Create role-policy via java code

I want to create (with java code) a list of policies, one policy for each client-role in a list.

For each role, I search for the policy “role_[rolename]” and if it not exists, i’m going to create a new policy.

PoliciesResource polRes = authResource.policies();
    try {
        for(String roleName : roleNames){
            PolicyRepresentation policy =  polRes.findByName("role_"+roleName);
            if(policy == null){
                LOG.log(Level.INFO, "Per il ruolo {0} non esiste la policy. Creo la policy ruolo_{0}", roleName);
                policy = new PolicyRepresentation();
                policy.setName("role_"+nomeRuolo);
                policy.setDescription("Il ruolo è "+roleName);
                policy.setType("role");
                Map<String, String> conf = new HashMap<>();
                conf.put("roles", "[\""+roleName+"\"]");
                policy.setConfig(conf);
                policy.setLogic(Logic.POSITIVE);
                Response response = polRes.create(policy);
                switch(response.getStatus()){
                    case 200:
                        LOG.log(Level.INFO, "Creata la policy {0}", policy.getName());
                        break;
                    case 500:
                        LOG.log(Level.SEVERE, "Errore nella creazione della policy {0}", roleName);
                        LOG.log(Level.SEVERE, "Messaggio di errore con codice 500 : ",response.getStatusInfo().getReasonPhrase());
                        break;
                    default :
                        LOG.log(Level.SEVERE, "Errore nella creazione della policy {0}", policy.getName());
                        LOG.log(Level.SEVERE, "Messaggio di errore : ",response.getStatusInfo().getReasonPhrase());
                }
                response.close();
            }
        }
    } catch (NotFoundException e) {
        KeycloakUtility.logoutkeycloak(config, keycloak);
        throw new Exception(e);
    }

I’ll get a 500 error in the response. I’am trying to set the correct values in the policy, but what are the correct values?

In the documentation there is no hint how what type could be and what the map config could contains.

did you try to use: final var rolePoliciesResource = authorizationResource.policies().role(); ?

policies have specific types. In your case it seems that you want to use Role based policies.

1 Like

It works !!! Thank you!

The final code:

RolePoliciesResource polRes = authResource.policies().role();
    try {
        for(String roleName : roleNames){
            RolePolicyRepresentation policy =  polRes.findByName("ruolo_"+roleName);
            if(policy == null){
                LOG.log(Level.INFO, "Per il ruolo {0} non esiste la policy. Creo la policy ruolo_{0}", roleName);
                
                Set<RolePolicyRepresentation.RoleDefinition> rolesSet = new HashSet<>();
                rolesSet.add(new RolePolicyRepresentation.RoleDefinition(roleName, true));
                
                policy = new RolePolicyRepresentation();
                policy.setName("ruolo_"+roleName);
                policy.setDescription("Il ruolo è "+roleName);
                policy.setRoles(rolesSet);
                policy.setLogic(Logic.POSITIVE);
                Response response = polRes.create(policy);
                switch(response.getStatus()){
                    case 200:
                    case 201:
                        LOG.log(Level.INFO, "Creata la policy {0}", policy.getName());
                        break;
                    case 500:
                        LOG.log(Level.SEVERE, "Errore nella creazione della policy {0}", roleName);
                        LOG.log(Level.SEVERE, "Messaggio di errore con codice 500 : ",response.getStatusInfo().getReasonPhrase());
                        break;
                    default :
                        LOG.log(Level.SEVERE, "Errore nella creazione della policy {0}", roleName);
                        LOG.log(Level.SEVERE, "Messaggio di errore : ",response.getStatusInfo().getReasonPhrase());
                }
                response.close();
            }
        }
    } catch (NotFoundException e) {
        KeycloakUtility.logoutkeycloak(config, keycloak);
        throw new Exception(e);
    }

great :slight_smile:

you are welcome