tessl/maven-org-keycloak--keycloak-core
Core Keycloak library providing fundamental authentication and authorization functionality
—
Pending
configuration-management.mddocs/
Configuration Management
Hierarchical configuration system with scoped property access, type-safe configuration retrieval, and extensible provider architecture for managing Keycloak settings and service providers.
Capabilities
Config System
Core configuration management with hierarchical scoped property access.
/**
* Main configuration management class with static access methods
*/
public class Config {
/**
* Initialize the configuration system with a custom provider
* @param configProvider Configuration provider implementation
*/
public static void init(ConfigProvider configProvider);
/**
* Create a configuration scope for hierarchical property access
* @param scope Scope path elements
* @return Scope instance for property access
*/
public static Scope scope(String... scope);
/**
* Get the configured provider for a specific SPI
* @param spi Service Provider Interface name
* @return Provider identifier
*/
public static String getProvider(String spi);
/**
* Get the admin realm name
* @return Admin realm identifier
*/
public static String getAdminRealm();
/**
* Get the default provider for a specific SPI
* @param spi Service Provider Interface name
* @return Default provider identifier
*/
public static String getDefaultProvider(String spi);
/**
* Configuration scope interface for property access
*/
public interface Scope {
/**
* Get string property value
* @param key Property key
* @return Property value or null if not found
*/
String get(String key);
/**
* Get string property value with default
* @param key Property key
* @param defaultValue Default value if property not found
* @return Property value or default value
*/
String get(String key, String defaultValue);
/**
* Get string array property value
* @param key Property key
* @return Array of property values or empty array if not found
*/
String[] getArray(String key);
/**
* Get integer property value
* @param key Property key
* @return Integer value or null if not found or not parseable
*/
Integer getInt(String key);
/**
* Get integer property value with default
* @param key Property key
* @param defaultValue Default value if property not found
* @return Integer value or default value
*/
Integer getInt(String key, Integer defaultValue);
/**
* Get long property value
* @param key Property key
* @return Long value or null if not found or not parseable
*/
Long getLong(String key);
/**
* Get long property value with default
* @param key Property key
* @param defaultValue Default value if property not found
* @return Long value or default value
*/
Long getLong(String key, Long defaultValue);
/**
* Get boolean property value
* @param key Property key
* @return Boolean value or null if not found or not parseable
*/
Boolean getBoolean(String key);
/**
* Get boolean property value with default
* @param key Property key
* @param defaultValue Default value if property not found
* @return Boolean value or default value
*/
Boolean getBoolean(String key, Boolean defaultValue);
/**
* Create a child scope
* @param scope Child scope path elements
* @return Child Scope instance
*/
Scope scope(String... scope);
/**
* Get all property names in this scope
* @return Set of property names
*/
Set<String> getPropertyNames();
}
/**
* Configuration provider interface for pluggable configuration sources
*/
public interface ConfigProvider {
/**
* Get the configured provider for a specific SPI
* @param spi Service Provider Interface name
* @return Provider identifier
*/
String getProvider(String spi);
/**
* Get the default provider for a specific SPI
* @param spi Service Provider Interface name
* @return Default provider identifier
*/
String getDefaultProvider(String spi);
/**
* Create a configuration scope
* @param scope Scope path elements
* @return Scope instance
*/
Scope scope(String... scope);
}
}Keystore Configuration
Configuration representation for keystore settings.
/**
* Keystore configuration representation
*/
public class KeyStoreConfig {
/**
* Check if this is a realm certificate
* @return true if realm certificate
*/
public Boolean isRealmCertificate();
/**
* Set the realm certificate flag
* @param realmCertificate Realm certificate flag
*/
public void setRealmCertificate(Boolean realmCertificate);
/**
* Get the keystore password
* @return Store password
*/
public String getStorePassword();
/**
* Set the keystore password
* @param storePassword Store password
*/
public void setStorePassword(String storePassword);
/**
* Get the key password
* @return Key password
*/
public String getKeyPassword();
/**
* Set the key password
* @param keyPassword Key password
*/
public void setKeyPassword(String keyPassword);
/**
* Get the key alias
* @return Key alias
*/
public String getKeyAlias();
/**
* Set the key alias
* @param keyAlias Key alias
*/
public void setKeyAlias(String keyAlias);
/**
* Get the realm alias
* @return Realm alias
*/
public String getRealmAlias();
/**
* Set the realm alias
* @param realmAlias Realm alias
*/
public void setRealmAlias(String realmAlias);
/**
* Get the keystore format
* @return Keystore format (e.g., "JKS", "PKCS12")
*/
public String getFormat();
/**
* Set the keystore format
* @param format Keystore format
*/
public void setFormat(String format);
}Base Configuration Classes
Base configuration classes for various Keycloak components.
/**
* Base adapter configuration
*/
public class BaseAdapterConfig {
/**
* Get the realm name
* @return Realm name
*/
public String getRealm();
/**
* Set the realm name
* @param realm Realm name
*/
public void setRealm(String realm);
/**
* Get the auth server URL
* @return Auth server URL
*/
public String getAuthServerUrl();
/**
* Set the auth server URL
* @param authServerUrl Auth server URL
*/
public void setAuthServerUrl(String authServerUrl);
/**
* Check if SSL is required
* @return SSL requirement setting
*/
public String getSslRequired();
/**
* Set SSL requirement
* @param sslRequired SSL requirement setting
*/
public void setSslRequired(String sslRequired);
/**
* Get the client ID
* @return Client identifier
*/
public String getResource();
/**
* Set the client ID
* @param resource Client identifier
*/
public void setResource(String resource);
/**
* Check if public client
* @return true if public client
*/
public boolean isPublicClient();
/**
* Set public client flag
* @param publicClient Public client flag
*/
public void setPublicClient(boolean publicClient);
/**
* Get the client credentials
* @return Map of client credentials
*/
public Map<String, Object> getCredentials();
/**
* Set the client credentials
* @param credentials Map of client credentials
*/
public void setCredentials(Map<String, Object> credentials);
}
/**
* Base realm configuration
*/
public class BaseRealmConfig {
/**
* Get the realm name
* @return Realm name
*/
public String getRealm();
/**
* Set the realm name
* @param realm Realm name
*/
public void setRealm(String realm);
/**
* Get the realm public key
* @return Public key string
*/
public String getRealmKey();
/**
* Set the realm public key
* @param realmKey Public key string
*/
public void setRealmKey(String realmKey);
/**
* Get the auth server URL
* @return Auth server URL
*/
public String getAuthServerUrl();
/**
* Set the auth server URL
* @param authServerUrl Auth server URL
*/
public void setAuthServerUrl(String authServerUrl);
}
/**
* Adapter HTTP client configuration
*/
public class AdapterHttpClientConfig {
/**
* Check if hostname verification is disabled
* @return true if disabled
*/
public boolean isDisableTrustManager();
/**
* Set hostname verification disabled flag
* @param disableTrustManager Disable flag
*/
public void setDisableTrustManager(boolean disableTrustManager);
/**
* Check if trust store is allowed any hostname
* @return true if any hostname allowed
*/
public boolean isAllowAnyHostname();
/**
* Set allow any hostname flag
* @param allowAnyHostname Allow flag
*/
public void setAllowAnyHostname(boolean allowAnyHostname);
/**
* Get the truststore configuration
* @return KeyStoreConfig for truststore
*/
public KeyStoreConfig getTruststore();
/**
* Set the truststore configuration
* @param truststore KeyStoreConfig for truststore
*/
public void setTruststore(KeyStoreConfig truststore);
/**
* Get the client keystore configuration
* @return KeyStoreConfig for client keystore
*/
public KeyStoreConfig getClientKeystore();
/**
* Set the client keystore configuration
* @param clientKeystore KeyStoreConfig for client keystore
*/
public void setClientKeystore(KeyStoreConfig clientKeystore);
/**
* Get the connection pool size
* @return Connection pool size
*/
public int getConnectionPoolSize();
/**
* Set the connection pool size
* @param connectionPoolSize Connection pool size
*/
public void setConnectionPoolSize(int connectionPoolSize);
/**
* Get the connection timeout in milliseconds
* @return Connection timeout
*/
public long getConnectionTimeout();
/**
* Set the connection timeout
* @param connectionTimeout Connection timeout in milliseconds
*/
public void setConnectionTimeout(long connectionTimeout);
/**
* Get the socket timeout in milliseconds
* @return Socket timeout
*/
public long getSocketTimeout();
/**
* Set the socket timeout
* @param socketTimeout Socket timeout in milliseconds
*/
public void setSocketTimeout(long socketTimeout);
}Adapter Configuration
Complete adapter configuration for Keycloak client adapters.
/**
* Complete adapter configuration with all settings
*/
public class AdapterConfig extends BaseAdapterConfig {
/**
* Get the token store type
* @return Token store type (session, cookie)
*/
public String getTokenStore();
/**
* Set the token store type
* @param tokenStore Token store type
*/
public void setTokenStore(String tokenStore);
/**
* Get the principal attribute
* @return Principal attribute name
*/
public String getPrincipalAttribute();
/**
* Set the principal attribute
* @param principalAttribute Principal attribute name
*/
public void setPrincipalAttribute(String principalAttribute);
/**
* Check if bearer-only mode is enabled
* @return true if bearer-only
*/
public boolean isBearerOnly();
/**
* Set bearer-only mode
* @param bearerOnly Bearer-only flag
*/
public void setBearerOnly(boolean bearerOnly);
/**
* Check if CORS is enabled
* @return true if CORS enabled
*/
public boolean isEnableCors();
/**
* Set CORS enabled flag
* @param enableCors CORS enabled flag
*/
public void setEnableCors(boolean enableCors);
/**
* Get CORS max age
* @return CORS max age in seconds
*/
public int getCorsMaxAge();
/**
* Set CORS max age
* @param corsMaxAge CORS max age in seconds
*/
public void setCorsMaxAge(int corsMaxAge);
/**
* Get CORS allowed methods
* @return CORS allowed methods
*/
public String getCorsAllowedMethods();
/**
* Set CORS allowed methods
* @param corsAllowedMethods CORS allowed methods
*/
public void setCorsAllowedMethods(String corsAllowedMethods);
/**
* Get CORS allowed headers
* @return CORS allowed headers
*/
public String getCorsAllowedHeaders();
/**
* Set CORS allowed headers
* @param corsAllowedHeaders CORS allowed headers
*/
public void setCorsAllowedHeaders(String corsAllowedHeaders);
/**
* Check if CORS credentials are exposed
* @return true if credentials exposed
*/
public boolean isCorsExposedHeaders();
/**
* Set CORS credentials exposed flag
* @param corsExposedHeaders Credentials exposed flag
*/
public void setCorsExposedHeaders(boolean corsExposedHeaders);
/**
* Get the HTTP client configuration
* @return AdapterHttpClientConfig instance
*/
public AdapterHttpClientConfig getHttpClientConfig();
/**
* Set the HTTP client configuration
* @param httpClientConfig AdapterHttpClientConfig instance
*/
public void setHttpClientConfig(AdapterHttpClientConfig httpClientConfig);
/**
* Check if always refresh token is enabled
* @return true if always refresh enabled
*/
public boolean isAlwaysRefreshToken();
/**
* Set always refresh token flag
* @param alwaysRefreshToken Always refresh flag
*/
public void setAlwaysRefreshToken(boolean alwaysRefreshToken);
/**
* Check if register node at startup is enabled
* @return true if register at startup
*/
public boolean isRegisterNodeAtStartup();
/**
* Set register node at startup flag
* @param registerNodeAtStartup Register at startup flag
*/
public void setRegisterNodeAtStartup(boolean registerNodeAtStartup);
/**
* Get the register node period in seconds
* @return Register node period
*/
public int getRegisterNodePeriod();
/**
* Set the register node period
* @param registerNodePeriod Register node period in seconds
*/
public void setRegisterNodePeriod(int registerNodePeriod);
/**
* Get the token minimum time to live
* @return Token minimum TTL in seconds
*/
public int getTokenMinimumTimeToLive();
/**
* Set the token minimum time to live
* @param tokenMinimumTimeToLive Token minimum TTL in seconds
*/
public void setTokenMinimumTimeToLive(int tokenMinimumTimeToLive);
/**
* Get the minimum time between JWKS requests
* @return Minimum time in seconds
*/
public int getMinTimeBetweenJwksRequests();
/**
* Set the minimum time between JWKS requests
* @param minTimeBetweenJwksRequests Minimum time in seconds
*/
public void setMinTimeBetweenJwksRequests(int minTimeBetweenJwksRequests);
/**
* Get the public key cache TTL
* @return Cache TTL in seconds
*/
public int getPublicKeyCacheTtl();
/**
* Set the public key cache TTL
* @param publicKeyCacheTtl Cache TTL in seconds
*/
public void setPublicKeyCacheTtl(int publicKeyCacheTtl);
}Usage Examples
import org.keycloak.Config;
import org.keycloak.representations.KeyStoreConfig;
import org.keycloak.representations.adapters.config.AdapterConfig;
// Basic configuration access
Config.Scope authScope = Config.scope("authentication");
String defaultProvider = authScope.get("defaultProvider", "password");
boolean loginFormsEnabled = authScope.getBoolean("loginFormsEnabled", true);
int sessionTimeout = authScope.getInt("sessionTimeout", 1800);
// Hierarchical configuration scopes
Config.Scope sslScope = Config.scope("ssl", "truststore");
String truststorePath = sslScope.get("path");
String truststorePassword = sslScope.get("password");
// Database configuration
Config.Scope dbScope = Config.scope("database");
String connectionUrl = dbScope.get("url");
Integer maxPoolSize = dbScope.getInt("maxPoolSize", 20);
String[] additionalJars = dbScope.getArray("additionalJars");
// Provider configuration
String userStorageProvider = Config.getProvider("userStorage");
String themeProvider = Config.getProvider("theme");
// Keystore configuration
KeyStoreConfig keystoreConfig = new KeyStoreConfig();
keystoreConfig.setFile("/path/to/keystore.jks");
keystoreConfig.setPassword("keystorePassword");
keystoreConfig.setFormat("JKS");
keystoreConfig.setAlias("server-key");
keystoreConfig.setKeyPassword("keyPassword");
// Adapter configuration
AdapterConfig adapterConfig = new AdapterConfig();
adapterConfig.setRealm("my-realm");
adapterConfig.setAuthServerUrl("https://auth.example.com");
adapterConfig.setResource("my-client");
adapterConfig.setPublicClient(false);
adapterConfig.setBearerOnly(true);
adapterConfig.setEnableCors(true);
adapterConfig.setCorsMaxAge(3600);
adapterConfig.setTokenMinimumTimeToLive(300);
// HTTP client configuration
AdapterHttpClientConfig httpConfig = new AdapterHttpClientConfig();
httpConfig.setConnectionPoolSize(50);
httpConfig.setConnectionTimeout(5000);
httpConfig.setSocketTimeout(10000);
adapterConfig.setHttpClientConfig(httpConfig);
// Configuration with credentials
Map<String, Object> credentials = new HashMap<>();
credentials.put("secret", "client-secret");
credentials.put("jwt", Map.of(
"client_id", "my-client",
"algorithm", "RS256"
));
adapterConfig.setCredentials(credentials);Install with Tessl CLI
npx tessl i tessl/maven-org-keycloak--keycloak-core