Package org.keycloak.models

Interface UserProvider

    • Method Detail

      • setNotBeforeForUser

        void setNotBeforeForUser​(RealmModel realm,
                         UserModel user,
                         int notBefore)
        Sets the notBefore value for the given user
        Parameters:
        realm - a reference to the realm
        user - the user model
        notBefore - new value for notBefore
        Throws:
        ModelException - when user doesn't exist in the storage

      • getNotBeforeOfUser

        int getNotBeforeOfUser​(RealmModel realm,
                       UserModel user)
        Gets the notBefore value for the given user
        Parameters:
        realm - a reference to the realm
        user - the user model
        Returns:
        the value of notBefore
        Throws:
        ModelException - when user doesn't exist in the storage

      • getServiceAccount

        UserModel getServiceAccount​(ClientModel client)
        Return a UserModel representing service account of the client
        Parameters:
        client - the client model
        Returns:
        userModel representing service account of the client
        Throws:
        IllegalArgumentException - when there are more service accounts associated with the given clientId

      • addUser

        UserModel addUser​(RealmModel realm,
                  String id,
                  String username,
                  boolean addDefaultRoles,
                  boolean addDefaultRequiredActions)
        Adds a new user into the storage.

        only used for local storage

        Parameters:
        realm - the realm that user will be created in
        id - id of the new user. Should be generated to a random value if null.
        username - username
        addDefaultRoles - if true, the user should join all realm default roles
        addDefaultRequiredActions - if true, all default required actions are added to the created user
        Returns:
        model of created user
        Throws:
        NullPointerException - when username or realm is null
        ModelDuplicateException - when a user with given id or username already exists

      • removeImportedUsers

        void removeImportedUsers​(RealmModel realm,
                         String storageProviderId)
        Removes any imported users from a specific User Storage Provider.
        Parameters:
        realm - a reference to the realm
        storageProviderId - id of the user storage provider

      • unlinkUsers

        void unlinkUsers​(RealmModel realm,
                 String storageProviderId)
        Set federation link to null to imported users of a specific User Storage Provider
        Parameters:
        realm - a reference to the realm
        storageProviderId - id of the storage provider

      • addConsent

        void addConsent​(RealmModel realm,
                String userId,
                UserConsentModel consent)
        Add user consent for the user.
        Parameters:
        realm - a reference to the realm
        userId - id of the user
        consent - all details corresponding to the granted consent
        Throws:
        ModelException - If there is no user with userId

      • getConsentByClient

        UserConsentModel getConsentByClient​(RealmModel realm,
                                    String userId,
                                    String clientInternalId)
        Returns UserConsentModel given by a user with the userId for the client with clientInternalId
        Parameters:
        realm - a reference to the realm
        userId - id of the user
        clientInternalId - id of the client
        Returns:
        consent given by the user to the client or null if no consent or user exists
        Throws:
        ModelException - when there are more consents fulfilling specified parameters

      • getConsentsStream

        Stream<UserConsentModel> getConsentsStream​(RealmModel realm,
                                           String userId)
        Obtains the consents associated with the user identified by the specified userId.
        Parameters:
        realm - a reference to the realm.
        userId - the user identifier.
        Returns:
        a non-null Stream of consents associated with the user.

      • updateConsent

        void updateConsent​(RealmModel realm,
                   String userId,
                   UserConsentModel consent)
        Update client scopes in the stored user consent
        Parameters:
        realm - a reference to the realm
        userId - id of the user
        consent - new details of the user consent
        Throws:
        ModelException - when consent doesn't exist for the userId

      • revokeConsentForClient

        boolean revokeConsentForClient​(RealmModel realm,
                               String userId,
                               String clientInternalId)
        Remove a user consent given by the user id and client id
        Parameters:
        realm - a reference to the realm
        userId - id of the user
        clientInternalId - id of the client
        Returns:
        true if the consent was removed, false otherwise TODO: Make this method return Boolean so that store can return "I don't know" answer, this can be used for example in async stores

      • addFederatedIdentity

        void addFederatedIdentity​(RealmModel realm,
                          UserModel user,
                          FederatedIdentityModel socialLink)
        Adds a federated identity link for the user within the realm
        Parameters:
        realm - a reference to the realm
        user - the user model
        socialLink - the federated identity model containing all details of the association between the user and the identity provider

      • removeFederatedIdentity

        boolean removeFederatedIdentity​(RealmModel realm,
                                UserModel user,
                                String socialProvider)
        Removes federation link between the user and the identity provider given by its id
        Parameters:
        realm - a reference to the realm
        user - the user model
        socialProvider - alias of the identity provider, see IdentityProviderModel.getAlias()
        Returns:
        true if the association was removed, false otherwise TODO: Make this method return Boolean so that store can return "I don't know" answer, this can be used for example in async stores

      • updateFederatedIdentity

        void updateFederatedIdentity​(RealmModel realm,
                             UserModel federatedUser,
                             FederatedIdentityModel federatedIdentityModel)
        Update details of association between the federatedUser and the idp given by the federatedIdentityModel
        Parameters:
        realm - a reference to the realm
        federatedUser - the user model
        federatedIdentityModel - the federated identity model containing all details of the association between the user and the identity provider

      • getFederatedIdentitiesStream

        Stream<FederatedIdentityModel> getFederatedIdentitiesStream​(RealmModel realm,
                                                            UserModel user)
        Obtains the federated identities of the specified user.
        Parameters:
        realm - a reference to the realm.
        user - the reference to the user.
        Returns:
        a non-null Stream of federated identities associated with the user.

      • getFederatedIdentity

        FederatedIdentityModel getFederatedIdentity​(RealmModel realm,
                                            UserModel user,
                                            String socialProvider)
        Returns details of the association between the user and the socialProvider.
        Parameters:
        realm - a reference to the realm
        user - the user model
        socialProvider - the id of the identity provider
        Returns:
        federatedIdentityModel or null if no association exists

      • getUserByFederatedIdentity

        UserModel getUserByFederatedIdentity​(RealmModel realm,
                                     FederatedIdentityModel socialLink)
        Returns a userModel that corresponds to the given socialLink.
        Parameters:
        realm - a reference to the realm
        socialLink - the socialLink
        Returns:
        the user corresponding to socialLink and null if no such user exists
        Throws:
        IllegalStateException - when there are more users for the given socialLink

      • preRemove

        void preRemove​(RealmModel realm)
        Called when a realm is removed. Should remove all users that belong to the realm.
        Parameters:
        realm - a reference to the realm

      • preRemove

        void preRemove​(RealmModel realm,
               IdentityProviderModel provider)
        Called when an identity provider is removed. Should remove all federated identities assigned to users from the provider.
        Parameters:
        realm - a reference to the realm
        provider - provider model

      • preRemove

        void preRemove​(RealmModel realm,
               RoleModel role)
        Called when a role is removed. Should remove the role membership for each user.
        Parameters:
        realm - a reference to the realm
        role - the role model

      • preRemove

        void preRemove​(RealmModel realm,
               GroupModel group)
        Called when a group is removed. Should remove the group membership for each user.
        Parameters:
        realm - a reference to the realm
        group - the group model

      • preRemove

        void preRemove​(RealmModel realm,
               ClientModel client)
        Called when a client is removed. Should remove all user consents associated with the client
        Parameters:
        realm - a reference to the realm
        client - the client model

      • preRemove

        void preRemove​(ProtocolMapperModel protocolMapper)
        Called when a protocolMapper is removed
        Parameters:
        protocolMapper - the protocolMapper model

      • preRemove

        void preRemove​(ClientScopeModel clientScope)
        Called when a client scope is removed. Should remove the clientScope from each user consent
        Parameters:
        clientScope - the clientScope model

      • preRemove

        void preRemove​(RealmModel realm,
               ComponentModel component)
        Called when a component is removed. Should remove all data in UserStorage associated with removed component. For example,
        • if component corresponds to UserStorageProvider all imported users from the provider should be removed,
        • if component corresponds to ClientStorageProvider all consents granted for clients imported from the provider should be removed
        Parameters:
        realm - a reference to the realm
        component - the component model

      • close

        void close()
        Specified by:
        close in interface Provider