Interface IdentityProviderStorageProvider

All Superinterfaces:
Provider
All Known Implementing Classes:
InfinispanIdentityProviderStorageProvider, JpaIdentityProviderStorageProvider

public interface IdentityProviderStorageProvider extends Provider
The IdentityProviderStorageProvider is concerned with the storage/retrieval of the configured identity providers in Keycloak. In other words, it is a provider of identity providers (IDPs) and, as such, handles the CRUD operations for IDPs.

It is not to be confused with the IdentityProvider found in server-spi-private as that provider is meant to be implemented by actual identity providers that handle the logic of authenticating users with third party brokers, such as Microsoft, Google, GitHub, LinkedIn, etc.
Author:
Stefan Guilhen
  • Method Details

    • create

      Creates a new identity provider from the specified model.
      Parameters:
      model - a IdentityProviderModel containing the identity provider's data.
      Returns:
      the model of the created identity provider.
    • update

      void update(IdentityProviderModel model)
      Updates the identity provider using the specified model.
      Parameters:
      model - a IdentityProviderModel containing the identity provider's data.
    • remove

      boolean remove(String providerAlias)
      Removes the identity provider with the specified alias.
      Parameters:
      providerAlias - the alias of the identity provider to be removed.
      Returns:
      true if an IDP with the specified alias was found and removed; false otherwise.
    • removeAll

      void removeAll()
      Removes all identity providers from the realm.
    • getById

      IdentityProviderModel getById(String internalId)
      Obtains the identity provider with the specified internal id.
      Parameters:
      internalId - the identity provider's internal id.
      Returns:
      a reference to the identity provider, or null if no provider is found.
    • getByAlias

      IdentityProviderModel getByAlias(String alias)
      Obtains the identity provider with the specified alias.
      Parameters:
      alias - the identity provider's alias.
      Returns:
      a reference to the identity provider, or null if no provider is found.
    • getByIdOrAlias

      default IdentityProviderModel getByIdOrAlias(String key)
      Obtains the identity provider whose id or alias match the specified key.
      Parameters:
      key - a String representing either the identity provider's id or alias.
      Returns:
      a reference to the identity provider, or null if no provider is found.
    • getAllStream

      default Stream<IdentityProviderModel> getAllStream()
      Returns all identity providers in the current realm.
      Returns:
      a non-null stream of IdentityProviderModels.
    • getAllStream

      Stream<IdentityProviderModel> getAllStream(Map<String,String> options, Integer first, Integer max)
      Returns all identity providers in the realm filtered according to the specified search options. The options include:
      • Regular fields found in IdentityProviderModel, such as ALIAS, ENABLED, HIDE_ON_LOGIN, etc;
      • Special search keys also present in IdentityProviderModel. Those include SEARCH, used to perform exact, prefix, and infix searches by alias, and ALIAS_NOT_IN, used to perform searches for identity providers whose alias doesn't match any of the specified aliases (separated by comma);
      • Any attribute found in the identity provider's config. If the option key doesn't match any of the previous cases, the implementations must search the providers whose config contains a pair that matches the specified search option
      Parameters:
      options - a Map containing identity provider search options that must be matched.
      first - the position of the first result to be processed (pagination offset). Ignored if negative or null.
      max - the maximum number of results to be returned. Ignored if negative or null.
      Returns:
      a non-null stream of IdentityProviderModels that match the search criteria.
    • getByOrganization

      default Stream<IdentityProviderModel> getByOrganization(String orgId, Integer first, Integer max)
      Returns all identity providers associated with the organization with the provided id.
      Parameters:
      orgId - the id of the organization.
      first - the position of the first result to be processed (pagination offset). Ignored if negative or null.
      max - the maximum number of results to be returned. Ignored if negative or null.
      Returns:
      a non-null stream of IdentityProviderModels that match the search criteria.
    • getByFlow

      Stream<String> getByFlow(String flowId, String search, Integer first, Integer max)
      Returns the aliases of all identity providers whose firstBrokerLoginFlowId or postBrokerLoginFlowId matches the provided flowId.
      Parameters:
      flowId - the id of the flow.
      search - an optional String representing an identity provider alias (partial or exact). If the value is enclosed in double quotes, the method treats it as an exact search (e.g. "name"). If the value is enclosed in wildcards, the method treats it as an infix search (e.g. *name*). Otherwise, the method treats it as a prefix search (i.e. name* and name return the same results).
      first - the position of the first result to be processed (pagination offset). Ignored if negative or null.
      max - the maximum number of results to be returned. Ignored if negative or null.
      Returns:
      a non-null stream of IdentityProviderModels that match the search criteria.
    • getForLogin

      default Stream<IdentityProviderModel> getForLogin(IdentityProviderStorageProvider.FetchMode mode, String organizationId)
      Returns all identity providers available for login, according to the specified mode. An IDP can be used for login if it is enabled, is not a link-only IDP, and is not configured to be hidden on login page.

      The mode parameter may narrow the list of IDPs that are available. FETCH_MODE.REALM_ONLY fetches only realm-level IDPs (i.e. those not associated with any org). FETCH_MODE.ORG_ONLY will work together with the organizationId parameter. If the latter is set, only the IDPs associated with that org will be returned. Otherwise, the method returns the IDPs associated with any org. FETCH_MODE.ALL combines both approaches, returning both the realm-level IDPs with those associated with organizations (or a specific organization as per the organizationId param).
      Parameters:
      mode - the fetch mode to be used. Can be REALM_ONLY, ORG_ONLY, or ALL.
      organizationId - an optional organization ID. If present and the mode is not REALM_ONLY, the param indicates that only IDPs associated with the specified organization are to be returned.
      Returns:
      a non-null stream of IdentityProviderModels that are suitable for being displayed in the login pages.
    • count

      long count()
      Returns the number of IDPs in the realm.
      Returns:
      the number of IDPs found in the realm.
    • isIdentityFederationEnabled

      default boolean isIdentityFederationEnabled()
      Checks whether the realm has any configured identity providers or not.
      Returns:
      true if the realm has at least one configured identity provider (federation is enabled); false otherwise.
    • createMapper

      Creates a new identity provider mapper from the specified model.
      Parameters:
      model - a IdentityProviderMapperModel containing the identity provider mapper's data.
      Returns:
      the model of the created identity provider mapper.
    • updateMapper

      void updateMapper(IdentityProviderMapperModel model)
      Updates the identity provider mapper using the specified model.
      Parameters:
      model - a IdentityProviderMapperModel containing the identity provider mapper's data.
    • removeMapper

      boolean removeMapper(IdentityProviderMapperModel model)
      Removes the given identity provider mapper.
      Parameters:
      model - a IdentityProviderMapperModel to be deleted.
      Returns:
      true if an identity provider mapper was removed; false otherwise.
    • removeAllMappers

      void removeAllMappers()
      Removes all identity provider mappers from the realm.
    • getMapperById

      Obtains the identity provider mapper with the specified id.
      Parameters:
      id - the identity provider mapper's id.
      Returns:
      a reference to the identity provider mapper, or null if no mapper is found.
    • getMapperByName

      IdentityProviderMapperModel getMapperByName(String identityProviderAlias, String name)
      Obtains the identity provider mapper with the provided identity provider alias and name.
      Parameters:
      identityProviderAlias - the identity provider alias.
      name - the identity provider mapper's name.
      Returns:
      a reference to the identity provider mapper, or null if no provider is found.
    • getMappersStream

      default Stream<IdentityProviderMapperModel> getMappersStream()
      Returns all identity provider mappers as a stream.
      Returns:
      Stream of IdentityProviderMapperModel. Never returns null.
    • getMappersStream

      Stream<IdentityProviderMapperModel> getMappersStream(Map<String,String> options, Integer first, Integer max)
      Returns all identity provider mappers in the realm filtered according to the specified search options.
      Parameters:
      options - a Map containing identity provider search options that must be matched.
      first - the position of the first result to be processed (pagination offset). Ignored if negative or null.
      max - the maximum number of results to be returned. Ignored if negative or null.
      Returns:
      a non-null stream of IdentityProviderModels that match the search criteria.
    • getMappersByAliasStream

      Stream<IdentityProviderMapperModel> getMappersByAliasStream(String identityProviderAlias)
      Returns identity provider mappers by the provided alias as a stream.
      Parameters:
      identityProviderAlias - String Identity provider alias to filter results.
      Returns:
      Stream of IdentityProviderMapperModel Never returns null.