Package org.keycloak.storage
Class RoleStorageManager
- java.lang.Object
-
- org.keycloak.storage.RoleStorageManager
-
- All Implemented Interfaces:
RoleProvider
,Provider
,RoleLookupProvider
public class RoleStorageManager extends Object implements RoleProvider
-
-
Field Summary
Fields Modifier and Type Field Description protected KeycloakSession
session
-
Constructor Summary
Constructors Constructor Description RoleStorageManager(KeycloakSession session, long roleStorageProviderTimeout)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description RoleModel
addClientRole(ClientModel client, String name)
Adds a client role with givenname
to the given client.RoleModel
addClientRole(ClientModel client, String id, String name)
Adds a client role with given internal ID andname
to the given client.RoleModel
addRealmRole(RealmModel realm, String name)
Adds a realm role with givenname
to the given realm.RoleModel
addRealmRole(RealmModel realm, String id, String name)
Adds a realm role with given internal ID andname
to the given realm.void
close()
RoleModel
getClientRole(ClientModel client, String name)
Exact search for a client role by given name.Stream<RoleModel>
getClientRolesStream(ClientModel client)
Returns all the client roles of the given client.Stream<RoleModel>
getClientRolesStream(ClientModel client, Integer first, Integer max)
Returns the client roles of the given client.static <T> Stream<T>
getEnabledStorageProviders(KeycloakSession session, RealmModel realm, Class<T> type)
RoleModel
getRealmRole(RealmModel realm, String name)
Exact search for a role by given name.Stream<RoleModel>
getRealmRolesStream(RealmModel realm, Integer first, Integer max)
Returns the realm roles of the given realm as a stream.RoleModel
getRoleById(RealmModel realm, String id)
Exact search for a role by its internal ID..Stream<RoleModel>
getRolesStream(RealmModel realm, Stream<String> ids, String search, Integer first, Integer max)
Returns a paginated stream of roles with given ids and given search value in role names.static RoleStorageProvider
getStorageProvider(KeycloakSession session, RealmModel realm, String componentId)
static RoleStorageProvider
getStorageProviderInstance(KeycloakSession session, RoleStorageProviderModel model, RoleStorageProviderFactory factory)
static RoleStorageProviderModel
getStorageProviderModel(RealmModel realm, String componentId)
static <T> Stream<T>
getStorageProviders(KeycloakSession session, RealmModel realm, Class<T> type)
static <T> Stream<RoleStorageProviderModel>
getStorageProviders(RealmModel realm, KeycloakSession session, Class<T> type)
static boolean
isStorageProviderEnabled(RealmModel realm, String providerId)
boolean
removeRole(RoleModel role)
Removes given realm role from the given realm.void
removeRoles(ClientModel client)
Removes all roles from the given client.void
removeRoles(RealmModel realm)
Removes all roles from the given realm.Stream<RoleModel>
searchForClientRolesStream(ClientModel client, String search, Integer first, Integer max)
Obtaining roles from an external role storage is time-bounded.Stream<RoleModel>
searchForRolesStream(RealmModel realm, String search, Integer first, Integer max)
Obtaining roles from an external role storage is time-bounded.-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.keycloak.models.RoleProvider
getRealmRolesStream
-
-
-
-
Field Detail
-
session
protected KeycloakSession session
-
-
Constructor Detail
-
RoleStorageManager
public RoleStorageManager(KeycloakSession session, long roleStorageProviderTimeout)
-
-
Method Detail
-
isStorageProviderEnabled
public static boolean isStorageProviderEnabled(RealmModel realm, String providerId)
-
getStorageProviderModel
public static RoleStorageProviderModel getStorageProviderModel(RealmModel realm, String componentId)
-
getStorageProvider
public static RoleStorageProvider getStorageProvider(KeycloakSession session, RealmModel realm, String componentId)
-
getStorageProviders
public static <T> Stream<RoleStorageProviderModel> getStorageProviders(RealmModel realm, KeycloakSession session, Class<T> type)
-
getStorageProviderInstance
public static RoleStorageProvider getStorageProviderInstance(KeycloakSession session, RoleStorageProviderModel model, RoleStorageProviderFactory factory)
-
getStorageProviders
public static <T> Stream<T> getStorageProviders(KeycloakSession session, RealmModel realm, Class<T> type)
-
getEnabledStorageProviders
public static <T> Stream<T> getEnabledStorageProviders(KeycloakSession session, RealmModel realm, Class<T> type)
-
addRealmRole
public RoleModel addRealmRole(RealmModel realm, String name)
Description copied from interface:RoleProvider
Adds a realm role with givenname
to the given realm. The internal ID of the role will be created automatically.- Specified by:
addRealmRole
in interfaceRoleProvider
- Parameters:
realm
- Realm owning this role.name
- String name of the role.- Returns:
- Model of the created role.
-
addRealmRole
public RoleModel addRealmRole(RealmModel realm, String id, String name)
Description copied from interface:RoleProvider
Adds a realm role with given internal ID andname
to the given realm.- Specified by:
addRealmRole
in interfaceRoleProvider
- Parameters:
realm
- Realm owning this role.id
- Internal ID of the role ornull
if one is to be created by the underlying storename
- String name of the role.- Returns:
- Model of the created client.
-
getRealmRole
public RoleModel getRealmRole(RealmModel realm, String name)
Description copied from interface:RoleLookupProvider
Exact search for a role by given name.- Specified by:
getRealmRole
in interfaceRoleLookupProvider
- Parameters:
realm
- Realm.name
- String name of the role.- Returns:
- Model of the role, or
null
if no role is found.
-
getRoleById
public RoleModel getRoleById(RealmModel realm, String id)
Description copied from interface:RoleLookupProvider
Exact search for a role by its internal ID..- Specified by:
getRoleById
in interfaceRoleLookupProvider
- Parameters:
realm
- Realm.id
- Internal ID of the role.- Returns:
- Model of the role.
-
getRealmRolesStream
public Stream<RoleModel> getRealmRolesStream(RealmModel realm, Integer first, Integer max)
Description copied from interface:RoleProvider
Returns the realm roles of the given realm as a stream.- Specified by:
getRealmRolesStream
in interfaceRoleProvider
- Parameters:
realm
- Realm.first
- First result to return. Ignored if negative ornull
.max
- Maximum number of results to return. Ignored if negative ornull
.- Returns:
- Stream of the roles. Never returns
null
.
-
getRolesStream
public Stream<RoleModel> getRolesStream(RealmModel realm, Stream<String> ids, String search, Integer first, Integer max)
Description copied from interface:RoleProvider
Returns a paginated stream of roles with given ids and given search value in role names.- Specified by:
getRolesStream
in interfaceRoleProvider
- Parameters:
realm
- Realm. Cannot benull
.ids
- Stream of ids. Returns emptyStream
whennull
.search
- Case-insensitive string to search by role's name or description. Ignored ifnull
.first
- Index of the first result to return. Ignored if negative ornull
.max
- Maximum number of results to return. Ignored if negative ornull
.- Returns:
- Stream of desired roles. Never returns
null
.
-
searchForRolesStream
public Stream<RoleModel> searchForRolesStream(RealmModel realm, String search, Integer first, Integer max)
Obtaining roles from an external role storage is time-bounded. In case the external role storage isn't available at least roles from a local storage are returned. For this purpose theorg.keycloak.services.DefaultKeycloakSessionFactory#getRoleStorageProviderTimeout()
property is used. Default value is 3000 milliseconds and it's configurable. Seeorg.keycloak.services.DefaultKeycloakSessionFactory
for details.- Specified by:
searchForRolesStream
in interfaceRoleLookupProvider
- Parameters:
realm
- Realm.search
- Searched substring of the role's name or description.first
- First result to return. Ignored if negative ornull
.max
- Maximum number of results to return. Ignored if negative ornull
.- Returns:
- Stream of the realm roles their name or description contains given search string.
Never returns
null
.
-
removeRole
public boolean removeRole(RoleModel role)
Description copied from interface:RoleProvider
Removes given realm role from the given realm.- Specified by:
removeRole
in interfaceRoleProvider
- Parameters:
role
- Role to be removed.- Returns:
true
if the role existed and has been removed,false
otherwise.
-
removeRoles
public void removeRoles(RealmModel realm)
Description copied from interface:RoleProvider
Removes all roles from the given realm.- Specified by:
removeRoles
in interfaceRoleProvider
- Parameters:
realm
- Realm.
-
removeRoles
public void removeRoles(ClientModel client)
Description copied from interface:RoleProvider
Removes all roles from the given client.- Specified by:
removeRoles
in interfaceRoleProvider
- Parameters:
client
- Client.
-
addClientRole
public RoleModel addClientRole(ClientModel client, String name)
Description copied from interface:RoleProvider
Adds a client role with givenname
to the given client. The internal ID of the role will be created automatically.- Specified by:
addClientRole
in interfaceRoleProvider
- Parameters:
client
- Client owning this role.name
- String name of the role.- Returns:
- Model of the created role.
-
addClientRole
public RoleModel addClientRole(ClientModel client, String id, String name)
Description copied from interface:RoleProvider
Adds a client role with given internal ID andname
to the given client.- Specified by:
addClientRole
in interfaceRoleProvider
- Parameters:
client
- Client owning this role.id
- Internal ID of the client role ornull
if one is to be created by the underlying store.name
- String name of the role.- Returns:
- Model of the created role.
-
getClientRole
public RoleModel getClientRole(ClientModel client, String name)
Description copied from interface:RoleLookupProvider
Exact search for a client role by given name.- Specified by:
getClientRole
in interfaceRoleLookupProvider
- Parameters:
client
- Client.name
- String name of the role.- Returns:
- Model of the role, or
null
if no role is found.
-
getClientRolesStream
public Stream<RoleModel> getClientRolesStream(ClientModel client)
Description copied from interface:RoleProvider
Returns all the client roles of the given client. Effectively the same as the callgetClientRoles(client, null, null)
.- Specified by:
getClientRolesStream
in interfaceRoleProvider
- Parameters:
client
- Client.- Returns:
- Stream of the roles. Never returns
null
.
-
getClientRolesStream
public Stream<RoleModel> getClientRolesStream(ClientModel client, Integer first, Integer max)
Description copied from interface:RoleProvider
Returns the client roles of the given client.- Specified by:
getClientRolesStream
in interfaceRoleProvider
- Parameters:
client
- Client.first
- First result to return. Ignored if negative ornull
.max
- Maximum number of results to return. Ignored if negative ornull
.- Returns:
- Stream of the roles. Never returns
null
.
-
searchForClientRolesStream
public Stream<RoleModel> searchForClientRolesStream(ClientModel client, String search, Integer first, Integer max)
Obtaining roles from an external role storage is time-bounded. In case the external role storage isn't available at least roles from a local storage are returned. For this purpose theorg.keycloak.services.DefaultKeycloakSessionFactory#getRoleStorageProviderTimeout()} property is used. Default value is 3000 milliseconds and it's configurable. See
org.keycloak.services.DefaultKeycloakSessionFactory
for details.- Specified by:
searchForClientRolesStream
in interfaceRoleLookupProvider
- Parameters:
client
- Client.search
- String to search by role's name or description.first
- First result to return. Ignored if negative ornull
.max
- Maximum number of results to return. Ignored if negative ornull
.- Returns:
- Stream of the client roles their name or description contains given search string.
Never returns
null
.
-
-