Package org.keycloak.services

Examples of org.keycloak.services.ForbiddenException

93
94
95
96
97
98
99
100
101
102
103
    @Path("register-node")
    @POST
    @Produces("application/json")
    public Response registerNode(@HeaderParam(HttpHeaders.AUTHORIZATION) String authorizationHeader, final MultivaluedMap<String, String> formData) {
        if (!checkSsl()) {
            throw new ForbiddenException("HTTPS required");
        }

        event.event(EventType.REGISTER_NODE);

        if (!realm.isEnabled()) {
View Full Code Here
129
130
131
132
133
134
135
136
137
138
139
    @Path("unregister-node")
    @POST
    @Produces("application/json")
    public Response unregisterNode(@HeaderParam(HttpHeaders.AUTHORIZATION) String authorizationHeader, final MultivaluedMap<String, String> formData) {
        if (!checkSsl()) {
            throw new ForbiddenException("HTTPS required");
        }

        event.event(EventType.UNREGISTER_NODE);

        if (!realm.isEnabled()) {
View Full Code Here
119
120
121
122
123
124
125
126
127
128
129
130
131
132
    @Consumes("application/json")
    public Response importRealm(@Context final UriInfo uriInfo, final RealmRepresentation rep) {
        RealmManager realmManager = new RealmManager(session);
        realmManager.setContextPath(keycloak.getContextPath());
        if (!auth.getRealm().equals(realmManager.getKeycloakAdminstrationRealm())) {
            throw new ForbiddenException();
        }
        if (!auth.hasRealmRole(AdminRoles.CREATE_REALM)) {
            throw new ForbiddenException();
        }

        logger.debugv("importRealm: {0}", rep.getRealm());

        try {
View Full Code Here
154
155
156
157
158
159
160
161
162
163
164
165
166
167
    @Consumes(MediaType.MULTIPART_FORM_DATA)
    public Response uploadRealm(@Context final UriInfo uriInfo, MultipartFormDataInput input) throws IOException {
        RealmManager realmManager = new RealmManager(session);
        realmManager.setContextPath(keycloak.getContextPath());
        if (!auth.getRealm().equals(realmManager.getKeycloakAdminstrationRealm())) {
            throw new ForbiddenException();
        }
        if (!auth.hasRealmRole(AdminRoles.CREATE_REALM)) {
            throw new ForbiddenException();
        }

        Map<String, List<InputPart>> uploadForm = input.getFormDataMap();
        List<InputPart> inputParts = uploadForm.get("file");
View Full Code Here
213
214
215
216
217
218
219
220
221
222
223
        RealmModel realm = realmManager.getRealmByName(name);
        if (realm == null) throw new NotFoundException("{realm} = " + name);

        if (!auth.getRealm().equals(realmManager.getKeycloakAdminstrationRealm())
                && !auth.getRealm().equals(realm)) {
            throw new ForbiddenException();
        }
        RealmAuth realmAuth;

        if (auth.getRealm().equals(realmManager.getKeycloakAdminstrationRealm())) {
            realmAuth = new RealmAuth(auth, realm.getMasterAdminApp());
View Full Code Here
29
30
31
32
33
34
35
36
        return this;
    }

    public void requireAny() {
        if (!auth.hasOneOfAppRole(realmAdminApp, AdminRoles.ALL_REALM_ROLES)) {
            throw new ForbiddenException();
        }
    }
View Full Code Here
43
44
45
46
47
48
49
50
        return auth.hasOneOfAppRole(realmAdminApp, getManageRole(resource));
    }

    public void requireView() {
        if (!hasView()) {
            throw new ForbiddenException();
        }
    }
View Full Code Here
49
50
51
52
53
54
55
56
        }
    }

    public void requireManage() {
        if (!hasManage()) {
            throw new ForbiddenException();
        }
    }
View Full Code Here
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
        // don't allow cors requests unless they were authenticated by an access token
        // This is to prevent CSRF attacks.
        if (auth != null && auth.isCookieAuthenticated()) {
            String origin = headers.getRequestHeaders().getFirst("Origin");
            if (origin != null && !requestOrigin.equals(origin)) {
                throw new ForbiddenException();
            }

            if (!request.getHttpMethod().equals("GET")) {
                String referrer = headers.getRequestHeaders().getFirst("Referer");
                if (referrer != null && !requestOrigin.equals(UriUtils.getOrigin(referrer))) {
                    throw new ForbiddenException();
                }
            }
        }

        if (authResult != null) {
View Full Code Here
371
372
373
374
375
376
377
378
379
     */
    protected void csrfCheck(final MultivaluedMap<String, String> formData) {
        if (!auth.isCookieAuthenticated()) return;
        String stateChecker = formData.getFirst("stateChecker");
        if (!this.stateChecker.equals(stateChecker)) {
            throw new ForbiddenException();
        }

    }
View Full Code Here
TOP

Related Classes of org.keycloak.services.ForbiddenException

  • org.keycloak.protocol.oidc.OpenIDConnectService
  • org.keycloak.services.resources.AccountService
  • org.keycloak.services.resources.admin.RealmAuth
  • org.keycloak.services.resources.admin.RealmsAdminResource
  • org.keycloak.services.resources.ClientsManagementService
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.