-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: add command to generate new secrets (#14)
Closes #14
- Loading branch information
1 parent
174240f
commit e70ded7
Showing
5 changed files
with
135 additions
and
1 deletion.
There are no files selected for viewing
57 changes: 57 additions & 0 deletions
57
.../java/com/cycrilabs/keycloak/configurator/commands/generate/boundary/GenerateSecrets.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
package com.cycrilabs.keycloak.configurator.commands.generate.boundary; | ||
|
||
import java.util.List; | ||
import java.util.stream.Stream; | ||
|
||
import jakarta.annotation.PostConstruct; | ||
import jakarta.enterprise.context.ApplicationScoped; | ||
import jakarta.inject.Inject; | ||
|
||
import org.keycloak.admin.client.Keycloak; | ||
import org.keycloak.representations.idm.ClientRepresentation; | ||
|
||
import com.cycrilabs.keycloak.configurator.commands.generate.entity.GenerateSecretsCommandConfiguration; | ||
import com.cycrilabs.keycloak.configurator.shared.control.KeycloakFactory; | ||
|
||
import io.quarkus.logging.Log; | ||
|
||
@ApplicationScoped | ||
public class GenerateSecrets { | ||
@Inject | ||
GenerateSecretsCommandConfiguration configuration; | ||
Keycloak keycloak; | ||
|
||
@PostConstruct | ||
public void init() { | ||
keycloak = KeycloakFactory.create(configuration); | ||
} | ||
|
||
public void run() { | ||
final List<String> generatedIds = getClients() | ||
.filter(client -> client.getSecret() != null) | ||
.map(ClientRepresentation::getId) | ||
.map(this::generateSecret) | ||
.toList(); | ||
Log.infof("Generated secrets for %d clients.", Integer.valueOf(generatedIds.size())); | ||
} | ||
|
||
private Stream<ClientRepresentation> getClients() { | ||
return configuration.getClientId() == null | ||
? keycloak.realm(configuration.getRealmName()) | ||
.clients() | ||
.findAll() | ||
.stream() | ||
: keycloak.realm(configuration.getRealmName()) | ||
.clients() | ||
.findByClientId(configuration.getClientId()) | ||
.stream(); | ||
} | ||
|
||
private String generateSecret(final String id) { | ||
return keycloak.realm(configuration.getRealmName()) | ||
.clients() | ||
.get(id) | ||
.generateNewSecret() | ||
.getId(); | ||
} | ||
} |
38 changes: 38 additions & 0 deletions
38
...com/cycrilabs/keycloak/configurator/commands/generate/control/GenerateSecretsCommand.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
package com.cycrilabs.keycloak.configurator.commands.generate.control; | ||
|
||
import jakarta.inject.Inject; | ||
|
||
import com.cycrilabs.keycloak.configurator.commands.generate.boundary.GenerateSecrets; | ||
import com.cycrilabs.keycloak.configurator.commands.generate.entity.GenerateSecretsCommandConfiguration; | ||
import com.cycrilabs.keycloak.configurator.shared.control.KeycloakOptions; | ||
|
||
import io.quarkus.logging.Log; | ||
import picocli.CommandLine; | ||
|
||
@CommandLine.Command(name = "rotate-secrets", mixinStandardHelpOptions = true) | ||
public class GenerateSecretsCommand implements Runnable { | ||
@CommandLine.Mixin | ||
KeycloakOptions keycloakOptions; | ||
@CommandLine.Option(required = true, names = { "-r", "--realm" }, | ||
description = "Realm name to generate secrets for.") | ||
String realm; | ||
@CommandLine.Option(names = { "-c", "--client" }, | ||
description = "Specific client to generate new secret.") | ||
String clientId; | ||
|
||
@Inject | ||
GenerateSecretsCommandConfiguration configuration; | ||
@Inject | ||
GenerateSecrets command; | ||
|
||
@Override | ||
public void run() { | ||
try { | ||
Log.infof("Generating secrets of realm '%s'.", configuration.getRealmName()); | ||
command.run(); | ||
} catch (final Exception e) { | ||
Log.errorf(e, "Failed to generate secrets of realm '%s'.", | ||
configuration.getRealmName()); | ||
} | ||
} | ||
} |
18 changes: 18 additions & 0 deletions
18
...k/configurator/commands/generate/control/GenerateSecretsCommandConfigurationProducer.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
package com.cycrilabs.keycloak.configurator.commands.generate.control; | ||
|
||
import jakarta.enterprise.context.ApplicationScoped; | ||
import jakarta.enterprise.inject.Produces; | ||
|
||
import com.cycrilabs.keycloak.configurator.commands.generate.entity.GenerateSecretsCommandConfiguration; | ||
|
||
import picocli.CommandLine; | ||
|
||
@ApplicationScoped | ||
public class GenerateSecretsCommandConfigurationProducer { | ||
@Produces | ||
@ApplicationScoped | ||
GenerateSecretsCommandConfiguration createConfiguration( | ||
final CommandLine.ParseResult parseResult) { | ||
return new GenerateSecretsCommandConfiguration(parseResult); | ||
} | ||
} |
19 changes: 19 additions & 0 deletions
19
...s/keycloak/configurator/commands/generate/entity/GenerateSecretsCommandConfiguration.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
package com.cycrilabs.keycloak.configurator.commands.generate.entity; | ||
|
||
import lombok.Getter; | ||
|
||
import com.cycrilabs.keycloak.configurator.shared.entity.KeycloakConfiguration; | ||
|
||
import picocli.CommandLine.ParseResult; | ||
|
||
@Getter | ||
public class GenerateSecretsCommandConfiguration extends KeycloakConfiguration { | ||
private final String realmName; | ||
private final String clientId; | ||
|
||
public GenerateSecretsCommandConfiguration(final ParseResult parseResult) { | ||
super(parseResult); | ||
realmName = getMatchedOption(parseResult, "-r"); | ||
clientId = getMatchedOption(parseResult, "-c"); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters