org.keycloak.storage

Class UserStorageManager

java.lang.Object

org.keycloak.storage.AbstractStorageManager<UserStorageProvider,UserStorageProviderModel>

org.keycloak.storage.UserStorageManager

All Implemented Interfaces:

OnUserCache, UserProvider, UserProvider.Streams, Provider, OnCreateComponent, OnUpdateComponent, UserBulkUpdateProvider, UserLookupProvider, UserLookupProvider.Streams, UserQueryProvider, UserQueryProvider.Streams, UserRegistrationProvider

public class UserStorageManager
extends AbstractStorageManager<UserStorageProvider,UserStorageProviderModel>
implements UserProvider.Streams, OnUserCache, OnCreateComponent, OnUpdateComponent

Version:

$Revision: 1 $

Author:

Bill Burke

Nested Class Summary

Nested classes/interfaces inherited from interface org.keycloak.models.UserProvider

UserProvider.Streams

Field Summary

Fields inherited from class org.keycloak.storage.AbstractStorageManager

session

Constructor Summary

Constructors

Constructor and Description
UserStorageManager(KeycloakSession session)

Method Summary

Modifier and Type	Method and Description
void	addConsent(RealmModel realm, String userId, UserConsentModel consent) Add user consent for the user.
void	addFederatedIdentity(RealmModel realm, UserModel user, FederatedIdentityModel socialLink) Adds a federated identity link for the user within the realm
UserModel	addUser(RealmModel realm, String username) UserRegistrationProvider methods implementations start here
UserModel	addUser(RealmModel realm, String id, String username, boolean addDefaultRoles, boolean addDefaultRequiredActions) UserStorageProvider methods implementation end here UserProvider methods implementations start here -> no StorageProviders involved
void	close() UserProvider methods implementations end here
protected void	deleteInvalidUser(RealmModel realm, UserModel user)
UserConsentModel	getConsentByClient(RealmModel realm, String userId, String clientInternalId) Returns UserConsentModel given by a user with the userId for the client with clientInternalId
Stream<UserConsentModel>	getConsentsStream(RealmModel realm, String userId) Obtains the consents associated with the user identified by the specified userId.
Stream<FederatedIdentityModel>	getFederatedIdentitiesStream(RealmModel realm, UserModel user) Obtains the federated identities of the specified user.
FederatedIdentityModel	getFederatedIdentity(RealmModel realm, UserModel user, String socialProvider) Returns details of the association between the user and the socialProvider.
Stream<UserModel>	getGroupMembersStream(RealmModel realm, GroupModel group, Integer firstResult, Integer maxResults) UserLookupProvider methods implementations end here UserQueryProvider methods implementation start here
int	getNotBeforeOfUser(RealmModel realm, UserModel user) Gets the notBefore value for the given user
Stream<UserModel>	getRoleMembersStream(RealmModel realm, RoleModel role, Integer firstResult, Integer maxResults) Searches for users that have the specified role.
UserModel	getServiceAccount(ClientModel client) Return a UserModel representing service account of the client
UserModel	getUserByEmail(RealmModel realm, String email) Returns a user with the given email belonging to the realm
UserModel	getUserByFederatedIdentity(RealmModel realm, FederatedIdentityModel socialLink) Returns a userModel that corresponds to the given socialLink.
UserModel	getUserById(RealmModel realm, String id) UserRegistrationProvider methods implementations end here UserLookupProvider methods implementations start here
UserModel	getUserByUsername(RealmModel realm, String username) Returns a user with the given username belonging to the realm
int	getUsersCount(RealmModel realm) Returns the number of users, without consider any service account.
int	getUsersCount(RealmModel realm, boolean includeServiceAccount) Returns the number of users.
int	getUsersCount(RealmModel realm, Map<String,String> params) Returns the number of users that match the given filter parameters.
int	getUsersCount(RealmModel realm, Map<String,String> params, Set<String> groupIds) Returns the number of users that match the given filter parameters and is in at least one of the given groups.
int	getUsersCount(RealmModel realm, Set<String> groupIds) Returns the number of users that are in at least one of the groups given.
int	getUsersCount(RealmModel realm, String search) Returns the number of users that would be returned by a call to searchForUserStream
int	getUsersCount(RealmModel realm, String search, Set<String> groupIds) Returns the number of users that would be returned by a call to searchForUserStream and are members of at least one of the groups given by the groupIds set.
Stream<UserModel>	getUsersStream(RealmModel realm) Searches all users in the realm.
Stream<UserModel>	getUsersStream(RealmModel realm, Integer firstResult, Integer maxResults) Searches all users in the realm, starting from the firstResult and containing at most maxResults.
Stream<UserModel>	getUsersStream(RealmModel realm, Integer firstResult, Integer maxResults, boolean includeServiceAccounts) Obtains the users associated with the specified realm.
void	grantToAllUsers(RealmModel realm, RoleModel role) UserQueryProvider methods implementation end here UserBulkUpdateProvider methods implementation start here
protected Stream<UserModel>	importValidation(RealmModel realm, Stream<UserModel> users)
protected UserModel	importValidation(RealmModel realm, UserModel user) Allows a UserStorageProvider to proxy and/or synchronize an imported user.
protected UserProvider	localStorage()
void	onCache(RealmModel realm, CachedUserModel user, UserModel delegate)
void	onCreate(KeycloakSession session, RealmModel realm, ComponentModel model)
void	onUpdate(KeycloakSession session, RealmModel realm, ComponentModel oldModel, ComponentModel newModel)
void	preRemove(ClientScopeModel clientScope) Called when a client scope is removed.
void	preRemove(ProtocolMapperModel protocolMapper) Called when a protocolMapper is removed
void	preRemove(RealmModel realm) UserBulkUpdateProvider methods implementation end here UserStorageProvider methods implementations start here -> no StorageProviders involved
void	preRemove(RealmModel realm, ClientModel client) Called when a client is removed.
void	preRemove(RealmModel realm, ComponentModel component) Called when a component is removed.
void	preRemove(RealmModel realm, GroupModel group) Called when a group is removed.
void	preRemove(RealmModel realm, IdentityProviderModel provider) Called when an identity provider is removed.
void	preRemove(RealmModel realm, RoleModel role) Called when a role is removed.
protected Stream<UserModel>	query(org.keycloak.storage.UserStorageManager.PaginatedQuery pagedQuery, RealmModel realm, Integer firstResult, Integer maxResults)
protected Stream<UserModel>	query(org.keycloak.storage.UserStorageManager.PaginatedQuery pagedQuery, org.keycloak.storage.UserStorageManager.CountQuery countQuery, RealmModel realm, Integer firstResult, Integer maxResults)
boolean	removeFederatedIdentity(RealmModel realm, UserModel user, String socialProvider) Removes federation link between the user and the identity provider given by its id
void	removeImportedUsers(RealmModel realm, String storageProviderId) Removes any imported users from a specific User Storage Provider.
boolean	removeUser(RealmModel realm, UserModel user) Called if user originated from this provider.
boolean	revokeConsentForClient(RealmModel realm, String userId, String clientInternalId) Remove a user consent given by the user id and client id
Stream<UserModel>	searchForUserByUserAttributeStream(RealmModel realm, String attrName, String attrValue) Searches for users that have a specific attribute with a specific value.
Stream<UserModel>	searchForUserStream(RealmModel realm, Map<String,String> attributes, Integer firstResult, Integer maxResults) Searches for user by parameter.
Stream<UserModel>	searchForUserStream(RealmModel realm, String search, Integer firstResult, Integer maxResults) Searches for users whose username, email, first name or last name contain any of the strings in search separated by whitespace.
void	setNotBeforeForUser(RealmModel realm, UserModel user, int notBefore) Sets the notBefore value for the given user
void	unlinkUsers(RealmModel realm, String storageProviderId) Set federation link to null to imported users of a specific User Storage Provider
void	updateConsent(RealmModel realm, String userId, UserConsentModel consent) Update client scopes in the stored user consent
void	updateFederatedIdentity(RealmModel realm, UserModel federatedUser, FederatedIdentityModel federatedIdentityModel) Update details of association between the federatedUser and the idp given by the federatedIdentityModel

Methods inherited from class org.keycloak.storage.AbstractStorageManager

consumeEnabledStorageProvidersWithTimeout, flatMapEnabledStorageProvidersWithTimeout, getEnabledStorageProviders, getStorageProviderFactory, getStorageProviderInstance, getStorageProviderInstance, getStorageProviderInstance, getStorageProviderInstance, getStorageProviderModel, getStorageProviderModels, getStorageProviderTimeout, mapEnabledStorageProvidersWithTimeout

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.keycloak.models.UserProvider.Streams

getConsents, getFederatedIdentities, getFederatedIdentity, getUserByFederatedIdentity, getUsers, getUsers, getUsersStream

Methods inherited from interface org.keycloak.storage.user.UserQueryProvider.Streams

getGroupMembers, getGroupMembers, getGroupMembersStream, getUsers, getUsers, getUsersCount, getUsersCount, getUsersCount, getUsersCount, searchForUser, searchForUser, searchForUser, searchForUser, searchForUserByUserAttribute, searchForUserStream, searchForUserStream

Methods inherited from interface org.keycloak.storage.user.UserQueryProvider

countUsersInGroups, getRoleMembers, getRoleMembers, getRoleMembersStream

Methods inherited from interface org.keycloak.storage.user.UserLookupProvider.Streams

getUserByEmail, getUserById, getUserByUsername

Constructor Detail

UserStorageManager

public UserStorageManager(KeycloakSession session)

Method Detail

localStorage

protected UserProvider localStorage()

importValidation

protected UserModel importValidation(RealmModel realm,
                                     UserModel user)

Allows a UserStorageProvider to proxy and/or synchronize an imported user.

Parameters:

realm -

user -

Returns:

deleteInvalidUser

protected void deleteInvalidUser(RealmModel realm,
                                 UserModel user)

importValidation

protected Stream<UserModel> importValidation(RealmModel realm,
                                             Stream<UserModel> users)

query

protected Stream<UserModel> query(org.keycloak.storage.UserStorageManager.PaginatedQuery pagedQuery,
                                  RealmModel realm,
                                  Integer firstResult,
                                  Integer maxResults)

query

protected Stream<UserModel> query(org.keycloak.storage.UserStorageManager.PaginatedQuery pagedQuery,
                                  org.keycloak.storage.UserStorageManager.CountQuery countQuery,
                                  RealmModel realm,
                                  Integer firstResult,
                                  Integer maxResults)

addUser

public UserModel addUser(RealmModel realm,
                         String username)

UserRegistrationProvider methods implementations start here

Specified by:

addUser in interface UserRegistrationProvider

Parameters:

realm - a reference to the realm

username - a username the created user will be assigned

Returns:

a model of created user

removeUser

public boolean removeUser(RealmModel realm,
                          UserModel user)

Description copied from interface: UserRegistrationProvider

Called if user originated from this provider. If a local user is linked to this provider, this method will be called before local storage's removeUser() method is invoked. If you are using an import strategy, and this is a local user linked to this provider, this method will be called before local storage's removeUser() method is invoked. Also, you DO NOT need to remove the imported user. The runtime will handle this for you.

Specified by:

removeUser in interface UserRegistrationProvider

Parameters:

realm - a reference to the realm

user - a reference to the user that is removed

Returns:

true if the user was removed, false otherwise

getUserById

public UserModel getUserById(RealmModel realm,
                             String id)

UserRegistrationProvider methods implementations end here UserLookupProvider methods implementations start here

Specified by:

getUserById in interface UserLookupProvider

Specified by:

getUserById in interface UserLookupProvider.Streams

Parameters:

realm - the realm model

id - id of the user

Returns:

found user model, or null if no such user exists

getUserByUsername

public UserModel getUserByUsername(RealmModel realm,
                                   String username)

Description copied from interface: UserLookupProvider

Returns a user with the given username belonging to the realm

Specified by:

getUserByUsername in interface UserLookupProvider

Specified by:

getUserByUsername in interface UserLookupProvider.Streams

Parameters:

realm - the realm model

username - case insensitive username (case-sensitivity is controlled by storage)

Returns:

found user model, or null if no such user exists

getUserByEmail

public UserModel getUserByEmail(RealmModel realm,
                                String email)

Description copied from interface: UserLookupProvider

Returns a user with the given email belonging to the realm

Specified by:

getUserByEmail in interface UserLookupProvider

Specified by:

getUserByEmail in interface UserLookupProvider.Streams

Parameters:

realm - the realm model

email - case insensitive email address (case-sensitivity is controlled by storage)

Returns:

found user model, or null if no such user exists

getGroupMembersStream

public Stream<UserModel> getGroupMembersStream(RealmModel realm,
                                               GroupModel group,
                                               Integer firstResult,
                                               Integer maxResults)

UserLookupProvider methods implementations end here UserQueryProvider methods implementation start here

Specified by:

getGroupMembersStream in interface UserQueryProvider

Specified by:

getGroupMembersStream in interface UserQueryProvider.Streams

Parameters:

realm - a reference to the realm.

group - a reference to the group.

firstResult - first result to return. Ignored if negative, zero, or null.

maxResults - maximum number of results to return. Ignored if negative or null.

Returns:

a non-null Stream of users that belong to the group.

getRoleMembersStream

public Stream<UserModel> getRoleMembersStream(RealmModel realm,
                                              RoleModel role,
                                              Integer firstResult,
                                              Integer maxResults)

Description copied from interface: UserQueryProvider

Searches for users that have the specified role.

Specified by:

getRoleMembersStream in interface UserQueryProvider

Parameters:

realm - a reference to the realm.

role - a reference to the role.

firstResult - first result to return. Ignored if negative or null.

maxResults - maximum number of results to return. Ignored if negative or null.

Returns:

a non-null Stream of users that have the specified role.

getUsersStream

public Stream<UserModel> getUsersStream(RealmModel realm)

Description copied from interface: UserQueryProvider

Searches all users in the realm.

Specified by:

getUsersStream in interface UserQueryProvider

Specified by:

getUsersStream in interface UserQueryProvider.Streams

Parameters:

realm - a reference to the realm.

Returns:

a non-null Stream of users.

getUsersStream

public Stream<UserModel> getUsersStream(RealmModel realm,
                                        Integer firstResult,
                                        Integer maxResults)

Description copied from interface: UserQueryProvider

Searches all users in the realm, starting from the firstResult and containing at most maxResults.

Specified by:

getUsersStream in interface UserQueryProvider

Specified by:

getUsersStream in interface UserQueryProvider.Streams

Parameters:

realm - a reference to the realm.

firstResult - first result to return. Ignored if negative or null.

maxResults - maximum number of results to return. Ignored if negative or null.

Returns:

a non-null Stream of users.

getUsersStream

public Stream<UserModel> getUsersStream(RealmModel realm,
                                        Integer firstResult,
                                        Integer maxResults,
                                        boolean includeServiceAccounts)

Description copied from interface: UserProvider

Obtains the users associated with the specified realm.

Specified by:

getUsersStream in interface UserProvider

Specified by:

getUsersStream in interface UserProvider.Streams

Parameters:

realm - a reference to the realm being used for the search.

firstResult - first result to return. Ignored if negative, zero, or null.

maxResults - maximum number of results to return. Ignored if negative or null.

includeServiceAccounts - true if service accounts should be included in the result; false otherwise.

Returns:

a non-null Stream of users associated withe the realm.

getUsersCount

public int getUsersCount(RealmModel realm,
                         boolean includeServiceAccount)

Description copied from interface: UserQueryProvider

Returns the number of users.

Specified by:

getUsersCount in interface UserQueryProvider

Parameters:

realm - the realm

includeServiceAccount - if true, the number of users will also include service accounts. Otherwise, only the number of users.

Returns:

the number of users

getUsersCount

public int getUsersCount(RealmModel realm)

Description copied from interface: UserQueryProvider

Returns the number of users, without consider any service account.

Specified by:

getUsersCount in interface UserQueryProvider

Parameters:

realm - the realm

Returns:

the number of users

getUsersCount

public int getUsersCount(RealmModel realm,
                         Set<String> groupIds)

Description copied from interface: UserQueryProvider

Returns the number of users that are in at least one of the groups given.

Specified by:

getUsersCount in interface UserQueryProvider

Parameters:

realm - the realm

groupIds - set of groups IDs, the returned user needs to belong to at least one of them

Returns:

the number of users that are in at least one of the groups

getUsersCount

public int getUsersCount(RealmModel realm,
                         String search)

Description copied from interface: UserQueryProvider

Returns the number of users that would be returned by a call to searchForUserStream

Specified by:

getUsersCount in interface UserQueryProvider

Specified by:

getUsersCount in interface UserQueryProvider.Streams

Parameters:

realm - the realm

search - case insensitive list of strings separated by whitespaces.

Returns:

number of users that match the search

getUsersCount

public int getUsersCount(RealmModel realm,
                         String search,
                         Set<String> groupIds)

Description copied from interface: UserQueryProvider

Returns the number of users that would be returned by a call to searchForUserStream and are members of at least one of the groups given by the groupIds set.

Specified by:

getUsersCount in interface UserQueryProvider

Specified by:

getUsersCount in interface UserQueryProvider.Streams

Parameters:

realm - the realm

search - case insensitive list of strings separated by whitespaces.

groupIds - set of groups IDs, the returned user needs to belong to at least one of them

Returns:

number of users that match the search and given groups

getUsersCount

public int getUsersCount(RealmModel realm,
                         Map<String,String> params)

Description copied from interface: UserQueryProvider

Returns the number of users that match the given filter parameters.

Specified by:

getUsersCount in interface UserQueryProvider

Specified by:

getUsersCount in interface UserQueryProvider.Streams

Parameters:

realm - the realm

params - filter parameters

Returns:

number of users that match the given filters

getUsersCount

public int getUsersCount(RealmModel realm,
                         Map<String,String> params,
                         Set<String> groupIds)

Description copied from interface: UserQueryProvider

Returns the number of users that match the given filter parameters and is in at least one of the given groups.

Specified by:

getUsersCount in interface UserQueryProvider

Specified by:

getUsersCount in interface UserQueryProvider.Streams

Parameters:

realm - the realm

params - filter parameters

groupIds - set if groups to check for

Returns:

number of users that match the given filters and groups

searchForUserStream

public Stream<UserModel> searchForUserStream(RealmModel realm,
                                             String search,
                                             Integer firstResult,
                                             Integer maxResults)

Description copied from interface: UserQueryProvider

Searches for users whose username, email, first name or last name contain any of the strings in search separated by whitespace.

If possible, implementations should treat the parameter values as partial match patterns (i.e. in RDMBS terms use LIKE).

This method is used by the admin console search box

Specified by:

searchForUserStream in interface UserQueryProvider

Specified by:

searchForUserStream in interface UserQueryProvider.Streams

Parameters:

realm - a reference to the realm.

search - case insensitive list of string separated by whitespaces.

firstResult - first result to return. Ignored if negative, zero, or null.

maxResults - maximum number of results to return. Ignored if negative or null.

Returns:

a non-null Stream of users that match the search criteria.

searchForUserStream

public Stream<UserModel> searchForUserStream(RealmModel realm,
                                             Map<String,String> attributes,
                                             Integer firstResult,
                                             Integer maxResults)

Description copied from interface: UserQueryProvider

Searches for user by parameter. If possible, implementations should treat the parameter values as partial match patterns (i.e. in RDMBS terms use LIKE).

Valid parameters are:

• UserModel.FIRST_NAME - first name (case insensitive string)
• UserModel.LAST_NAME - last name (case insensitive string)
• UserModel.EMAIL - email (case insensitive string)
• UserModel.USERNAME - username (case insensitive string)
• UserModel.EMAIL_VERIFIED - search only for users with verified/non-verified email (true/false)
• UserModel.ENABLED - search only for enabled/disabled users (true/false)
• UserModel.IDP_ALIAS - search only for users that have a federated identity from idp with the given alias configured (case sensitive string)
• UserModel.IDP_USER_ID - search for users with federated identity with the given userId (case sensitive string)

This method is used by the REST API when querying users.

Specified by:

searchForUserStream in interface UserQueryProvider

Specified by:

searchForUserStream in interface UserQueryProvider.Streams

Parameters:

realm - a reference to the realm.

attributes - a map containing the search parameters.

firstResult - first result to return. Ignored if negative, zero, or null.

maxResults - maximum number of results to return. Ignored if negative or null.

Returns:

a non-null Stream of users that match the search criteria.

searchForUserByUserAttributeStream

public Stream<UserModel> searchForUserByUserAttributeStream(RealmModel realm,
                                                            String attrName,
                                                            String attrValue)

Description copied from interface: UserQueryProvider

Searches for users that have a specific attribute with a specific value.

Specified by:

searchForUserByUserAttributeStream in interface UserQueryProvider

Specified by:

searchForUserByUserAttributeStream in interface UserQueryProvider.Streams

Parameters:

realm - a reference to the realm.

attrName - the attribute name.

attrValue - the attribute value.

Returns:

a non-null Stream of users that match the search criteria.

grantToAllUsers

public void grantToAllUsers(RealmModel realm,
                            RoleModel role)

UserQueryProvider methods implementation end here UserBulkUpdateProvider methods implementation start here

Specified by:

grantToAllUsers in interface UserBulkUpdateProvider

Parameters:

realm - Realm

role - Role to be granted

preRemove

public void preRemove(RealmModel realm)

UserBulkUpdateProvider methods implementation end here UserStorageProvider methods implementations start here -> no StorageProviders involved

Specified by:

preRemove in interface UserProvider

Parameters:

realm - a reference to the realm

preRemove

public void preRemove(RealmModel realm,
                      GroupModel group)

Description copied from interface: UserProvider

Called when a group is removed. Should remove the group membership for each user.

Specified by:

preRemove in interface UserProvider

Parameters:

realm - a reference to the realm

group - the group model

preRemove

public void preRemove(RealmModel realm,
                      RoleModel role)

Description copied from interface: UserProvider

Called when a role is removed. Should remove the role membership for each user.

Specified by:

preRemove in interface UserProvider

Parameters:

realm - a reference to the realm

role - the role model

addUser

public UserModel addUser(RealmModel realm,
                         String id,
                         String username,
                         boolean addDefaultRoles,
                         boolean addDefaultRequiredActions)

UserStorageProvider methods implementation end here UserProvider methods implementations start here -> no StorageProviders involved

Specified by:

addUser in interface UserProvider

Parameters:

realm - the realm that user will be created in

id - id of the new user. Should be generated to a random value if null.

username - username

addDefaultRoles - if true, the user should join all realm default roles

addDefaultRequiredActions - if true, all default required actions are added to the created user

Returns:

model of created user

addFederatedIdentity

public void addFederatedIdentity(RealmModel realm,
                                 UserModel user,
                                 FederatedIdentityModel socialLink)

Description copied from interface: UserProvider

Adds a federated identity link for the user within the realm

Specified by:

addFederatedIdentity in interface UserProvider

Parameters:

realm - a reference to the realm

user - the user model

socialLink - the federated identity model containing all details of the association between the user and the identity provider

updateFederatedIdentity

public void updateFederatedIdentity(RealmModel realm,
                                    UserModel federatedUser,
                                    FederatedIdentityModel federatedIdentityModel)

Description copied from interface: UserProvider

Update details of association between the federatedUser and the idp given by the federatedIdentityModel

Specified by:

updateFederatedIdentity in interface UserProvider

Parameters:

realm - a reference to the realm

federatedUser - the user model

federatedIdentityModel - the federated identity model containing all details of the association between the user and the identity provider

removeFederatedIdentity

public boolean removeFederatedIdentity(RealmModel realm,
                                       UserModel user,
                                       String socialProvider)

Description copied from interface: UserProvider

Removes federation link between the user and the identity provider given by its id

Specified by:

removeFederatedIdentity in interface UserProvider

Parameters:

realm - a reference to the realm

user - the user model

socialProvider - alias of the identity provider, see IdentityProviderModel.getAlias()

Returns:

true if the association was removed, false otherwise

preRemove

public void preRemove(RealmModel realm,
                      IdentityProviderModel provider)

Description copied from interface: UserProvider

Called when an identity provider is removed. Should remove all federated identities assigned to users from the provider.

Specified by:

preRemove in interface UserProvider

Parameters:

realm - a reference to the realm

provider - provider model

addConsent

public void addConsent(RealmModel realm,
                       String userId,
                       UserConsentModel consent)

Description copied from interface: UserProvider

Add user consent for the user.

Specified by:

addConsent in interface UserProvider

Parameters:

realm - a reference to the realm

userId - id of the user

consent - all details corresponding to the granted consent

getConsentByClient

public UserConsentModel getConsentByClient(RealmModel realm,
                                           String userId,
                                           String clientInternalId)

Description copied from interface: UserProvider

Returns UserConsentModel given by a user with the userId for the client with clientInternalId

Specified by:

getConsentByClient in interface UserProvider

Parameters:

realm - a reference to the realm

userId - id of the user

clientInternalId - id of the client

Returns:

consent given by the user to the client or null if no consent or user exists

getConsentsStream

public Stream<UserConsentModel> getConsentsStream(RealmModel realm,
                                                  String userId)

Description copied from interface: UserProvider

Obtains the consents associated with the user identified by the specified userId.

Specified by:

getConsentsStream in interface UserProvider

Specified by:

getConsentsStream in interface UserProvider.Streams

Parameters:

realm - a reference to the realm.

userId - the user identifier.

Returns:

a non-null Stream of consents associated with the user.

updateConsent

public void updateConsent(RealmModel realm,
                          String userId,
                          UserConsentModel consent)

Description copied from interface: UserProvider

Update client scopes in the stored user consent

Specified by:

updateConsent in interface UserProvider

Parameters:

realm - a reference to the realm

userId - id of the user

consent - new details of the user consent

revokeConsentForClient

public boolean revokeConsentForClient(RealmModel realm,
                                      String userId,
                                      String clientInternalId)

Description copied from interface: UserProvider

Remove a user consent given by the user id and client id

Specified by:

revokeConsentForClient in interface UserProvider

Parameters:

realm - a reference to the realm

userId - id of the user

clientInternalId - id of the client

Returns:

true if the consent was removed, false otherwise

setNotBeforeForUser

public void setNotBeforeForUser(RealmModel realm,
                                UserModel user,
                                int notBefore)

Description copied from interface: UserProvider

Sets the notBefore value for the given user

Specified by:

setNotBeforeForUser in interface UserProvider

Parameters:

realm - a reference to the realm

user - the user model

notBefore - new value for notBefore

getNotBeforeOfUser

public int getNotBeforeOfUser(RealmModel realm,
                              UserModel user)

Description copied from interface: UserProvider

Gets the notBefore value for the given user

Specified by:

getNotBeforeOfUser in interface UserProvider

Parameters:

realm - a reference to the realm

user - the user model

Returns:

the value of notBefore

getUserByFederatedIdentity

public UserModel getUserByFederatedIdentity(RealmModel realm,
                                            FederatedIdentityModel socialLink)

Description copied from interface: UserProvider

Returns a userModel that corresponds to the given socialLink.

Specified by:

getUserByFederatedIdentity in interface UserProvider

Specified by:

getUserByFederatedIdentity in interface UserProvider.Streams

Parameters:

realm - a reference to the realm

socialLink - the socialLink

Returns:

the user corresponding to socialLink and null if no such user exists

getServiceAccount

public UserModel getServiceAccount(ClientModel client)

Description copied from interface: UserProvider

Return a UserModel representing service account of the client

Specified by:

getServiceAccount in interface UserProvider

Parameters:

client - the client model

Returns:

userModel representing service account of the client

getFederatedIdentitiesStream

public Stream<FederatedIdentityModel> getFederatedIdentitiesStream(RealmModel realm,
                                                                   UserModel user)

Description copied from interface: UserProvider

Obtains the federated identities of the specified user.

Specified by:

getFederatedIdentitiesStream in interface UserProvider

Specified by:

getFederatedIdentitiesStream in interface UserProvider.Streams

Parameters:

realm - a reference to the realm.

user - the reference to the user.

Returns:

a non-null Stream of federated identities associated with the user.

getFederatedIdentity

public FederatedIdentityModel getFederatedIdentity(RealmModel realm,
                                                   UserModel user,
                                                   String socialProvider)

Description copied from interface: UserProvider

Returns details of the association between the user and the socialProvider.

Specified by:

getFederatedIdentity in interface UserProvider

Specified by:

getFederatedIdentity in interface UserProvider.Streams

Parameters:

realm - a reference to the realm

user - the user model

socialProvider - the id of the identity provider

Returns:

federatedIdentityModel or null if no association exists

preRemove

public void preRemove(RealmModel realm,
                      ClientModel client)

Description copied from interface: UserProvider

Called when a client is removed. Should remove all user consents associated with the client

Specified by:

preRemove in interface UserProvider

Parameters:

realm - a reference to the realm

client - the client model

preRemove

public void preRemove(ProtocolMapperModel protocolMapper)

Description copied from interface: UserProvider

Called when a protocolMapper is removed

Specified by:

preRemove in interface UserProvider

Parameters:

protocolMapper - the protocolMapper model

preRemove

public void preRemove(ClientScopeModel clientScope)

Description copied from interface: UserProvider

Called when a client scope is removed. Should remove the clientScope from each user consent

Specified by:

preRemove in interface UserProvider

Parameters:

clientScope - the clientScope model

preRemove

public void preRemove(RealmModel realm,
                      ComponentModel component)

Description copied from interface: UserProvider

Called when a component is removed. Should remove all data in UserStorage associated with removed component. For example,

• if component corresponds to UserStorageProvider all imported users from the provider should be removed,
• if component corresponds to ClientStorageProvider all consents granted for clients imported from the provider should be removed

Specified by:

preRemove in interface UserProvider

Parameters:

realm - a reference to the realm

component - the component model

removeImportedUsers

public void removeImportedUsers(RealmModel realm,
                                String storageProviderId)

Description copied from interface: UserProvider

Removes any imported users from a specific User Storage Provider.

Specified by:

removeImportedUsers in interface UserProvider

Parameters:

realm - a reference to the realm

storageProviderId - id of the user storage provider

unlinkUsers

public void unlinkUsers(RealmModel realm,
                        String storageProviderId)

Description copied from interface: UserProvider

Set federation link to null to imported users of a specific User Storage Provider

Specified by:

unlinkUsers in interface UserProvider

Parameters:

realm - a reference to the realm

storageProviderId - id of the storage provider

close

public void close()

UserProvider methods implementations end here

Specified by:

close in interface UserProvider

Specified by:

close in interface Provider

onCreate

public void onCreate(KeycloakSession session,
                     RealmModel realm,
                     ComponentModel model)

Specified by:

onCreate in interface OnCreateComponent

onUpdate

public void onUpdate(KeycloakSession session,
                     RealmModel realm,
                     ComponentModel oldModel,
                     ComponentModel newModel)

Specified by:

onUpdate in interface OnUpdateComponent

onCache

public void onCache(RealmModel realm,
                    CachedUserModel user,
                    UserModel delegate)

Specified by:

onCache in interface OnUserCache