Package org.keycloak.storage.role

Interface RoleLookupProvider

All Known Subinterfaces:
CacheRealmProvider, RoleProvider, RoleStorageProvider
All Known Implementing Classes:
JpaRealmProvider, RealmCacheSession, RoleStorageManager
public interface RoleLookupProvider
Abstraction interface for lookup of both realm roles and client roles by id, name and description.

  • Method Details

    • getRealmRole

      RoleModel getRealmRole(RealmModel realm, String name)
      Exact search for a role by given name.
      Parameters:
      realm - Realm.
      name - String name of the role.
      Returns:
      Model of the role, or null if no role is found.

    • getRoleById

      RoleModel getRoleById(RealmModel realm, String id)
      Exact search for a role by its internal ID..
      Parameters:
      realm - Realm.
      id - Internal ID of the role.
      Returns:
      Model of the role.

    • searchForRolesStream

      Stream<RoleModel> searchForRolesStream(RealmModel realm, String search, Integer first, Integer max)
      Case-insensitive search for roles that contain the given string in their name or description.
      Parameters:
      realm - Realm.
      search - Searched substring of the role's name or description.
      first - First result to return. Ignored if negative or null.
      max - Maximum number of results to return. Ignored if negative or null.
      Returns:
      Stream of the realm roles their name or description contains given search string. Never returns null.

    • getClientRole

      RoleModel getClientRole(ClientModel client, String name)
      Exact search for a client role by given name.
      Parameters:
      client - Client.
      name - String name of the role.
      Returns:
      Model of the role, or null if no role is found.

    • searchForClientRolesStream

      Stream<RoleModel> searchForClientRolesStream(ClientModel client, String search, Integer first, Integer max)
      Case-insensitive search for client roles that contain the given string in their name or description.
      Parameters:
      client - Client.
      search - String to search by role's name or description.
      first - First result to return. Ignored if negative or null.
      max - Maximum number of results to return. Ignored if negative or null.
      Returns:
      Stream of the client roles their name or description contains given search string. Never returns null.

    • searchForClientRolesStream

      Stream<RoleModel> searchForClientRolesStream(RealmModel realm, Stream<String> ids, String search, Integer first, Integer max)
      Case-insensitive search for client roles that contain the given string in its name or their client's public identifier (clientId - (client_id in OIDC or entityID in SAML)).
      Parameters:
      realm - Realm.
      ids - Stream of ids to include in search. Ignored when null. Returns empty Stream when empty.
      search - String to search by role's name or client's public identifier.
      first - First result to return. Ignored if negative or null.
      max - Maximum number of results to return. Ignored if negative or null.
      Returns:
      Stream of the client roles where role name or client public identifier contains given search string. Never returns null.

    • searchForClientRolesStream

      Stream<RoleModel> searchForClientRolesStream(RealmModel realm, String search, Stream<String> excludedIds, Integer first, Integer max)
      Case-insensitive search for client roles that contain the given string in their name or their client's public identifier (clientId - (client_id in OIDC or entityID in SAML)).
      Parameters:
      realm - Realm.
      search - String to search by role's name or client's public identifier.
      excludedIds - Stream of ids to exclude. Ignored if empty or null.
      first - First result to return. Ignored if negative or null.
      max - Maximum number of results to return. Ignored if negative or null.
      Returns:
      Stream of the client roles where role name or client's public identifier contains given search string. Never returns null.