Package org.keycloak.storage.jpa
Class JpaUserFederatedStorageProvider
java.lang.Object
org.keycloak.storage.jpa.JpaUserFederatedStorageProvider
- All Implemented Interfaces:
UserCredentialStore,Provider,UserAttributeFederatedStorage,UserBrokerLinkFederatedStorage,UserConsentFederatedStorage,UserFederatedStorageProvider,UserFederatedUserCredentialStore,UserGroupMembershipFederatedStorage,UserNotBeforeFederatedStorage,UserRequiredActionsFederatedStorage,UserRoleMappingsFederatedStorage
public class JpaUserFederatedStorageProvider
extends Object
implements UserFederatedStorageProvider, UserCredentialStore
- Version:
- $Revision: 1 $
- Author:
- Bill Burke
-
Nested Class Summary
Nested classes/interfaces inherited from interface org.keycloak.storage.federated.UserFederatedStorageProvider
UserFederatedStorageProvider.Streams -
Field Summary
Fields -
Constructor Summary
ConstructorsConstructorDescriptionJpaUserFederatedStorageProvider(KeycloakSession session, jakarta.persistence.EntityManager em) -
Method Summary
Modifier and TypeMethodDescriptionvoidaddConsent(RealmModel realm, String userId, UserConsentModel consent) voidaddFederatedIdentity(RealmModel realm, String userId, FederatedIdentityModel link) voidaddRequiredAction(RealmModel realm, String userId, String action) voidclose()createCredential(RealmModel realm, String userId, CredentialModel cred) createCredential(RealmModel realm, UserModel user, CredentialModel cred) protected voidcreateIndex(RealmModel realm, String userId) We create an entry so that its easy to iterate over all things in the database.voiddeleteRoleMapping(RealmModel realm, String userId, RoleModel role) getAttributes(RealmModel realm, String userId) getConsentByClient(RealmModel realm, String userId, String clientInternalId) getConsentsStream(RealmModel realm, String userId) Obtains the consents associated with the federated user identified byuserId.getFederatedIdentitiesStream(String userId, RealmModel realm) Obtains the identities of the federated user identified byuserId.getFederatedIdentity(String userId, String socialProvider, RealmModel realm) getGroupsStream(RealmModel realm, String userId) Obtains the groups associated with the federated user.getMembershipStream(RealmModel realm, GroupModel group, Integer firstResult, Integer max) Obtains the federated users that are members of the givengroupin the specifiedrealm.intgetNotBeforeOfUser(RealmModel realm, String userId) getRequiredActionsStream(RealmModel realm, String userId) Obtains the names of required actions associated with the federated user identified byuserId.getRoleMappingsStream(RealmModel realm, String userId) Obtains the roles associated with the federated user identified byuserId.getRoleMembersStream(RealmModel realm, RoleModel role, Integer firstResult, Integer max) Obtains the federated users that are members of the givenrolein the specifiedrealm.getStoredCredentialById(RealmModel realm, String userId, String id) getStoredCredentialById(RealmModel realm, UserModel user, String id) getStoredCredentialByNameAndType(RealmModel realm, String userId, String name, String type) getStoredCredentialByNameAndType(RealmModel realm, UserModel user, String name, String type) getStoredCredentialsByTypeStream(RealmModel realm, String userId, String type) Obtains the credentials of typetypethat are associated with the federated user identified byuserId.getStoredCredentialsByTypeStream(RealmModel realm, UserModel user, String type) Obtains the stored credentials associated with the specified user that match the specified type.getStoredCredentialsStream(RealmModel realm, String userId) Obtains the credentials associated with the federated user identified byuserId.getStoredCredentialsStream(RealmModel realm, UserModel user) Obtains the stored credentials associated with the specified user.intgetStoredUsersCount(RealmModel realm) getStoredUsersStream(RealmModel realm, Integer first, Integer max) Obtains the ids of all federated users in the realm.getUserByFederatedIdentity(FederatedIdentityModel link, RealmModel realm) getUsersByUserAttributeStream(RealmModel realm, String name, String value) Searches for federated users that have an attribute with the specifiednameandvalue.voidgrantRole(RealmModel realm, String userId, RoleModel role) voidjoinGroup(RealmModel realm, String userId, GroupModel group) voidleaveGroup(RealmModel realm, String userId, GroupModel group) booleanmoveCredentialTo(RealmModel realm, UserModel user, String id, String newPreviousCredentialId) voidpreRemove(ClientScopeModel clientScope) voidpreRemove(ProtocolMapperModel protocolMapper) voidpreRemove(RealmModel realm) voidpreRemove(RealmModel realm, ComponentModel model) voidpreRemove(RealmModel realm, ClientModel client) voidpreRemove(RealmModel realm, GroupModel group) voidpreRemove(RealmModel realm, IdentityProviderModel provider) voidpreRemove(RealmModel realm, RoleModel role) voidpreRemove(RealmModel realm, UserModel user) voidremoveAttribute(RealmModel realm, String userId, String name) booleanremoveFederatedIdentity(RealmModel realm, String userId, String socialProvider) voidremoveRequiredAction(RealmModel realm, String userId, String action) booleanremoveStoredCredential(RealmModel realm, String userId, String id) booleanremoveStoredCredential(RealmModel realm, UserModel user, String id) Removes credential with theidfor theuser.booleanrevokeConsentForClient(RealmModel realm, String userId, String clientInternalId) voidsetAttribute(RealmModel realm, String userId, String name, List<String> values) voidsetNotBeforeForUser(RealmModel realm, String userId, int notBefore) voidsetSingleAttribute(RealmModel realm, String userId, String name, String value) protected CredentialModeltoModel(FederatedUserCredentialEntity entity) voidupdateConsent(RealmModel realm, String userId, UserConsentModel consent) voidupdateCredential(RealmModel realm, String userId, CredentialModel cred) voidupdateCredential(RealmModel realm, UserModel user, CredentialModel cred) voidupdateFederatedIdentity(RealmModel realm, String userId, FederatedIdentityModel model)
-
Field Details
-
logger
protected static final org.jboss.logging.Logger logger -
em
protected jakarta.persistence.EntityManager em
-
-
Constructor Details
-
JpaUserFederatedStorageProvider
public JpaUserFederatedStorageProvider(KeycloakSession session, jakarta.persistence.EntityManager em)
-
-
Method Details
-
close
public void close() -
createIndex
We create an entry so that its easy to iterate over all things in the database. Specifically useful for export -
setAttribute
- Specified by:
setAttributein interfaceUserAttributeFederatedStorage
-
setSingleAttribute
- Specified by:
setSingleAttributein interfaceUserAttributeFederatedStorage
-
removeAttribute
- Specified by:
removeAttributein interfaceUserAttributeFederatedStorage
-
getAttributes
- Specified by:
getAttributesin interfaceUserAttributeFederatedStorage
-
getUsersByUserAttributeStream
Description copied from interface:UserAttributeFederatedStorageSearches for federated users that have an attribute with the specifiednameandvalue.- Specified by:
getUsersByUserAttributeStreamin interfaceUserAttributeFederatedStorage- Parameters:
realm- a reference to the realm.name- the attribute name.value- the attribute value.- Returns:
- a non-null
Streamof user IDs that match the search criteria.
-
getUserByFederatedIdentity
- Specified by:
getUserByFederatedIdentityin interfaceUserBrokerLinkFederatedStorage
-
addFederatedIdentity
- Specified by:
addFederatedIdentityin interfaceUserBrokerLinkFederatedStorage
-
removeFederatedIdentity
- Specified by:
removeFederatedIdentityin interfaceUserBrokerLinkFederatedStorage
-
preRemove
- Specified by:
preRemovein interfaceUserBrokerLinkFederatedStorage
-
updateFederatedIdentity
- Specified by:
updateFederatedIdentityin interfaceUserBrokerLinkFederatedStorage
-
getFederatedIdentitiesStream
Description copied from interface:UserBrokerLinkFederatedStorageObtains the identities of the federated user identified byuserId.- Specified by:
getFederatedIdentitiesStreamin interfaceUserBrokerLinkFederatedStorage- Parameters:
userId- the user identifier.realm- a reference to the realm.- Returns:
- a non-null
Streamof federated identities associated with the user.
-
getFederatedIdentity
public FederatedIdentityModel getFederatedIdentity(String userId, String socialProvider, RealmModel realm) - Specified by:
getFederatedIdentityin interfaceUserBrokerLinkFederatedStorage
-
addConsent
- Specified by:
addConsentin interfaceUserConsentFederatedStorage
-
getConsentByClient
public UserConsentModel getConsentByClient(RealmModel realm, String userId, String clientInternalId) - Specified by:
getConsentByClientin interfaceUserConsentFederatedStorage
-
getConsentsStream
Description copied from interface:UserConsentFederatedStorageObtains the consents associated with the federated user identified byuserId.- Specified by:
getConsentsStreamin interfaceUserConsentFederatedStorage- Parameters:
realm- a reference to the realm.userId- the user identifier.- Returns:
- a non-null
Streamof consents associated with the user.
-
updateConsent
- Specified by:
updateConsentin interfaceUserConsentFederatedStorage
-
revokeConsentForClient
- Specified by:
revokeConsentForClientin interfaceUserConsentFederatedStorage
-
setNotBeforeForUser
- Specified by:
setNotBeforeForUserin interfaceUserNotBeforeFederatedStorage
-
getNotBeforeOfUser
- Specified by:
getNotBeforeOfUserin interfaceUserNotBeforeFederatedStorage
-
getGroupsStream
Description copied from interface:UserGroupMembershipFederatedStorageObtains the groups associated with the federated user.- Specified by:
getGroupsStreamin interfaceUserGroupMembershipFederatedStorage- Parameters:
realm- a reference to the realm.userId- the user identifier.- Returns:
- a non-null
Streamof groups.
-
joinGroup
- Specified by:
joinGroupin interfaceUserGroupMembershipFederatedStorage
-
leaveGroup
- Specified by:
leaveGroupin interfaceUserGroupMembershipFederatedStorage
-
getMembershipStream
public Stream<String> getMembershipStream(RealmModel realm, GroupModel group, Integer firstResult, Integer max) Description copied from interface:UserGroupMembershipFederatedStorageObtains the federated users that are members of the givengroupin the specifiedrealm.- Specified by:
getMembershipStreamin interfaceUserGroupMembershipFederatedStorage- Parameters:
realm- a reference to the realm.group- a reference to the group whose federated members are being searched.firstResult- first result to return. Ignored if negative ornull.max- maximum number of results to return. Ignored if negative ornull.- Returns:
- a non-null
Streamof federated user ids that are members of the group in the realm.
-
getRoleMembersStream
public Stream<String> getRoleMembersStream(RealmModel realm, RoleModel role, Integer firstResult, Integer max) Description copied from interface:UserRoleMappingsFederatedStorageObtains the federated users that are members of the givenrolein the specifiedrealm.- Specified by:
getRoleMembersStreamin interfaceUserRoleMappingsFederatedStorage- Parameters:
realm- a reference to the realm.role- a reference to the role whose federated members are being searched.firstResult- first result to return. Ignored if negative ornull.max- maximum number of results to return. Ignored if negative ornull.- Returns:
- a non-null
Streamof federated user ids that are members of the role in the realm.
-
getRequiredActionsStream
Description copied from interface:UserRequiredActionsFederatedStorageObtains the names of required actions associated with the federated user identified byuserId.- Specified by:
getRequiredActionsStreamin interfaceUserRequiredActionsFederatedStorage- Parameters:
realm- a reference to the realm.userId- the user identifier.- Returns:
- a non-null
Streamof required action names.
-
addRequiredAction
- Specified by:
addRequiredActionin interfaceUserRequiredActionsFederatedStorage
-
removeRequiredAction
- Specified by:
removeRequiredActionin interfaceUserRequiredActionsFederatedStorage
-
grantRole
- Specified by:
grantRolein interfaceUserRoleMappingsFederatedStorage
-
getRoleMappingsStream
Description copied from interface:UserRoleMappingsFederatedStorageObtains the roles associated with the federated user identified byuserId.- Specified by:
getRoleMappingsStreamin interfaceUserRoleMappingsFederatedStorage- Parameters:
realm- a reference to the realm.userId- the user identifier.- Returns:
- a non-null
Streamof roles.
-
deleteRoleMapping
- Specified by:
deleteRoleMappingin interfaceUserRoleMappingsFederatedStorage
-
updateCredential
- Specified by:
updateCredentialin interfaceUserFederatedUserCredentialStore
-
createCredential
- Specified by:
createCredentialin interfaceUserFederatedUserCredentialStore
-
removeStoredCredential
- Specified by:
removeStoredCredentialin interfaceUserFederatedUserCredentialStore
-
getStoredCredentialById
- Specified by:
getStoredCredentialByIdin interfaceUserFederatedUserCredentialStore
-
toModel
-
getStoredCredentialsStream
Description copied from interface:UserFederatedUserCredentialStoreObtains the credentials associated with the federated user identified byuserId.- Specified by:
getStoredCredentialsStreamin interfaceUserFederatedUserCredentialStore- Parameters:
realm- a reference to the realm.userId- the user identifier.- Returns:
- a non-null
Streamof credentials.
-
getStoredCredentialsByTypeStream
public Stream<CredentialModel> getStoredCredentialsByTypeStream(RealmModel realm, String userId, String type) Description copied from interface:UserFederatedUserCredentialStoreObtains the credentials of typetypethat are associated with the federated user identified byuserId.- Specified by:
getStoredCredentialsByTypeStreamin interfaceUserFederatedUserCredentialStore- Parameters:
realm- a reference to the realm.userId- the user identifier.type- the credential type.- Returns:
- a non-null
Streamof credentials.
-
getStoredCredentialByNameAndType
public CredentialModel getStoredCredentialByNameAndType(RealmModel realm, String userId, String name, String type) - Specified by:
getStoredCredentialByNameAndTypein interfaceUserFederatedUserCredentialStore
-
getStoredUsersStream
Description copied from interface:UserFederatedStorageProviderObtains the ids of all federated users in the realm.- Specified by:
getStoredUsersStreamin interfaceUserFederatedStorageProvider- Parameters:
realm- a reference to the realm.first- first result to return. Ignored if negative ornull.max- maximum number of results to return. Ignored if negative ornull.- Returns:
- a non-null
Streamof federated user ids.
-
updateCredential
- Specified by:
updateCredentialin interfaceUserCredentialStore
-
createCredential
- Specified by:
createCredentialin interfaceUserCredentialStore
-
removeStoredCredential
Description copied from interface:UserCredentialStoreRemoves credential with theidfor theuser.- Specified by:
removeStoredCredentialin interfaceUserCredentialStore- Parameters:
realm- realm.user- userid- id- Returns:
trueif the credential was removed,falseotherwise TODO: Make this method return Boolean so that store can return "I don't know" answer, this can be used for example in async stores
-
getStoredCredentialById
- Specified by:
getStoredCredentialByIdin interfaceUserCredentialStore
-
getStoredCredentialsStream
Description copied from interface:UserCredentialStoreObtains the stored credentials associated with the specified user.- Specified by:
getStoredCredentialsStreamin interfaceUserCredentialStore- Parameters:
realm- a reference to the realm.user- the user whose credentials are being searched.- Returns:
- a non-null
Streamof credentials.
-
getStoredCredentialsByTypeStream
public Stream<CredentialModel> getStoredCredentialsByTypeStream(RealmModel realm, UserModel user, String type) Description copied from interface:UserCredentialStoreObtains the stored credentials associated with the specified user that match the specified type.- Specified by:
getStoredCredentialsByTypeStreamin interfaceUserCredentialStore- Parameters:
realm- a reference to the realm.user- the user whose credentials are being searched.type- the type of credentials being searched.- Returns:
- a non-null
Streamof credentials.
-
getStoredCredentialByNameAndType
public CredentialModel getStoredCredentialByNameAndType(RealmModel realm, UserModel user, String name, String type) - Specified by:
getStoredCredentialByNameAndTypein interfaceUserCredentialStore
-
moveCredentialTo
public boolean moveCredentialTo(RealmModel realm, UserModel user, String id, String newPreviousCredentialId) - Specified by:
moveCredentialToin interfaceUserCredentialStore
-
getStoredUsersCount
- Specified by:
getStoredUsersCountin interfaceUserFederatedStorageProvider
-
preRemove
- Specified by:
preRemovein interfaceUserFederatedStorageProvider
-
preRemove
- Specified by:
preRemovein interfaceUserFederatedStorageProvider
-
preRemove
- Specified by:
preRemovein interfaceUserFederatedStorageProvider
-
preRemove
- Specified by:
preRemovein interfaceUserFederatedStorageProvider
-
preRemove
- Specified by:
preRemovein interfaceUserFederatedStorageProvider
-
preRemove
- Specified by:
preRemovein interfaceUserFederatedStorageProvider
-
preRemove
- Specified by:
preRemovein interfaceUserFederatedStorageProvider
-
preRemove
- Specified by:
preRemovein interfaceUserFederatedStorageProvider
-