Package org.keycloak.services.managers

Class UserConsentManager

java.lang.Object
org.keycloak.services.managers.UserConsentManager
public class UserConsentManager extends Object
Author:
Marek Posolda

  • Constructor Details

    • UserConsentManager

      public UserConsentManager()

  • Method Details

    • revokeConsentToClient

      public static boolean revokeConsentToClient(KeycloakSession session, ClientModel client, UserModel user)
      Revoke consent of given user to given client
      Parameters:
      session -
      client -
      user -
      Returns:
      true if either consent or offlineToken was revoked

    • addConsent

      public static void addConsent(KeycloakSession session, RealmModel realm, UserModel user, UserConsentModel consent)
      Add user consent for the user.
      Parameters:
      realm - a reference to the realm
      user - user. Must not be null
      consent - all details corresponding to the granted consent
      Throws:
      ModelException - If there is no user with userId

    • getConsentByClient

      public static UserConsentModel getConsentByClient(KeycloakSession session, RealmModel realm, UserModel user, String clientInternalId)
      Returns UserConsentModel given by a user for the client with clientInternalId
      Parameters:
      realm - a reference to the realm
      user - user. Must not be null
      clientInternalId - id of the client
      Returns:
      consent given by the user to the client or null if no consent or user exists
      Throws:
      ModelException - when there are more consents fulfilling specified parameters

    • getConsentsStream

      public static Stream<UserConsentModel> getConsentsStream(KeycloakSession session, RealmModel realm, UserModel user)
      Obtains the consents associated with the user
      Parameters:
      realm - a reference to the realm.
      user - user. Must not be null
      Returns:
      a non-null Stream of consents associated with the user.

    • updateConsent

      public static void updateConsent(KeycloakSession session, RealmModel realm, UserModel user, UserConsentModel consent)
      Update client scopes in the stored user consent
      Parameters:
      realm - a reference to the realm
      user - user. Must not be null
      consent - new details of the user consent
      Throws:
      ModelException - when consent doesn't exist for the userId

    • revokeConsentForClient

      public static boolean revokeConsentForClient(KeycloakSession session, RealmModel realm, UserModel user, String clientInternalId)
      Remove a user consent given by the user and client id
      Parameters:
      realm - a reference to the realm
      user - user. Must not be null
      clientInternalId - id of the client
      Returns:
      true if the consent was removed, false otherwise TODO: Make this method return Boolean so that store can return "I don't know" answer, this can be used for example in async stores