svn-gvsig-desktop / trunk / org.gvsig.desktop / org.gvsig.desktop.plugin / org.gvsig.downloader / org.gvsig.downloader.swing / org.gvsig.downloader.swing.scribejava / src / main / java / org / gvsig / downloader / swing / scribejava / keycloak / KeycloakApi2.java @ 47828
History | View | Annotate | Download (3.25 KB)
| 1 |
package org.gvsig.downloader.swing.scribejava.keycloak; |
|---|---|
| 2 |
|
| 3 |
import com.github.scribejava.apis.openid.OpenIdJsonTokenExtractor; |
| 4 |
import com.github.scribejava.core.builder.api.DefaultApi20; |
| 5 |
import com.github.scribejava.core.extractors.TokenExtractor; |
| 6 |
import com.github.scribejava.core.model.OAuth2AccessToken; |
| 7 |
|
| 8 |
import java.util.concurrent.ConcurrentHashMap; |
| 9 |
import java.util.concurrent.ConcurrentMap; |
| 10 |
import org.apache.commons.lang3.StringUtils; |
| 11 |
|
| 12 |
/*
|
| 13 |
* Based on portions of code from ScribeJava (https://github.com/scribejava/scribejava)
|
| 14 |
* in module scribejava-apis.
|
| 15 |
* https://github.com/scribejava/scribejava/blob/master/scribejava-apis/src/main/java/com/github/scribejava/apis/KeycloakApi.java
|
| 16 |
*/
|
| 17 |
public class KeycloakApi2 extends DefaultApi20 { |
| 18 |
|
| 19 |
private static final ConcurrentMap<String, KeycloakApi2> INSTANCES = new ConcurrentHashMap<>(); |
| 20 |
|
| 21 |
private final String baseUrlWithRealm; |
| 22 |
|
| 23 |
protected KeycloakApi2(String baseUrlWithRealm) { |
| 24 |
this.baseUrlWithRealm = baseUrlWithRealm;
|
| 25 |
} |
| 26 |
|
| 27 |
public static KeycloakApi2 instance() { |
| 28 |
return instance("http://localhost:8080/", "master"); |
| 29 |
} |
| 30 |
|
| 31 |
public static KeycloakApi2 instance(String baseUrl, String realm) { |
| 32 |
final String defaultBaseUrlWithRealm = composeBaseUrlWithRealm(baseUrl, realm); |
| 33 |
|
| 34 |
//java8: switch to ConcurrentMap::computeIfAbsent
|
| 35 |
KeycloakApi2 api = INSTANCES.get(defaultBaseUrlWithRealm); |
| 36 |
if (api == null) { |
| 37 |
api = new KeycloakApi2(defaultBaseUrlWithRealm);
|
| 38 |
final KeycloakApi2 alreadyCreatedApi = INSTANCES.putIfAbsent(defaultBaseUrlWithRealm, api);
|
| 39 |
if (alreadyCreatedApi != null) { |
| 40 |
return alreadyCreatedApi;
|
| 41 |
} |
| 42 |
} |
| 43 |
return api;
|
| 44 |
} |
| 45 |
|
| 46 |
protected static String composeBaseUrlWithRealm(String baseUrl, String realm) { |
| 47 |
if( !StringUtils.endsWith(baseUrl, "/") ) { |
| 48 |
baseUrl += "/";
|
| 49 |
} |
| 50 |
if( StringUtils.endsWith(baseUrl, "/realms/") ) { |
| 51 |
baseUrl += realm; |
| 52 |
} else {
|
| 53 |
baseUrl += "auth/realms/" + realm;
|
| 54 |
} |
| 55 |
// return baseUrl + (baseUrl.endsWith("/") ? "" : "/") + "auth/realms/" + realm;
|
| 56 |
return baseUrl;
|
| 57 |
} |
| 58 |
|
| 59 |
@Override
|
| 60 |
public String getAccessTokenEndpoint() { |
| 61 |
return baseUrlWithRealm + "/protocol/openid-connect/token"; |
| 62 |
} |
| 63 |
|
| 64 |
@Override
|
| 65 |
protected String getAuthorizationBaseUrl() { |
| 66 |
return baseUrlWithRealm + "/protocol/openid-connect/auth"; |
| 67 |
} |
| 68 |
|
| 69 |
@Override
|
| 70 |
public TokenExtractor<OAuth2AccessToken> getAccessTokenExtractor() {
|
| 71 |
return OpenIdJsonTokenExtractor.instance();
|
| 72 |
} |
| 73 |
|
| 74 |
@Override
|
| 75 |
public String getRevokeTokenEndpoint() { |
| 76 |
throw new RuntimeException("Not implemented yet"); |
| 77 |
} |
| 78 |
|
| 79 |
public String getUserInfoEndpoint() { |
| 80 |
return baseUrlWithRealm + "/protocol/openid-connect/userinfo"; |
| 81 |
} |
| 82 |
|
| 83 |
public String getLogoutEndpoint(String clientid, String redirect_uri) { |
| 84 |
// String redirect_uri_name = "redirect_uri";
|
| 85 |
String redirect_uri_name = "post_logout_redirect_uri"; |
| 86 |
String logoutUrl = String.format( |
| 87 |
"%s/protocol/openid-connect/logout?%s=%s&client_id=%s",
|
| 88 |
this.baseUrlWithRealm,
|
| 89 |
redirect_uri_name, |
| 90 |
redirect_uri, |
| 91 |
clientid |
| 92 |
); |
| 93 |
return logoutUrl;
|
| 94 |
} |
| 95 |
} |