Create policy from admin client through SDK methods is not working

Marimuthu · June 21, 2023, 7:17am

I am trying to create a client policy for performing token exchange in v21.1.1 , but unable to do so.
Create method always throws 404 not found exception. I am unable to access any of the entities in authorizations tab of realm-management client.

public boolean createPolicy(ClientsResource clients, AuthorizationResource authorization, Tenant tenant) {
//create policy while creating platform app
PolicyRepresentation policyRepresentation = new PolicyRepresentation();
policyRepresentation.setName(tenant.getTenantName()+“-policy”);
policyRepresentation.setDescription(tenant.getTenantName()+“-policy”);
policyRepresentation.setType(“client”);
policyRepresentation.setLogic(Logic.POSITIVE);
policyRepresentation.setDecisionStrategy(DecisionStrategy.UNANIMOUS);
policyRepresentation.setId(tenant.getTenantName()+“-policy”);
//Application platformApp = applicationRepository.findByApplicationName(tenant.getTenantName(), IAMConstants.IAM_APP);
List platformApps = clients.query(IAMConstants.IAM_APP);//todo
String platformAppInternalId = “”;
if(platformApps != null) {
for (ClientRepresentation cr : platformApps) {
if(cr.getName().equals(IAMConstants.IAM_APP)) {
platformAppInternalId = cr.getId();
}
}
}

    Keycloak keyCloak = keyCloakClient.getKeyCloak(idpConfig);
    Map<String, String> config = new HashMap<>();
    config.put("clients", platformAppInternalId);
    policyRepresentation.setConfig(config);
    //Response lentra1 = keyCloak.realm("lentra1").clients().get("realm-management").authorization().policies().create(policyRepresentation);
    Response response = authorization.policies().create(policyRepresentation);
    //LOGGER.info("Create public client response : {}, {}", response.getStatus(), response.getStatusInfo());
    if (response.getStatus() == 201) {
        // Policy created successfully
        return true;
    } else {
        // Handle error
        return false;
    }

public void updatePermission(RealmResource realmResource, ClientsResource clients, Tenant tenant, ClientRepresentation clientRepresentation, ApplicationDto appDto ) {
AuthorizationResource authorization = getClient(realmResource, REALM_MANAGEMENT_CLIENT).authorization();
List rmRepresentations = clients.findByClientId(REALM_MANAGEMENT_CLIENT);
//client keycloak generated internal id
List targetApps = clients.findByClientId(appDto.getApplicationId());
String realmMgmtInternalId = rmRepresentations.get(0).getId();//realm-management internal ID
List scopes = rmRepresentations.get(0).getDefaultClientScopes();

    String targetAppInternalId = targetApps.get(0).getId();//TOKEN_EXCHANGE_PERMISSION_POLICY_ID / Client Internal ID
    ClientResource targetAppResources = clients.get(targetAppInternalId);
    //enable permission for targetApp
    targetAppResources.getPermissions().setEnabled(true);
    ManagementPermissionReference permissions = targetAppResources.getPermissions();
    permissions.setEnabled(true);

    ResourcesResource resources = authorization.resources();
    //keycloak generated token exchange id ( scope )
    ScopeRepresentation scopeRepresentation = authorization.scopes().findByName(TOKEN_EXCHANGE);
    List<ScopeRepresentation> scopeRepresentations = new ArrayList<ScopeRepresentation>();
    scopeRepresentations.add(scopeRepresentation);
    // key cloak generated resource id
    List<ResourceRepresentation> resourcesList = resources.findByName("client.resoruce." + targetAppInternalId);
    List<PolicyRepresentation> policyRepresentations = new ArrayList<PolicyRepresentation>();
    PolicyRepresentation mypolicy = authorization.policies().findByName(tenant.getTenantName() + "-policy");
    if(mypolicy != null)
    {
        policyRepresentations.add(mypolicy);
    }
    ResourceServerRepresentation resourceServerRepresentation = new ResourceServerRepresentation();
    resourceServerRepresentation.setClientId(appDto.getApplicationId());//todo
    resourceServerRepresentation.setScopes(scopeRepresentations);
    resourceServerRepresentation.setResources(resourcesList);
    resourceServerRepresentation.setPolicies(policyRepresentations);
    resourceServerRepresentation.setDecisionStrategy(DecisionStrategy.UNANIMOUS);
    clientRepresentation.setAuthorizationSettings(resourceServerRepresentation);
    keyCloakClient.getKeyCloak(idpConfig).realm(tenant.getTenantName()).clients().get(appDto.getApplicationId()).update(clientRepresentation);
}

Any help would be appreciated.

Marimuthu · June 23, 2023, 5:19pm

Can someone help me on this , I am struck for a long time. Thanks in advance

Topic		Replies	Views
Achieve public client token-exchange programmatically through SDK Getting advice token-exchange	1	279	May 3, 2023
How do I create policies via API	3	1498	January 12, 2023
Resources/Policies/Permissions creation for a Client using the Admin CLI	0	292	February 21, 2023
Keycloak Authorization APIs to create Policies, Permissions and Resources Getting advice	5	1862	May 4, 2023
Operations using java keycloak admin client results in 404 error	0	445	January 20, 2023

Create policy from admin client through SDK methods is not working

I am trying to create a client policy for performing token exchange in v21.1.1 , but unable to do so. Create method always throws 404 not found exception. I am unable to access any of the entities in authorizations tab of realm-management client.

Related Topics

I am trying to create a client policy for performing token exchange in v21.1.1 , but unable to do so.
Create method always throws 404 not found exception. I am unable to access any of the entities in authorizations tab of realm-management client.