Class RoleStorageManager

    • Constructor Detail

      • RoleStorageManager

        public RoleStorageManager​(KeycloakSession session,
                                  long roleStorageProviderTimeout)
    • Method Detail

      • isStorageProviderEnabled

        public static boolean isStorageProviderEnabled​(RealmModel realm,
                                                       String providerId)
      • addRealmRole

        public RoleModel addRealmRole​(RealmModel realm,
                                      String name)
        Description copied from interface: RoleProvider
        Adds a realm role with given name to the given realm. The internal ID of the role will be created automatically.
        Specified by:
        addRealmRole in interface RoleProvider
        Parameters:
        realm - Realm owning this role.
        name - String name of the role.
        Returns:
        Model of the created role.
      • addRealmRole

        public RoleModel addRealmRole​(RealmModel realm,
                                      String id,
                                      String name)
        Description copied from interface: RoleProvider
        Adds a realm role with given internal ID and name to the given realm.
        Specified by:
        addRealmRole in interface RoleProvider
        Parameters:
        realm - Realm owning this role.
        id - Internal ID of the role or null if one is to be created by the underlying store
        name - String name of the role.
        Returns:
        Model of the created client.
      • getRealmRolesStream

        public Stream<RoleModel> getRealmRolesStream​(RealmModel realm,
                                                     Integer first,
                                                     Integer max)
        Description copied from interface: RoleProvider
        Returns the realm roles of the given realm as a stream.
        Specified by:
        getRealmRolesStream in interface RoleProvider
        Parameters:
        realm - Realm.
        first - First result to return. Ignored if negative or null.
        max - Maximum number of results to return. Ignored if negative or null.
        Returns:
        Stream of the roles. Never returns null.
      • getRolesStream

        public Stream<RoleModel> getRolesStream​(RealmModel realm,
                                                Stream<String> ids,
                                                String search,
                                                Integer first,
                                                Integer max)
        Description copied from interface: RoleProvider
        Returns a paginated stream of roles with given ids and given search value in role names.
        Specified by:
        getRolesStream in interface RoleProvider
        Parameters:
        realm - Realm. Cannot be null.
        ids - Stream of ids. Returns empty Stream when null.
        search - Case-insensitive string to search by role's name or description. Ignored if null.
        first - Index of the first result to return. Ignored if negative or null.
        max - Maximum number of results to return. Ignored if negative or null.
        Returns:
        Stream of desired roles. Never returns null.
      • searchForRolesStream

        public Stream<RoleModel> searchForRolesStream​(RealmModel realm,
                                                      String search,
                                                      Integer first,
                                                      Integer max)
        Obtaining roles from an external role storage is time-bounded. In case the external role storage isn't available at least roles from a local storage are returned. For this purpose the org.keycloak.services.DefaultKeycloakSessionFactory#getRoleStorageProviderTimeout() property is used. Default value is 3000 milliseconds and it's configurable. See org.keycloak.services.DefaultKeycloakSessionFactory for details.
        Specified by:
        searchForRolesStream in interface RoleLookupProvider
        Parameters:
        realm - Realm.
        search - Searched substring of the role's name or description.
        first - First result to return. Ignored if negative or null.
        max - Maximum number of results to return. Ignored if negative or null.
        Returns:
        Stream of the realm roles their name or description contains given search string. Never returns null.
      • removeRole

        public boolean removeRole​(RoleModel role)
        Description copied from interface: RoleProvider
        Removes given realm role from the given realm.
        Specified by:
        removeRole in interface RoleProvider
        Parameters:
        role - Role to be removed.
        Returns:
        true if the role existed and has been removed, false otherwise.
      • removeRoles

        public void removeRoles​(RealmModel realm)
        Description copied from interface: RoleProvider
        Removes all roles from the given realm.
        Specified by:
        removeRoles in interface RoleProvider
        Parameters:
        realm - Realm.
      • removeRoles

        public void removeRoles​(ClientModel client)
        Description copied from interface: RoleProvider
        Removes all roles from the given client.
        Specified by:
        removeRoles in interface RoleProvider
        Parameters:
        client - Client.
      • addClientRole

        public RoleModel addClientRole​(ClientModel client,
                                       String name)
        Description copied from interface: RoleProvider
        Adds a client role with given name to the given client. The internal ID of the role will be created automatically.
        Specified by:
        addClientRole in interface RoleProvider
        Parameters:
        client - Client owning this role.
        name - String name of the role.
        Returns:
        Model of the created role.
      • addClientRole

        public RoleModel addClientRole​(ClientModel client,
                                       String id,
                                       String name)
        Description copied from interface: RoleProvider
        Adds a client role with given internal ID and name to the given client.
        Specified by:
        addClientRole in interface RoleProvider
        Parameters:
        client - Client owning this role.
        id - Internal ID of the client role or null if one is to be created by the underlying store.
        name - String name of the role.
        Returns:
        Model of the created role.
      • getClientRolesStream

        public Stream<RoleModel> getClientRolesStream​(ClientModel client)
        Description copied from interface: RoleProvider
        Returns all the client roles of the given client. Effectively the same as the call getClientRoles(client, null, null).
        Specified by:
        getClientRolesStream in interface RoleProvider
        Parameters:
        client - Client.
        Returns:
        Stream of the roles. Never returns null.
      • getClientRolesStream

        public Stream<RoleModel> getClientRolesStream​(ClientModel client,
                                                      Integer first,
                                                      Integer max)
        Description copied from interface: RoleProvider
        Returns the client roles of the given client.
        Specified by:
        getClientRolesStream in interface RoleProvider
        Parameters:
        client - Client.
        first - First result to return. Ignored if negative or null.
        max - Maximum number of results to return. Ignored if negative or null.
        Returns:
        Stream of the roles. Never returns null.
      • searchForClientRolesStream

        public Stream<RoleModel> searchForClientRolesStream​(ClientModel client,
                                                            String search,
                                                            Integer first,
                                                            Integer max)
        Obtaining roles from an external role storage is time-bounded. In case the external role storage isn't available at least roles from a local storage are returned. For this purpose the org.keycloak.services.DefaultKeycloakSessionFactory#getRoleStorageProviderTimeout()} property is used. Default value is 3000 milliseconds and it's configurable. See org.keycloak.services.DefaultKeycloakSessionFactory for details.
        Specified by:
        searchForClientRolesStream in interface RoleLookupProvider
        Parameters:
        client - Client.
        search - String to search by role's name or description.
        first - First result to return. Ignored if negative or null.
        max - Maximum number of results to return. Ignored if negative or null.
        Returns:
        Stream of the client roles their name or description contains given search string. Never returns null.
      • close

        public void close()
        Specified by:
        close in interface Provider