+7
-4
@@ -63,8 +63,11 @@ public class ConfigUtil {
|
||||
}
|
||||
|
||||
public static void checkServerInfo(ConfigData config) {
|
||||
if (config.getServerUrl() == null || config.getRealm() == null) {
|
||||
throw new RuntimeException("No server or realm specified. Use --server, --realm, or '" + OsUtil.CMD + " config credentials'.");
|
||||
if (config.getServerUrl() == null) {
|
||||
throw new RuntimeException("No server specified. Use --server, or '" + OsUtil.CMD + " config credentials or connection'.");
|
||||
}
|
||||
if (config.getRealm() == null && config.getExternalToken() == null) {
|
||||
throw new RuntimeException("No realm or token specified. Use --realm, --token, or '" + OsUtil.CMD + " config credentials'.");
|
||||
}
|
||||
}
|
||||
|
||||
@@ -73,8 +76,8 @@ public class ConfigUtil {
|
||||
}
|
||||
|
||||
public static boolean credentialsAvailable(ConfigData config) {
|
||||
return config.getServerUrl() != null && config.getRealm() != null
|
||||
&& config.sessionRealmConfigData() != null && config.sessionRealmConfigData().getRefreshToken() != null;
|
||||
return config.getServerUrl() != null && (config.getExternalToken() != null || (config.getRealm() != null
|
||||
&& config.sessionRealmConfigData() != null && config.sessionRealmConfigData().getRefreshToken() != null));
|
||||
}
|
||||
|
||||
public static ConfigData loadConfig() {
|
||||
|
||||
Reference in New Issue
Block a user