Package org.keycloak.storage
Class RoleStorageManager
- java.lang.Object
-
- org.keycloak.storage.RoleStorageManager
-
- All Implemented Interfaces:
RoleProvider,Provider,RoleLookupProvider
public class RoleStorageManager extends Object implements RoleProvider
-
-
Field Summary
Fields Modifier and Type Field Description protected KeycloakSessionsession
-
Constructor Summary
Constructors Constructor Description RoleStorageManager(KeycloakSession session, long roleStorageProviderTimeout)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description RoleModeladdClientRole(ClientModel client, String name)Adds a client role with givennameto the given client.RoleModeladdClientRole(ClientModel client, String id, String name)Adds a client role with given internal ID andnameto the given client.RoleModeladdRealmRole(RealmModel realm, String name)Adds a realm role with givennameto the given realm.RoleModeladdRealmRole(RealmModel realm, String id, String name)Adds a realm role with given internal ID andnameto the given realm.voidclose()RoleModelgetClientRole(ClientModel client, String name)Exact search for a client role by given name.Stream<RoleModel>getClientRolesStream(ClientModel client)Returns all the client roles of the given client.Stream<RoleModel>getClientRolesStream(ClientModel client, Integer first, Integer max)Returns the client roles of the given client.static <T> Stream<T>getEnabledStorageProviders(KeycloakSession session, RealmModel realm, Class<T> type)RoleModelgetRealmRole(RealmModel realm, String name)Exact search for a role by given name.Stream<RoleModel>getRealmRolesStream(RealmModel realm, Integer first, Integer max)Returns the realm roles of the given realm as a stream.RoleModelgetRoleById(RealmModel realm, String id)Exact search for a role by its internal ID..Stream<RoleModel>getRolesStream(RealmModel realm, Stream<String> ids, String search, Integer first, Integer max)Returns a paginated stream of roles with given ids and given search value in role names.static RoleStorageProvidergetStorageProvider(KeycloakSession session, RealmModel realm, String componentId)static RoleStorageProvidergetStorageProviderInstance(KeycloakSession session, RoleStorageProviderModel model, RoleStorageProviderFactory factory)static RoleStorageProviderModelgetStorageProviderModel(RealmModel realm, String componentId)static <T> Stream<T>getStorageProviders(KeycloakSession session, RealmModel realm, Class<T> type)static <T> Stream<RoleStorageProviderModel>getStorageProviders(RealmModel realm, KeycloakSession session, Class<T> type)static booleanisStorageProviderEnabled(RealmModel realm, String providerId)booleanremoveRole(RoleModel role)Removes given realm role from the given realm.voidremoveRoles(ClientModel client)Removes all roles from the given client.voidremoveRoles(RealmModel realm)Removes all roles from the given realm.Stream<RoleModel>searchForClientRolesStream(ClientModel client, String search, Integer first, Integer max)Obtaining roles from an external role storage is time-bounded.Stream<RoleModel>searchForRolesStream(RealmModel realm, String search, Integer first, Integer max)Obtaining roles from an external role storage is time-bounded.-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.keycloak.models.RoleProvider
getRealmRolesStream
-
-
-
-
Field Detail
-
session
protected KeycloakSession session
-
-
Constructor Detail
-
RoleStorageManager
public RoleStorageManager(KeycloakSession session, long roleStorageProviderTimeout)
-
-
Method Detail
-
isStorageProviderEnabled
public static boolean isStorageProviderEnabled(RealmModel realm, String providerId)
-
getStorageProviderModel
public static RoleStorageProviderModel getStorageProviderModel(RealmModel realm, String componentId)
-
getStorageProvider
public static RoleStorageProvider getStorageProvider(KeycloakSession session, RealmModel realm, String componentId)
-
getStorageProviders
public static <T> Stream<RoleStorageProviderModel> getStorageProviders(RealmModel realm, KeycloakSession session, Class<T> type)
-
getStorageProviderInstance
public static RoleStorageProvider getStorageProviderInstance(KeycloakSession session, RoleStorageProviderModel model, RoleStorageProviderFactory factory)
-
getStorageProviders
public static <T> Stream<T> getStorageProviders(KeycloakSession session, RealmModel realm, Class<T> type)
-
getEnabledStorageProviders
public static <T> Stream<T> getEnabledStorageProviders(KeycloakSession session, RealmModel realm, Class<T> type)
-
addRealmRole
public RoleModel addRealmRole(RealmModel realm, String name)
Description copied from interface:RoleProviderAdds a realm role with givennameto the given realm. The internal ID of the role will be created automatically.- Specified by:
addRealmRolein interfaceRoleProvider- Parameters:
realm- Realm owning this role.name- String name of the role.- Returns:
- Model of the created role.
-
addRealmRole
public RoleModel addRealmRole(RealmModel realm, String id, String name)
Description copied from interface:RoleProviderAdds a realm role with given internal ID andnameto the given realm.- Specified by:
addRealmRolein interfaceRoleProvider- Parameters:
realm- Realm owning this role.id- Internal ID of the role ornullif one is to be created by the underlying storename- String name of the role.- Returns:
- Model of the created client.
-
getRealmRole
public RoleModel getRealmRole(RealmModel realm, String name)
Description copied from interface:RoleLookupProviderExact search for a role by given name.- Specified by:
getRealmRolein interfaceRoleLookupProvider- Parameters:
realm- Realm.name- String name of the role.- Returns:
- Model of the role, or
nullif no role is found.
-
getRoleById
public RoleModel getRoleById(RealmModel realm, String id)
Description copied from interface:RoleLookupProviderExact search for a role by its internal ID..- Specified by:
getRoleByIdin interfaceRoleLookupProvider- Parameters:
realm- Realm.id- Internal ID of the role.- Returns:
- Model of the role.
-
getRealmRolesStream
public Stream<RoleModel> getRealmRolesStream(RealmModel realm, Integer first, Integer max)
Description copied from interface:RoleProviderReturns the realm roles of the given realm as a stream.- Specified by:
getRealmRolesStreamin interfaceRoleProvider- Parameters:
realm- Realm.first- First result to return. Ignored if negative ornull.max- Maximum number of results to return. Ignored if negative ornull.- Returns:
- Stream of the roles. Never returns
null.
-
getRolesStream
public Stream<RoleModel> getRolesStream(RealmModel realm, Stream<String> ids, String search, Integer first, Integer max)
Description copied from interface:RoleProviderReturns a paginated stream of roles with given ids and given search value in role names.- Specified by:
getRolesStreamin interfaceRoleProvider- Parameters:
realm- Realm. Cannot benull.ids- Stream of ids. Returns emptyStreamwhennull.search- Case-insensitive string to search by role's name or description. Ignored ifnull.first- Index of the first result to return. Ignored if negative ornull.max- Maximum number of results to return. Ignored if negative ornull.- Returns:
- Stream of desired roles. Never returns
null.
-
searchForRolesStream
public Stream<RoleModel> searchForRolesStream(RealmModel realm, String search, Integer first, Integer max)
Obtaining roles from an external role storage is time-bounded. In case the external role storage isn't available at least roles from a local storage are returned. For this purpose theorg.keycloak.services.DefaultKeycloakSessionFactory#getRoleStorageProviderTimeout()property is used. Default value is 3000 milliseconds and it's configurable. Seeorg.keycloak.services.DefaultKeycloakSessionFactoryfor details.- Specified by:
searchForRolesStreamin interfaceRoleLookupProvider- Parameters:
realm- Realm.search- Searched substring of the role's name or description.first- First result to return. Ignored if negative ornull.max- Maximum number of results to return. Ignored if negative ornull.- Returns:
- Stream of the realm roles their name or description contains given search string.
Never returns
null.
-
removeRole
public boolean removeRole(RoleModel role)
Description copied from interface:RoleProviderRemoves given realm role from the given realm.- Specified by:
removeRolein interfaceRoleProvider- Parameters:
role- Role to be removed.- Returns:
trueif the role existed and has been removed,falseotherwise.
-
removeRoles
public void removeRoles(RealmModel realm)
Description copied from interface:RoleProviderRemoves all roles from the given realm.- Specified by:
removeRolesin interfaceRoleProvider- Parameters:
realm- Realm.
-
removeRoles
public void removeRoles(ClientModel client)
Description copied from interface:RoleProviderRemoves all roles from the given client.- Specified by:
removeRolesin interfaceRoleProvider- Parameters:
client- Client.
-
addClientRole
public RoleModel addClientRole(ClientModel client, String name)
Description copied from interface:RoleProviderAdds a client role with givennameto the given client. The internal ID of the role will be created automatically.- Specified by:
addClientRolein interfaceRoleProvider- Parameters:
client- Client owning this role.name- String name of the role.- Returns:
- Model of the created role.
-
addClientRole
public RoleModel addClientRole(ClientModel client, String id, String name)
Description copied from interface:RoleProviderAdds a client role with given internal ID andnameto the given client.- Specified by:
addClientRolein interfaceRoleProvider- Parameters:
client- Client owning this role.id- Internal ID of the client role ornullif one is to be created by the underlying store.name- String name of the role.- Returns:
- Model of the created role.
-
getClientRole
public RoleModel getClientRole(ClientModel client, String name)
Description copied from interface:RoleLookupProviderExact search for a client role by given name.- Specified by:
getClientRolein interfaceRoleLookupProvider- Parameters:
client- Client.name- String name of the role.- Returns:
- Model of the role, or
nullif no role is found.
-
getClientRolesStream
public Stream<RoleModel> getClientRolesStream(ClientModel client)
Description copied from interface:RoleProviderReturns all the client roles of the given client. Effectively the same as the callgetClientRoles(client, null, null).- Specified by:
getClientRolesStreamin interfaceRoleProvider- Parameters:
client- Client.- Returns:
- Stream of the roles. Never returns
null.
-
getClientRolesStream
public Stream<RoleModel> getClientRolesStream(ClientModel client, Integer first, Integer max)
Description copied from interface:RoleProviderReturns the client roles of the given client.- Specified by:
getClientRolesStreamin interfaceRoleProvider- Parameters:
client- Client.first- First result to return. Ignored if negative ornull.max- Maximum number of results to return. Ignored if negative ornull.- Returns:
- Stream of the roles. Never returns
null.
-
searchForClientRolesStream
public Stream<RoleModel> searchForClientRolesStream(ClientModel client, String search, Integer first, Integer max)
Obtaining roles from an external role storage is time-bounded. In case the external role storage isn't available at least roles from a local storage are returned. For this purpose theorg.keycloak.services.DefaultKeycloakSessionFactory#getRoleStorageProviderTimeout()} property is used. Default value is 3000 milliseconds and it's configurable. Seeorg.keycloak.services.DefaultKeycloakSessionFactoryfor details.- Specified by:
searchForClientRolesStreamin interfaceRoleLookupProvider- Parameters:
client- Client.search- String to search by role's name or description.first- First result to return. Ignored if negative ornull.max- Maximum number of results to return. Ignored if negative ornull.- Returns:
- Stream of the client roles their name or description contains given search string.
Never returns
null.
-
-