Package org.keycloak.storage.jpa
Class JpaUserFederatedStorageProvider
- java.lang.Object
-
- org.keycloak.storage.jpa.JpaUserFederatedStorageProvider
-
- All Implemented Interfaces:
UserCredentialStore
,Provider
,UserAttributeFederatedStorage
,UserAttributeFederatedStorage.Streams
,UserBrokerLinkFederatedStorage
,UserBrokerLinkFederatedStorage.Streams
,UserConsentFederatedStorage
,UserConsentFederatedStorage.Streams
,UserFederatedStorageProvider
,UserFederatedStorageProvider.Streams
,UserFederatedUserCredentialStore
,UserFederatedUserCredentialStore.Streams
,UserGroupMembershipFederatedStorage
,UserGroupMembershipFederatedStorage.Streams
,UserNotBeforeFederatedStorage
,UserRequiredActionsFederatedStorage
,UserRequiredActionsFederatedStorage.Streams
,UserRoleMappingsFederatedStorage
,UserRoleMappingsFederatedStorage.Streams
public class JpaUserFederatedStorageProvider extends Object implements UserFederatedStorageProvider.Streams, UserCredentialStore
- Version:
- $Revision: 1 $
- Author:
- Bill Burke
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.keycloak.storage.federated.UserAttributeFederatedStorage
UserAttributeFederatedStorage.Streams
-
Nested classes/interfaces inherited from interface org.keycloak.storage.federated.UserBrokerLinkFederatedStorage
UserBrokerLinkFederatedStorage.Streams
-
Nested classes/interfaces inherited from interface org.keycloak.storage.federated.UserConsentFederatedStorage
UserConsentFederatedStorage.Streams
-
Nested classes/interfaces inherited from interface org.keycloak.credential.UserCredentialStore
UserCredentialStore.Streams
-
Nested classes/interfaces inherited from interface org.keycloak.storage.federated.UserFederatedStorageProvider
UserFederatedStorageProvider.Streams
-
Nested classes/interfaces inherited from interface org.keycloak.storage.federated.UserFederatedUserCredentialStore
UserFederatedUserCredentialStore.Streams
-
Nested classes/interfaces inherited from interface org.keycloak.storage.federated.UserGroupMembershipFederatedStorage
UserGroupMembershipFederatedStorage.Streams
-
Nested classes/interfaces inherited from interface org.keycloak.storage.federated.UserRequiredActionsFederatedStorage
UserRequiredActionsFederatedStorage.Streams
-
Nested classes/interfaces inherited from interface org.keycloak.storage.federated.UserRoleMappingsFederatedStorage
UserRoleMappingsFederatedStorage.Streams
-
-
Constructor Summary
Constructors Constructor Description JpaUserFederatedStorageProvider(KeycloakSession session, javax.persistence.EntityManager em)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addConsent(RealmModel realm, String userId, UserConsentModel consent)
void
addFederatedIdentity(RealmModel realm, String userId, FederatedIdentityModel link)
void
addRequiredAction(RealmModel realm, String userId, String action)
void
close()
CredentialModel
createCredential(RealmModel realm, String userId, CredentialModel cred)
CredentialModel
createCredential(RealmModel realm, UserModel user, CredentialModel cred)
protected void
createIndex(RealmModel realm, String userId)
We create an entry so that its easy to iterate over all things in the database.void
deleteRoleMapping(RealmModel realm, String userId, RoleModel role)
MultivaluedHashMap<String,String>
getAttributes(RealmModel realm, String userId)
UserConsentModel
getConsentByClient(RealmModel realm, String userId, String clientInternalId)
Stream<UserConsentModel>
getConsentsStream(RealmModel realm, String userId)
Obtains the consents associated with the federated user identified byuserId
.Stream<FederatedIdentityModel>
getFederatedIdentitiesStream(String userId, RealmModel realm)
Obtains the identities of the federated user identified byuserId
.FederatedIdentityModel
getFederatedIdentity(String userId, String socialProvider, RealmModel realm)
Stream<GroupModel>
getGroupsStream(RealmModel realm, String userId)
Obtains the groups associated with the federated user.Stream<String>
getMembershipStream(RealmModel realm, GroupModel group, Integer firstResult, Integer max)
Obtains the federated users that are members of the givengroup
in the specifiedrealm
.int
getNotBeforeOfUser(RealmModel realm, String userId)
Stream<String>
getRequiredActionsStream(RealmModel realm, String userId)
Obtains the names of required actions associated with the federated user identified byuserId
.Stream<RoleModel>
getRoleMappingsStream(RealmModel realm, String userId)
Obtains the roles associated with the federated user identified byuserId
.CredentialModel
getStoredCredentialById(RealmModel realm, String userId, String id)
CredentialModel
getStoredCredentialById(RealmModel realm, UserModel user, String id)
CredentialModel
getStoredCredentialByNameAndType(RealmModel realm, String userId, String name, String type)
CredentialModel
getStoredCredentialByNameAndType(RealmModel realm, UserModel user, String name, String type)
Stream<CredentialModel>
getStoredCredentialsByTypeStream(RealmModel realm, String userId, String type)
Obtains the credentials of typetype
that are associated with the federated user identified byuserId
.Stream<CredentialModel>
getStoredCredentialsByTypeStream(RealmModel realm, UserModel user, String type)
Obtains the stored credentials associated with the specified user that match the specified type.Stream<CredentialModel>
getStoredCredentialsStream(RealmModel realm, String userId)
Obtains the credentials associated with the federated user identified byuserId
.Stream<CredentialModel>
getStoredCredentialsStream(RealmModel realm, UserModel user)
Obtains the stored credentials associated with the specified user.int
getStoredUsersCount(RealmModel realm)
Stream<String>
getStoredUsersStream(RealmModel realm, Integer first, Integer max)
Obtains the ids of all federated users in the realm.String
getUserByFederatedIdentity(FederatedIdentityModel link, RealmModel realm)
Stream<String>
getUsersByUserAttributeStream(RealmModel realm, String name, String value)
Searches for federated users that have an attribute with the specifiedname
andvalue
.void
grantRole(RealmModel realm, String userId, RoleModel role)
void
joinGroup(RealmModel realm, String userId, GroupModel group)
void
leaveGroup(RealmModel realm, String userId, GroupModel group)
boolean
moveCredentialTo(RealmModel realm, UserModel user, String id, String newPreviousCredentialId)
void
preRemove(ClientScopeModel clientScope)
void
preRemove(ProtocolMapperModel protocolMapper)
void
preRemove(RealmModel realm)
void
preRemove(RealmModel realm, ComponentModel model)
void
preRemove(RealmModel realm, ClientModel client)
void
preRemove(RealmModel realm, GroupModel group)
void
preRemove(RealmModel realm, IdentityProviderModel provider)
void
preRemove(RealmModel realm, RoleModel role)
void
preRemove(RealmModel realm, UserModel user)
void
removeAttribute(RealmModel realm, String userId, String name)
boolean
removeFederatedIdentity(RealmModel realm, String userId, String socialProvider)
void
removeRequiredAction(RealmModel realm, String userId, String action)
boolean
removeStoredCredential(RealmModel realm, String userId, String id)
boolean
removeStoredCredential(RealmModel realm, UserModel user, String id)
Removes credential with theid
for theuser
.boolean
revokeConsentForClient(RealmModel realm, String userId, String clientInternalId)
void
setAttribute(RealmModel realm, String userId, String name, List<String> values)
void
setNotBeforeForUser(RealmModel realm, String userId, int notBefore)
void
setSingleAttribute(RealmModel realm, String userId, String name, String value)
protected CredentialModel
toModel(FederatedUserCredentialEntity entity)
void
updateConsent(RealmModel realm, String userId, UserConsentModel consent)
void
updateCredential(RealmModel realm, String userId, CredentialModel cred)
void
updateCredential(RealmModel realm, UserModel user, CredentialModel cred)
void
updateFederatedIdentity(RealmModel realm, String userId, FederatedIdentityModel model)
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.keycloak.storage.federated.UserAttributeFederatedStorage.Streams
getUsersByUserAttribute
-
Methods inherited from interface org.keycloak.storage.federated.UserBrokerLinkFederatedStorage.Streams
getFederatedIdentities
-
Methods inherited from interface org.keycloak.storage.federated.UserConsentFederatedStorage.Streams
getConsents
-
Methods inherited from interface org.keycloak.storage.federated.UserFederatedStorageProvider.Streams
getStoredUsers
-
Methods inherited from interface org.keycloak.storage.federated.UserFederatedUserCredentialStore.Streams
getStoredCredentials, getStoredCredentialsByType
-
Methods inherited from interface org.keycloak.storage.federated.UserGroupMembershipFederatedStorage.Streams
getGroups, getMembership
-
Methods inherited from interface org.keycloak.storage.federated.UserRequiredActionsFederatedStorage.Streams
getRequiredActions
-
Methods inherited from interface org.keycloak.storage.federated.UserRoleMappingsFederatedStorage.Streams
getRoleMappings
-
-
-
-
Constructor Detail
-
JpaUserFederatedStorageProvider
public JpaUserFederatedStorageProvider(KeycloakSession session, javax.persistence.EntityManager em)
-
-
Method Detail
-
createIndex
protected void createIndex(RealmModel realm, String userId)
We create an entry so that its easy to iterate over all things in the database. Specifically useful for export
-
setAttribute
public void setAttribute(RealmModel realm, String userId, String name, List<String> values)
- Specified by:
setAttribute
in interfaceUserAttributeFederatedStorage
-
setSingleAttribute
public void setSingleAttribute(RealmModel realm, String userId, String name, String value)
- Specified by:
setSingleAttribute
in interfaceUserAttributeFederatedStorage
-
removeAttribute
public void removeAttribute(RealmModel realm, String userId, String name)
- Specified by:
removeAttribute
in interfaceUserAttributeFederatedStorage
-
getAttributes
public MultivaluedHashMap<String,String> getAttributes(RealmModel realm, String userId)
- Specified by:
getAttributes
in interfaceUserAttributeFederatedStorage
-
getUsersByUserAttributeStream
public Stream<String> getUsersByUserAttributeStream(RealmModel realm, String name, String value)
Description copied from interface:UserAttributeFederatedStorage
Searches for federated users that have an attribute with the specifiedname
andvalue
.- Specified by:
getUsersByUserAttributeStream
in interfaceUserAttributeFederatedStorage
- Specified by:
getUsersByUserAttributeStream
in interfaceUserAttributeFederatedStorage.Streams
- Parameters:
realm
- a reference to the realm.name
- the attribute name.value
- the attribute value.- Returns:
- a non-null
Stream
of users that match the search criteria.
-
getUserByFederatedIdentity
public String getUserByFederatedIdentity(FederatedIdentityModel link, RealmModel realm)
- Specified by:
getUserByFederatedIdentity
in interfaceUserBrokerLinkFederatedStorage
-
addFederatedIdentity
public void addFederatedIdentity(RealmModel realm, String userId, FederatedIdentityModel link)
- Specified by:
addFederatedIdentity
in interfaceUserBrokerLinkFederatedStorage
-
removeFederatedIdentity
public boolean removeFederatedIdentity(RealmModel realm, String userId, String socialProvider)
- Specified by:
removeFederatedIdentity
in interfaceUserBrokerLinkFederatedStorage
-
preRemove
public void preRemove(RealmModel realm, IdentityProviderModel provider)
- Specified by:
preRemove
in interfaceUserBrokerLinkFederatedStorage
-
updateFederatedIdentity
public void updateFederatedIdentity(RealmModel realm, String userId, FederatedIdentityModel model)
- Specified by:
updateFederatedIdentity
in interfaceUserBrokerLinkFederatedStorage
-
getFederatedIdentitiesStream
public Stream<FederatedIdentityModel> getFederatedIdentitiesStream(String userId, RealmModel realm)
Description copied from interface:UserBrokerLinkFederatedStorage
Obtains the identities of the federated user identified byuserId
.- Specified by:
getFederatedIdentitiesStream
in interfaceUserBrokerLinkFederatedStorage
- Specified by:
getFederatedIdentitiesStream
in interfaceUserBrokerLinkFederatedStorage.Streams
- Parameters:
userId
- the user identifier.realm
- a reference to the realm.- Returns:
- a non-null
Stream
of federated identities associated with the user.
-
getFederatedIdentity
public FederatedIdentityModel getFederatedIdentity(String userId, String socialProvider, RealmModel realm)
- Specified by:
getFederatedIdentity
in interfaceUserBrokerLinkFederatedStorage
-
addConsent
public void addConsent(RealmModel realm, String userId, UserConsentModel consent)
- Specified by:
addConsent
in interfaceUserConsentFederatedStorage
-
getConsentByClient
public UserConsentModel getConsentByClient(RealmModel realm, String userId, String clientInternalId)
- Specified by:
getConsentByClient
in interfaceUserConsentFederatedStorage
-
getConsentsStream
public Stream<UserConsentModel> getConsentsStream(RealmModel realm, String userId)
Description copied from interface:UserConsentFederatedStorage
Obtains the consents associated with the federated user identified byuserId
.- Specified by:
getConsentsStream
in interfaceUserConsentFederatedStorage
- Specified by:
getConsentsStream
in interfaceUserConsentFederatedStorage.Streams
- Parameters:
realm
- a reference to the realm.userId
- the user identifier.- Returns:
- a non-null
Stream
of consents associated with the user.
-
updateConsent
public void updateConsent(RealmModel realm, String userId, UserConsentModel consent)
- Specified by:
updateConsent
in interfaceUserConsentFederatedStorage
-
revokeConsentForClient
public boolean revokeConsentForClient(RealmModel realm, String userId, String clientInternalId)
- Specified by:
revokeConsentForClient
in interfaceUserConsentFederatedStorage
-
setNotBeforeForUser
public void setNotBeforeForUser(RealmModel realm, String userId, int notBefore)
- Specified by:
setNotBeforeForUser
in interfaceUserNotBeforeFederatedStorage
-
getNotBeforeOfUser
public int getNotBeforeOfUser(RealmModel realm, String userId)
- Specified by:
getNotBeforeOfUser
in interfaceUserNotBeforeFederatedStorage
-
getGroupsStream
public Stream<GroupModel> getGroupsStream(RealmModel realm, String userId)
Description copied from interface:UserGroupMembershipFederatedStorage
Obtains the groups associated with the federated user.- Specified by:
getGroupsStream
in interfaceUserGroupMembershipFederatedStorage
- Specified by:
getGroupsStream
in interfaceUserGroupMembershipFederatedStorage.Streams
- Parameters:
realm
- a reference to the realm.userId
- the user identifier.- Returns:
- a non-null
Stream
of groups.
-
joinGroup
public void joinGroup(RealmModel realm, String userId, GroupModel group)
- Specified by:
joinGroup
in interfaceUserGroupMembershipFederatedStorage
-
leaveGroup
public void leaveGroup(RealmModel realm, String userId, GroupModel group)
- Specified by:
leaveGroup
in interfaceUserGroupMembershipFederatedStorage
-
getMembershipStream
public Stream<String> getMembershipStream(RealmModel realm, GroupModel group, Integer firstResult, Integer max)
Description copied from interface:UserGroupMembershipFederatedStorage
Obtains the federated users that are members of the givengroup
in the specifiedrealm
.- Specified by:
getMembershipStream
in interfaceUserGroupMembershipFederatedStorage
- Specified by:
getMembershipStream
in interfaceUserGroupMembershipFederatedStorage.Streams
- Parameters:
realm
- a reference to the realm.group
- a reference to the group whose federated members are being searched.firstResult
- first result to return. Ignored if negative ornull
.max
- maximum number of results to return. Ignored if negative ornull
.- Returns:
- a non-null
Stream
of federated user ids that are members of the group in the realm.
-
getRequiredActionsStream
public Stream<String> getRequiredActionsStream(RealmModel realm, String userId)
Description copied from interface:UserRequiredActionsFederatedStorage
Obtains the names of required actions associated with the federated user identified byuserId
.- Specified by:
getRequiredActionsStream
in interfaceUserRequiredActionsFederatedStorage
- Specified by:
getRequiredActionsStream
in interfaceUserRequiredActionsFederatedStorage.Streams
- Parameters:
realm
- a reference to the realm.userId
- the user identifier.- Returns:
- a non-null
Stream
of required action names.
-
addRequiredAction
public void addRequiredAction(RealmModel realm, String userId, String action)
- Specified by:
addRequiredAction
in interfaceUserRequiredActionsFederatedStorage
-
removeRequiredAction
public void removeRequiredAction(RealmModel realm, String userId, String action)
- Specified by:
removeRequiredAction
in interfaceUserRequiredActionsFederatedStorage
-
grantRole
public void grantRole(RealmModel realm, String userId, RoleModel role)
- Specified by:
grantRole
in interfaceUserRoleMappingsFederatedStorage
-
getRoleMappingsStream
public Stream<RoleModel> getRoleMappingsStream(RealmModel realm, String userId)
Description copied from interface:UserRoleMappingsFederatedStorage
Obtains the roles associated with the federated user identified byuserId
.- Specified by:
getRoleMappingsStream
in interfaceUserRoleMappingsFederatedStorage
- Specified by:
getRoleMappingsStream
in interfaceUserRoleMappingsFederatedStorage.Streams
- Parameters:
realm
- a reference to the realm.userId
- the user identifier.- Returns:
- a non-null
Stream
of roles.
-
deleteRoleMapping
public void deleteRoleMapping(RealmModel realm, String userId, RoleModel role)
- Specified by:
deleteRoleMapping
in interfaceUserRoleMappingsFederatedStorage
-
updateCredential
public void updateCredential(RealmModel realm, String userId, CredentialModel cred)
- Specified by:
updateCredential
in interfaceUserFederatedUserCredentialStore
-
createCredential
public CredentialModel createCredential(RealmModel realm, String userId, CredentialModel cred)
- Specified by:
createCredential
in interfaceUserFederatedUserCredentialStore
-
removeStoredCredential
public boolean removeStoredCredential(RealmModel realm, String userId, String id)
- Specified by:
removeStoredCredential
in interfaceUserFederatedUserCredentialStore
-
getStoredCredentialById
public CredentialModel getStoredCredentialById(RealmModel realm, String userId, String id)
- Specified by:
getStoredCredentialById
in interfaceUserFederatedUserCredentialStore
-
toModel
protected CredentialModel toModel(FederatedUserCredentialEntity entity)
-
getStoredCredentialsStream
public Stream<CredentialModel> getStoredCredentialsStream(RealmModel realm, String userId)
Description copied from interface:UserFederatedUserCredentialStore
Obtains the credentials associated with the federated user identified byuserId
.- Specified by:
getStoredCredentialsStream
in interfaceUserFederatedUserCredentialStore
- Specified by:
getStoredCredentialsStream
in interfaceUserFederatedUserCredentialStore.Streams
- Parameters:
realm
- a reference to the realm.userId
- the user identifier.- Returns:
- a non-null
Stream
of credentials.
-
getStoredCredentialsByTypeStream
public Stream<CredentialModel> getStoredCredentialsByTypeStream(RealmModel realm, String userId, String type)
Description copied from interface:UserFederatedUserCredentialStore
Obtains the credentials of typetype
that are associated with the federated user identified byuserId
.- Specified by:
getStoredCredentialsByTypeStream
in interfaceUserFederatedUserCredentialStore
- Specified by:
getStoredCredentialsByTypeStream
in interfaceUserFederatedUserCredentialStore.Streams
- Parameters:
realm
- a reference to the realm.userId
- the user identifier.type
- the credential type.- Returns:
- a non-null
Stream
of credentials.
-
getStoredCredentialByNameAndType
public CredentialModel getStoredCredentialByNameAndType(RealmModel realm, String userId, String name, String type)
- Specified by:
getStoredCredentialByNameAndType
in interfaceUserFederatedUserCredentialStore
-
getStoredUsersStream
public Stream<String> getStoredUsersStream(RealmModel realm, Integer first, Integer max)
Description copied from interface:UserFederatedStorageProvider
Obtains the ids of all federated users in the realm.- Specified by:
getStoredUsersStream
in interfaceUserFederatedStorageProvider
- Specified by:
getStoredUsersStream
in interfaceUserFederatedStorageProvider.Streams
- Parameters:
realm
- a reference to the realm.first
- first result to return. Ignored if negative ornull
.max
- maximum number of results to return. Ignored if negative ornull
.- Returns:
- a non-null
Stream
of federated user ids.
-
updateCredential
public void updateCredential(RealmModel realm, UserModel user, CredentialModel cred)
- Specified by:
updateCredential
in interfaceUserCredentialStore
-
createCredential
public CredentialModel createCredential(RealmModel realm, UserModel user, CredentialModel cred)
- Specified by:
createCredential
in interfaceUserCredentialStore
-
removeStoredCredential
public boolean removeStoredCredential(RealmModel realm, UserModel user, String id)
Description copied from interface:UserCredentialStore
Removes credential with theid
for theuser
.- Specified by:
removeStoredCredential
in interfaceUserCredentialStore
- Parameters:
realm
- realm.user
- userid
- id- Returns:
true
if the credential was removed,false
otherwise TODO: Make this method return Boolean so that store can return "I don't know" answer, this can be used for example in async stores
-
getStoredCredentialById
public CredentialModel getStoredCredentialById(RealmModel realm, UserModel user, String id)
- Specified by:
getStoredCredentialById
in interfaceUserCredentialStore
-
getStoredCredentialsStream
public Stream<CredentialModel> getStoredCredentialsStream(RealmModel realm, UserModel user)
Description copied from interface:UserCredentialStore
Obtains the stored credentials associated with the specified user.- Specified by:
getStoredCredentialsStream
in interfaceUserCredentialStore
- Parameters:
realm
- a reference to the realm.user
- the user whose credentials are being searched.- Returns:
- a non-null
Stream
of credentials.
-
getStoredCredentialsByTypeStream
public Stream<CredentialModel> getStoredCredentialsByTypeStream(RealmModel realm, UserModel user, String type)
Description copied from interface:UserCredentialStore
Obtains the stored credentials associated with the specified user that match the specified type.- Specified by:
getStoredCredentialsByTypeStream
in interfaceUserCredentialStore
- Parameters:
realm
- a reference to the realm.user
- the user whose credentials are being searched.type
- the type of credentials being searched.- Returns:
- a non-null
Stream
of credentials.
-
getStoredCredentialByNameAndType
public CredentialModel getStoredCredentialByNameAndType(RealmModel realm, UserModel user, String name, String type)
- Specified by:
getStoredCredentialByNameAndType
in interfaceUserCredentialStore
-
moveCredentialTo
public boolean moveCredentialTo(RealmModel realm, UserModel user, String id, String newPreviousCredentialId)
- Specified by:
moveCredentialTo
in interfaceUserCredentialStore
-
getStoredUsersCount
public int getStoredUsersCount(RealmModel realm)
- Specified by:
getStoredUsersCount
in interfaceUserFederatedStorageProvider
-
preRemove
public void preRemove(RealmModel realm)
- Specified by:
preRemove
in interfaceUserFederatedStorageProvider
-
preRemove
public void preRemove(RealmModel realm, RoleModel role)
- Specified by:
preRemove
in interfaceUserFederatedStorageProvider
-
preRemove
public void preRemove(RealmModel realm, GroupModel group)
- Specified by:
preRemove
in interfaceUserFederatedStorageProvider
-
preRemove
public void preRemove(RealmModel realm, ClientModel client)
- Specified by:
preRemove
in interfaceUserFederatedStorageProvider
-
preRemove
public void preRemove(ProtocolMapperModel protocolMapper)
- Specified by:
preRemove
in interfaceUserFederatedStorageProvider
-
preRemove
public void preRemove(ClientScopeModel clientScope)
- Specified by:
preRemove
in interfaceUserFederatedStorageProvider
-
preRemove
public void preRemove(RealmModel realm, UserModel user)
- Specified by:
preRemove
in interfaceUserFederatedStorageProvider
-
preRemove
public void preRemove(RealmModel realm, ComponentModel model)
- Specified by:
preRemove
in interfaceUserFederatedStorageProvider
-
-