Class ClientScopeEvaluateScopeMappingsResource
- java.lang.Object
-
- org.keycloak.services.resources.admin.ClientScopeEvaluateScopeMappingsResource
-
public class ClientScopeEvaluateScopeMappingsResource extends Object
- Author:
- Marek Posolda
-
-
Constructor Summary
Constructors Constructor Description ClientScopeEvaluateScopeMappingsResource(RoleContainerModel roleContainer, AdminPermissionEvaluator auth, ClientModel client, String scopeParam)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description Stream<RoleRepresentation>
getGrantedScopeMappings()
Get effective scope mapping of all roles of particular role container, which this client is defacto allowed to have in the accessToken issued for him.Stream<RoleRepresentation>
getNotGrantedScopeMappings()
Get roles, which this client doesn't have scope for and can't have them in the accessToken issued for him.
-
-
-
Constructor Detail
-
ClientScopeEvaluateScopeMappingsResource
public ClientScopeEvaluateScopeMappingsResource(RoleContainerModel roleContainer, AdminPermissionEvaluator auth, ClientModel client, String scopeParam)
-
-
Method Detail
-
getGrantedScopeMappings
@Path("/granted") @GET @Produces("application/json") public Stream<RoleRepresentation> getGrantedScopeMappings()
Get effective scope mapping of all roles of particular role container, which this client is defacto allowed to have in the accessToken issued for him. This contains scope mappings, which this client has directly, as well as scope mappings, which are granted to all client scopes, which are linked with this client.- Returns:
-
getNotGrantedScopeMappings
@Path("/not-granted") @GET @Produces("application/json") public Stream<RoleRepresentation> getNotGrantedScopeMappings()
Get roles, which this client doesn't have scope for and can't have them in the accessToken issued for him. Defacto all the other roles of particular role container, which are not ingetGrantedScopeMappings()
- Returns:
-
-