diff --git a/ssh-key-provider/src/main/java/de/ccc/hamburg/keycloak/AuthHelper.java b/ssh-key-provider/src/main/java/de/ccc/hamburg/keycloak/AuthHelper.java index 15f8390..6138607 100644 --- a/ssh-key-provider/src/main/java/de/ccc/hamburg/keycloak/AuthHelper.java +++ b/ssh-key-provider/src/main/java/de/ccc/hamburg/keycloak/AuthHelper.java @@ -16,8 +16,6 @@ public class AuthHelper { public static AuthenticationManager.AuthResult getAuthResult(KeycloakSession session, Function authFn) { AuthenticationManager.AuthResult auth = new AppAuthManager.BearerTokenAuthenticator(session).authenticate(); - System.err.println(auth.getToken().getIssuedFor()); - if (auth == null) { throw new NotAuthorizedException("Bearer"); } else if (!authFn.apply(auth)) { diff --git a/ssh-key-provider/src/main/java/de/ccc/hamburg/keycloak/SSHKeyResourceProvider.java b/ssh-key-provider/src/main/java/de/ccc/hamburg/keycloak/SSHKeyResourceProvider.java index 070b957..6d0a475 100644 --- a/ssh-key-provider/src/main/java/de/ccc/hamburg/keycloak/SSHKeyResourceProvider.java +++ b/ssh-key-provider/src/main/java/de/ccc/hamburg/keycloak/SSHKeyResourceProvider.java @@ -1,7 +1,9 @@ package de.ccc.hamburg.keycloak; import java.util.Map; +import java.util.stream.Stream; +import org.jboss.logging.Logger; import jakarta.ws.rs.GET; import jakarta.ws.rs.Path; import jakarta.ws.rs.Produces; @@ -12,11 +14,17 @@ import org.eclipse.microprofile.openapi.annotations.enums.SchemaType; import org.eclipse.microprofile.openapi.annotations.media.Content; import org.eclipse.microprofile.openapi.annotations.media.Schema; import org.eclipse.microprofile.openapi.annotations.responses.APIResponse; +import org.keycloak.models.GroupModel; +import org.keycloak.models.GroupProvider; import org.keycloak.models.KeycloakSession; +import org.keycloak.models.RealmModel; +import org.keycloak.models.UserModel; +import org.keycloak.models.UserProvider; import org.keycloak.services.managers.Auth; import org.keycloak.services.resource.RealmResourceProvider; public class SSHKeyResourceProvider implements RealmResourceProvider { + private static final Logger LOG = Logger.getLogger(SSHKeyResourceProvider.class); private final KeycloakSession session; public SSHKeyResourceProvider(KeycloakSession keycloakSession) { @@ -46,9 +54,25 @@ public class SSHKeyResourceProvider implements RealmResourceProvider { @Path("hello-auth") @Produces(MediaType.APPLICATION_JSON) public Response helloAuthenticated() { + UserProvider userProvider = session.users(); + try { Auth auth = AuthHelper.getAuth(session, authResult -> authResult.getToken().getIssuedFor().equals("admin-cli")); + + RealmModel realm = session.getContext().getRealm(); + GroupModel group = realm.getGroupById("fbf5f78b-d2be-49dd-b04f-11a5e8ee583f"); + + LOG.info(String.format("Getting Users from Group \"%s\" with ID %s", group.getName(), group.getId())); + + Stream users = userProvider.getGroupMembersStream(realm, group); + + users.forEach(user -> { + String sshKey = user.getAttributeStream("ssh-key-1").findFirst().get(); + LOG.info(String.format("SSH Key of %s: %s", user.getUsername(), sshKey)); + }); + + return Response.ok(Map.of("hello", auth.getUser().getUsername())).build(); } catch (Exception e) { System.err.println(e);