Package org.keycloak.storage.jpa
Class JpaUserFederatedStorageProvider
- java.lang.Object
-
- org.keycloak.storage.jpa.JpaUserFederatedStorageProvider
-
- All Implemented Interfaces:
UserCredentialStore,Provider,UserAttributeFederatedStorage,UserAttributeFederatedStorage.Streams,UserBrokerLinkFederatedStorage,UserBrokerLinkFederatedStorage.Streams,UserConsentFederatedStorage,UserConsentFederatedStorage.Streams,UserFederatedStorageProvider,UserFederatedStorageProvider.Streams,UserFederatedUserCredentialStore,UserFederatedUserCredentialStore.Streams,UserGroupMembershipFederatedStorage,UserGroupMembershipFederatedStorage.Streams,UserNotBeforeFederatedStorage,UserRequiredActionsFederatedStorage,UserRequiredActionsFederatedStorage.Streams,UserRoleMappingsFederatedStorage,UserRoleMappingsFederatedStorage.Streams
public class JpaUserFederatedStorageProvider extends Object implements UserFederatedStorageProvider.Streams, UserCredentialStore
- Version:
- $Revision: 1 $
- Author:
- Bill Burke
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.keycloak.storage.federated.UserAttributeFederatedStorage
UserAttributeFederatedStorage.Streams
-
Nested classes/interfaces inherited from interface org.keycloak.storage.federated.UserBrokerLinkFederatedStorage
UserBrokerLinkFederatedStorage.Streams
-
Nested classes/interfaces inherited from interface org.keycloak.storage.federated.UserConsentFederatedStorage
UserConsentFederatedStorage.Streams
-
Nested classes/interfaces inherited from interface org.keycloak.credential.UserCredentialStore
UserCredentialStore.Streams
-
Nested classes/interfaces inherited from interface org.keycloak.storage.federated.UserFederatedStorageProvider
UserFederatedStorageProvider.Streams
-
Nested classes/interfaces inherited from interface org.keycloak.storage.federated.UserFederatedUserCredentialStore
UserFederatedUserCredentialStore.Streams
-
Nested classes/interfaces inherited from interface org.keycloak.storage.federated.UserGroupMembershipFederatedStorage
UserGroupMembershipFederatedStorage.Streams
-
Nested classes/interfaces inherited from interface org.keycloak.storage.federated.UserRequiredActionsFederatedStorage
UserRequiredActionsFederatedStorage.Streams
-
Nested classes/interfaces inherited from interface org.keycloak.storage.federated.UserRoleMappingsFederatedStorage
UserRoleMappingsFederatedStorage.Streams
-
-
Constructor Summary
Constructors Constructor Description JpaUserFederatedStorageProvider(KeycloakSession session, javax.persistence.EntityManager em)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidaddConsent(RealmModel realm, String userId, UserConsentModel consent)voidaddFederatedIdentity(RealmModel realm, String userId, FederatedIdentityModel link)voidaddRequiredAction(RealmModel realm, String userId, String action)voidclose()CredentialModelcreateCredential(RealmModel realm, String userId, CredentialModel cred)CredentialModelcreateCredential(RealmModel realm, UserModel user, CredentialModel cred)protected voidcreateIndex(RealmModel realm, String userId)We create an entry so that its easy to iterate over all things in the database.voiddeleteRoleMapping(RealmModel realm, String userId, RoleModel role)MultivaluedHashMap<String,String>getAttributes(RealmModel realm, String userId)UserConsentModelgetConsentByClient(RealmModel realm, String userId, String clientInternalId)Stream<UserConsentModel>getConsentsStream(RealmModel realm, String userId)Obtains the consents associated with the federated user identified byuserId.Stream<FederatedIdentityModel>getFederatedIdentitiesStream(String userId, RealmModel realm)Obtains the identities of the federated user identified byuserId.FederatedIdentityModelgetFederatedIdentity(String userId, String socialProvider, RealmModel realm)Stream<GroupModel>getGroupsStream(RealmModel realm, String userId)Obtains the groups associated with the federated user.Stream<String>getMembershipStream(RealmModel realm, GroupModel group, Integer firstResult, Integer max)Obtains the federated users that are members of the givengroupin the specifiedrealm.intgetNotBeforeOfUser(RealmModel realm, String userId)Stream<String>getRequiredActionsStream(RealmModel realm, String userId)Obtains the names of required actions associated with the federated user identified byuserId.Stream<RoleModel>getRoleMappingsStream(RealmModel realm, String userId)Obtains the roles associated with the federated user identified byuserId.CredentialModelgetStoredCredentialById(RealmModel realm, String userId, String id)CredentialModelgetStoredCredentialById(RealmModel realm, UserModel user, String id)CredentialModelgetStoredCredentialByNameAndType(RealmModel realm, String userId, String name, String type)CredentialModelgetStoredCredentialByNameAndType(RealmModel realm, UserModel user, String name, String type)Stream<CredentialModel>getStoredCredentialsByTypeStream(RealmModel realm, String userId, String type)Obtains the credentials of typetypethat are associated with the federated user identified byuserId.Stream<CredentialModel>getStoredCredentialsByTypeStream(RealmModel realm, UserModel user, String type)Obtains the stored credentials associated with the specified user that match the specified type.Stream<CredentialModel>getStoredCredentialsStream(RealmModel realm, String userId)Obtains the credentials associated with the federated user identified byuserId.Stream<CredentialModel>getStoredCredentialsStream(RealmModel realm, UserModel user)Obtains the stored credentials associated with the specified user.intgetStoredUsersCount(RealmModel realm)Stream<String>getStoredUsersStream(RealmModel realm, Integer first, Integer max)Obtains the ids of all federated users in the realm.StringgetUserByFederatedIdentity(FederatedIdentityModel link, RealmModel realm)Stream<String>getUsersByUserAttributeStream(RealmModel realm, String name, String value)Searches for federated users that have an attribute with the specifiednameandvalue.voidgrantRole(RealmModel realm, String userId, RoleModel role)voidjoinGroup(RealmModel realm, String userId, GroupModel group)voidleaveGroup(RealmModel realm, String userId, GroupModel group)booleanmoveCredentialTo(RealmModel realm, UserModel user, String id, String newPreviousCredentialId)voidpreRemove(ClientScopeModel clientScope)voidpreRemove(ProtocolMapperModel protocolMapper)voidpreRemove(RealmModel realm)voidpreRemove(RealmModel realm, ComponentModel model)voidpreRemove(RealmModel realm, ClientModel client)voidpreRemove(RealmModel realm, GroupModel group)voidpreRemove(RealmModel realm, IdentityProviderModel provider)voidpreRemove(RealmModel realm, RoleModel role)voidpreRemove(RealmModel realm, UserModel user)voidremoveAttribute(RealmModel realm, String userId, String name)booleanremoveFederatedIdentity(RealmModel realm, String userId, String socialProvider)voidremoveRequiredAction(RealmModel realm, String userId, String action)booleanremoveStoredCredential(RealmModel realm, String userId, String id)booleanremoveStoredCredential(RealmModel realm, UserModel user, String id)Removes credential with theidfor theuser.booleanrevokeConsentForClient(RealmModel realm, String userId, String clientInternalId)voidsetAttribute(RealmModel realm, String userId, String name, List<String> values)voidsetNotBeforeForUser(RealmModel realm, String userId, int notBefore)voidsetSingleAttribute(RealmModel realm, String userId, String name, String value)protected CredentialModeltoModel(FederatedUserCredentialEntity entity)voidupdateConsent(RealmModel realm, String userId, UserConsentModel consent)voidupdateCredential(RealmModel realm, String userId, CredentialModel cred)voidupdateCredential(RealmModel realm, UserModel user, CredentialModel cred)voidupdateFederatedIdentity(RealmModel realm, String userId, FederatedIdentityModel model)-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.keycloak.storage.federated.UserAttributeFederatedStorage.Streams
getUsersByUserAttribute
-
Methods inherited from interface org.keycloak.storage.federated.UserBrokerLinkFederatedStorage.Streams
getFederatedIdentities
-
Methods inherited from interface org.keycloak.storage.federated.UserConsentFederatedStorage.Streams
getConsents
-
Methods inherited from interface org.keycloak.storage.federated.UserFederatedStorageProvider.Streams
getStoredUsers
-
Methods inherited from interface org.keycloak.storage.federated.UserFederatedUserCredentialStore.Streams
getStoredCredentials, getStoredCredentialsByType
-
Methods inherited from interface org.keycloak.storage.federated.UserGroupMembershipFederatedStorage.Streams
getGroups, getMembership
-
Methods inherited from interface org.keycloak.storage.federated.UserRequiredActionsFederatedStorage.Streams
getRequiredActions
-
Methods inherited from interface org.keycloak.storage.federated.UserRoleMappingsFederatedStorage.Streams
getRoleMappings
-
-
-
-
Constructor Detail
-
JpaUserFederatedStorageProvider
public JpaUserFederatedStorageProvider(KeycloakSession session, javax.persistence.EntityManager em)
-
-
Method Detail
-
createIndex
protected void createIndex(RealmModel realm, String userId)
We create an entry so that its easy to iterate over all things in the database. Specifically useful for export
-
setAttribute
public void setAttribute(RealmModel realm, String userId, String name, List<String> values)
- Specified by:
setAttributein interfaceUserAttributeFederatedStorage
-
setSingleAttribute
public void setSingleAttribute(RealmModel realm, String userId, String name, String value)
- Specified by:
setSingleAttributein interfaceUserAttributeFederatedStorage
-
removeAttribute
public void removeAttribute(RealmModel realm, String userId, String name)
- Specified by:
removeAttributein interfaceUserAttributeFederatedStorage
-
getAttributes
public MultivaluedHashMap<String,String> getAttributes(RealmModel realm, String userId)
- Specified by:
getAttributesin interfaceUserAttributeFederatedStorage
-
getUsersByUserAttributeStream
public Stream<String> getUsersByUserAttributeStream(RealmModel realm, String name, String value)
Description copied from interface:UserAttributeFederatedStorageSearches for federated users that have an attribute with the specifiednameandvalue.- Specified by:
getUsersByUserAttributeStreamin interfaceUserAttributeFederatedStorage- Specified by:
getUsersByUserAttributeStreamin interfaceUserAttributeFederatedStorage.Streams- Parameters:
realm- a reference to the realm.name- the attribute name.value- the attribute value.- Returns:
- a non-null
Streamof users that match the search criteria.
-
getUserByFederatedIdentity
public String getUserByFederatedIdentity(FederatedIdentityModel link, RealmModel realm)
- Specified by:
getUserByFederatedIdentityin interfaceUserBrokerLinkFederatedStorage
-
addFederatedIdentity
public void addFederatedIdentity(RealmModel realm, String userId, FederatedIdentityModel link)
- Specified by:
addFederatedIdentityin interfaceUserBrokerLinkFederatedStorage
-
removeFederatedIdentity
public boolean removeFederatedIdentity(RealmModel realm, String userId, String socialProvider)
- Specified by:
removeFederatedIdentityin interfaceUserBrokerLinkFederatedStorage
-
preRemove
public void preRemove(RealmModel realm, IdentityProviderModel provider)
- Specified by:
preRemovein interfaceUserBrokerLinkFederatedStorage
-
updateFederatedIdentity
public void updateFederatedIdentity(RealmModel realm, String userId, FederatedIdentityModel model)
- Specified by:
updateFederatedIdentityin interfaceUserBrokerLinkFederatedStorage
-
getFederatedIdentitiesStream
public Stream<FederatedIdentityModel> getFederatedIdentitiesStream(String userId, RealmModel realm)
Description copied from interface:UserBrokerLinkFederatedStorageObtains the identities of the federated user identified byuserId.- Specified by:
getFederatedIdentitiesStreamin interfaceUserBrokerLinkFederatedStorage- Specified by:
getFederatedIdentitiesStreamin interfaceUserBrokerLinkFederatedStorage.Streams- Parameters:
userId- the user identifier.realm- a reference to the realm.- Returns:
- a non-null
Streamof federated identities associated with the user.
-
getFederatedIdentity
public FederatedIdentityModel getFederatedIdentity(String userId, String socialProvider, RealmModel realm)
- Specified by:
getFederatedIdentityin interfaceUserBrokerLinkFederatedStorage
-
addConsent
public void addConsent(RealmModel realm, String userId, UserConsentModel consent)
- Specified by:
addConsentin interfaceUserConsentFederatedStorage
-
getConsentByClient
public UserConsentModel getConsentByClient(RealmModel realm, String userId, String clientInternalId)
- Specified by:
getConsentByClientin interfaceUserConsentFederatedStorage
-
getConsentsStream
public Stream<UserConsentModel> getConsentsStream(RealmModel realm, String userId)
Description copied from interface:UserConsentFederatedStorageObtains the consents associated with the federated user identified byuserId.- Specified by:
getConsentsStreamin interfaceUserConsentFederatedStorage- Specified by:
getConsentsStreamin interfaceUserConsentFederatedStorage.Streams- Parameters:
realm- a reference to the realm.userId- the user identifier.- Returns:
- a non-null
Streamof consents associated with the user.
-
updateConsent
public void updateConsent(RealmModel realm, String userId, UserConsentModel consent)
- Specified by:
updateConsentin interfaceUserConsentFederatedStorage
-
revokeConsentForClient
public boolean revokeConsentForClient(RealmModel realm, String userId, String clientInternalId)
- Specified by:
revokeConsentForClientin interfaceUserConsentFederatedStorage
-
setNotBeforeForUser
public void setNotBeforeForUser(RealmModel realm, String userId, int notBefore)
- Specified by:
setNotBeforeForUserin interfaceUserNotBeforeFederatedStorage
-
getNotBeforeOfUser
public int getNotBeforeOfUser(RealmModel realm, String userId)
- Specified by:
getNotBeforeOfUserin interfaceUserNotBeforeFederatedStorage
-
getGroupsStream
public Stream<GroupModel> getGroupsStream(RealmModel realm, String userId)
Description copied from interface:UserGroupMembershipFederatedStorageObtains the groups associated with the federated user.- Specified by:
getGroupsStreamin interfaceUserGroupMembershipFederatedStorage- Specified by:
getGroupsStreamin interfaceUserGroupMembershipFederatedStorage.Streams- Parameters:
realm- a reference to the realm.userId- the user identifier.- Returns:
- a non-null
Streamof groups.
-
joinGroup
public void joinGroup(RealmModel realm, String userId, GroupModel group)
- Specified by:
joinGroupin interfaceUserGroupMembershipFederatedStorage
-
leaveGroup
public void leaveGroup(RealmModel realm, String userId, GroupModel group)
- Specified by:
leaveGroupin interfaceUserGroupMembershipFederatedStorage
-
getMembershipStream
public Stream<String> getMembershipStream(RealmModel realm, GroupModel group, Integer firstResult, Integer max)
Description copied from interface:UserGroupMembershipFederatedStorageObtains the federated users that are members of the givengroupin the specifiedrealm.- Specified by:
getMembershipStreamin interfaceUserGroupMembershipFederatedStorage- Specified by:
getMembershipStreamin interfaceUserGroupMembershipFederatedStorage.Streams- Parameters:
realm- a reference to the realm.group- a reference to the group whose federated members are being searched.firstResult- first result to return. Ignored if negative ornull.max- maximum number of results to return. Ignored if negative ornull.- Returns:
- a non-null
Streamof federated user ids that are members of the group in the realm.
-
getRequiredActionsStream
public Stream<String> getRequiredActionsStream(RealmModel realm, String userId)
Description copied from interface:UserRequiredActionsFederatedStorageObtains the names of required actions associated with the federated user identified byuserId.- Specified by:
getRequiredActionsStreamin interfaceUserRequiredActionsFederatedStorage- Specified by:
getRequiredActionsStreamin interfaceUserRequiredActionsFederatedStorage.Streams- Parameters:
realm- a reference to the realm.userId- the user identifier.- Returns:
- a non-null
Streamof required action names.
-
addRequiredAction
public void addRequiredAction(RealmModel realm, String userId, String action)
- Specified by:
addRequiredActionin interfaceUserRequiredActionsFederatedStorage
-
removeRequiredAction
public void removeRequiredAction(RealmModel realm, String userId, String action)
- Specified by:
removeRequiredActionin interfaceUserRequiredActionsFederatedStorage
-
grantRole
public void grantRole(RealmModel realm, String userId, RoleModel role)
- Specified by:
grantRolein interfaceUserRoleMappingsFederatedStorage
-
getRoleMappingsStream
public Stream<RoleModel> getRoleMappingsStream(RealmModel realm, String userId)
Description copied from interface:UserRoleMappingsFederatedStorageObtains the roles associated with the federated user identified byuserId.- Specified by:
getRoleMappingsStreamin interfaceUserRoleMappingsFederatedStorage- Specified by:
getRoleMappingsStreamin interfaceUserRoleMappingsFederatedStorage.Streams- Parameters:
realm- a reference to the realm.userId- the user identifier.- Returns:
- a non-null
Streamof roles.
-
deleteRoleMapping
public void deleteRoleMapping(RealmModel realm, String userId, RoleModel role)
- Specified by:
deleteRoleMappingin interfaceUserRoleMappingsFederatedStorage
-
updateCredential
public void updateCredential(RealmModel realm, String userId, CredentialModel cred)
- Specified by:
updateCredentialin interfaceUserFederatedUserCredentialStore
-
createCredential
public CredentialModel createCredential(RealmModel realm, String userId, CredentialModel cred)
- Specified by:
createCredentialin interfaceUserFederatedUserCredentialStore
-
removeStoredCredential
public boolean removeStoredCredential(RealmModel realm, String userId, String id)
- Specified by:
removeStoredCredentialin interfaceUserFederatedUserCredentialStore
-
getStoredCredentialById
public CredentialModel getStoredCredentialById(RealmModel realm, String userId, String id)
- Specified by:
getStoredCredentialByIdin interfaceUserFederatedUserCredentialStore
-
toModel
protected CredentialModel toModel(FederatedUserCredentialEntity entity)
-
getStoredCredentialsStream
public Stream<CredentialModel> getStoredCredentialsStream(RealmModel realm, String userId)
Description copied from interface:UserFederatedUserCredentialStoreObtains the credentials associated with the federated user identified byuserId.- Specified by:
getStoredCredentialsStreamin interfaceUserFederatedUserCredentialStore- Specified by:
getStoredCredentialsStreamin interfaceUserFederatedUserCredentialStore.Streams- Parameters:
realm- a reference to the realm.userId- the user identifier.- Returns:
- a non-null
Streamof credentials.
-
getStoredCredentialsByTypeStream
public Stream<CredentialModel> getStoredCredentialsByTypeStream(RealmModel realm, String userId, String type)
Description copied from interface:UserFederatedUserCredentialStoreObtains the credentials of typetypethat are associated with the federated user identified byuserId.- Specified by:
getStoredCredentialsByTypeStreamin interfaceUserFederatedUserCredentialStore- Specified by:
getStoredCredentialsByTypeStreamin interfaceUserFederatedUserCredentialStore.Streams- Parameters:
realm- a reference to the realm.userId- the user identifier.type- the credential type.- Returns:
- a non-null
Streamof credentials.
-
getStoredCredentialByNameAndType
public CredentialModel getStoredCredentialByNameAndType(RealmModel realm, String userId, String name, String type)
- Specified by:
getStoredCredentialByNameAndTypein interfaceUserFederatedUserCredentialStore
-
getStoredUsersStream
public Stream<String> getStoredUsersStream(RealmModel realm, Integer first, Integer max)
Description copied from interface:UserFederatedStorageProviderObtains the ids of all federated users in the realm.- Specified by:
getStoredUsersStreamin interfaceUserFederatedStorageProvider- Specified by:
getStoredUsersStreamin interfaceUserFederatedStorageProvider.Streams- Parameters:
realm- a reference to the realm.first- first result to return. Ignored if negative ornull.max- maximum number of results to return. Ignored if negative ornull.- Returns:
- a non-null
Streamof federated user ids.
-
updateCredential
public void updateCredential(RealmModel realm, UserModel user, CredentialModel cred)
- Specified by:
updateCredentialin interfaceUserCredentialStore
-
createCredential
public CredentialModel createCredential(RealmModel realm, UserModel user, CredentialModel cred)
- Specified by:
createCredentialin interfaceUserCredentialStore
-
removeStoredCredential
public boolean removeStoredCredential(RealmModel realm, UserModel user, String id)
Description copied from interface:UserCredentialStoreRemoves credential with theidfor theuser.- Specified by:
removeStoredCredentialin interfaceUserCredentialStore- Parameters:
realm- realm.user- userid- id- Returns:
trueif the credential was removed,falseotherwise TODO: Make this method return Boolean so that store can return "I don't know" answer, this can be used for example in async stores
-
getStoredCredentialById
public CredentialModel getStoredCredentialById(RealmModel realm, UserModel user, String id)
- Specified by:
getStoredCredentialByIdin interfaceUserCredentialStore
-
getStoredCredentialsStream
public Stream<CredentialModel> getStoredCredentialsStream(RealmModel realm, UserModel user)
Description copied from interface:UserCredentialStoreObtains the stored credentials associated with the specified user.- Specified by:
getStoredCredentialsStreamin interfaceUserCredentialStore- Parameters:
realm- a reference to the realm.user- the user whose credentials are being searched.- Returns:
- a non-null
Streamof credentials.
-
getStoredCredentialsByTypeStream
public Stream<CredentialModel> getStoredCredentialsByTypeStream(RealmModel realm, UserModel user, String type)
Description copied from interface:UserCredentialStoreObtains the stored credentials associated with the specified user that match the specified type.- Specified by:
getStoredCredentialsByTypeStreamin interfaceUserCredentialStore- Parameters:
realm- a reference to the realm.user- the user whose credentials are being searched.type- the type of credentials being searched.- Returns:
- a non-null
Streamof credentials.
-
getStoredCredentialByNameAndType
public CredentialModel getStoredCredentialByNameAndType(RealmModel realm, UserModel user, String name, String type)
- Specified by:
getStoredCredentialByNameAndTypein interfaceUserCredentialStore
-
moveCredentialTo
public boolean moveCredentialTo(RealmModel realm, UserModel user, String id, String newPreviousCredentialId)
- Specified by:
moveCredentialToin interfaceUserCredentialStore
-
getStoredUsersCount
public int getStoredUsersCount(RealmModel realm)
- Specified by:
getStoredUsersCountin interfaceUserFederatedStorageProvider
-
preRemove
public void preRemove(RealmModel realm)
- Specified by:
preRemovein interfaceUserFederatedStorageProvider
-
preRemove
public void preRemove(RealmModel realm, RoleModel role)
- Specified by:
preRemovein interfaceUserFederatedStorageProvider
-
preRemove
public void preRemove(RealmModel realm, GroupModel group)
- Specified by:
preRemovein interfaceUserFederatedStorageProvider
-
preRemove
public void preRemove(RealmModel realm, ClientModel client)
- Specified by:
preRemovein interfaceUserFederatedStorageProvider
-
preRemove
public void preRemove(ProtocolMapperModel protocolMapper)
- Specified by:
preRemovein interfaceUserFederatedStorageProvider
-
preRemove
public void preRemove(ClientScopeModel clientScope)
- Specified by:
preRemovein interfaceUserFederatedStorageProvider
-
preRemove
public void preRemove(RealmModel realm, UserModel user)
- Specified by:
preRemovein interfaceUserFederatedStorageProvider
-
preRemove
public void preRemove(RealmModel realm, ComponentModel model)
- Specified by:
preRemovein interfaceUserFederatedStorageProvider
-
-