Enum Class OrganizationScope
- All Implemented Interfaces:
Serializable,Comparable<OrganizationScope>,Constable
An enum with utility methods to process the OIDCLoginProtocolFactory.ORGANIZATION scope.
The OrganizationScope behaves like a dynamic scopes so that access to organizations is granted depending
on how the client requests the OIDCLoginProtocolFactory.ORGANIZATION scope.
-
Nested Class Summary
Nested classes/interfaces inherited from class java.lang.Enum
Enum.EnumDesc<E extends Enum<E>> -
Enum Constant Summary
Enum Constants -
Method Summary
Modifier and TypeMethodDescriptionresolveName(Set<String> scopes, String previous) Resolves the name of this scope based on the given set ofscopesand thepreviousname.resolveOrganizations(UserModel user, String scope, KeycloakSession session) Returns the organizations mapped from thescopebased on the givenuser.toClientScope(String name, UserModel user, KeycloakSession session) Returns aClientScopeModelwith the givennamefor this scope.static OrganizationScopeReturns the enum constant of this class with the specified name.static OrganizationScopevalueOfScope(String rawScope) Returns aOrganizationScopeinstance based on the givenrawScope.static OrganizationScope[]values()Returns an array containing the constants of this enum class, in the order they are declared.
-
Enum Constant Details
-
ALL
Maps to any organization a user is a member. When this scope is requested by clients, all the organizations the user is a member are granted. -
SINGLE
Maps to a specific organization the user is a member. When this scope is requested by clients, only the organization specified in the scope is granted. -
ANY
Maps to a single organization if the user is a member of a single organization. When this scope is requested by clients, the user will be asked to select and organization if a member of multiple organizations or, in case the user is a member of a single organization, grant access to that organization.
-
-
Method Details
-
values
Returns an array containing the constants of this enum class, in the order they are declared.- Returns:
- an array containing the constants of this enum class, in the order they are declared
-
valueOf
Returns the enum constant of this class with the specified name. The string must match exactly an identifier used to declare an enum constant in this class. (Extraneous whitespace characters are not permitted.)- Parameters:
name- the name of the enum constant to be returned.- Returns:
- the enum constant with the specified name
- Throws:
IllegalArgumentException- if this enum class has no constant with the specified nameNullPointerException- if the argument is null
-
resolveOrganizations
public Stream<OrganizationModel> resolveOrganizations(UserModel user, String scope, KeycloakSession session) Returns the organizations mapped from thescopebased on the givenuser.- Parameters:
user- the user. Can benulldepending on how the scope resolves its value.scope- the string referencing the scopesession- the session- Returns:
- the organizations mapped to the given
user. Or an empty stream if no organizations were mapped from thescopeparameter.
-
toClientScope
Returns aClientScopeModelwith the givennamefor this scope.- Parameters:
name- the name of the scopeuser- the usersession- the session- Returns:
- the
ClientScopeModel
-
resolveName
Resolves the name of this scope based on the given set of
scopesand thepreviousname.The scope name can be mapped to another scope depending on its semantics. Otherwise, it will map to the same name. This method is mainly useful to recognize if a scope previously granted is still valid and can be mapped to the new scope being requested. For instance, when refreshing tokens.
- Parameters:
scopes- the scopes to resolve the name fromprevious- the previous name of this scope- Returns:
- the name of the scope
-
valueOfScope
Returns aOrganizationScopeinstance based on the givenrawScope.- Parameters:
rawScope- the string referencing the scope- Returns:
- the organization scope that maps the given
rawScope
-