public class UserResource extends Object
Modifier and Type | Field and Description |
---|---|
protected ClientConnection |
clientConnection |
protected javax.ws.rs.core.HttpHeaders |
headers |
protected RealmModel |
realm |
protected KeycloakSession |
session |
Constructor and Description |
---|
UserResource(RealmModel realm,
UserModel user,
AdminPermissionEvaluator auth,
AdminEventBuilder adminEvent) |
Modifier and Type | Method and Description |
---|---|
javax.ws.rs.core.Response |
addFederatedIdentity(String provider,
FederatedIdentityRepresentation rep)
Add a social login provider to the user
|
Stream<CredentialRepresentation> |
credentials() |
javax.ws.rs.core.Response |
deleteUser()
Delete the user
|
void |
disableCredentialType(List<String> credentialTypes)
Disable all credentials for a user of a specific type
|
javax.ws.rs.core.Response |
executeActionsEmail(String redirectUri,
String clientId,
Integer lifespan,
List<String> actions)
Send a update account email to the user
An email contains a link the user can click to perform a set of required actions.
|
Stream<String> |
getConfiguredUserStorageCredentialTypes()
Return credential types, which are provided by the user storage where user is stored.
|
Stream<Map<String,Object>> |
getConsents()
Get consents granted by the user
|
Stream<FederatedIdentityRepresentation> |
getFederatedIdentity()
Get social logins associated with the user
|
Map<String,Long> |
getGroupMembershipCount(String search) |
Stream<UserSessionRepresentation> |
getOfflineSessions(String clientUuid)
Get offline sessions associated with the user and client
|
RoleMapperResource |
getRoleMappings() |
Stream<UserSessionRepresentation> |
getSessions()
Get sessions associated with the user
|
UserRepresentation |
getUser()
Get representation of the user
|
Stream<GroupRepresentation> |
groupMembership(String search,
Integer firstResult,
Integer maxResults,
boolean briefRepresentation) |
Map<String,Object> |
impersonate()
Impersonate the user
|
void |
joinGroup(String groupId) |
void |
logout()
Remove all user sessions associated with the user
Also send notification to all clients that have an admin URL to invalidate the sessions for the particular user.
|
void |
moveCredentialAfter(String credentialId,
String newPreviousCredentialId)
Move a credential to a position behind another credential
|
void |
moveCredentialToFirst(String credentialId)
Move a credential to a first position in the credentials list of the user
|
void |
removeCredential(String credentialId)
Remove a credential for a user
|
void |
removeFederatedIdentity(String provider)
Remove a social login provider from user
|
void |
removeMembership(String groupId) |
void |
resetPassword(CredentialRepresentation cred)
Set up a new password for the user.
|
javax.ws.rs.core.Response |
resetPasswordEmail(String redirectUri,
String clientId)
Deprecated.
|
void |
revokeConsent(String clientId)
Revoke consent and offline tokens for particular client from user
|
javax.ws.rs.core.Response |
sendVerifyEmail(String redirectUri,
String clientId)
Send an email-verification email to the user
An email contains a link the user can click to verify their email address.
|
void |
setCredentialUserLabel(String credentialId,
String userLabel)
Update a credential label for a user
|
javax.ws.rs.core.Response |
updateUser(UserRepresentation rep)
Update the user
|
static void |
updateUserFromRep(UserProfile profile,
UserModel user,
UserRepresentation rep,
KeycloakSession session,
boolean isUpdateExistingUser) |
static javax.ws.rs.core.Response |
validateUserProfile(UserProfile profile,
UserModel user,
KeycloakSession session) |
protected RealmModel realm
@Context protected ClientConnection clientConnection
@Context protected KeycloakSession session
@Context protected javax.ws.rs.core.HttpHeaders headers
public UserResource(RealmModel realm, UserModel user, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent)
@PUT @Consumes(value="application/json") public javax.ws.rs.core.Response updateUser(UserRepresentation rep)
rep
- public static javax.ws.rs.core.Response validateUserProfile(UserProfile profile, UserModel user, KeycloakSession session)
public static void updateUserFromRep(UserProfile profile, UserModel user, UserRepresentation rep, KeycloakSession session, boolean isUpdateExistingUser)
@GET @Produces(value="application/json") public UserRepresentation getUser()
@Path(value="impersonation") @POST @Produces(value="application/json") public Map<String,Object> impersonate()
@Path(value="sessions") @GET @Produces(value="application/json") public Stream<UserSessionRepresentation> getSessions()
@Path(value="offline-sessions/{clientUuid}") @GET @Produces(value="application/json") public Stream<UserSessionRepresentation> getOfflineSessions(@PathParam(value="clientUuid") String clientUuid)
@Path(value="federated-identity") @GET @Produces(value="application/json") public Stream<FederatedIdentityRepresentation> getFederatedIdentity()
Stream
of social logins (federated identities).@Path(value="federated-identity/{provider}") @POST public javax.ws.rs.core.Response addFederatedIdentity(@PathParam(value="provider") String provider, FederatedIdentityRepresentation rep)
provider
- Social login provider idrep
- @Path(value="federated-identity/{provider}") @DELETE public void removeFederatedIdentity(@PathParam(value="provider") String provider)
provider
- Social login provider id@Path(value="consents") @GET @Produces(value="application/json") public Stream<Map<String,Object>> getConsents()
@Path(value="consents/{client}") @DELETE public void revokeConsent(@PathParam(value="client") String clientId)
clientId
- Client id@Path(value="logout") @POST public void logout()
@DELETE public javax.ws.rs.core.Response deleteUser()
@Path(value="role-mappings") public RoleMapperResource getRoleMappings()
@Path(value="disable-credential-types") @PUT @Consumes(value="application/json") public void disableCredentialType(List<String> credentialTypes)
credentialTypes
- @Path(value="reset-password") @PUT @Consumes(value="application/json") public void resetPassword(CredentialRepresentation cred)
cred
- The representation must contain a rawPassword with the plain-text password@GET @Path(value="credentials") @Produces(value="application/json") public Stream<CredentialRepresentation> credentials()
@GET @Path(value="configured-user-storage-credential-types") @Produces(value="application/json") public Stream<String> getConfiguredUserStorageCredentialTypes()
@Path(value="credentials/{credentialId}") @DELETE public void removeCredential(@PathParam(value="credentialId") String credentialId)
@PUT @Consumes(value="text/plain") @Path(value="credentials/{credentialId}/userLabel") public void setCredentialUserLabel(@PathParam(value="credentialId") String credentialId, String userLabel)
@Path(value="credentials/{credentialId}/moveToFirst") @POST public void moveCredentialToFirst(@PathParam(value="credentialId") String credentialId)
credentialId
- The credential to move@Path(value="credentials/{credentialId}/moveAfter/{newPreviousCredentialId}") @POST public void moveCredentialAfter(@PathParam(value="credentialId") String credentialId, @PathParam(value="newPreviousCredentialId") String newPreviousCredentialId)
credentialId
- The credential to movenewPreviousCredentialId
- The credential that will be the previous element in the list. If set to null, the moved credential will be the first element in the list.@Deprecated @Path(value="reset-password-email") @PUT @Consumes(value="application/json") public javax.ws.rs.core.Response resetPasswordEmail(@QueryParam(value="redirect_uri") String redirectUri, @QueryParam(value="client_id") String clientId)
redirectUri
- redirect uriclientId
- client id@Path(value="execute-actions-email") @PUT @Consumes(value="application/json") public javax.ws.rs.core.Response executeActionsEmail(@QueryParam(value="redirect_uri") String redirectUri, @QueryParam(value="client_id") String clientId, @QueryParam(value="lifespan") Integer lifespan, List<String> actions)
redirectUri
- Redirect uriclientId
- Client idlifespan
- Number of seconds after which the generated token expiresactions
- required actions the user needs to complete@Path(value="send-verify-email") @PUT @Consumes(value="application/json") public javax.ws.rs.core.Response sendVerifyEmail(@QueryParam(value="redirect_uri") String redirectUri, @QueryParam(value="client_id") String clientId)
redirectUri
- Redirect uriclientId
- Client id@GET @Path(value="groups") @Produces(value="application/json") public Stream<GroupRepresentation> groupMembership(@QueryParam(value="search") String search, @QueryParam(value="first") Integer firstResult, @QueryParam(value="max") Integer maxResults, @QueryParam(value="briefRepresentation") @DefaultValue(value="true") boolean briefRepresentation)
@GET @Path(value="groups/count") @Produces(value="application/json") public Map<String,Long> getGroupMembershipCount(@QueryParam(value="search") String search)
@DELETE @Path(value="groups/{groupId}") public void removeMembership(@PathParam(value="groupId") String groupId)
@PUT @Path(value="groups/{groupId}") public void joinGroup(@PathParam(value="groupId") String groupId)
Copyright © 2021 JBoss by Red Hat. All rights reserved.