in services/src/main/java/org/apache/custos/service/federated/client/keycloak/KeycloakClient.java [653:701]
public boolean removeRoleFromUser(String accessToken, String realmId, String username,
List<String> roles, String clientId, boolean clientLevel) {
try (Keycloak client = getClient(iamServerURL, superAdminRealmID, superAdminUserName, superAdminPassword)) {
UserRepresentation representation = getUserByUsername(client, realmId, username.toLowerCase());
if (representation != null) {
UserResource retrievedUser = client.realm(realmId).users().get(representation.getId());
if (clientLevel) {
List<ClientRepresentation> clientRepresentationList =
client.realm(realmId).clients().findByClientId(clientId);
if (clientRepresentationList != null && !clientRepresentationList.isEmpty()) {
ClientRepresentation clientRep = clientRepresentationList.get(0);
List<RoleRepresentation> roleRepresentations = new ArrayList<>();
for (String roleName : roles) {
RoleResource roleResource = client.realm(realmId).
clients().get(clientRep.getId()).roles().get(roleName);
if (roleResource != null) {
roleRepresentations.add(roleResource.toRepresentation());
}
}
if (!roleRepresentations.isEmpty()) {
retrievedUser.roles().clientLevel(clientRep.getId()).remove(roleRepresentations);
}
}
} else {
List<RoleRepresentation> roleRepresentations = new ArrayList<>();
for (String roleName : roles) {
RoleResource roleResource = client.realm(realmId).roles().get(roleName);
if (roleResource != null) {
roleRepresentations.add(roleResource.toRepresentation());
}
}
if (!roleRepresentations.isEmpty()) {
retrievedUser.roles().realmLevel().remove(roleRepresentations);
}
}
}
return true;
} catch (Exception ex) {
String msg = "Error removing roles from user , reason " + ex.getMessage();
LOGGER.error(msg, ex);
throw new RuntimeException(msg, ex);
}
}