Package org.keycloak.ipatuura_user_spi

Class IpatuuraUserStorageProvider

java.lang.Object
org.keycloak.ipatuura_user_spi.IpatuuraUserStorageProvider
All Implemented Interfaces:
CredentialAuthentication, CredentialInputValidator, Provider, ImportedUserValidation, UserCountMethodsProvider, UserLookupProvider, UserQueryMethodsProvider, UserQueryProvider, UserRegistrationProvider, UserStorageProvider
public class IpatuuraUserStorageProvider extends Object implements UserStorageProvider, UserLookupProvider, CredentialInputValidator, CredentialAuthentication, UserRegistrationProvider, UserQueryProvider, ImportedUserValidation
Version:
$Revision: 1 $
Author:
Justin Stephenson

  • Field Details

  • Constructor Details

  • Method Details

    • getUserByEmail

      public UserModel getUserByEmail(RealmModel realm, String email)
      Description copied from interface: UserLookupProvider
      Returns a user with the given email belonging to the realm
      Specified by:
      getUserByEmail in interface UserLookupProvider
      Parameters:
      realm - the realm model
      email - email address
      Returns:
      found user model, or null if no such user exists

    • getUserById

      public UserModel getUserById(RealmModel realm, String id)
      Description copied from interface: UserLookupProvider
      Returns a user with the given id belonging to the realm
      Specified by:
      getUserById in interface UserLookupProvider
      Parameters:
      realm - the realm model
      id - id of the user
      Returns:
      found user model, or null if no such user exists

    • getUserByUsername

      public UserModel getUserByUsername(RealmModel realm, String username)
      Description copied from interface: UserLookupProvider
      Exact search for a user by its username. Returns a user with the given username belonging to the realm
      Specified by:
      getUserByUsername in interface UserLookupProvider
      Parameters:
      realm - the realm model
      username - (case-sensitivity is controlled by storage)
      Returns:
      found user model, or null if no such user exists

    • createUserInKeycloak

      protected UserModel createUserInKeycloak(RealmModel realm, String username)

    • close

      public void close()
      Specified by:
      close in interface Provider

    • getSupportedCredentialTypes

      public Set<String> getSupportedCredentialTypes()

    • isConfiguredFor

      public boolean isConfiguredFor(RealmModel realm, UserModel user, String credentialType)
      Specified by:
      isConfiguredFor in interface CredentialInputValidator

    • supportsCredentialType

      public boolean supportsCredentialType(String credentialType)
      Specified by:
      supportsCredentialType in interface CredentialInputValidator

    • isValid

      public boolean isValid(RealmModel realm, UserModel user, CredentialInput input)
      Description copied from interface: CredentialInputValidator
      Tests whether a credential is valid
      Specified by:
      isValid in interface CredentialInputValidator
      Parameters:
      realm - The realm in which to which the credential belongs to
      user - The user for which to test the credential
      input - the credential details to verify
      Returns:
      true if the passed secret is correct

    • validate

      public UserModel validate(RealmModel realm, UserModel local)
      Description copied from interface: ImportedUserValidation
      If this method returns null, then the user in local storage will be removed
      Specified by:
      validate in interface ImportedUserValidation
      Returns:
      null if user no longer valid

    • addUser

      public UserModel addUser(RealmModel realm, String username)
      Description copied from interface: UserRegistrationProvider
      All storage providers that implement this interface will be looped through. If this method returns null, then the next storage provider's addUser() method will be called. If no storage providers handle the add, then the user will be created in local storage. Returning null is useful when you want optional support for adding users. For example, our LDAP provider can enable and disable the ability to add users.
      Specified by:
      addUser in interface UserRegistrationProvider
      Parameters:
      realm - a reference to the realm
      username - a username the created user will be assigned
      Returns:
      a model of created user

    • removeUser

      public boolean removeUser(RealmModel realm, UserModel user)
      Description copied from interface: UserRegistrationProvider
      Called if user originated from this provider. If a local user is linked to this provider, this method will be called before local storage's removeUser() method is invoked. If you are using an import strategy, and this is a local user linked to this provider, this method will be called before local storage's removeUser() method is invoked. Also, you DO NOT need to remove the imported user. The runtime will handle this for you.
      Specified by:
      removeUser in interface UserRegistrationProvider
      Parameters:
      realm - a reference to the realm
      user - a reference to the user that is removed
      Returns:
      true if the user was removed, false otherwise

    • getGroupMembersStream

      public Stream<UserModel> getGroupMembersStream(RealmModel arg0, GroupModel arg1, Integer arg2, Integer arg3)
      Description copied from interface: UserQueryMethodsProvider
      Obtains users that belong to a specific group.
      Specified by:
      getGroupMembersStream in interface UserQueryMethodsProvider
      Parameters:
      arg0 - a reference to the realm.
      arg1 - a reference to the group.
      arg2 - first result to return. Ignored if negative, zero, or null.
      arg3 - maximum number of results to return. Ignored if negative or null.
      Returns:
      a non-null Stream of users that belong to the group.

    • getUsersCount

      public int getUsersCount(RealmModel realm)
      Description copied from interface: UserCountMethodsProvider
      Returns the number of users, without consider any service account.
      Specified by:
      getUsersCount in interface UserCountMethodsProvider
      Parameters:
      realm - the realm
      Returns:
      the number of users

    • searchForUserByUserAttributeStream

      public Stream<UserModel> searchForUserByUserAttributeStream(RealmModel realm, String attrName, String attrValue)
      Description copied from interface: UserQueryMethodsProvider
      Searches for users that have a specific attribute with a specific value.
      Specified by:
      searchForUserByUserAttributeStream in interface UserQueryMethodsProvider
      Parameters:
      realm - a reference to the realm.
      attrName - the attribute name.
      attrValue - the attribute value.
      Returns:
      a non-null Stream of users that match the search criteria.

    • searchForUserStream

      public Stream<UserModel> searchForUserStream(RealmModel realm, Map<String,String> params, Integer firstResult, Integer maxResults)
      Description copied from interface: UserQueryMethodsProvider
      Searches for user by parameter. If possible, implementations should treat the parameter values as partial match patterns (i.e. in RDMBS terms use LIKE).

      Valid parameters are:

      • UserModel.SEARCH - search for users whose username, email, first name or last name contain any of the strings in search separated by whitespace, when SEARCH is set all other params are ignored
      • UserModel.FIRST_NAME - first name (case insensitive string)
      • UserModel.LAST_NAME - last name (case insensitive string)
      • UserModel.EMAIL - email (case insensitive string)
      • UserModel.USERNAME - username (case insensitive string)
      • UserModel.EXACT - whether search with FIRST_NAME, LAST_NAME, USERNAME or EMAIL should be exact match
      • UserModel.EMAIL_VERIFIED - search only for users with verified/non-verified email (true/false)
      • UserModel.ENABLED - search only for enabled/disabled users (true/false)
      • UserModel.IDP_ALIAS - search only for users that have a federated identity from idp with the given alias configured (case sensitive string)
      • UserModel.IDP_USER_ID - search for users with federated identity with the given userId (case sensitive string)

      Any other parameters will be treated as custom user attributes.

      This method is used by the REST API when querying users.

      Specified by:
      searchForUserStream in interface UserQueryMethodsProvider
      Parameters:
      realm - a reference to the realm.
      params - a map containing the search parameters.
      firstResult - first result to return. Ignored if negative, zero, or null.
      maxResults - maximum number of results to return. Ignored if negative or null.
      Returns:
      a non-null Stream of users that match the search criteria.

    • supportsCredentialAuthenticationFor

      public boolean supportsCredentialAuthenticationFor(String type)
      Specified by:
      supportsCredentialAuthenticationFor in interface CredentialAuthentication

    • authenticate

      public CredentialValidationOutput authenticate(RealmModel realm, CredentialInput input)
      Specified by:
      authenticate in interface CredentialAuthentication