├── .editorconfig ├── .gitattributes ├── .github ├── ISSUE_TEMPLATE │ ├── bug.yml │ └── feature.yml ├── dependabot.yml ├── release.yml └── workflows │ ├── buildAndTest.yml │ ├── codeql-analysis.yml │ ├── ignore-for-release-labels.yml │ ├── matrix.yml │ └── release.yml ├── .gitignore ├── CONTRIBUTING.md ├── LICENSE ├── README.md ├── RELEASELOG.md ├── docker-compose.yml ├── docs └── images │ ├── client-role.jpg │ ├── config-client-role-based.jpg │ ├── config-message.jpg │ ├── config-policy-based.jpg │ ├── flow.jpg │ ├── flow_explained.jpg │ ├── resource-config.jpg │ └── resource.jpg ├── maven-github-settings.xml ├── pom.xml └── src ├── main ├── java │ └── de │ │ └── sventorben │ │ └── keycloak │ │ └── authorization │ │ └── client │ │ ├── RestrictClientAuthAuthenticator.java │ │ ├── RestrictClientAuthAuthenticatorFactory.java │ │ ├── RestrictClientAuthConfig.java │ │ ├── RestrictClientAuthConfigProperties.java │ │ ├── access │ │ ├── AccessProvider.java │ │ ├── AccessProviderFactory.java │ │ ├── RestrictClientAuthSpi.java │ │ ├── policy │ │ │ ├── PolicyBasedAccessProvider.java │ │ │ └── PolicyBasedAccessProviderFactory.java │ │ └── role │ │ │ ├── ClientRoleBasedAccessProvider.java │ │ │ └── ClientRoleBasedAccessProviderFactory.java │ │ ├── clientpolicy │ │ ├── condition │ │ │ ├── RestrictedClientAuthEnabledPolicyConditionProvider.java │ │ │ └── RestrictedClientAuthEnabledPolicyConditionProviderFactory.java │ │ └── executor │ │ │ ├── AutoConfigClientPolicyExecutor.java │ │ │ ├── AutoConfigClientPolicyExecutorConfiguration.java │ │ │ └── AutoConfigClientPolicyExecutorFactory.java │ │ └── common │ │ └── OperationalInfo.java └── resources │ └── META-INF │ ├── MANIFEST.MF │ ├── beans.xml │ └── services │ ├── de.sventorben.keycloak.authorization.client.access.AccessProviderFactory │ ├── org.keycloak.authentication.AuthenticatorFactory │ ├── org.keycloak.provider.Spi │ ├── org.keycloak.services.clientpolicy.condition.ClientPolicyConditionProviderFactory │ └── org.keycloak.services.clientpolicy.executor.ClientPolicyExecutorProviderFactory └── test ├── java └── de │ └── sventorben │ └── keycloak │ └── authorization │ └── client │ ├── ClientPolicyIT.java │ ├── ConfigIT.java │ ├── FullImageName.java │ ├── LoginIT.java │ ├── RestrictClientAuthConfigTest.java │ ├── TestConstants.java │ └── clientpolicy │ ├── condition │ └── RestrictedClientAuthEnabledPolicyConditionProviderTest.java │ └── executor │ └── AutoConfigClientPolicyExecutorTest.java └── resources ├── export-realms.sh ├── keycloak.conf ├── log4j2.properties ├── mockito-extensions └── org.mockito.plugins.MockMaker └── test-realm-realm.json /.editorconfig: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/.editorconfig -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/.gitattributes -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/.github/ISSUE_TEMPLATE/bug.yml -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/.github/ISSUE_TEMPLATE/feature.yml -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/.github/dependabot.yml -------------------------------------------------------------------------------- /.github/release.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/.github/release.yml -------------------------------------------------------------------------------- /.github/workflows/buildAndTest.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/.github/workflows/buildAndTest.yml -------------------------------------------------------------------------------- /.github/workflows/codeql-analysis.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/.github/workflows/codeql-analysis.yml -------------------------------------------------------------------------------- /.github/workflows/ignore-for-release-labels.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/.github/workflows/ignore-for-release-labels.yml -------------------------------------------------------------------------------- /.github/workflows/matrix.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/.github/workflows/matrix.yml -------------------------------------------------------------------------------- /.github/workflows/release.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/.github/workflows/release.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/.gitignore -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/CONTRIBUTING.md -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/README.md -------------------------------------------------------------------------------- /RELEASELOG.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/docker-compose.yml -------------------------------------------------------------------------------- /docs/images/client-role.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/docs/images/client-role.jpg -------------------------------------------------------------------------------- /docs/images/config-client-role-based.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/docs/images/config-client-role-based.jpg -------------------------------------------------------------------------------- /docs/images/config-message.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/docs/images/config-message.jpg -------------------------------------------------------------------------------- /docs/images/config-policy-based.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/docs/images/config-policy-based.jpg -------------------------------------------------------------------------------- /docs/images/flow.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/docs/images/flow.jpg -------------------------------------------------------------------------------- /docs/images/flow_explained.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/docs/images/flow_explained.jpg -------------------------------------------------------------------------------- /docs/images/resource-config.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/docs/images/resource-config.jpg -------------------------------------------------------------------------------- /docs/images/resource.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/docs/images/resource.jpg -------------------------------------------------------------------------------- /maven-github-settings.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/maven-github-settings.xml -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/pom.xml -------------------------------------------------------------------------------- /src/main/java/de/sventorben/keycloak/authorization/client/RestrictClientAuthAuthenticator.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/main/java/de/sventorben/keycloak/authorization/client/RestrictClientAuthAuthenticator.java -------------------------------------------------------------------------------- /src/main/java/de/sventorben/keycloak/authorization/client/RestrictClientAuthAuthenticatorFactory.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/main/java/de/sventorben/keycloak/authorization/client/RestrictClientAuthAuthenticatorFactory.java -------------------------------------------------------------------------------- /src/main/java/de/sventorben/keycloak/authorization/client/RestrictClientAuthConfig.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/main/java/de/sventorben/keycloak/authorization/client/RestrictClientAuthConfig.java -------------------------------------------------------------------------------- /src/main/java/de/sventorben/keycloak/authorization/client/RestrictClientAuthConfigProperties.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/main/java/de/sventorben/keycloak/authorization/client/RestrictClientAuthConfigProperties.java -------------------------------------------------------------------------------- /src/main/java/de/sventorben/keycloak/authorization/client/access/AccessProvider.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/main/java/de/sventorben/keycloak/authorization/client/access/AccessProvider.java -------------------------------------------------------------------------------- /src/main/java/de/sventorben/keycloak/authorization/client/access/AccessProviderFactory.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/main/java/de/sventorben/keycloak/authorization/client/access/AccessProviderFactory.java -------------------------------------------------------------------------------- /src/main/java/de/sventorben/keycloak/authorization/client/access/RestrictClientAuthSpi.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/main/java/de/sventorben/keycloak/authorization/client/access/RestrictClientAuthSpi.java -------------------------------------------------------------------------------- /src/main/java/de/sventorben/keycloak/authorization/client/access/policy/PolicyBasedAccessProvider.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/main/java/de/sventorben/keycloak/authorization/client/access/policy/PolicyBasedAccessProvider.java -------------------------------------------------------------------------------- /src/main/java/de/sventorben/keycloak/authorization/client/access/policy/PolicyBasedAccessProviderFactory.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/main/java/de/sventorben/keycloak/authorization/client/access/policy/PolicyBasedAccessProviderFactory.java -------------------------------------------------------------------------------- /src/main/java/de/sventorben/keycloak/authorization/client/access/role/ClientRoleBasedAccessProvider.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/main/java/de/sventorben/keycloak/authorization/client/access/role/ClientRoleBasedAccessProvider.java -------------------------------------------------------------------------------- /src/main/java/de/sventorben/keycloak/authorization/client/access/role/ClientRoleBasedAccessProviderFactory.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/main/java/de/sventorben/keycloak/authorization/client/access/role/ClientRoleBasedAccessProviderFactory.java -------------------------------------------------------------------------------- /src/main/java/de/sventorben/keycloak/authorization/client/clientpolicy/condition/RestrictedClientAuthEnabledPolicyConditionProvider.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/main/java/de/sventorben/keycloak/authorization/client/clientpolicy/condition/RestrictedClientAuthEnabledPolicyConditionProvider.java -------------------------------------------------------------------------------- /src/main/java/de/sventorben/keycloak/authorization/client/clientpolicy/condition/RestrictedClientAuthEnabledPolicyConditionProviderFactory.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/main/java/de/sventorben/keycloak/authorization/client/clientpolicy/condition/RestrictedClientAuthEnabledPolicyConditionProviderFactory.java -------------------------------------------------------------------------------- /src/main/java/de/sventorben/keycloak/authorization/client/clientpolicy/executor/AutoConfigClientPolicyExecutor.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/main/java/de/sventorben/keycloak/authorization/client/clientpolicy/executor/AutoConfigClientPolicyExecutor.java -------------------------------------------------------------------------------- /src/main/java/de/sventorben/keycloak/authorization/client/clientpolicy/executor/AutoConfigClientPolicyExecutorConfiguration.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/main/java/de/sventorben/keycloak/authorization/client/clientpolicy/executor/AutoConfigClientPolicyExecutorConfiguration.java -------------------------------------------------------------------------------- /src/main/java/de/sventorben/keycloak/authorization/client/clientpolicy/executor/AutoConfigClientPolicyExecutorFactory.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/main/java/de/sventorben/keycloak/authorization/client/clientpolicy/executor/AutoConfigClientPolicyExecutorFactory.java -------------------------------------------------------------------------------- /src/main/java/de/sventorben/keycloak/authorization/client/common/OperationalInfo.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/main/java/de/sventorben/keycloak/authorization/client/common/OperationalInfo.java -------------------------------------------------------------------------------- /src/main/resources/META-INF/MANIFEST.MF: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/main/resources/META-INF/MANIFEST.MF -------------------------------------------------------------------------------- /src/main/resources/META-INF/beans.xml: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /src/main/resources/META-INF/services/de.sventorben.keycloak.authorization.client.access.AccessProviderFactory: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/main/resources/META-INF/services/de.sventorben.keycloak.authorization.client.access.AccessProviderFactory -------------------------------------------------------------------------------- /src/main/resources/META-INF/services/org.keycloak.authentication.AuthenticatorFactory: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/main/resources/META-INF/services/org.keycloak.authentication.AuthenticatorFactory -------------------------------------------------------------------------------- /src/main/resources/META-INF/services/org.keycloak.provider.Spi: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/main/resources/META-INF/services/org.keycloak.provider.Spi -------------------------------------------------------------------------------- /src/main/resources/META-INF/services/org.keycloak.services.clientpolicy.condition.ClientPolicyConditionProviderFactory: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/main/resources/META-INF/services/org.keycloak.services.clientpolicy.condition.ClientPolicyConditionProviderFactory -------------------------------------------------------------------------------- /src/main/resources/META-INF/services/org.keycloak.services.clientpolicy.executor.ClientPolicyExecutorProviderFactory: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/main/resources/META-INF/services/org.keycloak.services.clientpolicy.executor.ClientPolicyExecutorProviderFactory -------------------------------------------------------------------------------- /src/test/java/de/sventorben/keycloak/authorization/client/ClientPolicyIT.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/test/java/de/sventorben/keycloak/authorization/client/ClientPolicyIT.java -------------------------------------------------------------------------------- /src/test/java/de/sventorben/keycloak/authorization/client/ConfigIT.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/test/java/de/sventorben/keycloak/authorization/client/ConfigIT.java -------------------------------------------------------------------------------- /src/test/java/de/sventorben/keycloak/authorization/client/FullImageName.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/test/java/de/sventorben/keycloak/authorization/client/FullImageName.java -------------------------------------------------------------------------------- /src/test/java/de/sventorben/keycloak/authorization/client/LoginIT.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/test/java/de/sventorben/keycloak/authorization/client/LoginIT.java -------------------------------------------------------------------------------- /src/test/java/de/sventorben/keycloak/authorization/client/RestrictClientAuthConfigTest.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/test/java/de/sventorben/keycloak/authorization/client/RestrictClientAuthConfigTest.java -------------------------------------------------------------------------------- /src/test/java/de/sventorben/keycloak/authorization/client/TestConstants.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/test/java/de/sventorben/keycloak/authorization/client/TestConstants.java -------------------------------------------------------------------------------- /src/test/java/de/sventorben/keycloak/authorization/client/clientpolicy/condition/RestrictedClientAuthEnabledPolicyConditionProviderTest.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/test/java/de/sventorben/keycloak/authorization/client/clientpolicy/condition/RestrictedClientAuthEnabledPolicyConditionProviderTest.java -------------------------------------------------------------------------------- /src/test/java/de/sventorben/keycloak/authorization/client/clientpolicy/executor/AutoConfigClientPolicyExecutorTest.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/test/java/de/sventorben/keycloak/authorization/client/clientpolicy/executor/AutoConfigClientPolicyExecutorTest.java -------------------------------------------------------------------------------- /src/test/resources/export-realms.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/test/resources/export-realms.sh -------------------------------------------------------------------------------- /src/test/resources/keycloak.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/test/resources/keycloak.conf -------------------------------------------------------------------------------- /src/test/resources/log4j2.properties: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/test/resources/log4j2.properties -------------------------------------------------------------------------------- /src/test/resources/mockito-extensions/org.mockito.plugins.MockMaker: -------------------------------------------------------------------------------- 1 | mock-maker-inline 2 | -------------------------------------------------------------------------------- /src/test/resources/test-realm-realm.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sventorben/keycloak-restrict-client-auth/HEAD/src/test/resources/test-realm-realm.json --------------------------------------------------------------------------------