Package org.keycloak.storage
Class UserStorageManager
java.lang.Object
org.keycloak.storage.AbstractStorageManager<UserStorageProvider,UserStorageProviderModel>
org.keycloak.storage.UserStorageManager
- All Implemented Interfaces:
OnUserCache
,UserProvider
,Provider
,OnCreateComponent
,OnUpdateComponent
,UserBulkUpdateProvider
,UserCountMethodsProvider
,UserLookupProvider
,UserQueryMethodsProvider
,UserQueryProvider
,UserRegistrationProvider
,UserProfileDecorator
public class UserStorageManager
extends AbstractStorageManager<UserStorageProvider,UserStorageProviderModel>
implements UserProvider, OnUserCache, OnCreateComponent, OnUpdateComponent, UserProfileDecorator
- Version:
- $Revision: 1 $
- Author:
- Bill Burke
-
Field Summary
Fields inherited from class org.keycloak.storage.AbstractStorageManager
session
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
addConsent
(RealmModel realm, String userId, UserConsentModel consent) Add user consent for the user.void
addFederatedIdentity
(RealmModel realm, UserModel user, FederatedIdentityModel socialLink) Adds a federated identity link for the user within the realmaddUser
(RealmModel realm, String username) UserRegistrationProvider
methods implementations start hereaddUser
(RealmModel realm, String id, String username, boolean addDefaultRoles, boolean addDefaultRequiredActions) UserStorageProvider
methods implementation end hereUserProvider
methods implementations start here -> no StorageProviders involvedvoid
close()
UserProvider
methods implementations end heredecorateUserProfile
(String providerId, UserProfileMetadata metadata) Decorates user profile with additional metadata.protected void
deleteInvalidUser
(RealmModel realm, UserModel user) getConsentByClient
(RealmModel realm, String userId, String clientInternalId) Returns UserConsentModel given by a user with the userId for the client with clientInternalIdgetConsentsStream
(RealmModel realm, String userId) Obtains the consents associated with the user identified by the specifieduserId
.getFederatedIdentitiesStream
(RealmModel realm, UserModel user) Obtains the federated identities of the specified user.getFederatedIdentity
(RealmModel realm, UserModel user, String socialProvider) Returns details of the association between the user and the socialProvider.getGroupMembersStream
(RealmModel realm, GroupModel group, Integer firstResult, Integer maxResults) UserLookupProvider
methods implementations end hereUserQueryProvider
methods implementation start hereint
getNotBeforeOfUser
(RealmModel realm, UserModel user) Gets the notBefore value for the given usergetRoleMembersStream
(RealmModel realm, RoleModel role, Integer firstResult, Integer maxResults) Searches for users that have the specified role.getServiceAccount
(ClientModel client) Return a UserModel representing service account of the clientgetUserByCredential
(RealmModel realm, CredentialInput input) getUserByEmail
(RealmModel realm, String email) Returns a user with the given email belonging to the realmgetUserByFederatedIdentity
(RealmModel realm, FederatedIdentityModel socialLink) Returns a userModel that corresponds to the given socialLink.getUserById
(RealmModel realm, String id) UserRegistrationProvider
methods implementations end hereUserLookupProvider
methods implementations start heregetUserByUsername
(RealmModel realm, String username) Exact search for a user by its username.int
getUsersCount
(RealmModel realm) Returns the number of users, without consider any service account.int
getUsersCount
(RealmModel realm, boolean includeServiceAccount) Returns the number of users.int
getUsersCount
(RealmModel realm, String search) Returns the number of users that would be returned by a call tosearchForUserStream
int
getUsersCount
(RealmModel realm, String search, Set<String> groupIds) Returns the number of users that would be returned by a call tosearchForUserStream
and are members of at least one of the groups given by thegroupIds
set.int
getUsersCount
(RealmModel realm, Map<String, String> params) Returns the number of users that match the given filter parameters.int
getUsersCount
(RealmModel realm, Map<String, String> params, Set<String> groupIds) Returns the number of users that match the given filter parameters and is in at least one of the given groups.int
getUsersCount
(RealmModel realm, Set<String> groupIds) Returns the number of users that are in at least one of the groups given.void
grantToAllUsers
(RealmModel realm, RoleModel role) UserQueryProvider
methods implementation end hereUserBulkUpdateProvider
methods implementation start hereimportValidation
(RealmModel realm, Stream<UserModel> users) protected UserModel
importValidation
(RealmModel realm, UserModel user) Allows a UserStorageProvider to proxy and/or synchronize an imported user.protected UserProvider
void
onCache
(RealmModel realm, CachedUserModel user, UserModel delegate) void
onCreate
(KeycloakSession session, RealmModel realm, ComponentModel model) void
onUpdate
(KeycloakSession session, RealmModel realm, ComponentModel oldModel, ComponentModel newModel) void
preRemove
(ClientScopeModel clientScope) Called when a client scope is removed.void
preRemove
(ProtocolMapperModel protocolMapper) Called when a protocolMapper is removedvoid
preRemove
(RealmModel realm) UserBulkUpdateProvider
methods implementation end hereUserStorageProvider
methods implementations start here -> no StorageProviders involvedvoid
preRemove
(RealmModel realm, ComponentModel component) Called when a component is removed.void
preRemove
(RealmModel realm, ClientModel client) Called when a client is removed.void
preRemove
(RealmModel realm, GroupModel group) Called when a group is removed.void
preRemove
(RealmModel realm, IdentityProviderModel provider) Called when an identity provider is removed.void
preRemove
(RealmModel realm, RoleModel role) Called when a role is removed.query
(org.keycloak.storage.UserStorageManager.PaginatedQuery pagedQuery, RealmModel realm, Integer firstResult, Integer maxResults) query
(org.keycloak.storage.UserStorageManager.PaginatedQuery pagedQuery, org.keycloak.storage.UserStorageManager.CountQuery countQuery, RealmModel realm, Integer firstResult, Integer maxResults) boolean
removeFederatedIdentity
(RealmModel realm, UserModel user, String socialProvider) Removes federation link between the user and the identity provider given by its idvoid
removeImportedUsers
(RealmModel realm, String storageProviderId) Removes any imported users from a specific User Storage Provider.boolean
removeUser
(RealmModel realm, UserModel user) Called if user originated from this provider.boolean
revokeConsentForClient
(RealmModel realm, String userId, String clientInternalId) Remove a user consent given by the user id and client idsearchForUserByUserAttributeStream
(RealmModel realm, String attrName, String attrValue) Searches for users that have a specific attribute with a specific value.searchForUserStream
(RealmModel realm, Map<String, String> attributes, Integer firstResult, Integer maxResults) Searches for user by parameter.void
setNotBeforeForUser
(RealmModel realm, UserModel user, int notBefore) Sets the notBefore value for the given uservoid
unlinkUsers
(RealmModel realm, String storageProviderId) Set federation link tonull
to imported users of a specific User Storage Providervoid
updateConsent
(RealmModel realm, String userId, UserConsentModel consent) Update client scopes in the stored user consentvoid
updateFederatedIdentity
(RealmModel realm, UserModel federatedUser, FederatedIdentityModel federatedIdentityModel) Update details of association between the federatedUser and the idp given by the federatedIdentityModelMethods inherited from class org.keycloak.storage.AbstractStorageManager
consumeEnabledStorageProvidersWithTimeout, flatMapEnabledStorageProvidersWithTimeout, getEnabledStorageProviders, getStorageProviderFactory, getStorageProviderInstance, getStorageProviderInstance, getStorageProviderInstance, getStorageProviderInstance, getStorageProviderModel, getStorageProviderModels, getStorageProviderTimeout, mapEnabledStorageProvidersWithTimeout
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.keycloak.storage.user.UserQueryMethodsProvider
getGroupMembersStream, getRoleMembersStream, searchForUserStream, searchForUserStream, searchForUserStream
-
Constructor Details
-
UserStorageManager
-
-
Method Details
-
localStorage
-
importValidation
Allows a UserStorageProvider to proxy and/or synchronize an imported user.- Parameters:
realm
-user
-- Returns:
-
getUserByCredential
- Specified by:
getUserByCredential
in interfaceUserLookupProvider
-
deleteInvalidUser
-
importValidation
-
query
protected Stream<UserModel> query(org.keycloak.storage.UserStorageManager.PaginatedQuery pagedQuery, RealmModel realm, Integer firstResult, Integer maxResults) -
query
protected Stream<UserModel> query(org.keycloak.storage.UserStorageManager.PaginatedQuery pagedQuery, org.keycloak.storage.UserStorageManager.CountQuery countQuery, RealmModel realm, Integer firstResult, Integer maxResults) -
addUser
UserRegistrationProvider
methods implementations start here- Specified by:
addUser
in interfaceUserRegistrationProvider
- Parameters:
realm
- a reference to the realmusername
- a username the created user will be assigned- Returns:
- a model of created user
-
removeUser
Description copied from interface:UserRegistrationProvider
Called if user originated from this provider. If a local user is linked to this provider, this method will be called before local storage's removeUser() method is invoked. If you are using an import strategy, and this is a local user linked to this provider, this method will be called before local storage's removeUser() method is invoked. Also, you DO NOT need to remove the imported user. The runtime will handle this for you.- Specified by:
removeUser
in interfaceUserRegistrationProvider
- Parameters:
realm
- a reference to the realmuser
- a reference to the user that is removed- Returns:
- true if the user was removed, false otherwise
-
getUserById
UserRegistrationProvider
methods implementations end hereUserLookupProvider
methods implementations start here- Specified by:
getUserById
in interfaceUserLookupProvider
- Parameters:
realm
- the realm modelid
- id of the user- Returns:
- found user model, or
null
if no such user exists
-
getUserByUsername
Description copied from interface:UserLookupProvider
Exact search for a user by its username. Returns a user with the given username belonging to the realm- Specified by:
getUserByUsername
in interfaceUserLookupProvider
- Parameters:
realm
- the realm modelusername
- (case-sensitivity is controlled by storage)- Returns:
- found user model, or
null
if no such user exists
-
getUserByEmail
Description copied from interface:UserLookupProvider
Returns a user with the given email belonging to the realm- Specified by:
getUserByEmail
in interfaceUserLookupProvider
- Parameters:
realm
- the realm modelemail
- email address- Returns:
- found user model, or
null
if no such user exists
-
getGroupMembersStream
public Stream<UserModel> getGroupMembersStream(RealmModel realm, GroupModel group, Integer firstResult, Integer maxResults) UserLookupProvider
methods implementations end hereUserQueryProvider
methods implementation start here- Specified by:
getGroupMembersStream
in interfaceUserQueryMethodsProvider
- Parameters:
realm
- a reference to the realm.group
- a reference to the group.firstResult
- first result to return. Ignored if negative, zero, ornull
.maxResults
- maximum number of results to return. Ignored if negative ornull
.- Returns:
- a non-null
Stream
of users that belong to the group.
-
getRoleMembersStream
public Stream<UserModel> getRoleMembersStream(RealmModel realm, RoleModel role, Integer firstResult, Integer maxResults) Description copied from interface:UserQueryMethodsProvider
Searches for users that have the specified role.- Specified by:
getRoleMembersStream
in interfaceUserQueryMethodsProvider
- Parameters:
realm
- a reference to the realm.role
- a reference to the role.firstResult
- first result to return. Ignored if negative ornull
.maxResults
- maximum number of results to return. Ignored if negative ornull
.- Returns:
- a non-null
Stream
of users that have the specified role.
-
getUsersCount
Description copied from interface:UserCountMethodsProvider
Returns the number of users.- Specified by:
getUsersCount
in interfaceUserCountMethodsProvider
- Parameters:
realm
- the realmincludeServiceAccount
- if true, the number of users will also include service accounts. Otherwise, only the number of users.- Returns:
- the number of users
-
getUsersCount
Description copied from interface:UserCountMethodsProvider
Returns the number of users, without consider any service account.- Specified by:
getUsersCount
in interfaceUserCountMethodsProvider
- Parameters:
realm
- the realm- Returns:
- the number of users
-
getUsersCount
Description copied from interface:UserCountMethodsProvider
Returns the number of users that are in at least one of the groups given.- Specified by:
getUsersCount
in interfaceUserCountMethodsProvider
- Parameters:
realm
- the realmgroupIds
- set of groups IDs, the returned user needs to belong to at least one of them- Returns:
- the number of users that are in at least one of the groups
-
getUsersCount
Description copied from interface:UserCountMethodsProvider
Returns the number of users that would be returned by a call tosearchForUserStream
- Specified by:
getUsersCount
in interfaceUserCountMethodsProvider
- Parameters:
realm
- the realmsearch
- case insensitive list of strings separated by whitespaces.- Returns:
- number of users that match the search
-
getUsersCount
Description copied from interface:UserCountMethodsProvider
Returns the number of users that would be returned by a call tosearchForUserStream
and are members of at least one of the groups given by thegroupIds
set.- Specified by:
getUsersCount
in interfaceUserCountMethodsProvider
- Parameters:
realm
- the realmsearch
- case insensitive list of strings separated by whitespaces.groupIds
- set of groups IDs, the returned user needs to belong to at least one of them- Returns:
- number of users that match the search and given groups
-
getUsersCount
Description copied from interface:UserCountMethodsProvider
Returns the number of users that match the given filter parameters.- Specified by:
getUsersCount
in interfaceUserCountMethodsProvider
- Parameters:
realm
- the realmparams
- filter parameters- Returns:
- number of users that match the given filters
-
getUsersCount
Description copied from interface:UserCountMethodsProvider
Returns the number of users that match the given filter parameters and is in at least one of the given groups.- Specified by:
getUsersCount
in interfaceUserCountMethodsProvider
- Parameters:
realm
- the realmparams
- filter parametersgroupIds
- set if groups to check for- Returns:
- number of users that match the given filters and groups
-
searchForUserStream
public Stream<UserModel> searchForUserStream(RealmModel realm, Map<String, String> attributes, Integer firstResult, Integer maxResults) Description copied from interface:UserQueryMethodsProvider
Searches for user by parameter. If possible, implementations should treat the parameter values as partial match patterns (i.e. in RDMBS terms use LIKE). Valid parameters are:UserModel.SEARCH
- search for users whose username, email, first name or last name contain any of the strings insearch
separated by whitespace, whenSEARCH
is set all other params are ignoredUserModel.FIRST_NAME
- first name (case insensitive string)UserModel.LAST_NAME
- last name (case insensitive string)UserModel.EMAIL
- email (case insensitive string)UserModel.USERNAME
- username (case insensitive string)UserModel.EXACT
- whether search with FIRST_NAME, LAST_NAME, USERNAME or EMAIL should be exact matchUserModel.EMAIL_VERIFIED
- search only for users with verified/non-verified email (true/false)UserModel.ENABLED
- search only for enabled/disabled users (true/false)UserModel.IDP_ALIAS
- search only for users that have a federated identity from idp with the given alias configured (case sensitive string)UserModel.IDP_USER_ID
- search for users with federated identity with the given userId (case sensitive string)
Any other parameters will be treated as custom user attributes.
This method is used by the REST API when querying users.
- Specified by:
searchForUserStream
in interfaceUserQueryMethodsProvider
- Parameters:
realm
- a reference to the realm.attributes
- a map containing the search parameters.firstResult
- first result to return. Ignored if negative, zero, ornull
.maxResults
- maximum number of results to return. Ignored if negative ornull
.- Returns:
- a non-null
Stream
of users that match the search criteria.
-
searchForUserByUserAttributeStream
public Stream<UserModel> searchForUserByUserAttributeStream(RealmModel realm, String attrName, String attrValue) Description copied from interface:UserQueryMethodsProvider
Searches for users that have a specific attribute with a specific value.- Specified by:
searchForUserByUserAttributeStream
in interfaceUserQueryMethodsProvider
- Parameters:
realm
- a reference to the realm.attrName
- the attribute name.attrValue
- the attribute value.- Returns:
- a non-null
Stream
of users that match the search criteria.
-
grantToAllUsers
UserQueryProvider
methods implementation end hereUserBulkUpdateProvider
methods implementation start here- Specified by:
grantToAllUsers
in interfaceUserBulkUpdateProvider
- Parameters:
realm
- Realmrole
- Role to be granted
-
preRemove
UserBulkUpdateProvider
methods implementation end hereUserStorageProvider
methods implementations start here -> no StorageProviders involved- Specified by:
preRemove
in interfaceUserProvider
- Parameters:
realm
- a reference to the realm
-
preRemove
Description copied from interface:UserProvider
Called when a group is removed. Should remove the group membership for each user.- Specified by:
preRemove
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmgroup
- the group model
-
preRemove
Description copied from interface:UserProvider
Called when a role is removed. Should remove the role membership for each user.- Specified by:
preRemove
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmrole
- the role model
-
addUser
public UserModel addUser(RealmModel realm, String id, String username, boolean addDefaultRoles, boolean addDefaultRequiredActions) UserStorageProvider
methods implementation end hereUserProvider
methods implementations start here -> no StorageProviders involved- Specified by:
addUser
in interfaceUserProvider
- Parameters:
realm
- the realm that user will be created inid
- id of the new user. Should be generated to a random value ifnull
.username
- usernameaddDefaultRoles
- iftrue
, the user should join all realm default rolesaddDefaultRequiredActions
- iftrue
, all default required actions are added to the created user- Returns:
- model of created user
-
addFederatedIdentity
public void addFederatedIdentity(RealmModel realm, UserModel user, FederatedIdentityModel socialLink) Description copied from interface:UserProvider
Adds a federated identity link for the user within the realm- Specified by:
addFederatedIdentity
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmuser
- the user modelsocialLink
- the federated identity model containing all details of the association between the user and the identity provider
-
updateFederatedIdentity
public void updateFederatedIdentity(RealmModel realm, UserModel federatedUser, FederatedIdentityModel federatedIdentityModel) Description copied from interface:UserProvider
Update details of association between the federatedUser and the idp given by the federatedIdentityModel- Specified by:
updateFederatedIdentity
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmfederatedUser
- the user modelfederatedIdentityModel
- the federated identity model containing all details of the association between the user and the identity provider
-
removeFederatedIdentity
Description copied from interface:UserProvider
Removes federation link between the user and the identity provider given by its id- Specified by:
removeFederatedIdentity
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmuser
- the user modelsocialProvider
- alias of the identity provider, seeIdentityProviderModel.getAlias()
- Returns:
true
if the association was removed,false
otherwise TODO: Make this method return Boolean so that store can return "I don't know" answer, this can be used for example in async stores
-
preRemove
Description copied from interface:UserProvider
Called when an identity provider is removed. Should remove all federated identities assigned to users from the provider.- Specified by:
preRemove
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmprovider
- provider model
-
addConsent
Description copied from interface:UserProvider
Add user consent for the user.- Specified by:
addConsent
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmuserId
- id of the userconsent
- all details corresponding to the granted consent
-
getConsentByClient
public UserConsentModel getConsentByClient(RealmModel realm, String userId, String clientInternalId) Description copied from interface:UserProvider
Returns UserConsentModel given by a user with the userId for the client with clientInternalId- Specified by:
getConsentByClient
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmuserId
- id of the userclientInternalId
- id of the client- Returns:
- consent given by the user to the client or
null
if no consent or user exists
-
getConsentsStream
Description copied from interface:UserProvider
Obtains the consents associated with the user identified by the specifieduserId
.- Specified by:
getConsentsStream
in interfaceUserProvider
- Parameters:
realm
- a reference to the realm.userId
- the user identifier.- Returns:
- a non-null
Stream
of consents associated with the user.
-
updateConsent
Description copied from interface:UserProvider
Update client scopes in the stored user consent- Specified by:
updateConsent
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmuserId
- id of the userconsent
- new details of the user consent
-
revokeConsentForClient
Description copied from interface:UserProvider
Remove a user consent given by the user id and client id- Specified by:
revokeConsentForClient
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmuserId
- id of the userclientInternalId
- id of the client- Returns:
true
if the consent was removed,false
otherwise TODO: Make this method return Boolean so that store can return "I don't know" answer, this can be used for example in async stores
-
setNotBeforeForUser
Description copied from interface:UserProvider
Sets the notBefore value for the given user- Specified by:
setNotBeforeForUser
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmuser
- the user modelnotBefore
- new value for notBefore
-
getNotBeforeOfUser
Description copied from interface:UserProvider
Gets the notBefore value for the given user- Specified by:
getNotBeforeOfUser
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmuser
- the user model- Returns:
- the value of notBefore
-
getUserByFederatedIdentity
Description copied from interface:UserProvider
Returns a userModel that corresponds to the given socialLink.- Specified by:
getUserByFederatedIdentity
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmsocialLink
- the socialLink- Returns:
- the user corresponding to socialLink and
null
if no such user exists
-
getServiceAccount
Description copied from interface:UserProvider
Return a UserModel representing service account of the client- Specified by:
getServiceAccount
in interfaceUserProvider
- Parameters:
client
- the client model- Returns:
- userModel representing service account of the client
-
getFederatedIdentitiesStream
public Stream<FederatedIdentityModel> getFederatedIdentitiesStream(RealmModel realm, UserModel user) Description copied from interface:UserProvider
Obtains the federated identities of the specified user.- Specified by:
getFederatedIdentitiesStream
in interfaceUserProvider
- Parameters:
realm
- a reference to the realm.user
- the reference to the user.- Returns:
- a non-null
Stream
of federated identities associated with the user.
-
getFederatedIdentity
public FederatedIdentityModel getFederatedIdentity(RealmModel realm, UserModel user, String socialProvider) Description copied from interface:UserProvider
Returns details of the association between the user and the socialProvider.- Specified by:
getFederatedIdentity
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmuser
- the user modelsocialProvider
- the id of the identity provider- Returns:
- federatedIdentityModel or
null
if no association exists
-
preRemove
Description copied from interface:UserProvider
Called when a client is removed. Should remove all user consents associated with the client- Specified by:
preRemove
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmclient
- the client model
-
preRemove
Description copied from interface:UserProvider
Called when a protocolMapper is removed- Specified by:
preRemove
in interfaceUserProvider
- Parameters:
protocolMapper
- the protocolMapper model
-
preRemove
Description copied from interface:UserProvider
Called when a client scope is removed. Should remove the clientScope from each user consent- Specified by:
preRemove
in interfaceUserProvider
- Parameters:
clientScope
- the clientScope model
-
preRemove
Description copied from interface:UserProvider
Called when a component is removed. Should remove all data in UserStorage associated with removed component. For example,- if component corresponds to UserStorageProvider all imported users from the provider should be removed,
- if component corresponds to ClientStorageProvider all consents granted for clients imported from the provider should be removed
- Specified by:
preRemove
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmcomponent
- the component model
-
removeImportedUsers
Description copied from interface:UserProvider
Removes any imported users from a specific User Storage Provider.- Specified by:
removeImportedUsers
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmstorageProviderId
- id of the user storage provider
-
unlinkUsers
Description copied from interface:UserProvider
Set federation link tonull
to imported users of a specific User Storage Provider- Specified by:
unlinkUsers
in interfaceUserProvider
- Parameters:
realm
- a reference to the realmstorageProviderId
- id of the storage provider
-
close
public void close()UserProvider
methods implementations end here -
onCreate
- Specified by:
onCreate
in interfaceOnCreateComponent
-
onUpdate
public void onUpdate(KeycloakSession session, RealmModel realm, ComponentModel oldModel, ComponentModel newModel) - Specified by:
onUpdate
in interfaceOnUpdateComponent
-
onCache
- Specified by:
onCache
in interfaceOnUserCache
-
decorateUserProfile
Description copied from interface:UserProfileDecorator
Decorates user profile with additional metadata. For instance, metadata attributes, which are available just for your user-storage provider can be added there, so they are available just for the users coming from your provider.
This method is invoked every time a user is being managed through a user profile provider.
- Specified by:
decorateUserProfile
in interfaceUserProfileDecorator
- Parameters:
providerId
- the id of the user storage provider to which the user is associated withmetadata
- the currentUserProfileMetadata
for the current realm- Returns:
- a list of attribute metadata.The
AttributeMetadata
returned from this method overrides any other metadata already set inmetadata
for a given attribute.
-