Class ClientScopeEvaluateScopeMappingsResource
java.lang.Object
org.keycloak.services.resources.admin.ClientScopeEvaluateScopeMappingsResource
- Author:
- Marek Posolda
-
Constructor Summary
ConstructorDescriptionClientScopeEvaluateScopeMappingsResource
(KeycloakSession session, RoleContainerModel roleContainer, AdminPermissionEvaluator auth, ClientModel client, String scopeParam) -
Method Summary
Modifier and TypeMethodDescriptionGet effective scope mapping of all roles of particular role container, which this client is defacto allowed to have in the accessToken issued for him.Get roles, which this client doesn't have scope for and can't have them in the accessToken issued for him.
-
Constructor Details
-
ClientScopeEvaluateScopeMappingsResource
public ClientScopeEvaluateScopeMappingsResource(KeycloakSession session, RoleContainerModel roleContainer, AdminPermissionEvaluator auth, ClientModel client, String scopeParam)
-
-
Method Details
-
getGrantedScopeMappings
@Path("/granted") @GET @Produces("application/json") public Stream<RoleRepresentation> getGrantedScopeMappings()Get effective scope mapping of all roles of particular role container, which this client is defacto allowed to have in the accessToken issued for him. This contains scope mappings, which this client has directly, as well as scope mappings, which are granted to all client scopes, which are linked with this client.- Returns:
-
getNotGrantedScopeMappings
@Path("/not-granted") @GET @Produces("application/json") public Stream<RoleRepresentation> getNotGrantedScopeMappings()Get roles, which this client doesn't have scope for and can't have them in the accessToken issued for him. Defacto all the other roles of particular role container, which are not ingetGrantedScopeMappings()
- Returns:
-