MigrateTo3_0_0.java

/*
 * Copyright 2016 Red Hat, Inc. and/or its affiliates
 * and other contributors as indicated by the @author tags.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.keycloak.migration.migrators;


import org.keycloak.migration.ModelVersion;
import org.keycloak.models.ClientModel;
import org.keycloak.models.Constants;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.representations.oidc.OIDCClientRepresentation;

import java.util.Objects;

import static org.keycloak.models.AccountRoles.MANAGE_ACCOUNT;
import static org.keycloak.models.AccountRoles.MANAGE_ACCOUNT_LINKS;
import static org.keycloak.models.Constants.ACCOUNT_MANAGEMENT_CLIENT_ID;
import static org.keycloak.models.Constants.defaultClients;

/**
 * @author <a href="mailto:bburke@redhat.com">Bill Burke</a>
 */
public class MigrateTo3_0_0 implements Migration {

    public static final ModelVersion VERSION = new ModelVersion("3.0.0");

    @Override
    public void migrate(KeycloakSession session) {
        for (RealmModel realm : session.realms().getRealms()) {

            realm.getClients().stream()
                    .filter(clientModel -> defaultClients.contains(clientModel.getId()))
                    .filter(clientModel -> Objects.isNull(clientModel.getProtocol()))
                    .forEach(clientModel -> clientModel.setProtocol("openid-connect"));

            ClientModel client = realm.getClientByClientId(ACCOUNT_MANAGEMENT_CLIENT_ID);
            if (client == null) continue;
            RoleModel linkRole = client.getRole(MANAGE_ACCOUNT_LINKS);
            if (linkRole == null) {
                client.addRole(MANAGE_ACCOUNT_LINKS);
            }
            RoleModel manageAccount = client.getRole(MANAGE_ACCOUNT);
            if (manageAccount == null) continue;
            RoleModel manageAccountLinks = client.getRole(MANAGE_ACCOUNT_LINKS);
            manageAccount.addCompositeRole(manageAccountLinks);

        }

    }

    @Override
    public ModelVersion getVersion() {
        return VERSION;
    }
}