Class AuthorizationProvider

java.lang.Object
org.keycloak.authorization.AuthorizationProvider
All Implemented Interfaces:
Provider

public final class AuthorizationProvider extends Object implements Provider

The main contract here is the creation of PermissionEvaluator instances. Usually an application has a single AuthorizationProvider instance and threads servicing client requests obtain PermissionEvaluator from the evaluators() method.

The internal state of a AuthorizationProvider is immutable. This internal state includes all of the metadata used during the evaluation of policies.

Once created, PermissionEvaluator instances can be obtained from the evaluators() method:

     List permissionsToEvaluate = getPermissions(); // the permissions to evaluate
     EvaluationContext evaluationContext = createEvaluationContext(); // the context with runtime environment information
     PermissionEvaluator evaluator = authorization.evaluators().from(permissionsToEvaluate, context);

     evaluator.evaluate(new Decision() {

         public void onDecision(Evaluation evaluation) {
              // do something on grant
         }

     });
 
Author:
Pedro Igor