Package org.keycloak.models.jpa
Class JpaUserProvider
- java.lang.Object
-
- org.keycloak.models.jpa.JpaUserProvider
-
- All Implemented Interfaces:
UserCredentialStore
,UserProvider
,Provider
,UserBulkUpdateProvider
,UserLookupProvider
,UserQueryProvider
,UserRegistrationProvider
public class JpaUserProvider extends Object implements UserProvider, UserCredentialStore
- Version:
- $Revision: 1 $
- Author:
- Bill Burke
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.keycloak.credential.UserCredentialStore
UserCredentialStore.Streams
-
Nested classes/interfaces inherited from interface org.keycloak.models.UserProvider
UserProvider.Streams
-
-
Field Summary
Fields Modifier and Type Field Description protected javax.persistence.EntityManager
em
-
Constructor Summary
Constructors Constructor Description JpaUserProvider(KeycloakSession session, javax.persistence.EntityManager em)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addConsent(RealmModel realm, String userId, UserConsentModel consent)
Add user consent for the user.void
addFederatedIdentity(RealmModel realm, UserModel user, FederatedIdentityModel identity)
Adds a federated identity link for the user within the realmUserModel
addUser(RealmModel realm, String username)
All storage providers that implement this interface will be looped through.UserModel
addUser(RealmModel realm, String id, String username, boolean addDefaultRoles, boolean addDefaultRequiredActions)
Adds a new user into the storage.void
close()
CredentialModel
createCredential(RealmModel realm, UserModel user, CredentialModel cred)
protected void
ensureEmailConstraint(List<UserEntity> users, RealmModel realm)
UserConsentModel
getConsentByClient(RealmModel realm, String userId, String clientId)
Returns UserConsentModel given by a user with the userId for the client with clientInternalIdStream<UserConsentModel>
getConsentsStream(RealmModel realm, String userId)
Obtains the consents associated with the user identified by the specifieduserId
.Stream<FederatedIdentityModel>
getFederatedIdentitiesStream(RealmModel realm, UserModel user)
Obtains the federated identities of the specified user.FederatedIdentityModel
getFederatedIdentity(RealmModel realm, UserModel user, String identityProvider)
Returns details of the association between the user and the socialProvider.Stream<UserModel>
getGroupMembersStream(RealmModel realm, GroupModel group)
Obtains users that belong to a specific group.Stream<UserModel>
getGroupMembersStream(RealmModel realm, GroupModel group, Integer firstResult, Integer maxResults)
Obtains users that belong to a specific group.int
getNotBeforeOfUser(RealmModel realm, UserModel user)
Gets the notBefore value for the given userStream<UserModel>
getRoleMembersStream(RealmModel realm, RoleModel role)
Obtains users that have the specified role.Stream<UserModel>
getRoleMembersStream(RealmModel realm, RoleModel role, Integer firstResult, Integer maxResults)
Searches for users that have the specified role.UserModel
getServiceAccount(ClientModel client)
Return a UserModel representing service account of the clientCredentialModel
getStoredCredentialById(RealmModel realm, UserModel user, String id)
CredentialModel
getStoredCredentialByNameAndType(RealmModel realm, UserModel user, String name, String type)
Stream<CredentialModel>
getStoredCredentialsByTypeStream(RealmModel realm, UserModel user, String type)
Obtains the stored credentials associated with the specified user that match the specified type.Stream<CredentialModel>
getStoredCredentialsStream(RealmModel realm, UserModel user)
Obtains the stored credentials associated with the specified user.UserModel
getUserByEmail(RealmModel realm, String email)
Returns a user with the given email belonging to the realmUserModel
getUserByFederatedIdentity(RealmModel realm, FederatedIdentityModel identity)
Returns a userModel that corresponds to the given socialLink.UserModel
getUserById(RealmModel realm, String id)
Returns a user with the given id belonging to the realmUserModel
getUserByUsername(RealmModel realm, String username)
Exact search for a user by its username.int
getUsersCount(RealmModel realm, boolean includeServiceAccount)
Returns the number of users.int
getUsersCount(RealmModel realm, String search)
Returns the number of users that would be returned by a call tosearchForUserStream
int
getUsersCount(RealmModel realm, String search, Set<String> groupIds)
Returns the number of users that would be returned by a call tosearchForUserStream
and are members of at least one of the groups given by thegroupIds
set.int
getUsersCount(RealmModel realm, Map<String,String> params)
Returns the number of users that match the given filter parameters.int
getUsersCount(RealmModel realm, Map<String,String> params, Set<String> groupIds)
Returns the number of users that match the given filter parameters and is in at least one of the given groups.int
getUsersCount(RealmModel realm, Set<String> groupIds)
Returns the number of users that are in at least one of the groups given.void
grantToAllUsers(RealmModel realm, RoleModel role)
Grants the given role to all users from particular realm.boolean
moveCredentialTo(RealmModel realm, UserModel user, String id, String newPreviousCredentialId)
void
preRemove(ClientScopeModel clientScope)
Called when a client scope is removed.void
preRemove(ProtocolMapperModel protocolMapper)
Called when a protocolMapper is removedvoid
preRemove(RealmModel realm)
Called when a realm is removed.void
preRemove(RealmModel realm, ComponentModel component)
Called when a component is removed.void
preRemove(RealmModel realm, ClientModel client)
Called when a client is removed.void
preRemove(RealmModel realm, GroupModel group)
Called when a group is removed.void
preRemove(RealmModel realm, IdentityProviderModel provider)
Called when an identity provider is removed.void
preRemove(RealmModel realm, RoleModel role)
Called when a role is removed.protected void
removeConsentByClientStorageProvider(RealmModel realm, String providerId)
boolean
removeFederatedIdentity(RealmModel realm, UserModel user, String identityProvider)
Removes federation link between the user and the identity provider given by its idvoid
removeImportedUsers(RealmModel realm, String storageProviderId)
Removes any imported users from a specific User Storage Provider.boolean
removeStoredCredential(RealmModel realm, UserModel user, String id)
Removes credential with theid
for theuser
.boolean
removeUser(RealmModel realm, UserModel user)
Called if user originated from this provider.boolean
revokeConsentForClient(RealmModel realm, String userId, String clientId)
Remove a user consent given by the user id and client idStream<UserModel>
searchForUserByUserAttributeStream(RealmModel realm, String attrName, String attrValue)
Searches for users that have a specific attribute with a specific value.Stream<UserModel>
searchForUserStream(RealmModel realm, String search, Integer firstResult, Integer maxResults)
Searches for users whose username, email, first name or last name contain any of the strings insearch
separated by whitespace.Stream<UserModel>
searchForUserStream(RealmModel realm, Map<String,String> attributes, Integer firstResult, Integer maxResults)
Searches for user by parameter.void
setNotBeforeForUser(RealmModel realm, UserModel user, int notBefore)
Sets the notBefore value for the given userprotected CredentialModel
toModel(CredentialEntity entity)
void
unlinkUsers(RealmModel realm, String storageProviderId)
Set federation link tonull
to imported users of a specific User Storage Providervoid
updateConsent(RealmModel realm, String userId, UserConsentModel consent)
Update client scopes in the stored user consentvoid
updateCredential(RealmModel realm, UserModel user, CredentialModel cred)
void
updateFederatedIdentity(RealmModel realm, UserModel federatedUser, FederatedIdentityModel federatedIdentityModel)
Update details of association between the federatedUser and the idp given by the federatedIdentityModel-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.keycloak.storage.user.UserLookupProvider
getUserByCredential
-
Methods inherited from interface org.keycloak.models.UserProvider
getUsersStream, getUsersStream
-
Methods inherited from interface org.keycloak.storage.user.UserQueryProvider
getUsersCount, getUsersStream, getUsersStream, searchForUserStream, searchForUserStream
-
-
-
-
Constructor Detail
-
JpaUserProvider
public JpaUserProvider(KeycloakSession session, javax.persistence.EntityManager em)
-
-
Method Detail
-
addUser
public UserModel addUser(RealmModel realm, String id, String username, boolean addDefaultRoles, boolean addDefaultRequiredActions)
Description copied from interface:UserProvider
Adds a new user into the storage. only used for local storage- Specified by:
addUser
in interfaceUserProvider
- Parameters:
realm
- the realm that user will be created inid
- id of the new user. Should be generated to a random value ifnull
.username
- usernameaddDefaultRoles
- iftrue
, the user should join all realm default rolesaddDefaultRequiredActions
- iftrue
, all default required actions are added to the created user- Returns:
- model of created user
-
addUser
public UserModel addUser(RealmModel realm, String username)
Description copied from interface:UserRegistrationProvider
All storage providers that implement this interface will be looped through. If this method returns null, then the next storage provider's addUser() method will be called. If no storage providers handle the add, then the user will be created in local storage. Returning null is useful when you want optional support for adding users. For example, our LDAP provider can enable and disable the ability to add users.- Specified by:
addUser
in interfaceUserRegistrationProvider
- Parameters:
realm
- a reference to the realmusername
- a username the created user will be assigned- Returns:
- a model of created user
-
removeUser
public boolean removeUser(RealmModel realm, UserModel user)
Description copied from interface:UserRegistrationProvider
Called if user originated from this provider. If a local user is linked to this provider, this method will be called before local storage's removeUser() method is invoked. If you are using an import strategy, and this is a local user linked to this provider, this method will be called before local storage's removeUser() method is invoked. Also, you DO NOT need to remove the imported user. The runtime will handle this for you.- Specified by:
removeUser
in interfaceUserRegistrationProvider
- Parameters:
realm
- a reference to the realmuser
- a reference to the user that is removed- Returns:
- true if the user was removed, false otherwise
-
addFederatedIdentity
public void addFederatedIdentity(RealmModel realm, UserModel user, FederatedIdentityModel identity)
Description copied from interface:UserProvider
Adds a federated identity link for the user within the realm- Specified by:
addFederatedIdentity
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmuser
- the user modelidentity
- the federated identity model containing all details of the association between the user and the identity provider
-
updateFederatedIdentity
public void updateFederatedIdentity(RealmModel realm, UserModel federatedUser, FederatedIdentityModel federatedIdentityModel)
Description copied from interface:UserProvider
Update details of association between the federatedUser and the idp given by the federatedIdentityModel- Specified by:
updateFederatedIdentity
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmfederatedUser
- the user modelfederatedIdentityModel
- the federated identity model containing all details of the association between the user and the identity provider
-
removeFederatedIdentity
public boolean removeFederatedIdentity(RealmModel realm, UserModel user, String identityProvider)
Description copied from interface:UserProvider
Removes federation link between the user and the identity provider given by its id- Specified by:
removeFederatedIdentity
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmuser
- the user modelidentityProvider
- alias of the identity provider, seeIdentityProviderModel.getAlias()
- Returns:
true
if the association was removed,false
otherwise TODO: Make this method return Boolean so that store can return "I don't know" answer, this can be used for example in async stores
-
preRemove
public void preRemove(RealmModel realm, IdentityProviderModel provider)
Description copied from interface:UserProvider
Called when an identity provider is removed. Should remove all federated identities assigned to users from the provider.- Specified by:
preRemove
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmprovider
- provider model
-
addConsent
public void addConsent(RealmModel realm, String userId, UserConsentModel consent)
Description copied from interface:UserProvider
Add user consent for the user.- Specified by:
addConsent
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmuserId
- id of the userconsent
- all details corresponding to the granted consent
-
getConsentByClient
public UserConsentModel getConsentByClient(RealmModel realm, String userId, String clientId)
Description copied from interface:UserProvider
Returns UserConsentModel given by a user with the userId for the client with clientInternalId- Specified by:
getConsentByClient
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmuserId
- id of the userclientId
- id of the client- Returns:
- consent given by the user to the client or
null
if no consent or user exists
-
getConsentsStream
public Stream<UserConsentModel> getConsentsStream(RealmModel realm, String userId)
Description copied from interface:UserProvider
Obtains the consents associated with the user identified by the specifieduserId
.- Specified by:
getConsentsStream
in interfaceUserProvider
- Parameters:
realm
- a reference to the realm.userId
- the user identifier.- Returns:
- a non-null
Stream
of consents associated with the user.
-
updateConsent
public void updateConsent(RealmModel realm, String userId, UserConsentModel consent)
Description copied from interface:UserProvider
Update client scopes in the stored user consent- Specified by:
updateConsent
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmuserId
- id of the userconsent
- new details of the user consent
-
revokeConsentForClient
public boolean revokeConsentForClient(RealmModel realm, String userId, String clientId)
Description copied from interface:UserProvider
Remove a user consent given by the user id and client id- Specified by:
revokeConsentForClient
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmuserId
- id of the userclientId
- id of the client- Returns:
true
if the consent was removed,false
otherwise TODO: Make this method return Boolean so that store can return "I don't know" answer, this can be used for example in async stores
-
setNotBeforeForUser
public void setNotBeforeForUser(RealmModel realm, UserModel user, int notBefore)
Description copied from interface:UserProvider
Sets the notBefore value for the given user- Specified by:
setNotBeforeForUser
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmuser
- the user modelnotBefore
- new value for notBefore
-
getNotBeforeOfUser
public int getNotBeforeOfUser(RealmModel realm, UserModel user)
Description copied from interface:UserProvider
Gets the notBefore value for the given user- Specified by:
getNotBeforeOfUser
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmuser
- the user model- Returns:
- the value of notBefore
-
grantToAllUsers
public void grantToAllUsers(RealmModel realm, RoleModel role)
Description copied from interface:UserBulkUpdateProvider
Grants the given role to all users from particular realm. The role has to belong to the realm.- Specified by:
grantToAllUsers
in interfaceUserBulkUpdateProvider
- Parameters:
realm
- Realmrole
- Role to be granted
-
preRemove
public void preRemove(RealmModel realm)
Description copied from interface:UserProvider
Called when a realm is removed. Should remove all users that belong to the realm.- Specified by:
preRemove
in interfaceUserProvider
- Parameters:
realm
- a reference to the realm
-
removeImportedUsers
public void removeImportedUsers(RealmModel realm, String storageProviderId)
Description copied from interface:UserProvider
Removes any imported users from a specific User Storage Provider.- Specified by:
removeImportedUsers
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmstorageProviderId
- id of the user storage provider
-
unlinkUsers
public void unlinkUsers(RealmModel realm, String storageProviderId)
Description copied from interface:UserProvider
Set federation link tonull
to imported users of a specific User Storage Provider- Specified by:
unlinkUsers
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmstorageProviderId
- id of the storage provider
-
preRemove
public void preRemove(RealmModel realm, RoleModel role)
Description copied from interface:UserProvider
Called when a role is removed. Should remove the role membership for each user.- Specified by:
preRemove
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmrole
- the role model
-
preRemove
public void preRemove(RealmModel realm, ClientModel client)
Description copied from interface:UserProvider
Called when a client is removed. Should remove all user consents associated with the client- Specified by:
preRemove
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmclient
- the client model
-
preRemove
public void preRemove(ProtocolMapperModel protocolMapper)
Description copied from interface:UserProvider
Called when a protocolMapper is removed- Specified by:
preRemove
in interfaceUserProvider
- Parameters:
protocolMapper
- the protocolMapper model
-
preRemove
public void preRemove(ClientScopeModel clientScope)
Description copied from interface:UserProvider
Called when a client scope is removed. Should remove the clientScope from each user consent- Specified by:
preRemove
in interfaceUserProvider
- Parameters:
clientScope
- the clientScope model
-
getGroupMembersStream
public Stream<UserModel> getGroupMembersStream(RealmModel realm, GroupModel group)
Description copied from interface:UserQueryProvider
Obtains users that belong to a specific group.- Specified by:
getGroupMembersStream
in interfaceUserQueryProvider
- Parameters:
realm
- a reference to the realm.group
- a reference to the group.- Returns:
- a non-null
Stream
of users that belong to the group.
-
getRoleMembersStream
public Stream<UserModel> getRoleMembersStream(RealmModel realm, RoleModel role)
Description copied from interface:UserQueryProvider
Obtains users that have the specified role.- Specified by:
getRoleMembersStream
in interfaceUserQueryProvider
- Parameters:
realm
- a reference to the realm.role
- a reference to the role.- Returns:
- a non-null
Stream
of users that have the specified role.
-
preRemove
public void preRemove(RealmModel realm, GroupModel group)
Description copied from interface:UserProvider
Called when a group is removed. Should remove the group membership for each user.- Specified by:
preRemove
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmgroup
- the group model
-
getUserById
public UserModel getUserById(RealmModel realm, String id)
Description copied from interface:UserLookupProvider
Returns a user with the given id belonging to the realm- Specified by:
getUserById
in interfaceUserLookupProvider
- Parameters:
realm
- the realm modelid
- id of the user- Returns:
- found user model, or
null
if no such user exists
-
getUserByUsername
public UserModel getUserByUsername(RealmModel realm, String username)
Description copied from interface:UserLookupProvider
Exact search for a user by its username. Returns a user with the given username belonging to the realm- Specified by:
getUserByUsername
in interfaceUserLookupProvider
- Parameters:
realm
- the realm modelusername
- (case-sensitivity is controlled by storage)- Returns:
- found user model, or
null
if no such user exists
-
getUserByEmail
public UserModel getUserByEmail(RealmModel realm, String email)
Description copied from interface:UserLookupProvider
Returns a user with the given email belonging to the realm- Specified by:
getUserByEmail
in interfaceUserLookupProvider
- Parameters:
realm
- the realm modelemail
- email address- Returns:
- found user model, or
null
if no such user exists
-
close
public void close()
- Specified by:
close
in interfaceProvider
- Specified by:
close
in interfaceUserProvider
-
getUserByFederatedIdentity
public UserModel getUserByFederatedIdentity(RealmModel realm, FederatedIdentityModel identity)
Description copied from interface:UserProvider
Returns a userModel that corresponds to the given socialLink.- Specified by:
getUserByFederatedIdentity
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmidentity
- the socialLink- Returns:
- the user corresponding to socialLink and
null
if no such user exists
-
getServiceAccount
public UserModel getServiceAccount(ClientModel client)
Description copied from interface:UserProvider
Return a UserModel representing service account of the client- Specified by:
getServiceAccount
in interfaceUserProvider
- Parameters:
client
- the client model- Returns:
- userModel representing service account of the client
-
getUsersCount
public int getUsersCount(RealmModel realm, boolean includeServiceAccount)
Description copied from interface:UserQueryProvider
Returns the number of users.- Specified by:
getUsersCount
in interfaceUserQueryProvider
- Parameters:
realm
- the realmincludeServiceAccount
- if true, the number of users will also include service accounts. Otherwise, only the number of users.- Returns:
- the number of users
-
getUsersCount
public int getUsersCount(RealmModel realm, Set<String> groupIds)
Description copied from interface:UserQueryProvider
Returns the number of users that are in at least one of the groups given.- Specified by:
getUsersCount
in interfaceUserQueryProvider
- Parameters:
realm
- the realmgroupIds
- set of groups IDs, the returned user needs to belong to at least one of them- Returns:
- the number of users that are in at least one of the groups
-
getUsersCount
public int getUsersCount(RealmModel realm, String search)
Description copied from interface:UserQueryProvider
Returns the number of users that would be returned by a call tosearchForUserStream
- Specified by:
getUsersCount
in interfaceUserQueryProvider
- Parameters:
realm
- the realmsearch
- case insensitive list of strings separated by whitespaces.- Returns:
- number of users that match the search
-
getUsersCount
public int getUsersCount(RealmModel realm, String search, Set<String> groupIds)
Description copied from interface:UserQueryProvider
Returns the number of users that would be returned by a call tosearchForUserStream
and are members of at least one of the groups given by thegroupIds
set.- Specified by:
getUsersCount
in interfaceUserQueryProvider
- Parameters:
realm
- the realmsearch
- case insensitive list of strings separated by whitespaces.groupIds
- set of groups IDs, the returned user needs to belong to at least one of them- Returns:
- number of users that match the search and given groups
-
getUsersCount
public int getUsersCount(RealmModel realm, Map<String,String> params)
Description copied from interface:UserQueryProvider
Returns the number of users that match the given filter parameters.- Specified by:
getUsersCount
in interfaceUserQueryProvider
- Parameters:
realm
- the realmparams
- filter parameters- Returns:
- number of users that match the given filters
-
getUsersCount
public int getUsersCount(RealmModel realm, Map<String,String> params, Set<String> groupIds)
Description copied from interface:UserQueryProvider
Returns the number of users that match the given filter parameters and is in at least one of the given groups.- Specified by:
getUsersCount
in interfaceUserQueryProvider
- Parameters:
realm
- the realmparams
- filter parametersgroupIds
- set if groups to check for- Returns:
- number of users that match the given filters and groups
-
getGroupMembersStream
public Stream<UserModel> getGroupMembersStream(RealmModel realm, GroupModel group, Integer firstResult, Integer maxResults)
Description copied from interface:UserQueryProvider
Obtains users that belong to a specific group.- Specified by:
getGroupMembersStream
in interfaceUserQueryProvider
- Parameters:
realm
- a reference to the realm.group
- a reference to the group.firstResult
- first result to return. Ignored if negative, zero, ornull
.maxResults
- maximum number of results to return. Ignored if negative ornull
.- Returns:
- a non-null
Stream
of users that belong to the group.
-
getRoleMembersStream
public Stream<UserModel> getRoleMembersStream(RealmModel realm, RoleModel role, Integer firstResult, Integer maxResults)
Description copied from interface:UserQueryProvider
Searches for users that have the specified role.- Specified by:
getRoleMembersStream
in interfaceUserQueryProvider
- Parameters:
realm
- a reference to the realm.role
- a reference to the role.firstResult
- first result to return. Ignored if negative ornull
.maxResults
- maximum number of results to return. Ignored if negative ornull
.- Returns:
- a non-null
Stream
of users that have the specified role.
-
searchForUserStream
public Stream<UserModel> searchForUserStream(RealmModel realm, String search, Integer firstResult, Integer maxResults)
Description copied from interface:UserQueryProvider
Searches for users whose username, email, first name or last name contain any of the strings insearch
separated by whitespace. If possible, implementations should treat the parameter values as partial match patterns (i.e. in RDMBS terms use LIKE). This method is used by the admin console search box- Specified by:
searchForUserStream
in interfaceUserQueryProvider
- Parameters:
realm
- a reference to the realm.search
- case insensitive list of string separated by whitespaces.firstResult
- first result to return. Ignored if negative, zero, ornull
.maxResults
- maximum number of results to return. Ignored if negative ornull
.- Returns:
- a non-null
Stream
of users that match the search criteria.
-
searchForUserStream
public Stream<UserModel> searchForUserStream(RealmModel realm, Map<String,String> attributes, Integer firstResult, Integer maxResults)
Description copied from interface:UserQueryProvider
Searches for user by parameter. If possible, implementations should treat the parameter values as partial match patterns (i.e. in RDMBS terms use LIKE). Valid parameters are:UserModel.FIRST_NAME
- first name (case insensitive string)UserModel.LAST_NAME
- last name (case insensitive string)UserModel.EMAIL
- email (case insensitive string)UserModel.USERNAME
- username (case insensitive string)UserModel.EMAIL_VERIFIED
- search only for users with verified/non-verified email (true/false)UserModel.ENABLED
- search only for enabled/disabled users (true/false)UserModel.IDP_ALIAS
- search only for users that have a federated identity from idp with the given alias configured (case sensitive string)UserModel.IDP_USER_ID
- search for users with federated identity with the given userId (case sensitive string)
- Specified by:
searchForUserStream
in interfaceUserQueryProvider
- Parameters:
realm
- a reference to the realm.attributes
- a map containing the search parameters.firstResult
- first result to return. Ignored if negative, zero, ornull
.maxResults
- maximum number of results to return. Ignored if negative ornull
.- Returns:
- a non-null
Stream
of users that match the search criteria.
-
searchForUserByUserAttributeStream
public Stream<UserModel> searchForUserByUserAttributeStream(RealmModel realm, String attrName, String attrValue)
Description copied from interface:UserQueryProvider
Searches for users that have a specific attribute with a specific value.- Specified by:
searchForUserByUserAttributeStream
in interfaceUserQueryProvider
- Parameters:
realm
- a reference to the realm.attrName
- the attribute name.attrValue
- the attribute value.- Returns:
- a non-null
Stream
of users that match the search criteria.
-
getFederatedIdentitiesStream
public Stream<FederatedIdentityModel> getFederatedIdentitiesStream(RealmModel realm, UserModel user)
Description copied from interface:UserProvider
Obtains the federated identities of the specified user.- Specified by:
getFederatedIdentitiesStream
in interfaceUserProvider
- Parameters:
realm
- a reference to the realm.user
- the reference to the user.- Returns:
- a non-null
Stream
of federated identities associated with the user.
-
getFederatedIdentity
public FederatedIdentityModel getFederatedIdentity(RealmModel realm, UserModel user, String identityProvider)
Description copied from interface:UserProvider
Returns details of the association between the user and the socialProvider.- Specified by:
getFederatedIdentity
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmuser
- the user modelidentityProvider
- the id of the identity provider- Returns:
- federatedIdentityModel or
null
if no association exists
-
preRemove
public void preRemove(RealmModel realm, ComponentModel component)
Description copied from interface:UserProvider
Called when a component is removed. Should remove all data in UserStorage associated with removed component. For example,- if component corresponds to UserStorageProvider all imported users from the provider should be removed,
- if component corresponds to ClientStorageProvider all consents granted for clients imported from the provider should be removed
- Specified by:
preRemove
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmcomponent
- the component model
-
removeConsentByClientStorageProvider
protected void removeConsentByClientStorageProvider(RealmModel realm, String providerId)
-
updateCredential
public void updateCredential(RealmModel realm, UserModel user, CredentialModel cred)
- Specified by:
updateCredential
in interfaceUserCredentialStore
-
createCredential
public CredentialModel createCredential(RealmModel realm, UserModel user, CredentialModel cred)
- Specified by:
createCredential
in interfaceUserCredentialStore
-
removeStoredCredential
public boolean removeStoredCredential(RealmModel realm, UserModel user, String id)
Description copied from interface:UserCredentialStore
Removes credential with theid
for theuser
.- Specified by:
removeStoredCredential
in interfaceUserCredentialStore
- Parameters:
realm
- realm.user
- userid
- id- Returns:
true
if the credential was removed,false
otherwise TODO: Make this method return Boolean so that store can return "I don't know" answer, this can be used for example in async stores
-
getStoredCredentialById
public CredentialModel getStoredCredentialById(RealmModel realm, UserModel user, String id)
- Specified by:
getStoredCredentialById
in interfaceUserCredentialStore
-
toModel
protected CredentialModel toModel(CredentialEntity entity)
-
getStoredCredentialsStream
public Stream<CredentialModel> getStoredCredentialsStream(RealmModel realm, UserModel user)
Description copied from interface:UserCredentialStore
Obtains the stored credentials associated with the specified user.- Specified by:
getStoredCredentialsStream
in interfaceUserCredentialStore
- Parameters:
realm
- a reference to the realm.user
- the user whose credentials are being searched.- Returns:
- a non-null
Stream
of credentials.
-
getStoredCredentialsByTypeStream
public Stream<CredentialModel> getStoredCredentialsByTypeStream(RealmModel realm, UserModel user, String type)
Description copied from interface:UserCredentialStore
Obtains the stored credentials associated with the specified user that match the specified type.- Specified by:
getStoredCredentialsByTypeStream
in interfaceUserCredentialStore
- Parameters:
realm
- a reference to the realm.user
- the user whose credentials are being searched.type
- the type of credentials being searched.- Returns:
- a non-null
Stream
of credentials.
-
getStoredCredentialByNameAndType
public CredentialModel getStoredCredentialByNameAndType(RealmModel realm, UserModel user, String name, String type)
- Specified by:
getStoredCredentialByNameAndType
in interfaceUserCredentialStore
-
moveCredentialTo
public boolean moveCredentialTo(RealmModel realm, UserModel user, String id, String newPreviousCredentialId)
- Specified by:
moveCredentialTo
in interfaceUserCredentialStore
-
ensureEmailConstraint
protected void ensureEmailConstraint(List<UserEntity> users, RealmModel realm)
-
-