Class ClientResource
- java.lang.Object
-
- org.keycloak.services.resources.admin.ClientResource
-
public class ClientResource extends Object
Base resource class for managing one particular client of a realm.- Version:
- $Revision: 1 $
- Author:
- Bill Burke
-
-
Field Summary
Fields Modifier and Type Field Description protected ClientModel
client
protected ClientConnection
clientConnection
protected static org.jboss.logging.Logger
logger
protected RealmModel
realm
protected KeycloakSession
session
-
Constructor Summary
Constructors Constructor Description ClientResource(RealmModel realm, AdminPermissionEvaluator auth, ClientModel clientModel, KeycloakSession session, AdminEventBuilder adminEvent)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addDefaultClientScope(String clientScopeId)
void
addOptionalClientScope(String clientScopeId)
AuthorizationService
authorization()
ClientScopeEvaluateResource
clientScopeEvaluateResource()
void
deleteClient()
Delete the clientMap<String,Long>
getApplicationSessionCount()
Get application session count Returns a number of user sessions associated with this client { "count": number }ClientAttributeCertificateResource
getCertficateResource(String attributePrefix)
Get representation of certificate resourceClientRepresentation
getClient()
Get representation of the clientCredentialRepresentation
getClientRotatedSecret()
Get the rotated client secretCredentialRepresentation
getClientSecret()
Get the client secretStream<ClientScopeRepresentation>
getDefaultClientScopes()
Get default client scopes.javax.ws.rs.core.Response
getInstallationProvider(String providerId)
ManagementPermissionReference
getManagementPermissions()
Return object stating whether client Authorization permissions have been initialized or not and a referenceMap<String,Long>
getOfflineSessionCount()
Get application offline session count Returns a number of offline user sessions associated with this client { "count": number }Stream<UserSessionRepresentation>
getOfflineUserSessions(Integer firstResult, Integer maxResults)
Get offline sessions for client Returns a list of offline user sessions associated with this clientStream<ClientScopeRepresentation>
getOptionalClientScopes()
Get optional client scopes.ProtocolMappersResource
getProtocolMappers()
RoleContainerResource
getRoleContainerResource()
ScopeMappedResource
getScopeMappedResource()
Base path for managing the scope mappings for the clientUserRepresentation
getServiceAccountUser()
Get a user dedicated to the service accountStream<UserSessionRepresentation>
getUserSessions(Integer firstResult, Integer maxResults)
Get user sessions for client Returns a list of user sessions associated with this clientjavax.ws.rs.core.Response
invalidateRotatedSecret()
Invalidate the rotated secret for the clientGlobalRequestResult
pushRevocation()
Push the client's revocation policy to its admin URL If the client has an admin URL, push revocation policy to it.ClientRepresentation
regenerateRegistrationAccessToken()
Generate a new registration access token for the clientCredentialRepresentation
regenerateSecret()
Generate a new secret for the clientvoid
registerNode(Map<String,String> formParams)
Register a cluster node with the client Manually register cluster node to this client - usually it's not needed to call this directly as adapter should handle by sending registration request to Keycloakvoid
removeDefaultClientScope(String clientScopeId)
void
removeOptionalClientScope(String clientScopeId)
ManagementPermissionReference
setManagementPermissionsEnabled(ManagementPermissionReference ref)
Return object stating whether client Authorization permissions have been initialized or not and a referenceGlobalRequestResult
testNodesAvailable()
Test if registered cluster nodes are available Tests availability by sending 'ping' request to all cluster nodes.static ManagementPermissionReference
toMgmtRef(ClientModel client, AdminPermissionManagement permissions)
void
unregisterNode(String node)
Unregister a cluster node from the clientjavax.ws.rs.core.Response
update(ClientRepresentation rep)
Update the client
-
-
-
Field Detail
-
logger
protected static final org.jboss.logging.Logger logger
-
realm
protected RealmModel realm
-
client
protected ClientModel client
-
session
protected final KeycloakSession session
-
clientConnection
protected final ClientConnection clientConnection
-
-
Constructor Detail
-
ClientResource
public ClientResource(RealmModel realm, AdminPermissionEvaluator auth, ClientModel clientModel, KeycloakSession session, AdminEventBuilder adminEvent)
-
-
Method Detail
-
getProtocolMappers
@Path("protocol-mappers") public ProtocolMappersResource getProtocolMappers()
-
update
@PUT @Consumes("application/json") public javax.ws.rs.core.Response update(ClientRepresentation rep)
Update the client- Parameters:
rep
-- Returns:
-
getClient
@GET @Produces("application/json") public ClientRepresentation getClient()
Get representation of the client- Returns:
-
getCertficateResource
@Path("certificates/{attr}") public ClientAttributeCertificateResource getCertficateResource(@PathParam("attr") String attributePrefix)
Get representation of certificate resource- Parameters:
attributePrefix
-- Returns:
-
getInstallationProvider
@GET @Path("installation/providers/{providerId}") public javax.ws.rs.core.Response getInstallationProvider(@PathParam("providerId") String providerId)
-
deleteClient
@DELETE public void deleteClient()
Delete the client
-
regenerateSecret
@Path("client-secret") @POST @Produces("application/json") @Consumes("application/json") public CredentialRepresentation regenerateSecret()
Generate a new secret for the client- Returns:
-
regenerateRegistrationAccessToken
@Path("registration-access-token") @POST @Produces("application/json") @Consumes("application/json") public ClientRepresentation regenerateRegistrationAccessToken()
Generate a new registration access token for the client- Returns:
-
getClientSecret
@Path("client-secret") @GET @Produces("application/json") public CredentialRepresentation getClientSecret()
Get the client secret- Returns:
-
getScopeMappedResource
@Path("scope-mappings") public ScopeMappedResource getScopeMappedResource()
Base path for managing the scope mappings for the client- Returns:
-
getRoleContainerResource
@Path("roles") public RoleContainerResource getRoleContainerResource()
-
getDefaultClientScopes
@GET @Produces("application/json") @Path("default-client-scopes") public Stream<ClientScopeRepresentation> getDefaultClientScopes()
Get default client scopes. Only name and ids are returned.- Returns:
-
addDefaultClientScope
@PUT @Path("default-client-scopes/{clientScopeId}") public void addDefaultClientScope(@PathParam("clientScopeId") String clientScopeId)
-
removeDefaultClientScope
@DELETE @Path("default-client-scopes/{clientScopeId}") public void removeDefaultClientScope(@PathParam("clientScopeId") String clientScopeId)
-
getOptionalClientScopes
@GET @Produces("application/json") @Path("optional-client-scopes") public Stream<ClientScopeRepresentation> getOptionalClientScopes()
Get optional client scopes. Only name and ids are returned.- Returns:
-
addOptionalClientScope
@PUT @Path("optional-client-scopes/{clientScopeId}") public void addOptionalClientScope(@PathParam("clientScopeId") String clientScopeId)
-
removeOptionalClientScope
@DELETE @Path("optional-client-scopes/{clientScopeId}") public void removeOptionalClientScope(@PathParam("clientScopeId") String clientScopeId)
-
clientScopeEvaluateResource
@Path("evaluate-scopes") public ClientScopeEvaluateResource clientScopeEvaluateResource()
-
getServiceAccountUser
@Path("service-account-user") @GET @Produces("application/json") public UserRepresentation getServiceAccountUser()
Get a user dedicated to the service account- Returns:
-
pushRevocation
@Path("push-revocation") @POST @Produces("application/json") public GlobalRequestResult pushRevocation()
Push the client's revocation policy to its admin URL If the client has an admin URL, push revocation policy to it.
-
getApplicationSessionCount
@Path("session-count") @GET @Produces("application/json") public Map<String,Long> getApplicationSessionCount()
Get application session count Returns a number of user sessions associated with this client { "count": number }- Returns:
-
getUserSessions
@Path("user-sessions") @GET @Produces("application/json") public Stream<UserSessionRepresentation> getUserSessions(@QueryParam("first") Integer firstResult, @QueryParam("max") Integer maxResults)
Get user sessions for client Returns a list of user sessions associated with this client- Parameters:
firstResult
- Paging offsetmaxResults
- Maximum results size (defaults to 100)- Returns:
-
getOfflineSessionCount
@Path("offline-session-count") @GET @Produces("application/json") public Map<String,Long> getOfflineSessionCount()
Get application offline session count Returns a number of offline user sessions associated with this client { "count": number }- Returns:
-
getOfflineUserSessions
@Path("offline-sessions") @GET @Produces("application/json") public Stream<UserSessionRepresentation> getOfflineUserSessions(@QueryParam("first") Integer firstResult, @QueryParam("max") Integer maxResults)
Get offline sessions for client Returns a list of offline user sessions associated with this client- Parameters:
firstResult
- Paging offsetmaxResults
- Maximum results size (defaults to 100)- Returns:
-
registerNode
@Path("nodes") @POST @Consumes("application/json") public void registerNode(Map<String,String> formParams)
Register a cluster node with the client Manually register cluster node to this client - usually it's not needed to call this directly as adapter should handle by sending registration request to Keycloak- Parameters:
formParams
-
-
unregisterNode
@Path("nodes/{node}") @DELETE public void unregisterNode(@PathParam("node") String node)
Unregister a cluster node from the client- Parameters:
node
-
-
testNodesAvailable
@Path("test-nodes-available") @GET @Produces("application/json") public GlobalRequestResult testNodesAvailable()
Test if registered cluster nodes are available Tests availability by sending 'ping' request to all cluster nodes.- Returns:
-
authorization
@Path("/authz") public AuthorizationService authorization()
-
getManagementPermissions
@Path("management/permissions") @GET @Produces("application/json") public ManagementPermissionReference getManagementPermissions()
Return object stating whether client Authorization permissions have been initialized or not and a reference- Returns:
-
toMgmtRef
public static ManagementPermissionReference toMgmtRef(ClientModel client, AdminPermissionManagement permissions)
-
setManagementPermissionsEnabled
@Path("management/permissions") @PUT @Produces("application/json") @Consumes("application/json") public ManagementPermissionReference setManagementPermissionsEnabled(ManagementPermissionReference ref)
Return object stating whether client Authorization permissions have been initialized or not and a reference- Returns:
- initialized manage permissions reference
-
invalidateRotatedSecret
@Path("client-secret/rotated") @DELETE @Produces("application/json") @Consumes("application/json") public javax.ws.rs.core.Response invalidateRotatedSecret()
Invalidate the rotated secret for the client- Returns:
-
getClientRotatedSecret
@Path("client-secret/rotated") @GET @Produces("application/json") public CredentialRepresentation getClientRotatedSecret()
Get the rotated client secret- Returns:
-
-