Package org.keycloak.authorization
Class AuthorizationProvider
- java.lang.Object
-
- org.keycloak.authorization.AuthorizationProvider
-
- All Implemented Interfaces:
Provider
public final class AuthorizationProvider extends Object implements Provider
The main contract here is the creation of
PermissionEvaluatorinstances. Usually an application has a singleAuthorizationProviderinstance and threads servicing client requests obtainPermissionEvaluatorfrom theevaluators()method.The internal state of a
AuthorizationProvideris immutable. This internal state includes all of the metadata used during the evaluation of policies.Once created,
PermissionEvaluatorinstances can be obtained from theevaluators()method:ListpermissionsToEvaluate = getPermissions(); // the permissions to evaluate EvaluationContext evaluationContext = createEvaluationContext(); // the context with runtime environment information PermissionEvaluator evaluator = authorization.evaluators().from(permissionsToEvaluate, context); evaluator.evaluate(new Decision() { public void onDecision(Evaluation evaluation) { // do something on grant } }); - Author:
- Pedro Igor
-
-
Constructor Summary
Constructors Constructor Description AuthorizationProvider(KeycloakSession session, RealmModel realm, PolicyEvaluator policyEvaluator)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidclose()Evaluatorsevaluators()Returns aEvaluatorsinstance from wherePolicyEvaluatorinstances can be obtained.KeycloakSessiongetKeycloakSession()StoreFactorygetLocalStoreFactory()No cache sits in front of thisPolicyEvaluatorgetPolicyEvaluator()<P extends PolicyProvider>
PgetProvider(String type)Returns aPolicyProviderFactorygiven atype.Stream<PolicyProviderFactory>getProviderFactoriesStream()Returns the registeredPolicyProviderFactory.PolicyProviderFactorygetProviderFactory(String type)Returns aPolicyProviderFactorygiven atype.RealmModelgetRealm()StoreFactorygetStoreFactory()Cache sits in front of this Returns aStoreFactory.
-
-
-
Constructor Detail
-
AuthorizationProvider
public AuthorizationProvider(KeycloakSession session, RealmModel realm, PolicyEvaluator policyEvaluator)
-
-
Method Detail
-
evaluators
public Evaluators evaluators()
Returns aEvaluatorsinstance from wherePolicyEvaluatorinstances can be obtained.- Returns:
- a
Evaluatorsinstance
-
getStoreFactory
public StoreFactory getStoreFactory()
Cache sits in front of this Returns aStoreFactory.- Returns:
- the
StoreFactory
-
getLocalStoreFactory
public StoreFactory getLocalStoreFactory()
No cache sits in front of this- Returns:
-
getProviderFactoriesStream
public Stream<PolicyProviderFactory> getProviderFactoriesStream()
Returns the registeredPolicyProviderFactory.- Returns:
- a
Streamcontaining all registeredPolicyProviderFactory
-
getProviderFactory
public PolicyProviderFactory getProviderFactory(String type)
Returns aPolicyProviderFactorygiven atype.- Parameters:
type- the type of the policy provider- Returns:
- a
PolicyProviderFactorywith the giventype
-
getProvider
public <P extends PolicyProvider> P getProvider(String type)
Returns aPolicyProviderFactorygiven atype.- Type Parameters:
P- the expected type of the provider- Parameters:
type- the type of the policy provider- Returns:
- a
PolicyProviderwith the giventype
-
getKeycloakSession
public KeycloakSession getKeycloakSession()
-
getRealm
public RealmModel getRealm()
-
getPolicyEvaluator
public PolicyEvaluator getPolicyEvaluator()
-
-