Package org.keycloak.storage.adapter

Class AbstractUserAdapterFederatedStorage

  • All Implemented Interfaces:
    RoleMapperModel, UserModel
    Direct Known Subclasses:
    AbstractUserAdapterFederatedStorage.Streams
    public abstract class AbstractUserAdapterFederatedStorage
extends UserModelDefaultMethods
    Assumes everything is managed by federated storage except for username. getId() returns a default value of "f:" + providerId + ":" + getUsername(). UserModel properties like enabled, firstName, lastName, email, etc. are all stored as attributes in federated storage. isEnabled() defaults to true if the ENABLED_ATTRIBUTE isn't set in federated storage
    Version:
    $Revision: 1 $
    Author:
    Bill Burke

    • Field Detail

      • FIRST_NAME_ATTRIBUTE

        public static String FIRST_NAME_ATTRIBUTE

      • LAST_NAME_ATTRIBUTE

        public static String LAST_NAME_ATTRIBUTE

      • EMAIL_ATTRIBUTE

        public static String EMAIL_ATTRIBUTE

      • EMAIL_VERIFIED_ATTRIBUTE

        public static String EMAIL_VERIFIED_ATTRIBUTE

      • CREATED_TIMESTAMP_ATTRIBUTE

        public static String CREATED_TIMESTAMP_ATTRIBUTE

      • ENABLED_ATTRIBUTE

        public static String ENABLED_ATTRIBUTE

    • Method Detail

      • getRequiredActions

        public Set<String> getRequiredActions()

      • addRequiredAction

        public void addRequiredAction​(String action)

      • removeRequiredAction

        public void removeRequiredAction​(String action)

      • getGroupsInternal

        protected Set<GroupModel> getGroupsInternal()
        Get group membership mappings that are managed by this storage provider
        Returns:

      • appendDefaultGroups

        protected boolean appendDefaultGroups()
        Should the realm's default groups be appended to getGroups() call? If your storage provider is not managing group mappings then it is recommended that this method return true
        Returns:

      • getGroups

        public Set<GroupModel> getGroups()
        Gets groups from federated storage and automatically appends default groups of realm. Also calls getGroupsInternal() method to pull group membership from provider. Implementors can override that method
        Returns:

      • joinGroup

        public void joinGroup​(GroupModel group)

      • leaveGroup

        public void leaveGroup​(GroupModel group)

      • isMemberOf

        public boolean isMemberOf​(GroupModel group)

      • getRealmRoleMappings

        public Set<RoleModel> getRealmRoleMappings()
        Gets role mappings from federated storage and automatically appends default roles. Also calls getRoleMappingsInternal() method to pull role mappings from provider. Implementors can override that method
        Returns:

      • getClientRoleMappings

        public Set<RoleModel> getClientRoleMappings​(ClientModel app)
        Gets role mappings from federated storage and automatically appends default roles. Also calls getRoleMappingsInternal() method to pull role mappings from provider. Implementors can override that method
        Parameters:
        app - Client to get the roles for
        Returns:

      • hasRole

        public boolean hasRole​(RoleModel role)
        Description copied from interface: RoleMapperModel
        Returns true if this object is directly or indirectly assigned the given role, false otherwise.

        For example, true is returned for hasRole(R) if:

        • R is directly assigned to this object
        • R is not assigned to this object but this object belongs to a group G which is assigned the role R
        • R is not assigned to this object but this object belongs to a group G, and G belongs to group H which is assigned the role R
        Returns:
        see description
        See Also:
        if you want to check if this object is directly assigned to a role

      • grantRole

        public void grantRole​(RoleModel role)
        Description copied from interface: RoleMapperModel
        Grants the given role to this object.

      • appendDefaultRolesToRoleMappings

        protected boolean appendDefaultRolesToRoleMappings()
        Should the realm's default roles be appended to getRoleMappings() call? If your storage provider is not managing all role mappings then it is recommended that this method return true
        Returns:

      • getRoleMappingsInternal

        protected Set<RoleModel> getRoleMappingsInternal()

      • getRoleMappings

        public Set<RoleModel> getRoleMappings()
        Gets role mappings from federated storage and automatically appends default roles. Also calls getRoleMappingsInternal() method to pull role mappings from provider. Implementors can override that method
        Returns:

      • getFederatedRoleMappings

        protected Set<RoleModel> getFederatedRoleMappings()

      • deleteRoleMapping

        public void deleteRoleMapping​(RoleModel role)
        Description copied from interface: RoleMapperModel
        Removes the given role mapping from this object.
        Parameters:
        role - Role to remove

      • isEnabled

        public boolean isEnabled()

      • setEnabled

        public void setEnabled​(boolean enabled)

      • getFederationLink

        public String getFederationLink()
        This method should not be overriden
        Returns:

      • setFederationLink

        public void setFederationLink​(String link)
        This method should not be overriden

      • getServiceAccountClientLink

        public String getServiceAccountClientLink()
        This method should not be overriden
        Returns:

      • setServiceAccountClientLink

        public void setServiceAccountClientLink​(String clientInternalId)
        This method should not be overriden

      • getId

        public String getId()
        Defaults to 'f:' + storageProvider.getId() + ':' + getUsername()
        Returns:

      • getCreatedTimestamp

        public Long getCreatedTimestamp()
        Description copied from interface: UserModel
        Get timestamp of user creation. May be null for old users created before this feature introduction.

      • setCreatedTimestamp

        public void setCreatedTimestamp​(Long timestamp)

      • setSingleAttribute

        public void setSingleAttribute​(String name,
                               String value)
        Description copied from interface: UserModel
        Set single value of specified attribute. Remove all other existing values of this attribute

      • removeAttribute

        public void removeAttribute​(String name)

      • setAttribute

        public void setAttribute​(String name,
                         List<String> values)

      • getFirstAttribute

        public String getFirstAttribute​(String name)
        Returns:
        null if there is not any value of specified attribute or first value otherwise. Don't throw exception if there are more values of the attribute

      • getAttribute

        public List<String> getAttribute​(String name)
        Returns:
        list of all attribute values or empty list if there are not any values. Never return null

      • mapAttribute

        protected String mapAttribute​(String attributeName)

      • isEmailVerified

        public boolean isEmailVerified()

      • setEmailVerified

        public void setEmailVerified​(boolean verified)
        Stores as attribute in federated storage. EMAIL_VERIFIED_ATTRIBUTE
        Parameters:
        verified -

      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class Object