public class UserStorageManager extends AbstractStorageManager<UserStorageProvider,UserStorageProviderModel> implements UserProvider.Streams, OnUserCache, OnCreateComponent, OnUpdateComponent
UserProvider.Streams
session
Constructor and Description |
---|
UserStorageManager(KeycloakSession session) |
Modifier and Type | Method and Description |
---|---|
void |
addConsent(RealmModel realm,
String userId,
UserConsentModel consent)
Add user consent for the user.
|
void |
addFederatedIdentity(RealmModel realm,
UserModel user,
FederatedIdentityModel socialLink)
Adds a federated identity link for the user within the realm
|
UserModel |
addUser(RealmModel realm,
String username)
UserRegistrationProvider methods implementations start here |
UserModel |
addUser(RealmModel realm,
String id,
String username,
boolean addDefaultRoles,
boolean addDefaultRequiredActions)
UserStorageProvider methods implementation end here
UserProvider methods implementations start here -> no StorageProviders involved |
void |
close()
UserProvider methods implementations end here |
protected void |
deleteInvalidUser(RealmModel realm,
UserModel user) |
UserConsentModel |
getConsentByClient(RealmModel realm,
String userId,
String clientInternalId)
Returns UserConsentModel given by a user with the userId for the client with clientInternalId
|
Stream<UserConsentModel> |
getConsentsStream(RealmModel realm,
String userId)
Obtains the consents associated with the user identified by the specified
userId . |
Stream<FederatedIdentityModel> |
getFederatedIdentitiesStream(RealmModel realm,
UserModel user)
Obtains the federated identities of the specified user.
|
FederatedIdentityModel |
getFederatedIdentity(RealmModel realm,
UserModel user,
String socialProvider)
Returns details of the association between the user and the socialProvider.
|
Stream<UserModel> |
getGroupMembersStream(RealmModel realm,
GroupModel group,
Integer firstResult,
Integer maxResults)
UserLookupProvider methods implementations end here
UserQueryProvider methods implementation start here |
int |
getNotBeforeOfUser(RealmModel realm,
UserModel user)
Gets the notBefore value for the given user
|
Stream<UserModel> |
getRoleMembersStream(RealmModel realm,
RoleModel role,
Integer firstResult,
Integer maxResults)
Searches for users that have the specified role.
|
UserModel |
getServiceAccount(ClientModel client)
Return a UserModel representing service account of the client
|
UserModel |
getUserByEmail(RealmModel realm,
String email)
Returns a user with the given email belonging to the realm
|
UserModel |
getUserByFederatedIdentity(RealmModel realm,
FederatedIdentityModel socialLink)
Returns a userModel that corresponds to the given socialLink.
|
UserModel |
getUserById(RealmModel realm,
String id)
UserRegistrationProvider methods implementations end here
UserLookupProvider methods implementations start here |
UserModel |
getUserByUsername(RealmModel realm,
String username)
Returns a user with the given username belonging to the realm
|
int |
getUsersCount(RealmModel realm)
Returns the number of users, without consider any service account.
|
int |
getUsersCount(RealmModel realm,
boolean includeServiceAccount)
Returns the number of users.
|
int |
getUsersCount(RealmModel realm,
Map<String,String> params)
Returns the number of users that match the given filter parameters.
|
int |
getUsersCount(RealmModel realm,
Map<String,String> params,
Set<String> groupIds)
Returns the number of users that match the given filter parameters and is in
at least one of the given groups.
|
int |
getUsersCount(RealmModel realm,
Set<String> groupIds)
Returns the number of users that are in at least one of the groups
given.
|
int |
getUsersCount(RealmModel realm,
String search)
Returns the number of users that would be returned by a call to
searchForUserStream |
int |
getUsersCount(RealmModel realm,
String search,
Set<String> groupIds)
Returns the number of users that would be returned by a call to
searchForUserStream
and are members of at least one of the groups given by the groupIds set. |
Stream<UserModel> |
getUsersStream(RealmModel realm)
Searches all users in the realm.
|
Stream<UserModel> |
getUsersStream(RealmModel realm,
Integer firstResult,
Integer maxResults)
Searches all users in the realm, starting from the
firstResult and containing at most maxResults . |
Stream<UserModel> |
getUsersStream(RealmModel realm,
Integer firstResult,
Integer maxResults,
boolean includeServiceAccounts)
Obtains the users associated with the specified realm.
|
void |
grantToAllUsers(RealmModel realm,
RoleModel role)
UserQueryProvider methods implementation end here
UserBulkUpdateProvider methods implementation start here |
protected Stream<UserModel> |
importValidation(RealmModel realm,
Stream<UserModel> users) |
protected UserModel |
importValidation(RealmModel realm,
UserModel user)
Allows a UserStorageProvider to proxy and/or synchronize an imported user.
|
protected UserProvider |
localStorage() |
void |
onCache(RealmModel realm,
CachedUserModel user,
UserModel delegate) |
void |
onCreate(KeycloakSession session,
RealmModel realm,
ComponentModel model) |
void |
onUpdate(KeycloakSession session,
RealmModel realm,
ComponentModel oldModel,
ComponentModel newModel) |
void |
preRemove(ClientScopeModel clientScope)
Called when a client scope is removed.
|
void |
preRemove(ProtocolMapperModel protocolMapper)
Called when a protocolMapper is removed
|
void |
preRemove(RealmModel realm)
UserBulkUpdateProvider methods implementation end here
UserStorageProvider methods implementations start here -> no StorageProviders involved |
void |
preRemove(RealmModel realm,
ClientModel client)
Called when a client is removed.
|
void |
preRemove(RealmModel realm,
ComponentModel component)
Called when a component is removed.
|
void |
preRemove(RealmModel realm,
GroupModel group)
Called when a group is removed.
|
void |
preRemove(RealmModel realm,
IdentityProviderModel provider)
Called when an identity provider is removed.
|
void |
preRemove(RealmModel realm,
RoleModel role)
Called when a role is removed.
|
protected Stream<UserModel> |
query(org.keycloak.storage.UserStorageManager.PaginatedQuery pagedQuery,
RealmModel realm,
Integer firstResult,
Integer maxResults) |
protected Stream<UserModel> |
query(org.keycloak.storage.UserStorageManager.PaginatedQuery pagedQuery,
org.keycloak.storage.UserStorageManager.CountQuery countQuery,
RealmModel realm,
Integer firstResult,
Integer maxResults) |
boolean |
removeFederatedIdentity(RealmModel realm,
UserModel user,
String socialProvider)
Removes federation link between the user and the identity provider given by its id
|
void |
removeImportedUsers(RealmModel realm,
String storageProviderId)
Removes any imported users from a specific User Storage Provider.
|
boolean |
removeUser(RealmModel realm,
UserModel user)
Called if user originated from this provider.
|
boolean |
revokeConsentForClient(RealmModel realm,
String userId,
String clientInternalId)
Remove a user consent given by the user id and client id
|
Stream<UserModel> |
searchForUserByUserAttributeStream(RealmModel realm,
String attrName,
String attrValue)
Searches for users that have a specific attribute with a specific value.
|
Stream<UserModel> |
searchForUserStream(RealmModel realm,
Map<String,String> attributes,
Integer firstResult,
Integer maxResults)
Searches for user by parameter.
|
Stream<UserModel> |
searchForUserStream(RealmModel realm,
String search,
Integer firstResult,
Integer maxResults)
Searches for users whose username, email, first name or last name contain any of the strings in
search separated by whitespace. |
void |
setNotBeforeForUser(RealmModel realm,
UserModel user,
int notBefore)
Sets the notBefore value for the given user
|
void |
unlinkUsers(RealmModel realm,
String storageProviderId)
Set federation link to
null to imported users of a specific User Storage Provider |
void |
updateConsent(RealmModel realm,
String userId,
UserConsentModel consent)
Update client scopes in the stored user consent
|
void |
updateFederatedIdentity(RealmModel realm,
UserModel federatedUser,
FederatedIdentityModel federatedIdentityModel)
Update details of association between the federatedUser and the idp given by the federatedIdentityModel
|
consumeEnabledStorageProvidersWithTimeout, flatMapEnabledStorageProvidersWithTimeout, getEnabledStorageProviders, getStorageProviderFactory, getStorageProviderInstance, getStorageProviderInstance, getStorageProviderInstance, getStorageProviderInstance, getStorageProviderModel, getStorageProviderModels, getStorageProviderTimeout, mapEnabledStorageProvidersWithTimeout
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
getConsents, getFederatedIdentities, getFederatedIdentity, getUserByFederatedIdentity, getUsers, getUsers, getUsersStream
getGroupMembers, getGroupMembers, getGroupMembersStream, getUsers, getUsers, getUsersCount, getUsersCount, getUsersCount, getUsersCount, searchForUser, searchForUser, searchForUser, searchForUser, searchForUserByUserAttribute, searchForUserStream, searchForUserStream
countUsersInGroups, getRoleMembers, getRoleMembers, getRoleMembersStream
getUserByEmail, getUserById, getUserByUsername
public UserStorageManager(KeycloakSession session)
protected UserProvider localStorage()
protected UserModel importValidation(RealmModel realm, UserModel user)
realm
- user
- protected void deleteInvalidUser(RealmModel realm, UserModel user)
protected Stream<UserModel> importValidation(RealmModel realm, Stream<UserModel> users)
protected Stream<UserModel> query(org.keycloak.storage.UserStorageManager.PaginatedQuery pagedQuery, RealmModel realm, Integer firstResult, Integer maxResults)
protected Stream<UserModel> query(org.keycloak.storage.UserStorageManager.PaginatedQuery pagedQuery, org.keycloak.storage.UserStorageManager.CountQuery countQuery, RealmModel realm, Integer firstResult, Integer maxResults)
public UserModel addUser(RealmModel realm, String username)
UserRegistrationProvider
methods implementations start hereaddUser
in interface UserRegistrationProvider
realm
- a reference to the realmusername
- a username the created user will be assignedpublic boolean removeUser(RealmModel realm, UserModel user)
UserRegistrationProvider
removeUser
in interface UserRegistrationProvider
realm
- a reference to the realmuser
- a reference to the user that is removedpublic UserModel getUserById(RealmModel realm, String id)
UserRegistrationProvider
methods implementations end here
UserLookupProvider
methods implementations start heregetUserById
in interface UserLookupProvider
getUserById
in interface UserLookupProvider.Streams
realm
- the realm modelid
- id of the usernull
if no such user existspublic UserModel getUserByUsername(RealmModel realm, String username)
UserLookupProvider
getUserByUsername
in interface UserLookupProvider
getUserByUsername
in interface UserLookupProvider.Streams
realm
- the realm modelusername
- case insensitive username (case-sensitivity is controlled by storage)null
if no such user existspublic UserModel getUserByEmail(RealmModel realm, String email)
UserLookupProvider
getUserByEmail
in interface UserLookupProvider
getUserByEmail
in interface UserLookupProvider.Streams
realm
- the realm modelemail
- case insensitive email address (case-sensitivity is controlled by storage)null
if no such user existspublic Stream<UserModel> getGroupMembersStream(RealmModel realm, GroupModel group, Integer firstResult, Integer maxResults)
UserLookupProvider
methods implementations end here
UserQueryProvider
methods implementation start heregetGroupMembersStream
in interface UserQueryProvider
getGroupMembersStream
in interface UserQueryProvider.Streams
realm
- a reference to the realm.group
- a reference to the group.firstResult
- first result to return. Ignored if negative, zero, or null
.maxResults
- maximum number of results to return. Ignored if negative or null
.Stream
of users that belong to the group.public Stream<UserModel> getRoleMembersStream(RealmModel realm, RoleModel role, Integer firstResult, Integer maxResults)
UserQueryProvider
getRoleMembersStream
in interface UserQueryProvider
realm
- a reference to the realm.role
- a reference to the role.firstResult
- first result to return. Ignored if negative or null
.maxResults
- maximum number of results to return. Ignored if negative or null
.Stream
of users that have the specified role.public Stream<UserModel> getUsersStream(RealmModel realm)
UserQueryProvider
getUsersStream
in interface UserQueryProvider
getUsersStream
in interface UserQueryProvider.Streams
realm
- a reference to the realm.Stream
of users.public Stream<UserModel> getUsersStream(RealmModel realm, Integer firstResult, Integer maxResults)
UserQueryProvider
firstResult
and containing at most maxResults
.getUsersStream
in interface UserQueryProvider
getUsersStream
in interface UserQueryProvider.Streams
realm
- a reference to the realm.firstResult
- first result to return. Ignored if negative or null
.maxResults
- maximum number of results to return. Ignored if negative or null
.Stream
of users.public Stream<UserModel> getUsersStream(RealmModel realm, Integer firstResult, Integer maxResults, boolean includeServiceAccounts)
UserProvider
getUsersStream
in interface UserProvider
getUsersStream
in interface UserProvider.Streams
realm
- a reference to the realm being used for the search.firstResult
- first result to return. Ignored if negative, zero, or null
.maxResults
- maximum number of results to return. Ignored if negative or null
.includeServiceAccounts
- true
if service accounts should be included in the result; false
otherwise.Stream
of users associated withe the realm.public int getUsersCount(RealmModel realm, boolean includeServiceAccount)
UserQueryProvider
getUsersCount
in interface UserQueryProvider
realm
- the realmincludeServiceAccount
- if true, the number of users will also include service accounts. Otherwise, only the number of users.public int getUsersCount(RealmModel realm)
UserQueryProvider
getUsersCount
in interface UserQueryProvider
realm
- the realmpublic int getUsersCount(RealmModel realm, Set<String> groupIds)
UserQueryProvider
getUsersCount
in interface UserQueryProvider
realm
- the realmgroupIds
- set of groups IDs, the returned user needs to belong to at least one of thempublic int getUsersCount(RealmModel realm, String search)
UserQueryProvider
searchForUserStream
getUsersCount
in interface UserQueryProvider
getUsersCount
in interface UserQueryProvider.Streams
realm
- the realmsearch
- case insensitive list of strings separated by whitespaces.public int getUsersCount(RealmModel realm, String search, Set<String> groupIds)
UserQueryProvider
searchForUserStream
and are members of at least one of the groups given by the groupIds
set.getUsersCount
in interface UserQueryProvider
getUsersCount
in interface UserQueryProvider.Streams
realm
- the realmsearch
- case insensitive list of strings separated by whitespaces.groupIds
- set of groups IDs, the returned user needs to belong to at least one of thempublic int getUsersCount(RealmModel realm, Map<String,String> params)
UserQueryProvider
getUsersCount
in interface UserQueryProvider
getUsersCount
in interface UserQueryProvider.Streams
realm
- the realmparams
- filter parameterspublic int getUsersCount(RealmModel realm, Map<String,String> params, Set<String> groupIds)
UserQueryProvider
getUsersCount
in interface UserQueryProvider
getUsersCount
in interface UserQueryProvider.Streams
realm
- the realmparams
- filter parametersgroupIds
- set if groups to check forpublic Stream<UserModel> searchForUserStream(RealmModel realm, String search, Integer firstResult, Integer maxResults)
UserQueryProvider
search
separated by whitespace.
If possible, implementations should treat the parameter values as partial match patterns (i.e. in RDMBS terms use LIKE).
This method is used by the admin console search boxsearchForUserStream
in interface UserQueryProvider
searchForUserStream
in interface UserQueryProvider.Streams
realm
- a reference to the realm.search
- case insensitive list of string separated by whitespaces.firstResult
- first result to return. Ignored if negative, zero, or null
.maxResults
- maximum number of results to return. Ignored if negative or null
.Stream
of users that match the search criteria.public Stream<UserModel> searchForUserStream(RealmModel realm, Map<String,String> attributes, Integer firstResult, Integer maxResults)
UserQueryProvider
UserModel.FIRST_NAME
- first name (case insensitive string)UserModel.LAST_NAME
- last name (case insensitive string)UserModel.EMAIL
- email (case insensitive string)UserModel.USERNAME
- username (case insensitive string)UserModel.EMAIL_VERIFIED
- search only for users with verified/non-verified email (true/false)UserModel.ENABLED
- search only for enabled/disabled users (true/false)UserModel.IDP_ALIAS
- search only for users that have a federated identity
from idp with the given alias configured (case sensitive string)UserModel.IDP_USER_ID
- search for users with federated identity with
the given userId (case sensitive string)searchForUserStream
in interface UserQueryProvider
searchForUserStream
in interface UserQueryProvider.Streams
realm
- a reference to the realm.attributes
- a map containing the search parameters.firstResult
- first result to return. Ignored if negative, zero, or null
.maxResults
- maximum number of results to return. Ignored if negative or null
.Stream
of users that match the search criteria.public Stream<UserModel> searchForUserByUserAttributeStream(RealmModel realm, String attrName, String attrValue)
UserQueryProvider
searchForUserByUserAttributeStream
in interface UserQueryProvider
searchForUserByUserAttributeStream
in interface UserQueryProvider.Streams
realm
- a reference to the realm.attrName
- the attribute name.attrValue
- the attribute value.Stream
of users that match the search criteria.public void grantToAllUsers(RealmModel realm, RoleModel role)
UserQueryProvider
methods implementation end here
UserBulkUpdateProvider
methods implementation start heregrantToAllUsers
in interface UserBulkUpdateProvider
realm
- Realmrole
- Role to be grantedpublic void preRemove(RealmModel realm)
UserBulkUpdateProvider
methods implementation end here
UserStorageProvider
methods implementations start here -> no StorageProviders involvedpreRemove
in interface UserProvider
realm
- a reference to the realmpublic void preRemove(RealmModel realm, GroupModel group)
UserProvider
preRemove
in interface UserProvider
realm
- a reference to the realmgroup
- the group modelpublic void preRemove(RealmModel realm, RoleModel role)
UserProvider
preRemove
in interface UserProvider
realm
- a reference to the realmrole
- the role modelpublic UserModel addUser(RealmModel realm, String id, String username, boolean addDefaultRoles, boolean addDefaultRequiredActions)
UserStorageProvider
methods implementation end here
UserProvider
methods implementations start here -> no StorageProviders involvedaddUser
in interface UserProvider
realm
- the realm that user will be created inid
- id of the new user. Should be generated to a random value if null
.username
- usernameaddDefaultRoles
- if true
, the user should join all realm default rolesaddDefaultRequiredActions
- if true
, all default required actions are added to the created userpublic void addFederatedIdentity(RealmModel realm, UserModel user, FederatedIdentityModel socialLink)
UserProvider
addFederatedIdentity
in interface UserProvider
realm
- a reference to the realmuser
- the user modelsocialLink
- the federated identity model containing all details of the association between the user and
the identity providerpublic void updateFederatedIdentity(RealmModel realm, UserModel federatedUser, FederatedIdentityModel federatedIdentityModel)
UserProvider
updateFederatedIdentity
in interface UserProvider
realm
- a reference to the realmfederatedUser
- the user modelfederatedIdentityModel
- the federated identity model containing all details of the association between
the user and the identity providerpublic boolean removeFederatedIdentity(RealmModel realm, UserModel user, String socialProvider)
UserProvider
removeFederatedIdentity
in interface UserProvider
realm
- a reference to the realmuser
- the user modelsocialProvider
- alias of the identity provider, see IdentityProviderModel.getAlias()
true
if the association was removed, false
otherwisepublic void preRemove(RealmModel realm, IdentityProviderModel provider)
UserProvider
preRemove
in interface UserProvider
realm
- a reference to the realmprovider
- provider modelpublic void addConsent(RealmModel realm, String userId, UserConsentModel consent)
UserProvider
addConsent
in interface UserProvider
realm
- a reference to the realmuserId
- id of the userconsent
- all details corresponding to the granted consentpublic UserConsentModel getConsentByClient(RealmModel realm, String userId, String clientInternalId)
UserProvider
getConsentByClient
in interface UserProvider
realm
- a reference to the realmuserId
- id of the userclientInternalId
- id of the clientnull
if no consent or user existspublic Stream<UserConsentModel> getConsentsStream(RealmModel realm, String userId)
UserProvider
userId
.getConsentsStream
in interface UserProvider
getConsentsStream
in interface UserProvider.Streams
realm
- a reference to the realm.userId
- the user identifier.Stream
of consents associated with the user.public void updateConsent(RealmModel realm, String userId, UserConsentModel consent)
UserProvider
updateConsent
in interface UserProvider
realm
- a reference to the realmuserId
- id of the userconsent
- new details of the user consentpublic boolean revokeConsentForClient(RealmModel realm, String userId, String clientInternalId)
UserProvider
revokeConsentForClient
in interface UserProvider
realm
- a reference to the realmuserId
- id of the userclientInternalId
- id of the clienttrue
if the consent was removed, false
otherwisepublic void setNotBeforeForUser(RealmModel realm, UserModel user, int notBefore)
UserProvider
setNotBeforeForUser
in interface UserProvider
realm
- a reference to the realmuser
- the user modelnotBefore
- new value for notBeforepublic int getNotBeforeOfUser(RealmModel realm, UserModel user)
UserProvider
getNotBeforeOfUser
in interface UserProvider
realm
- a reference to the realmuser
- the user modelpublic UserModel getUserByFederatedIdentity(RealmModel realm, FederatedIdentityModel socialLink)
UserProvider
getUserByFederatedIdentity
in interface UserProvider
getUserByFederatedIdentity
in interface UserProvider.Streams
realm
- a reference to the realmsocialLink
- the socialLinknull
if no such user existspublic UserModel getServiceAccount(ClientModel client)
UserProvider
getServiceAccount
in interface UserProvider
client
- the client modelpublic Stream<FederatedIdentityModel> getFederatedIdentitiesStream(RealmModel realm, UserModel user)
UserProvider
getFederatedIdentitiesStream
in interface UserProvider
getFederatedIdentitiesStream
in interface UserProvider.Streams
realm
- a reference to the realm.user
- the reference to the user.Stream
of federated identities associated with the user.public FederatedIdentityModel getFederatedIdentity(RealmModel realm, UserModel user, String socialProvider)
UserProvider
getFederatedIdentity
in interface UserProvider
getFederatedIdentity
in interface UserProvider.Streams
realm
- a reference to the realmuser
- the user modelsocialProvider
- the id of the identity providernull
if no association existspublic void preRemove(RealmModel realm, ClientModel client)
UserProvider
preRemove
in interface UserProvider
realm
- a reference to the realmclient
- the client modelpublic void preRemove(ProtocolMapperModel protocolMapper)
UserProvider
preRemove
in interface UserProvider
protocolMapper
- the protocolMapper modelpublic void preRemove(ClientScopeModel clientScope)
UserProvider
preRemove
in interface UserProvider
clientScope
- the clientScope modelpublic void preRemove(RealmModel realm, ComponentModel component)
UserProvider
preRemove
in interface UserProvider
realm
- a reference to the realmcomponent
- the component modelpublic void removeImportedUsers(RealmModel realm, String storageProviderId)
UserProvider
removeImportedUsers
in interface UserProvider
realm
- a reference to the realmstorageProviderId
- id of the user storage providerpublic void unlinkUsers(RealmModel realm, String storageProviderId)
UserProvider
null
to imported users of a specific User Storage ProviderunlinkUsers
in interface UserProvider
realm
- a reference to the realmstorageProviderId
- id of the storage providerpublic void close()
UserProvider
methods implementations end hereclose
in interface UserProvider
close
in interface Provider
public void onCreate(KeycloakSession session, RealmModel realm, ComponentModel model)
onCreate
in interface OnCreateComponent
public void onUpdate(KeycloakSession session, RealmModel realm, ComponentModel oldModel, ComponentModel newModel)
onUpdate
in interface OnUpdateComponent
public void onCache(RealmModel realm, CachedUserModel user, UserModel delegate)
onCache
in interface OnUserCache
Copyright © 2021 JBoss by Red Hat. All rights reserved.