UserStorageManager (Keycloak Docs Distribution 11.0.3 API)

java.lang.Object
- org.keycloak.storage.UserStorageManager

All Implemented Interfaces:

OnUserCache, UserProvider, Provider, OnCreateComponent, OnUpdateComponent, UserBulkUpdateProvider, UserLookupProvider, UserQueryProvider, UserRegistrationProvider
```
public class UserStorageManager
extends Object
implements UserProvider, OnUserCache, OnCreateComponent, OnUpdateComponent
```
Version:

$Revision: 1 $

Author:

Bill Burke

Field Summary

Fields
Modifier and Type Field and Description

protected KeycloakSession session

Fields
Modifier and Type	Field and Description
`protected KeycloakSession`	`session`

Constructor Summary

Constructors
Constructor and Description

UserStorageManager(KeycloakSession session)

Constructors
Constructor and Description
`UserStorageManager(KeycloakSession session)`

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`addConsent(RealmModel realm, String userId, UserConsentModel consent)`
`void`	`addFederatedIdentity(RealmModel realm, UserModel user, FederatedIdentityModel socialLink)`
`UserModel`	`addUser(RealmModel realm, String username)` All storage providers that implement this interface will be looped through.
`UserModel`	`addUser(RealmModel realm, String id, String username, boolean addDefaultRoles, boolean addDefaultRequiredActions)` only used for local storage
`void`	`close()`
`protected void`	`deleteInvalidUser(RealmModel realm, UserModel user)`
`UserConsentModel`	`getConsentByClient(RealmModel realm, String userId, String clientInternalId)`
`List<UserConsentModel>`	`getConsents(RealmModel realm, String userId)`
`static <T> List<T>`	`getEnabledStorageProviders(KeycloakSession session, RealmModel realm, Class<T> type)`
`Set<FederatedIdentityModel>`	`getFederatedIdentities(UserModel user, RealmModel realm)`
`FederatedIdentityModel`	`getFederatedIdentity(UserModel user, String socialProvider, RealmModel realm)`
`UserFederatedStorageProvider`	`getFederatedStorage()`
`List<UserModel>`	`getGroupMembers(RealmModel realm, GroupModel group)` Get users that belong to a specific group.
`List<UserModel>`	`getGroupMembers(RealmModel realm, GroupModel group, int firstResult, int maxResults)` Get users that belong to a specific group.
`int`	`getNotBeforeOfUser(RealmModel realm, UserModel user)`
`List<UserModel>`	`getRoleMembers(RealmModel realm, RoleModel role)` Get users that belong to a specific role.
`List<UserModel>`	`getRoleMembers(RealmModel realm, RoleModel role, int firstResult, int maxResults)` Search for users that have a specific role with a specific roleId.
`UserModel`	`getServiceAccount(ClientModel client)`
`static UserStorageProvider`	`getStorageProvider(KeycloakSession session, RealmModel realm, String componentId)`
`static UserStorageProvider`	`getStorageProviderInstance(KeycloakSession session, UserStorageProviderModel model, UserStorageProviderFactory factory)`
`static UserStorageProviderModel`	`getStorageProviderModel(RealmModel realm, String componentId)`
`static <T> List<T>`	`getStorageProviders(KeycloakSession session, RealmModel realm, Class<T> type)`
`static List<UserStorageProviderModel>`	`getStorageProviders(RealmModel realm)`
`UserModel`	`getUserByEmail(String email, RealmModel realm)`
`UserModel`	`getUserByFederatedIdentity(FederatedIdentityModel socialLink, RealmModel realm)`
`UserModel`	`getUserById(String id, RealmModel realm)`
`UserModel`	`getUserByUsername(String username, RealmModel realm)`
`List<UserModel>`	`getUsers(RealmModel realm)`
`List<UserModel>`	`getUsers(RealmModel realm, boolean includeServiceAccounts)`
`List<UserModel>`	`getUsers(RealmModel realm, int firstResult, int maxResults)`
`List<UserModel>`	`getUsers(RealmModel realm, int firstResult, int maxResults, boolean includeServiceAccounts)`
`int`	`getUsersCount(Map<String,String> params, RealmModel realm)` Returns the number of users that match the given filter parameters.
`int`	`getUsersCount(Map<String,String> params, RealmModel realm, Set<String> groupIds)` Returns the number of users that match the given filter parameters and is in at least one of the given groups.
`int`	`getUsersCount(RealmModel realm)` Returns the number of users, without consider any service account.
`int`	`getUsersCount(RealmModel realm, boolean includeServiceAccount)` Returns the number of users.
`int`	`getUsersCount(RealmModel realm, Set<String> groupIds)` Returns the number of users that are in at least one of the groups given.
`int`	`getUsersCount(String search, RealmModel realm)` Returns the number of users that match the given criteria.
`int`	`getUsersCount(String search, RealmModel realm, Set<String> groupIds)` Returns the number of users that match the given criteria and are in at least one of the groups given.
`void`	`grantToAllUsers(RealmModel realm, RoleModel role)`
`protected List<UserModel>`	`importValidation(RealmModel realm, List<UserModel> users)`
`protected UserModel`	`importValidation(RealmModel realm, UserModel user)` Allows a UserStorageProvider to proxy and/or synchronize an imported user.
`static boolean`	`isStorageProviderEnabled(RealmModel realm, String providerId)`
`protected UserProvider`	`localStorage()`
`void`	`onCache(RealmModel realm, CachedUserModel user, UserModel delegate)`
`void`	`onCreate(KeycloakSession session, RealmModel realm, ComponentModel model)`
`void`	`onUpdate(KeycloakSession session, RealmModel realm, ComponentModel oldModel, ComponentModel newModel)`
`void`	`preRemove(ClientScopeModel clientScope)`
`void`	`preRemove(ProtocolMapperModel protocolMapper)`
`void`	`preRemove(RealmModel realm)`
`void`	`preRemove(RealmModel realm, ClientModel client)`
`void`	`preRemove(RealmModel realm, ComponentModel component)`
`void`	`preRemove(RealmModel realm, GroupModel group)`
`void`	`preRemove(RealmModel realm, IdentityProviderModel provider)`
`void`	`preRemove(RealmModel realm, RoleModel role)`
`protected List<UserModel>`	`query(org.keycloak.storage.UserStorageManager.PaginatedQuery pagedQuery, RealmModel realm, int firstResult, int maxResults)`
`boolean`	`removeFederatedIdentity(RealmModel realm, UserModel user, String socialProvider)`
`void`	`removeImportedUsers(RealmModel realm, String storageProviderId)` Removes any imported users from a specific User Storage Provider.
`boolean`	`removeUser(RealmModel realm, UserModel user)` Called if user originated from this provider.
`boolean`	`revokeConsentForClient(RealmModel realm, String userId, String clientInternalId)`
`List<UserModel>`	`searchForUser(Map<String,String> attributes, RealmModel realm)` Search for user by parameter.
`List<UserModel>`	`searchForUser(Map<String,String> attributes, RealmModel realm, int firstResult, int maxResults)` Search for user by parameter.
`List<UserModel>`	`searchForUser(String search, RealmModel realm)` Search for users with username, email or first + last name that is like search string.
`List<UserModel>`	`searchForUser(String search, RealmModel realm, int firstResult, int maxResults)` Search for users with username, email or first + last name that is like search string.
`List<UserModel>`	`searchForUserByUserAttribute(String attrName, String attrValue, RealmModel realm)` Search for users that have a specific attribute with a specific value.
`void`	`setNotBeforeForUser(RealmModel realm, UserModel user, int notBefore)`
`void`	`unlinkUsers(RealmModel realm, String storageProviderId)` Set federation link to null to imported users of a specific User Storage Provider
`void`	`updateConsent(RealmModel realm, String userId, UserConsentModel consent)`
`void`	`updateFederatedIdentity(RealmModel realm, UserModel federatedUser, FederatedIdentityModel federatedIdentityModel)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.keycloak.storage.user.UserQueryProvider
countUsersInGroups

Field Detail
- session
```
protected KeycloakSession session
```

Constructor Detail

UserStorageManager

public UserStorageManager(KeycloakSession session)

Method Detail

isStorageProviderEnabled

public static boolean isStorageProviderEnabled(RealmModel realm,
                                               String providerId)

localStorage
```
protected UserProvider localStorage()
```

getStorageProviders

public static List<UserStorageProviderModel> getStorageProviders(RealmModel realm)

getStorageProviderInstance

public static UserStorageProvider getStorageProviderInstance(KeycloakSession session,
                                                             UserStorageProviderModel model,
                                                             UserStorageProviderFactory factory)

getStorageProviders

public static <T> List<T> getStorageProviders(KeycloakSession session,
                                              RealmModel realm,
                                              Class<T> type)

getEnabledStorageProviders

public static <T> List<T> getEnabledStorageProviders(KeycloakSession session,
                                                     RealmModel realm,
                                                     Class<T> type)

addUser

public UserModel addUser(RealmModel realm,
                         String id,
                         String username,
                         boolean addDefaultRoles,
                         boolean addDefaultRequiredActions)

Description copied from interface: UserProvider

only used for local storage

Specified by:: addUser in interface UserProvider
Returns:

addUser
```
public UserModel addUser(RealmModel realm,
                         String username)
```
Description copied from interface: UserRegistrationProvider

All storage providers that implement this interface will be looped through. If this method returns null, then the next storage provider's addUser() method will be called. If no storage providers handle the add, then the user will be created in local storage. Returning null is useful when you want optional support for adding users. For example, our LDAP provider can enable and disable the ability to add users.

Specified by:

addUser in interface UserRegistrationProvider

Returns:

getStorageProviderModel

public static UserStorageProviderModel getStorageProviderModel(RealmModel realm,
                                                               String componentId)

getStorageProvider

public static UserStorageProvider getStorageProvider(KeycloakSession session,
                                                     RealmModel realm,
                                                     String componentId)

removeUser
```
public boolean removeUser(RealmModel realm,
                          UserModel user)
```
Description copied from interface: UserRegistrationProvider

Called if user originated from this provider. If a local user is linked to this provider, this method will be called before local storage's removeUser() method is invoked. If you are using an import strategy, and this is a local user linked to this provider, this method will be called before local storage's removeUser() method is invoked. Also, you DO NOT need to remove the imported user. The runtime will handle this for you.

Specified by:

removeUser in interface UserRegistrationProvider

Returns:

getFederatedStorage

public UserFederatedStorageProvider getFederatedStorage()

addFederatedIdentity

public void addFederatedIdentity(RealmModel realm,
                                 UserModel user,
                                 FederatedIdentityModel socialLink)

Specified by:: addFederatedIdentity in interface UserProvider

updateFederatedIdentity

public void updateFederatedIdentity(RealmModel realm,
                                    UserModel federatedUser,
                                    FederatedIdentityModel federatedIdentityModel)

Specified by:: updateFederatedIdentity in interface UserProvider

removeFederatedIdentity

public boolean removeFederatedIdentity(RealmModel realm,
                                       UserModel user,
                                       String socialProvider)

Specified by:: removeFederatedIdentity in interface UserProvider

preRemove

public void preRemove(RealmModel realm,
                      IdentityProviderModel provider)

Specified by:: preRemove in interface UserProvider

addConsent

public void addConsent(RealmModel realm,
                       String userId,
                       UserConsentModel consent)

Specified by:: addConsent in interface UserProvider

getConsentByClient

public UserConsentModel getConsentByClient(RealmModel realm,
                                           String userId,
                                           String clientInternalId)

Specified by:: getConsentByClient in interface UserProvider

getConsents

public List<UserConsentModel> getConsents(RealmModel realm,
                                          String userId)

Specified by:: getConsents in interface UserProvider

updateConsent

public void updateConsent(RealmModel realm,
                          String userId,
                          UserConsentModel consent)

Specified by:: updateConsent in interface UserProvider

revokeConsentForClient

public boolean revokeConsentForClient(RealmModel realm,
                                      String userId,
                                      String clientInternalId)

Specified by:: revokeConsentForClient in interface UserProvider

setNotBeforeForUser

public void setNotBeforeForUser(RealmModel realm,
                                UserModel user,
                                int notBefore)

Specified by:: setNotBeforeForUser in interface UserProvider

getNotBeforeOfUser

public int getNotBeforeOfUser(RealmModel realm,
                              UserModel user)

Specified by:: getNotBeforeOfUser in interface UserProvider

importValidation

protected UserModel importValidation(RealmModel realm,
                                     UserModel user)

Allows a UserStorageProvider to proxy and/or synchronize an imported user.

Parameters:: realm -; user -
Returns:

deleteInvalidUser

protected void deleteInvalidUser(RealmModel realm,
                                 UserModel user)

importValidation

protected List<UserModel> importValidation(RealmModel realm,
                                           List<UserModel> users)

getUserById

public UserModel getUserById(String id,
                             RealmModel realm)

Specified by:: getUserById in interface UserLookupProvider

getGroupMembers
```
public List<UserModel> getGroupMembers(RealmModel realm,
                                       GroupModel group)
```
Description copied from interface: UserQueryProvider

Get users that belong to a specific group. Implementations do not have to search in UserFederatedStorageProvider as this is done automatically.

Specified by:

getGroupMembers in interface UserQueryProvider

Returns:

See Also:

UserFederatedStorageProvider

getRoleMembers
```
public List<UserModel> getRoleMembers(RealmModel realm,
                                      RoleModel role)
```
Description copied from interface: UserQueryProvider

Get users that belong to a specific role.

Specified by:

getRoleMembers in interface UserQueryProvider

Returns:

getUserByUsername

public UserModel getUserByUsername(String username,
                                   RealmModel realm)

Specified by:: getUserByUsername in interface UserLookupProvider

getUserByEmail

public UserModel getUserByEmail(String email,
                                RealmModel realm)

Specified by:: getUserByEmail in interface UserLookupProvider

getUserByFederatedIdentity

public UserModel getUserByFederatedIdentity(FederatedIdentityModel socialLink,
                                            RealmModel realm)

Specified by:: getUserByFederatedIdentity in interface UserProvider

getServiceAccount
```
public UserModel getServiceAccount(ClientModel client)
```
Specified by:

getServiceAccount in interface UserProvider

getUsers

public List<UserModel> getUsers(RealmModel realm,
                                boolean includeServiceAccounts)

Specified by:: getUsers in interface UserProvider

getUsers
```
public List<UserModel> getUsers(RealmModel realm)
```
Specified by:

getUsers in interface UserQueryProvider

getUsers

public List<UserModel> getUsers(RealmModel realm,
                                int firstResult,
                                int maxResults)

Specified by:: getUsers in interface UserQueryProvider

getUsersCount
```
public int getUsersCount(RealmModel realm,
                         boolean includeServiceAccount)
```
Description copied from interface: UserQueryProvider

Returns the number of users.

Specified by:

getUsersCount in interface UserQueryProvider

Parameters:

realm - the realm

includeServiceAccount - if true, the number of users will also include service accounts. Otherwise, only the number of users.

Returns:

the number of users

getUsersCount
```
public int getUsersCount(RealmModel realm)
```
Description copied from interface: UserQueryProvider

Returns the number of users, without consider any service account.

Specified by:

getUsersCount in interface UserQueryProvider

Parameters:

realm - the realm

Returns:

the number of users

getUsersCount
```
public int getUsersCount(RealmModel realm,
                         Set<String> groupIds)
```
Description copied from interface: UserQueryProvider

Returns the number of users that are in at least one of the groups given.

Specified by:

getUsersCount in interface UserQueryProvider

Parameters:

realm - the realm

groupIds - set of groups id to check for

Returns:

the number of users that are in at least one of the groups

getUsersCount
```
public int getUsersCount(String search,
                         RealmModel realm)
```
Description copied from interface: UserQueryProvider

Returns the number of users that match the given criteria.

Specified by:

getUsersCount in interface UserQueryProvider

Parameters:

search - search criteria

realm - the realm

Returns:

number of users that match the search

getUsersCount
```
public int getUsersCount(String search,
                         RealmModel realm,
                         Set<String> groupIds)
```
Description copied from interface: UserQueryProvider

Returns the number of users that match the given criteria and are in at least one of the groups given.

Specified by:

getUsersCount in interface UserQueryProvider

Parameters:

search - search criteria

realm - the realm

groupIds - set of groups to check for

Returns:

number of users that match the search and given groups

getUsersCount
```
public int getUsersCount(Map<String,String> params,
                         RealmModel realm)
```
Description copied from interface: UserQueryProvider

Returns the number of users that match the given filter parameters.

Specified by:

getUsersCount in interface UserQueryProvider

Parameters:

params - filter parameters

realm - the realm

Returns:

number of users that match the given filters

getUsersCount
```
public int getUsersCount(Map<String,String> params,
                         RealmModel realm,
                         Set<String> groupIds)
```
Description copied from interface: UserQueryProvider

Returns the number of users that match the given filter parameters and is in at least one of the given groups.

Specified by:

getUsersCount in interface UserQueryProvider

Parameters:

params - filter parameters

realm - the realm

groupIds - set if groups to check for

Returns:

number of users that match the given filters and groups

query

protected List<UserModel> query(org.keycloak.storage.UserStorageManager.PaginatedQuery pagedQuery,
                                RealmModel realm,
                                int firstResult,
                                int maxResults)

getUsers

public List<UserModel> getUsers(RealmModel realm,
                                int firstResult,
                                int maxResults,
                                boolean includeServiceAccounts)

Specified by:: getUsers in interface UserProvider

searchForUser
```
public List<UserModel> searchForUser(String search,
                                     RealmModel realm)
```
Description copied from interface: UserQueryProvider

Search for users with username, email or first + last name that is like search string. If possible, implementations should treat the parameter values as partial match patterns i.e. in RDMBS terms use LIKE. This method is used by the admin console search box

Specified by:

searchForUser in interface UserQueryProvider

Returns:

searchForUser
```
public List<UserModel> searchForUser(String search,
                                     RealmModel realm,
                                     int firstResult,
                                     int maxResults)
```
Description copied from interface: UserQueryProvider

Search for users with username, email or first + last name that is like search string. If possible, implementations should treat the parameter values as partial match patterns i.e. in RDMBS terms use LIKE. This method is used by the admin console search box

Specified by:

searchForUser in interface UserQueryProvider

Returns:

searchForUser
```
public List<UserModel> searchForUser(Map<String,String> attributes,
                                     RealmModel realm)
```
Description copied from interface: UserQueryProvider

Search for user by parameter. Valid parameters are: "first" - first name "last" - last name "email" - email "username" - username If possible, implementations should treat the parameter values as partial match patterns i.e. in RDMBS terms use LIKE. This method is used by the REST API when querying users.

Specified by:

searchForUser in interface UserQueryProvider

Returns:

searchForUser
```
public List<UserModel> searchForUser(Map<String,String> attributes,
                                     RealmModel realm,
                                     int firstResult,
                                     int maxResults)
```
Description copied from interface: UserQueryProvider

Search for user by parameter. Valid parameters are: "first" - first name "last" - last name "email" - email "username" - username "enabled" - is user enabled (true/false) If possible, implementations should treat the parameter values as patterns i.e. in RDMBS terms use LIKE. This method is used by the REST API when querying users.

Specified by:

searchForUser in interface UserQueryProvider

Returns:

searchForUserByUserAttribute
```
public List<UserModel> searchForUserByUserAttribute(String attrName,
                                                    String attrValue,
                                                    RealmModel realm)
```
Description copied from interface: UserQueryProvider

Search for users that have a specific attribute with a specific value. Implementations do not have to search in UserFederatedStorageProvider as this is done automatically.

Specified by:

searchForUserByUserAttribute in interface UserQueryProvider

Returns:

See Also:

UserFederatedStorageProvider

getFederatedIdentities

public Set<FederatedIdentityModel> getFederatedIdentities(UserModel user,
                                                          RealmModel realm)

Specified by:: getFederatedIdentities in interface UserProvider

getFederatedIdentity

public FederatedIdentityModel getFederatedIdentity(UserModel user,
                                                   String socialProvider,
                                                   RealmModel realm)

Specified by:: getFederatedIdentity in interface UserProvider

grantToAllUsers

public void grantToAllUsers(RealmModel realm,
                            RoleModel role)

Specified by:: grantToAllUsers in interface UserBulkUpdateProvider

getGroupMembers
```
public List<UserModel> getGroupMembers(RealmModel realm,
                                       GroupModel group,
                                       int firstResult,
                                       int maxResults)
```
Description copied from interface: UserQueryProvider

Get users that belong to a specific group. Implementations do not have to search in UserFederatedStorageProvider as this is done automatically.

Specified by:

getGroupMembers in interface UserQueryProvider

Returns:

See Also:

UserFederatedStorageProvider

getRoleMembers

public List<UserModel> getRoleMembers(RealmModel realm,
                                      RoleModel role,
                                      int firstResult,
                                      int maxResults)

Description copied from interface: UserQueryProvider

Search for users that have a specific role with a specific roleId.

Specified by:: getRoleMembers in interface UserQueryProvider
Returns:

preRemove
```
public void preRemove(RealmModel realm)
```
Specified by:

preRemove in interface UserProvider

preRemove

public void preRemove(RealmModel realm,
                      GroupModel group)

Specified by:: preRemove in interface UserProvider

preRemove

public void preRemove(RealmModel realm,
                      RoleModel role)

Specified by:: preRemove in interface UserProvider

preRemove

public void preRemove(RealmModel realm,
                      ClientModel client)

Specified by:: preRemove in interface UserProvider

preRemove

public void preRemove(ProtocolMapperModel protocolMapper)

Specified by:: preRemove in interface UserProvider

preRemove

public void preRemove(ClientScopeModel clientScope)

Specified by:: preRemove in interface UserProvider

preRemove

public void preRemove(RealmModel realm,
                      ComponentModel component)

Specified by:: preRemove in interface UserProvider

removeImportedUsers
```
public void removeImportedUsers(RealmModel realm,
                                String storageProviderId)
```
Description copied from interface: UserProvider

Removes any imported users from a specific User Storage Provider.

Specified by:

removeImportedUsers in interface UserProvider

unlinkUsers
```
public void unlinkUsers(RealmModel realm,
                        String storageProviderId)
```
Description copied from interface: UserProvider

Set federation link to null to imported users of a specific User Storage Provider

Specified by:

unlinkUsers in interface UserProvider

onCache

public void onCache(RealmModel realm,
                    CachedUserModel user,
                    UserModel delegate)

Specified by:: onCache in interface OnUserCache

close
```
public void close()
```
Specified by:

close in interface UserProvider

Specified by:

close in interface Provider

onCreate

public void onCreate(KeycloakSession session,
                     RealmModel realm,
                     ComponentModel model)

Specified by:: onCreate in interface OnCreateComponent

onUpdate

public void onUpdate(KeycloakSession session,
                     RealmModel realm,
                     ComponentModel oldModel,
                     ComponentModel newModel)

Specified by:: onUpdate in interface OnUpdateComponent

Class UserStorageManager

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Methods inherited from interface org.keycloak.storage.user.UserQueryProvider

Field Detail

session

Constructor Detail

UserStorageManager

Method Detail

isStorageProviderEnabled

localStorage

getStorageProviders

getStorageProviderInstance

getStorageProviders

getEnabledStorageProviders

addUser

addUser

getStorageProviderModel

getStorageProvider

removeUser

getFederatedStorage

addFederatedIdentity

updateFederatedIdentity

removeFederatedIdentity

preRemove

addConsent

getConsentByClient

getConsents

updateConsent

revokeConsentForClient

setNotBeforeForUser

getNotBeforeOfUser

importValidation

deleteInvalidUser

importValidation

getUserById

getGroupMembers

getRoleMembers

getUserByUsername

getUserByEmail

getUserByFederatedIdentity

getServiceAccount

getUsers

getUsers

getUsers

getUsersCount

getUsersCount

getUsersCount

getUsersCount

getUsersCount

getUsersCount

getUsersCount

query

getUsers

searchForUser

searchForUser

searchForUser

searchForUser

searchForUserByUserAttribute

getFederatedIdentities

getFederatedIdentity

grantToAllUsers

getGroupMembers

getRoleMembers

preRemove

preRemove

preRemove

preRemove

preRemove

preRemove

preRemove

removeImportedUsers

unlinkUsers

onCache

close

onCreate

onUpdate