org.keycloak.models.cache.infinispan.RealmCacheSession の継承関係図

org.keycloak.models.cache.infinispan.RealmCacheSession 連携図

公開メンバ関数
	RealmCacheSession (RealmCacheManager cache, KeycloakSession session)

long	getStartupRevision ()

boolean	isInvalid (String id)

void	clear ()

MigrationModel	getMigrationModel ()

RealmProvider	getRealmDelegate ()

ClientProvider	getClientDelegate ()

void	registerRealmInvalidation (String id, String name)

void	registerClientInvalidation (String id, String clientId, String realmId)

void	registerClientScopeInvalidation (String id)

void	registerRoleInvalidation (String id, String roleName, String roleContainerId)

void	registerGroupInvalidation (String id)

RealmModel	createRealm (String name)

RealmModel	createRealm (String id, String name)

RealmModel	getRealm (String id)

RealmModel	getRealmByName (String name)

List< RealmModel >	getRealms ()

boolean	removeRealm (String id)

void	evictRealmOnRemoval (RealmModel realm)

ClientModel	addClient (RealmModel realm, String clientId)

ClientModel	addClient (RealmModel realm, String id, String clientId)

List< ClientModel >	getClients (RealmModel realm)

boolean	removeClient (String id, RealmModel realm)

void	close ()

RoleModel	addRealmRole (RealmModel realm, String name)

RoleModel	addRealmRole (RealmModel realm, String id, String name)

Set< RoleModel >	getRealmRoles (RealmModel realm)

Set< RoleModel >	getClientRoles (RealmModel realm, ClientModel client)

RoleModel	addClientRole (RealmModel realm, ClientModel client, String name)

RoleModel	addClientRole (RealmModel realm, ClientModel client, String id, String name)

RoleModel	getRealmRole (RealmModel realm, String name)

RoleModel	getClientRole (RealmModel realm, ClientModel client, String name)

boolean	removeRole (RealmModel realm, RoleModel role)

RoleModel	getRoleById (String id, RealmModel realm)

GroupModel	getGroupById (String id, RealmModel realm)

void	moveGroup (RealmModel realm, GroupModel group, GroupModel toParent)

List< GroupModel >	getGroups (RealmModel realm)

Long	getGroupsCount (RealmModel realm, Boolean onlyTopGroups)

Long	getGroupsCountByNameContaining (RealmModel realm, String search)

List< GroupModel >	getTopLevelGroups (RealmModel realm)

List< GroupModel >	getTopLevelGroups (RealmModel realm, Integer first, Integer max)

List< GroupModel >	searchForGroupByName (RealmModel realm, String search, Integer first, Integer max)

boolean	removeGroup (RealmModel realm, GroupModel group)

GroupModel	createGroup (RealmModel realm, String name)

GroupModel	createGroup (RealmModel realm, String id, String name)

void	addTopLevelGroup (RealmModel realm, GroupModel subGroup)

ClientModel	getClientById (String id, RealmModel realm)

ClientModel	getClientByClientId (String clientId, RealmModel realm)

ClientScopeModel	getClientScopeById (String id, RealmModel realm)

ClientInitialAccessModel	createClientInitialAccessModel (RealmModel realm, int expiration, int count)

ClientInitialAccessModel	getClientInitialAccessModel (RealmModel realm, String id)

void	removeClientInitialAccessModel (RealmModel realm, String id)

List< ClientInitialAccessModel >	listClientInitialAccess (RealmModel realm)

void	removeExpiredClientInitialAccess ()

void	decreaseRemainingCount (RealmModel realm, ClientInitialAccessModel clientInitialAccess)

静的公開変数類
static final String	REALM_CLIENTS_QUERY_SUFFIX = ".realm.clients"

static final String	ROLES_QUERY_SUFFIX = ".roles"

限定公開メンバ関数
void	runInvalidations ()

ClientModel	cacheClient (RealmModel realm, ClientModel delegate, Long revision)

ClientModel	validateCache (RealmModel realm, CachedClient cached)

限定公開変数類
RealmCacheManager	cache

KeycloakSession	session

RealmProvider	realmDelegate

ClientProvider	clientDelegate

boolean	transactionActive

boolean	setRollbackOnly

Map< String, RealmAdapter >	managedRealms = new HashMap<>()

Map< String, ClientModel >	managedApplications = new HashMap<>()

Map< String, ClientScopeAdapter >	managedClientScopes = new HashMap<>()

Map< String, RoleAdapter >	managedRoles = new HashMap<>()

Map< String, GroupAdapter >	managedGroups = new HashMap<>()

Set< String >	listInvalidations = new HashSet<>()

Set< String >	invalidations = new HashSet<>()

Set< InvalidationEvent >	invalidationEvents = new HashSet<>()

boolean	clearAll

final long	startupRevision

静的限定公開変数類
static final Logger	logger = Logger.getLogger(RealmCacheSession.class)

静的関数
static String	getRealmByNameCacheKey (String name)

static String	getRealmClientsQueryCacheKey (String realm)

static String	getGroupsQueryCacheKey (String realm)

static String	getTopGroupsQueryCacheKey (String realm)

static String	getRolesCacheKey (String container)

static String	getRoleByNameCacheKey (String container, String name)

static String	getClientByClientIdCacheKey (String clientId, String realmId)

非公開メンバ関数
void	invalidateClient (String id)

void	invalidateClientScope (String id)

void	roleRemovalInvalidations (String roleId, String roleName, String roleContainerId)

void	invalidateRole (String id)

void	addedRole (String roleId, String roleContainerId)

void	invalidateGroup (String id, String realmId, boolean invalidateQueries)

void	invalidateGroup (String id)

KeycloakTransaction	getPrepareTransaction ()

KeycloakTransaction	getAfterTransaction ()

ClientModel	addedClient (RealmModel realm, ClientModel client)

GroupModel	groupAdded (RealmModel realm, GroupModel group)

void	addGroupEventIfAbsent (InvalidationEvent eventToAdd)

詳解

the high level architecture of this cache is an invalidation cache.
the cache is manual/custom versioned. When a model is updated, we remove it from the cache which causes an invalidation message to be sent across the cluster.
We had to do it this way because Infinispan REPEATABLE_READ wouldn't cut it in invalidation mode. Also, REPEATABLE_READ doesn't work very well on relationships and items that are not in the cache.
There are two Infinispan caches. One clustered that holds actual objects and a another local one that holds revision numbers of cached objects. Whenever a cached object is removed (invalidated), the local revision cache number or that key is bumped higher based on a local version counter. Whenever a cache entry is fetched, this revision number is also fetched and compared against the revision number in the cache entry to see if the cache entry is stale. Whenever a cache entry is added, this revision number is also checked against the revision cache.
Revision entries are actually never removed (although they could be evicted by cache eviction policies). The reason for this is that it is possible for a stale object to be inserted if one thread loads and the data is updated in the database before it is added to the cache. So, we keep the version number around for this.
In a transaction, objects are registered to be invalidated. If an object is marked for invalidation within a transaction a cached object should never be returned. An DB adapter should always be returned.
After DB commits, the objects marked for invalidation are invalidated, or rather removed from the cache. At this time the revision cache entry for this object has its version number bumped.
Whenever an object is marked for invalidation, the cache is also searched for any objects that are related to this object and need to also be evicted/removed. We use the Infinispan Stream SPI for this.

ClientList caches:

lists of clients are cached in a specific cache entry i.e. realm clients, find client by clientId
realm client lists need to be invalidated and evited whenever a client is added or removed from a realm. RealmProvider now has addClient/removeClient at its top level. All adapaters should use these methods so that the appropriate invalidations can be registered.
whenever a client is added/removed the realm of the client is added to a listInvalidations set this set must be checked before sending back or caching a cached query. This check is required to avoid caching an uncommitted removal/add in a query cache.
when a client is removed, any queries that contain that client must also be removed.
a client removal will also cause anything that is contained and cached within that client to be removed

Clustered caches:

There is a Infinispan registered. If an invalidation event happens, this is treated like the object was removed from the database and will perform evictions based on that assumption.
Eviction events will also cascade other evictions, but not assume this is a db removal.
With an invalidation cache, if you remove an entry on node 1 and this entry does not exist on node 2, node 2 will not receive a invalidation event. so, hat we have to put a marker entry in the invalidation cache before we read from the DB, so if the DB changes in between reading and adding a cache entry, the cache will be notified and bump the version information.

DBs with Repeatable Read:

DBs like MySQL are Repeatable Read by default. So, if you query a Client for instance, it will always return the same result in the same transaction even if the DB was updated in between these queries. This makes it possible to store stale cache entries. To avoid this problem, this class stores the current local version counter at the beginningof the transaction. Whenever an entry is added to the cache, the current coutner is compared against the counter at the beginning of the tx. If the current is greater, then don't cache.

Groups and Roles:

roles are tricky because of composites. Composite lists are cached too. So, when a role is removed we also iterate and invalidate any role or group that contains that role being removed.
any relationship should be resolved from session.realms(). For example if JPA.getClientByClientId() is invoked, JPA should find the id of the client and then call session.realms().getClientById(). THis is to ensure that the cached object is invoked and all proper invalidation are being invoked.

著者: Bill Burke

バージョン

Revision: 1

構築子と解体子

◆ RealmCacheSession()

org.keycloak.models.cache.infinispan.RealmCacheSession.RealmCacheSession	(	RealmCacheManager	cache,
		KeycloakSession	session
	)

inline

                                                                                {
         this.cache = cache;
         this.session = session;
         this.startupRevision = cache.getCurrentCounter();
         session.getTransactionManager().enlistPrepare(getPrepareTransaction());
         session.getTransactionManager().enlistAfterCompletion(getAfterTransaction());
     }

関数詳解

◆ addClient() [1/2]

ClientModel org.keycloak.models.cache.infinispan.RealmCacheSession.addClient	(	RealmModel	realm,
		String	clientId
	)

inline

org.keycloak.models.ClientProviderを実装しています。

                                                                     {
         ClientModel client = getRealmDelegate().addClient(realm, clientId);
         return addedClient(realm, client);
     }

◆ addClient() [2/2]

ClientModel org.keycloak.models.cache.infinispan.RealmCacheSession.addClient	(	RealmModel	realm,
		String	id,
		String	clientId
	)

inline

org.keycloak.models.ClientProviderを実装しています。

                                                                                {
         ClientModel client = getRealmDelegate().addClient(realm, id, clientId);
         return addedClient(realm, client);
     }

◆ addClientRole() [1/2]

RoleModel org.keycloak.models.cache.infinispan.RealmCacheSession.addClientRole	(	RealmModel	realm,
		ClientModel	client,
		String	name
	)

inline

org.keycloak.models.ClientProviderを実装しています。

                                                                                       {
         return addClientRole(realm, client, KeycloakModelUtils.generateId(), name);
     }

◆ addClientRole() [2/2]

RoleModel org.keycloak.models.cache.infinispan.RealmCacheSession.addClientRole	(	RealmModel	realm,
		ClientModel	client,
		String	id,
		String	name
	)

inline

org.keycloak.models.ClientProviderを実装しています。

                                                                                                  {
         RoleModel role = getRealmDelegate().addClientRole(realm, client, id, name);
         addedRole(role.getId(), client.getId());
         return role;
     }

◆ addedClient()

ClientModel org.keycloak.models.cache.infinispan.RealmCacheSession.addedClient	(	RealmModel	realm,
		ClientModel	client
	)

inlineprivate

                                                                           {
         logger.trace("added Client.....");
 
         invalidateClient(client.getId());
         // this is needed so that a client that hasn't been committed isn't cached in a query
         listInvalidations.add(realm.getId());
 
         invalidationEvents.add(ClientAddedEvent.create(client.getId(), client.getClientId(), realm.getId()));
         cache.clientAdded(realm.getId(), client.getId(), client.getClientId(), invalidations);
         return client;
     }

◆ addedRole()

void org.keycloak.models.cache.infinispan.RealmCacheSession.addedRole	(	String	roleId,
		String	roleContainerId
	)

inlineprivate

                                                                   {
         // this is needed so that a new role that hasn't been committed isn't cached in a query
         listInvalidations.add(roleContainerId);
 
         invalidateRole(roleId);
         cache.roleAdded(roleContainerId, invalidations);
         invalidationEvents.add(RoleAddedEvent.create(roleId, roleContainerId));
     }

◆ addGroupEventIfAbsent()

void org.keycloak.models.cache.infinispan.RealmCacheSession.addGroupEventIfAbsent ( InvalidationEvent eventToAdd )

inlineprivate

                                                                      {
         String groupId = eventToAdd.getId();
 
         // Check if we have existing event with bigger priority
         boolean eventAlreadyExists = invalidationEvents.stream()
                 .anyMatch((InvalidationEvent event) -> (event.getId().equals(groupId)) &&
                         (event instanceof GroupAddedEvent || event instanceof GroupMovedEvent || event instanceof GroupRemovedEvent));
 
         if (!eventAlreadyExists) {
             invalidationEvents.add(eventToAdd);
         }
     }

◆ addRealmRole() [1/2]

RoleModel org.keycloak.models.cache.infinispan.RealmCacheSession.addRealmRole	(	RealmModel	realm,
		String	name
	)

inline

org.keycloak.models.RealmProviderを実装しています。

                                                                  {
         return addRealmRole(realm, KeycloakModelUtils.generateId(), name);
     }

◆ addRealmRole() [2/2]

RoleModel org.keycloak.models.cache.infinispan.RealmCacheSession.addRealmRole	(	RealmModel	realm,
		String	id,
		String	name
	)

inline

org.keycloak.models.RealmProviderを実装しています。

                                                                             {
         RoleModel role = getRealmDelegate().addRealmRole(realm, id, name);
         addedRole(role.getId(), realm.getId());
         return role;
     }

◆ addTopLevelGroup()

void org.keycloak.models.cache.infinispan.RealmCacheSession.addTopLevelGroup	(	RealmModel	realm,
		GroupModel	subGroup
	)

inline

org.keycloak.models.RealmProviderを実装しています。

                                                                         {
         invalidateGroup(subGroup.getId(), realm.getId(), true);
         if (subGroup.getParentId() != null) {
             invalidateGroup(subGroup.getParentId(), realm.getId(), false); // Queries already invalidated
         }
 
         addGroupEventIfAbsent(GroupMovedEvent.create(subGroup, null, realm.getId()));
 
         getRealmDelegate().addTopLevelGroup(realm, subGroup);
 
     }

◆ cacheClient()

ClientModel org.keycloak.models.cache.infinispan.RealmCacheSession.cacheClient	(	RealmModel	realm,
		ClientModel	delegate,
		Long	revision
	)

inlineprotected

                                                                                              {
         if (invalidations.contains(delegate.getId())) return delegate;
         StorageId storageId = new StorageId(delegate.getId());
         CachedClient cached = null;
         ClientAdapter adapter = null;
 
         if (!storageId.isLocal()) {
             ComponentModel component = realm.getComponent(storageId.getProviderId());
             ClientStorageProviderModel model = new ClientStorageProviderModel(component);
             if (!model.isEnabled()) {
                 return delegate;
             }
             ClientStorageProviderModel.CachePolicy policy = model.getCachePolicy();
             if (policy != null && policy == ClientStorageProviderModel.CachePolicy.NO_CACHE) {
                 return delegate;
             }
 
             cached = new CachedClient(revision, realm, delegate);
             adapter = new ClientAdapter(realm, cached, this);
 
             long lifespan = model.getLifespan();
             if (lifespan > 0) {
                 cache.addRevisioned(cached, startupRevision, lifespan);
             } else {
                 cache.addRevisioned(cached, startupRevision);
             }
         } else {
             cached = new CachedClient(revision, realm, delegate);
             adapter = new ClientAdapter(realm, cached, this);
             cache.addRevisioned(cached, startupRevision);
         }
 
         return adapter;
     }

◆ clear()

void org.keycloak.models.cache.infinispan.RealmCacheSession.clear ( )

inline

org.keycloak.models.cache.CacheRealmProviderを実装しています。

                         {
         ClusterProvider cluster = session.getProvider(ClusterProvider.class);
         cluster.notify(InfinispanCacheRealmProviderFactory.REALM_CLEAR_CACHE_EVENTS, new ClearCacheEvent(), false, ClusterProvider.DCNotify.ALL_DCS);
     }

◆ close()

void org.keycloak.models.cache.infinispan.RealmCacheSession.close ( )

inline

org.keycloak.models.RealmProviderを実装しています。

                         {
         if (realmDelegate != null) realmDelegate.close();
         if (clientDelegate != null) clientDelegate.close();
     }

◆ createClientInitialAccessModel()

ClientInitialAccessModel org.keycloak.models.cache.infinispan.RealmCacheSession.createClientInitialAccessModel	(	RealmModel	realm,
		int	expiration,
		int	count
	)

inline

org.keycloak.models.RealmProviderを実装しています。

                                                                                                                 {
         return getRealmDelegate().createClientInitialAccessModel(realm, expiration, count);
     }

◆ createGroup() [1/2]

GroupModel org.keycloak.models.cache.infinispan.RealmCacheSession.createGroup	(	RealmModel	realm,
		String	name
	)

inline

org.keycloak.models.RealmProviderを実装しています。

                                                                  {
         GroupModel group = getRealmDelegate().createGroup(realm, name);
         return groupAdded(realm, group);
     }

◆ createGroup() [2/2]

GroupModel org.keycloak.models.cache.infinispan.RealmCacheSession.createGroup	(	RealmModel	realm,
		String	id,
		String	name
	)

inline

org.keycloak.models.RealmProviderを実装しています。

                                                                             {
         GroupModel group = getRealmDelegate().createGroup(realm, id, name);
         return groupAdded(realm, group);
     }

◆ createRealm() [1/2]

RealmModel org.keycloak.models.cache.infinispan.RealmCacheSession.createRealm ( String name )

inline

org.keycloak.models.RealmProviderを実装しています。

                                                {
         RealmModel realm = getRealmDelegate().createRealm(name);
         registerRealmInvalidation(realm.getId(), realm.getName());
         return realm;
     }

◆ createRealm() [2/2]

RealmModel org.keycloak.models.cache.infinispan.RealmCacheSession.createRealm	(	String	id,
		String	name
	)

inline

org.keycloak.models.RealmProviderを実装しています。

                                                           {
         RealmModel realm =  getRealmDelegate().createRealm(id, name);
         registerRealmInvalidation(realm.getId(), realm.getName());
         return realm;
     }

◆ decreaseRemainingCount()

void org.keycloak.models.cache.infinispan.RealmCacheSession.decreaseRemainingCount	(	RealmModel	realm,
		ClientInitialAccessModel	clientInitialAccess
	)

inline

org.keycloak.models.RealmProviderを実装しています。

                                                                                                        {
         getRealmDelegate().decreaseRemainingCount(realm, clientInitialAccess);
     }

◆ evictRealmOnRemoval()

void org.keycloak.models.cache.infinispan.RealmCacheSession.evictRealmOnRemoval ( RealmModel realm )

inline

                                                       {
         cache.invalidateObject(realm.getId());
         invalidationEvents.add(RealmRemovedEvent.create(realm.getId(), realm.getName()));
         cache.realmRemoval(realm.getId(), realm.getName(), invalidations);
     }

◆ getAfterTransaction()

KeycloakTransaction org.keycloak.models.cache.infinispan.RealmCacheSession.getAfterTransaction ( )

inlineprivate

                                                       {
         return new KeycloakTransaction() {
             @Override
             public void begin() {
                 transactionActive = true;
             }
 
             @Override
             public void commit() {
                 try {
                     if (clearAll) {
                         cache.clear();
                     }
                     runInvalidations();
                     transactionActive = false;
                 } finally {
                     cache.endRevisionBatch();
                 }
             }
 
             @Override
             public void rollback() {
                 try {
                     setRollbackOnly = true;
                     runInvalidations();
                     transactionActive = false;
                 } finally {
                     cache.endRevisionBatch();
                 }
             }
 
             @Override
             public void setRollbackOnly() {
                 setRollbackOnly = true;
             }
 
             @Override
             public boolean getRollbackOnly() {
                 return setRollbackOnly;
             }
 
             @Override
             public boolean isActive() {
                 return transactionActive;
             }
         };
     }

◆ getClientByClientId()

ClientModel org.keycloak.models.cache.infinispan.RealmCacheSession.getClientByClientId	(	String	clientId,
		RealmModel	realm
	)

inline

org.keycloak.storage.client.ClientLookupProviderを実装しています。

                                                                               {
         String cacheKey = getClientByClientIdCacheKey(clientId, realm.getId());
         ClientListQuery query = cache.get(cacheKey, ClientListQuery.class);
         String id = null;
 
         if (query != null) {
             logger.tracev("client by name cache hit: {0}", clientId);
         }
 
         if (query == null) {
             Long loaded = cache.getCurrentRevision(cacheKey);
             ClientModel model = getClientDelegate().getClientByClientId(clientId, realm);
             if (model == null) return null;
             if (invalidations.contains(model.getId())) return model;
             id = model.getId();
             query = new ClientListQuery(loaded, cacheKey, realm, id);
             logger.tracev("adding client by name cache miss: {0}", clientId);
             cache.addRevisioned(query, startupRevision);
         } else if (invalidations.contains(cacheKey)) {
             return getClientDelegate().getClientByClientId(clientId, realm);
         } else {
             id = query.getClients().iterator().next();
             if (invalidations.contains(id)) {
                 return getClientDelegate().getClientByClientId(clientId, realm);
             }
         }
         return getClientById(id, realm);
     }

◆ getClientByClientIdCacheKey()

static String org.keycloak.models.cache.infinispan.RealmCacheSession.getClientByClientIdCacheKey	(	String	clientId,
		String	realmId
	)

inlinestaticpackage

                                                                                {
         return realmId + ".client.query.by.clientId." + clientId;
     }

◆ getClientById()

ClientModel org.keycloak.models.cache.infinispan.RealmCacheSession.getClientById	(	String	id,
		RealmModel	realm
	)

inline

org.keycloak.storage.client.ClientLookupProviderを実装しています。

                                                                   {
         CachedClient cached = cache.get(id, CachedClient.class);
         if (cached != null && !cached.getRealm().equals(realm.getId())) {
             cached = null;
         }
         if (cached != null) {
             logger.tracev("client by id cache hit: {0}", cached.getClientId());
         }
 
         if (cached == null) {
             Long loaded = cache.getCurrentRevision(id);
             ClientModel model = getClientDelegate().getClientById(id, realm);
             if (model == null) return null;
             ClientModel adapter = cacheClient(realm, model, loaded);
             managedApplications.put(id, adapter);
             return adapter;
         } else if (invalidations.contains(id)) {
             return getRealmDelegate().getClientById(id, realm);
         } else if (managedApplications.containsKey(id)) {
             return managedApplications.get(id);
         }
         ClientModel adapter = validateCache(realm, cached);
         managedApplications.put(id, adapter);
         return adapter;
     }

◆ getClientDelegate()

ClientProvider org.keycloak.models.cache.infinispan.RealmCacheSession.getClientDelegate ( )

inline

                                               {
         if (!transactionActive) throw new IllegalStateException("Cannot access delegate without a transaction");
         if (clientDelegate != null) return clientDelegate;
         clientDelegate = session.clientStorageManager();
         return clientDelegate;
     }

◆ getClientInitialAccessModel()

ClientInitialAccessModel org.keycloak.models.cache.infinispan.RealmCacheSession.getClientInitialAccessModel	(	RealmModel	realm,
		String	id
	)

inline

org.keycloak.models.RealmProviderを実装しています。

                                                                                              {
         return getRealmDelegate().getClientInitialAccessModel(realm, id);
     }

◆ getClientRole()

RoleModel org.keycloak.models.cache.infinispan.RealmCacheSession.getClientRole	(	RealmModel	realm,
		ClientModel	client,
		String	name
	)

inline

org.keycloak.models.ClientProviderを実装しています。

                                                                                       {
         String cacheKey = getRoleByNameCacheKey(client.getId(), name);
         boolean queryDB = invalidations.contains(cacheKey) || listInvalidations.contains(client.getId());
         if (queryDB) {
             return getRealmDelegate().getClientRole(realm, client, name);
         }
 
         RoleListQuery query = cache.get(cacheKey, RoleListQuery.class);
         if (query != null) {
             logger.tracev("getClientRole cache hit: {0}.{1}", client.getClientId(), name);
         }
 
         if (query == null) {
             Long loaded = cache.getCurrentRevision(cacheKey);
             RoleModel model = getRealmDelegate().getClientRole(realm, client, name);
             if (model == null) return null;
             query = new RoleListQuery(loaded, cacheKey, realm, model.getId(), client.getClientId());
             logger.tracev("adding client role cache miss: client {0} key {1}", client.getClientId(), cacheKey);
             cache.addRevisioned(query, startupRevision);
             return model;
         }
         RoleModel role = getRoleById(query.getRoles().iterator().next(), realm);
         if (role == null) {
             invalidations.add(cacheKey);
             return getRealmDelegate().getClientRole(realm, client, name);
         }
         return role;
     }

◆ getClientRoles()

Set<RoleModel> org.keycloak.models.cache.infinispan.RealmCacheSession.getClientRoles	(	RealmModel	realm,
		ClientModel	client
	)

inline

org.keycloak.models.ClientProviderを実装しています。

                                                                                {
         String cacheKey = getRolesCacheKey(client.getId());
         boolean queryDB = invalidations.contains(cacheKey) || listInvalidations.contains(client.getId());
         if (queryDB) {
             return getRealmDelegate().getClientRoles(realm, client);
         }
 
         RoleListQuery query = cache.get(cacheKey, RoleListQuery.class);
         if (query != null) {
             logger.tracev("getClientRoles cache hit: {0}", client.getClientId());
         }
 
         if (query == null) {
             Long loaded = cache.getCurrentRevision(cacheKey);
             Set<RoleModel> model = getRealmDelegate().getClientRoles(realm, client);
             if (model == null) return null;
             Set<String> ids = new HashSet<>();
             for (RoleModel role : model) ids.add(role.getId());
             query = new RoleListQuery(loaded, cacheKey, realm, ids, client.getClientId());
             logger.tracev("adding client roles cache miss: client {0} key {1}", client.getClientId(), cacheKey);
             cache.addRevisioned(query, startupRevision);
             return model;
         }
         Set<RoleModel> list = new HashSet<>();
         for (String id : query.getRoles()) {
             RoleModel role = session.realms().getRoleById(id, realm);
             if (role == null) {
                 invalidations.add(cacheKey);
                 return getRealmDelegate().getClientRoles(realm, client);
             }
             list.add(role);
         }
         return list;
     }

◆ getClients()

List<ClientModel> org.keycloak.models.cache.infinispan.RealmCacheSession.getClients ( RealmModel realm )

inline

org.keycloak.models.ClientProviderを実装しています。

                                                           {
         String cacheKey = getRealmClientsQueryCacheKey(realm.getId());
         boolean queryDB = invalidations.contains(cacheKey) || listInvalidations.contains(realm.getId());
         if (queryDB) {
             return getClientDelegate().getClients(realm);
         }
 
         ClientListQuery query = cache.get(cacheKey, ClientListQuery.class);
         if (query != null) {
             logger.tracev("getClients cache hit: {0}", realm.getName());
         }
 
         if (query == null) {
             Long loaded = cache.getCurrentRevision(cacheKey);
             List<ClientModel> model = getClientDelegate().getClients(realm);
             if (model == null) return null;
             Set<String> ids = new HashSet<>();
             for (ClientModel client : model) ids.add(client.getId());
             query = new ClientListQuery(loaded, cacheKey, realm, ids);
             logger.tracev("adding realm clients cache miss: realm {0} key {1}", realm.getName(), cacheKey);
             cache.addRevisioned(query, startupRevision);
             return model;
         }
         List<ClientModel> list = new LinkedList<>();
         for (String id : query.getClients()) {
             ClientModel client = session.realms().getClientById(id, realm);
             if (client == null) {
                 // TODO: Handle with cluster invalidations too
                 invalidations.add(cacheKey);
                 return getRealmDelegate().getClients(realm);
             }
             list.add(client);
         }
         return list;
     }

◆ getClientScopeById()

ClientScopeModel org.keycloak.models.cache.infinispan.RealmCacheSession.getClientScopeById	(	String	id,
		RealmModel	realm
	)

inline

org.keycloak.models.RealmProviderを実装しています。

                                                                             {
         CachedClientScope cached = cache.get(id, CachedClientScope.class);
         if (cached != null && !cached.getRealm().equals(realm.getId())) {
             cached = null;
         }
 
         if (cached == null) {
             Long loaded = cache.getCurrentRevision(id);
             ClientScopeModel model = getRealmDelegate().getClientScopeById(id, realm);
             if (model == null) return null;
             if (invalidations.contains(id)) return model;
             cached = new CachedClientScope(loaded, realm, model);
             cache.addRevisioned(cached, startupRevision);
         } else if (invalidations.contains(id)) {
             return getRealmDelegate().getClientScopeById(id, realm);
         } else if (managedClientScopes.containsKey(id)) {
             return managedClientScopes.get(id);
         }
         ClientScopeAdapter adapter = new ClientScopeAdapter(realm, cached, this);
         managedClientScopes.put(id, adapter);
         return adapter;
     }

◆ getGroupById()

GroupModel org.keycloak.models.cache.infinispan.RealmCacheSession.getGroupById	(	String	id,
		RealmModel	realm
	)

inline

org.keycloak.models.RealmProviderを実装しています。

                                                                 {
         CachedGroup cached = cache.get(id, CachedGroup.class);
         if (cached != null && !cached.getRealm().equals(realm.getId())) {
             cached = null;
         }
 
         if (cached == null) {
             Long loaded = cache.getCurrentRevision(id);
             GroupModel model = getRealmDelegate().getGroupById(id, realm);
             if (model == null) return null;
             if (invalidations.contains(id)) return model;
             cached = new CachedGroup(loaded, realm, model);
             cache.addRevisioned(cached, startupRevision);
 
         } else if (invalidations.contains(id)) {
             return getRealmDelegate().getGroupById(id, realm);
         } else if (managedGroups.containsKey(id)) {
             return managedGroups.get(id);
         }
         GroupAdapter adapter = new GroupAdapter(cached, this, session, realm);
         managedGroups.put(id, adapter);
         return adapter;
     }

◆ getGroups()

List<GroupModel> org.keycloak.models.cache.infinispan.RealmCacheSession.getGroups ( RealmModel realm )

inline

org.keycloak.models.RealmProviderを実装しています。

                                                         {
         String cacheKey = getGroupsQueryCacheKey(realm.getId());
         boolean queryDB = invalidations.contains(cacheKey) || listInvalidations.contains(realm.getId());
         if (queryDB) {
             return getRealmDelegate().getGroups(realm);
         }
 
         GroupListQuery query = cache.get(cacheKey, GroupListQuery.class);
         if (query != null) {
             logger.tracev("getGroups cache hit: {0}", realm.getName());
         }
 
         if (query == null) {
             Long loaded = cache.getCurrentRevision(cacheKey);
             List<GroupModel> model = getRealmDelegate().getGroups(realm);
             if (model == null) return null;
             Set<String> ids = new HashSet<>();
             for (GroupModel client : model) ids.add(client.getId());
             query = new GroupListQuery(loaded, cacheKey, realm, ids);
             logger.tracev("adding realm getGroups cache miss: realm {0} key {1}", realm.getName(), cacheKey);
             cache.addRevisioned(query, startupRevision);
             return model;
         }
         List<GroupModel> list = new LinkedList<>();
         for (String id : query.getGroups()) {
             GroupModel group = session.realms().getGroupById(id, realm);
             if (group == null) {
                 invalidations.add(cacheKey);
                 return getRealmDelegate().getGroups(realm);
             }
             list.add(group);
         }
 
         list.sort(Comparator.comparing(GroupModel::getName));
 
         return list;
     }

◆ getGroupsCount()

Long org.keycloak.models.cache.infinispan.RealmCacheSession.getGroupsCount	(	RealmModel	realm,
		Boolean	onlyTopGroups
	)

inline

org.keycloak.models.RealmProviderを実装しています。

                                                                         {
         return getRealmDelegate().getGroupsCount(realm, onlyTopGroups);
     }

◆ getGroupsCountByNameContaining()

Long org.keycloak.models.cache.infinispan.RealmCacheSession.getGroupsCountByNameContaining	(	RealmModel	realm,
		String	search
	)

inline

org.keycloak.models.RealmProviderを実装しています。

                                                                                 {
         return getRealmDelegate().getGroupsCountByNameContaining(realm, search);
     }

◆ getGroupsQueryCacheKey()

static String org.keycloak.models.cache.infinispan.RealmCacheSession.getGroupsQueryCacheKey ( String realm )

inlinestaticpackage

                                                        {
         return realm + ".groups";
     }

◆ getMigrationModel()

MigrationModel org.keycloak.models.cache.infinispan.RealmCacheSession.getMigrationModel ( )

inline

org.keycloak.models.RealmProviderを実装しています。

                                               {
         return getRealmDelegate().getMigrationModel();
     }

◆ getPrepareTransaction()

KeycloakTransaction org.keycloak.models.cache.infinispan.RealmCacheSession.getPrepareTransaction ( )

inlineprivate

                                                         {
         return new KeycloakTransaction() {
             @Override
             public void begin() {
                 transactionActive = true;
             }
 
             @Override
             public void commit() {
                 /*  THIS WAS CAUSING DEADLOCK IN A CLUSTER
                 if (delegate == null) return;
                 List<String> locks = new LinkedList<>();
                 locks.addAll(invalidations);
 
                 Collections.sort(locks); // lock ordering
                 cache.getRevisions().startBatch();
 
                 if (!locks.isEmpty()) cache.getRevisions().getAdvancedCache().lock(locks);
                 */
 
             }
 
             @Override
             public void rollback() {
                 setRollbackOnly = true;
                 transactionActive = false;
             }
 
             @Override
             public void setRollbackOnly() {
                 setRollbackOnly = true;
             }
 
             @Override
             public boolean getRollbackOnly() {
                 return setRollbackOnly;
             }
 
             @Override
             public boolean isActive() {
                 return transactionActive;
             }
         };
     }

◆ getRealm()

RealmModel org.keycloak.models.cache.infinispan.RealmCacheSession.getRealm ( String id )

inline

org.keycloak.models.RealmProviderを実装しています。

                                           {
         CachedRealm cached = cache.get(id, CachedRealm.class);
         if (cached != null) {
             logger.tracev("by id cache hit: {0}", cached.getName());
         }
         boolean wasCached = false;
         if (cached == null) {
             Long loaded = cache.getCurrentRevision(id);
             RealmModel model = getRealmDelegate().getRealm(id);
             if (model == null) return null;
             if (invalidations.contains(id)) return model;
             cached = new CachedRealm(loaded, model);
             cache.addRevisioned(cached, startupRevision);
             wasCached =true;
         } else if (invalidations.contains(id)) {
             return getRealmDelegate().getRealm(id);
         } else if (managedRealms.containsKey(id)) {
             return managedRealms.get(id);
         }
         RealmAdapter adapter = new RealmAdapter(session, cached, this);
         if (wasCached) {
             CachedRealmModel.RealmCachedEvent event = new CachedRealmModel.RealmCachedEvent() {
                 @Override
                 public CachedRealmModel getRealm() {
                     return adapter;
                 }
 
                 @Override
                 public KeycloakSession getKeycloakSession() {
                     return session;
                 }
             };
             session.getKeycloakSessionFactory().publish(event);
         }
         managedRealms.put(id, adapter);
         return adapter;
     }

◆ getRealmByName()

RealmModel org.keycloak.models.cache.infinispan.RealmCacheSession.getRealmByName ( String name )

inline

org.keycloak.models.RealmProviderを実装しています。

                                                   {
         String cacheKey = getRealmByNameCacheKey(name);
         RealmListQuery query = cache.get(cacheKey, RealmListQuery.class);
         if (query != null) {
             logger.tracev("realm by name cache hit: {0}", name);
         }
         if (query == null) {
             Long loaded = cache.getCurrentRevision(cacheKey);
             RealmModel model = getRealmDelegate().getRealmByName(name);
             if (model == null) return null;
             if (invalidations.contains(model.getId())) return model;
             query = new RealmListQuery(loaded, cacheKey, model.getId());
             cache.addRevisioned(query, startupRevision);
             return model;
         } else if (invalidations.contains(cacheKey)) {
             return getRealmDelegate().getRealmByName(name);
         } else {
             String realmId = query.getRealms().iterator().next();
             if (invalidations.contains(realmId)) {
                 return getRealmDelegate().getRealmByName(name);
             }
             return getRealm(realmId);
         }
     }

◆ getRealmByNameCacheKey()

static String org.keycloak.models.cache.infinispan.RealmCacheSession.getRealmByNameCacheKey ( String name )

inlinestaticpackage

                                                       {
         return "realm.query.by.name." + name;
     }

◆ getRealmClientsQueryCacheKey()

static String org.keycloak.models.cache.infinispan.RealmCacheSession.getRealmClientsQueryCacheKey ( String realm )

inlinestaticpackage

                                                              {
         return realm + REALM_CLIENTS_QUERY_SUFFIX;
     }

◆ getRealmDelegate()

RealmProvider org.keycloak.models.cache.infinispan.RealmCacheSession.getRealmDelegate ( )

inline

org.keycloak.models.cache.CacheRealmProviderを実装しています。

                                             {
         if (!transactionActive) throw new IllegalStateException("Cannot access delegate without a transaction");
         if (realmDelegate != null) return realmDelegate;
         realmDelegate = session.realmLocalStorage();
         return realmDelegate;
     }

◆ getRealmRole()

RoleModel org.keycloak.models.cache.infinispan.RealmCacheSession.getRealmRole	(	RealmModel	realm,
		String	name
	)

inline

org.keycloak.models.RealmProviderを実装しています。

                                                                  {
         String cacheKey = getRoleByNameCacheKey(realm.getId(), name);
         boolean queryDB = invalidations.contains(cacheKey) || listInvalidations.contains(realm.getId());
         if (queryDB) {
             return getRealmDelegate().getRealmRole(realm, name);
         }
 
         RoleListQuery query = cache.get(cacheKey, RoleListQuery.class);
         if (query != null) {
             logger.tracev("getRealmRole cache hit: {0}.{1}", realm.getName(), name);
         }
 
         if (query == null) {
             Long loaded = cache.getCurrentRevision(cacheKey);
             RoleModel model = getRealmDelegate().getRealmRole(realm, name);
             if (model == null) return null;
             query = new RoleListQuery(loaded, cacheKey, realm, model.getId());
             logger.tracev("adding realm role cache miss: client {0} key {1}", realm.getName(), cacheKey);
             cache.addRevisioned(query, startupRevision);
             return model;
         }
         RoleModel role = getRoleById(query.getRoles().iterator().next(), realm);
         if (role == null) {
             invalidations.add(cacheKey);
             return getRealmDelegate().getRealmRole(realm, name);
         }
         return role;
     }

◆ getRealmRoles()

Set<RoleModel> org.keycloak.models.cache.infinispan.RealmCacheSession.getRealmRoles ( RealmModel realm )

inline

org.keycloak.models.RealmProviderを実装しています。

                                                           {
         String cacheKey = getRolesCacheKey(realm.getId());
         boolean queryDB = invalidations.contains(cacheKey) || listInvalidations.contains(realm.getId());
         if (queryDB) {
             return getRealmDelegate().getRealmRoles(realm);
         }
 
         RoleListQuery query = cache.get(cacheKey, RoleListQuery.class);
         if (query != null) {
             logger.tracev("getRealmRoles cache hit: {0}", realm.getName());
         }
 
         if (query == null) {
             Long loaded = cache.getCurrentRevision(cacheKey);
             Set<RoleModel> model = getRealmDelegate().getRealmRoles(realm);
             if (model == null) return null;
             Set<String> ids = new HashSet<>();
             for (RoleModel role : model) ids.add(role.getId());
             query = new RoleListQuery(loaded, cacheKey, realm, ids);
             logger.tracev("adding realm roles cache miss: realm {0} key {1}", realm.getName(), cacheKey);
             cache.addRevisioned(query, startupRevision);
             return model;
         }
         Set<RoleModel> list = new HashSet<>();
         for (String id : query.getRoles()) {
             RoleModel role = session.realms().getRoleById(id, realm);
             if (role == null) {
                 invalidations.add(cacheKey);
                 return getRealmDelegate().getRealmRoles(realm);
             }
             list.add(role);
         }
         return list;
     }

◆ getRealms()

List<RealmModel> org.keycloak.models.cache.infinispan.RealmCacheSession.getRealms ( )

inline

org.keycloak.models.RealmProviderを実装しています。

                                         {
         // Retrieve realms from backend
         List<RealmModel> backendRealms = getRealmDelegate().getRealms();
 
         // Return cache delegates to ensure cache invalidated during write operations
         List<RealmModel> cachedRealms = new LinkedList<RealmModel>();
         for (RealmModel realm : backendRealms) {
             RealmModel cached = getRealm(realm.getId());
             cachedRealms.add(cached);
         }
         return cachedRealms;
     }

◆ getRoleById()

RoleModel org.keycloak.models.cache.infinispan.RealmCacheSession.getRoleById	(	String	id,
		RealmModel	realm
	)

inline

org.keycloak.models.RealmProviderを実装しています。

                                                               {
         CachedRole cached = cache.get(id, CachedRole.class);
         if (cached != null && !cached.getRealm().equals(realm.getId())) {
             cached = null;
         }
 
         if (cached == null) {
             Long loaded = cache.getCurrentRevision(id);
             RoleModel model = getRealmDelegate().getRoleById(id, realm);
             if (model == null) return null;
             if (invalidations.contains(id)) return model;
             if (model.isClientRole()) {
                 cached = new CachedClientRole(loaded, model.getContainerId(), model, realm);
             } else {
                 cached = new CachedRealmRole(loaded, model, realm);
             }
             cache.addRevisioned(cached, startupRevision);
 
         } else if (invalidations.contains(id)) {
             return getRealmDelegate().getRoleById(id, realm);
         } else if (managedRoles.containsKey(id)) {
             return managedRoles.get(id);
         }
         RoleAdapter adapter = new RoleAdapter(cached,this, realm);
         managedRoles.put(id, adapter);
         return adapter;
     }

◆ getRoleByNameCacheKey()

static String org.keycloak.models.cache.infinispan.RealmCacheSession.getRoleByNameCacheKey	(	String	container,
		String	name
	)

inlinestaticpackage

                                                                        {
         return container + "." + name + ROLES_QUERY_SUFFIX;
     }

◆ getRolesCacheKey()

static String org.keycloak.models.cache.infinispan.RealmCacheSession.getRolesCacheKey ( String container )

inlinestaticpackage

                                                      {
         return container + ROLES_QUERY_SUFFIX;
     }

◆ getStartupRevision()

long org.keycloak.models.cache.infinispan.RealmCacheSession.getStartupRevision ( )

inline

                                      {
         return startupRevision;
     }

◆ getTopGroupsQueryCacheKey()

static String org.keycloak.models.cache.infinispan.RealmCacheSession.getTopGroupsQueryCacheKey ( String realm )

inlinestaticpackage

                                                           {
         return realm + ".top.groups";
     }

◆ getTopLevelGroups() [1/2]

List<GroupModel> org.keycloak.models.cache.infinispan.RealmCacheSession.getTopLevelGroups ( RealmModel realm )

inline

org.keycloak.models.RealmProviderを実装しています。

                                                                 {
         String cacheKey = getTopGroupsQueryCacheKey(realm.getId());
         boolean queryDB = invalidations.contains(cacheKey) || listInvalidations.contains(realm.getId());
         if (queryDB) {
             return getRealmDelegate().getTopLevelGroups(realm);
         }
 
         GroupListQuery query = cache.get(cacheKey, GroupListQuery.class);
         if (query != null) {
             logger.tracev("getTopLevelGroups cache hit: {0}", realm.getName());
         }
 
         if (query == null) {
             Long loaded = cache.getCurrentRevision(cacheKey);
             List<GroupModel> model = getRealmDelegate().getTopLevelGroups(realm);
             if (model == null) return null;
             Set<String> ids = new HashSet<>();
             for (GroupModel client : model) ids.add(client.getId());
             query = new GroupListQuery(loaded, cacheKey, realm, ids);
             logger.tracev("adding realm getTopLevelGroups cache miss: realm {0} key {1}", realm.getName(), cacheKey);
             cache.addRevisioned(query, startupRevision);
             return model;
         }
         List<GroupModel> list = new LinkedList<>();
         for (String id : query.getGroups()) {
             GroupModel group = session.realms().getGroupById(id, realm);
             if (group == null) {
                 invalidations.add(cacheKey);
                 return getRealmDelegate().getTopLevelGroups(realm);
             }
             list.add(group);
         }
 
         list.sort(Comparator.comparing(GroupModel::getName));
 
         return list;
     }

◆ getTopLevelGroups() [2/2]

List<GroupModel> org.keycloak.models.cache.infinispan.RealmCacheSession.getTopLevelGroups	(	RealmModel	realm,
		Integer	first,
		Integer	max
	)

inline

org.keycloak.models.RealmProviderを実装しています。

                                                                                             {
         String cacheKey = getTopGroupsQueryCacheKey(realm.getId() + first + max);
         boolean queryDB = invalidations.contains(cacheKey) || listInvalidations.contains(realm.getId() + first + max);
         if (queryDB) {
             return getRealmDelegate().getTopLevelGroups(realm, first, max);
         }
 
         GroupListQuery query = cache.get(cacheKey, GroupListQuery.class);
         if (Objects.nonNull(query)) {
             logger.tracev("getTopLevelGroups cache hit: {0}", realm.getName());
         }
 
         if (Objects.isNull(query)) {
             Long loaded = cache.getCurrentRevision(cacheKey);
             List<GroupModel> model = getRealmDelegate().getTopLevelGroups(realm, first, max);
             if (model == null) return null;
             Set<String> ids = new HashSet<>();
             for (GroupModel client : model) ids.add(client.getId());
             query = new GroupListQuery(loaded, cacheKey, realm, ids);
             logger.tracev("adding realm getTopLevelGroups cache miss: realm {0} key {1}", realm.getName(), cacheKey);
             cache.addRevisioned(query, startupRevision);
             return model;
         }
         List<GroupModel> list = new LinkedList<>();
         for (String id : query.getGroups()) {
             GroupModel group = session.realms().getGroupById(id, realm);
             if (Objects.isNull(group)) {
                 invalidations.add(cacheKey);
                 return getRealmDelegate().getTopLevelGroups(realm);
             }
             list.add(group);
         }
 
         list.sort(Comparator.comparing(GroupModel::getName));
 
         return list;
     }

◆ groupAdded()

GroupModel org.keycloak.models.cache.infinispan.RealmCacheSession.groupAdded	(	RealmModel	realm,
		GroupModel	group
	)

inlineprivate

                                                                       {
         listInvalidations.add(realm.getId());
         cache.groupQueriesInvalidations(realm.getId(), invalidations);
         invalidations.add(group.getId());
         invalidationEvents.add(GroupAddedEvent.create(group.getId(), realm.getId()));
         return group;
     }

◆ invalidateClient()

void org.keycloak.models.cache.infinispan.RealmCacheSession.invalidateClient ( String id )

inlineprivate

                                              {
         invalidations.add(id);
         ClientModel adapter = managedApplications.get(id);
         if (adapter != null && adapter instanceof ClientAdapter) ((ClientAdapter)adapter).invalidate();
     }

◆ invalidateClientScope()

void org.keycloak.models.cache.infinispan.RealmCacheSession.invalidateClientScope ( String id )

inlineprivate

                                                   {
         invalidations.add(id);
         ClientScopeAdapter adapter = managedClientScopes.get(id);
         if (adapter != null) adapter.invalidate();
     }

◆ invalidateGroup() [1/2]

void org.keycloak.models.cache.infinispan.RealmCacheSession.invalidateGroup	(	String	id,
		String	realmId,
		boolean	invalidateQueries
	)

inlineprivate

                                                                                        {
         invalidateGroup(id);
         if (invalidateQueries) {
             cache.groupQueriesInvalidations(realmId, invalidations);
         }
     }

◆ invalidateGroup() [2/2]

void org.keycloak.models.cache.infinispan.RealmCacheSession.invalidateGroup ( String id )

inlineprivate

                                             {
         invalidations.add(id);
         GroupAdapter adapter = managedGroups.get(id);
         if (adapter != null) adapter.invalidate();
     }

◆ invalidateRole()

void org.keycloak.models.cache.infinispan.RealmCacheSession.invalidateRole ( String id )

inlineprivate

                                            {
         invalidations.add(id);
         RoleAdapter adapter = managedRoles.get(id);
         if (adapter != null) adapter.invalidate();
     }

◆ isInvalid()

boolean org.keycloak.models.cache.infinispan.RealmCacheSession.isInvalid ( String id )

inline

                                         {
         return invalidations.contains(id);
     }

◆ listClientInitialAccess()

List<ClientInitialAccessModel> org.keycloak.models.cache.infinispan.RealmCacheSession.listClientInitialAccess ( RealmModel realm )

inline

org.keycloak.models.RealmProviderを実装しています。

                                                                                     {
         return getRealmDelegate().listClientInitialAccess(realm);
     }

◆ moveGroup()

void org.keycloak.models.cache.infinispan.RealmCacheSession.moveGroup	(	RealmModel	realm,
		GroupModel	group,
		GroupModel	toParent
	)

inline

org.keycloak.models.RealmProviderを実装しています。

                                                                                    {
         invalidateGroup(group.getId(), realm.getId(), true);
         if (toParent != null) invalidateGroup(group.getId(), realm.getId(), false); // Queries already invalidated
         listInvalidations.add(realm.getId());
 
         invalidationEvents.add(GroupMovedEvent.create(group, toParent, realm.getId()));
         getRealmDelegate().moveGroup(realm, group, toParent);
     }

◆ registerClientInvalidation()

void org.keycloak.models.cache.infinispan.RealmCacheSession.registerClientInvalidation	(	String	id,
		String	clientId,
		String	realmId
	)

inline

org.keycloak.models.cache.CacheRealmProviderを実装しています。

                                                                                        {
         invalidateClient(id);
         invalidationEvents.add(ClientUpdatedEvent.create(id, clientId, realmId));
         cache.clientUpdated(realmId, id, clientId, invalidations);
     }

◆ registerClientScopeInvalidation()

void org.keycloak.models.cache.infinispan.RealmCacheSession.registerClientScopeInvalidation ( String id )

inline

org.keycloak.models.cache.CacheRealmProviderを実装しています。

                                                            {
         invalidateClientScope(id);
         // Note: Adding/Removing client template is supposed to invalidate CachedRealm as well, so the list of clientScopes is invalidated.
         // But separate RealmUpdatedEvent will be sent for it. So ClientTemplateEvent don't need to take care of it.
         invalidationEvents.add(ClientTemplateEvent.create(id));
     }

◆ registerGroupInvalidation()

void org.keycloak.models.cache.infinispan.RealmCacheSession.registerGroupInvalidation ( String id )

inline

org.keycloak.models.cache.CacheRealmProviderを実装しています。

                                                      {
         invalidateGroup(id, null, false);
         addGroupEventIfAbsent(GroupUpdatedEvent.create(id));
     }

◆ registerRealmInvalidation()

void org.keycloak.models.cache.infinispan.RealmCacheSession.registerRealmInvalidation	(	String	id,
		String	name
	)

inline

org.keycloak.models.cache.CacheRealmProviderを実装しています。

                                                                   {
         cache.realmUpdated(id, name, invalidations);
         RealmAdapter adapter = managedRealms.get(id);
         if (adapter != null) adapter.invalidateFlag();
 
         invalidationEvents.add(RealmUpdatedEvent.create(id, name));
     }

◆ registerRoleInvalidation()

void org.keycloak.models.cache.infinispan.RealmCacheSession.registerRoleInvalidation	(	String	id,
		String	roleName,
		String	roleContainerId
	)

inline

org.keycloak.models.cache.CacheRealmProviderを実装しています。

                                                                                              {
         invalidateRole(id);
         cache.roleUpdated(roleContainerId, roleName, invalidations);
         invalidationEvents.add(RoleUpdatedEvent.create(id, roleName, roleContainerId));
     }

◆ removeClient()

boolean org.keycloak.models.cache.infinispan.RealmCacheSession.removeClient	(	String	id,
		RealmModel	realm
	)

inline

org.keycloak.models.ClientProviderを実装しています。

                                                              {
         ClientModel client = getClientById(id, realm);
         if (client == null) return false;
 
         invalidateClient(client.getId());
         // this is needed so that a client that hasn't been committed isn't cached in a query
         listInvalidations.add(realm.getId());
 
         invalidationEvents.add(ClientRemovedEvent.create(client));
         cache.clientRemoval(realm.getId(), id, client.getClientId(), invalidations);
 
         for (RoleModel role : client.getRoles()) {
             roleRemovalInvalidations(role.getId(), role.getName(), client.getId());
         }
         return getRealmDelegate().removeClient(id, realm);
     }

◆ removeClientInitialAccessModel()

void org.keycloak.models.cache.infinispan.RealmCacheSession.removeClientInitialAccessModel	(	RealmModel	realm,
		String	id
	)

inline

org.keycloak.models.RealmProviderを実装しています。

                                                                             {
         getRealmDelegate().removeClientInitialAccessModel(realm, id);
     }

◆ removeExpiredClientInitialAccess()

void org.keycloak.models.cache.infinispan.RealmCacheSession.removeExpiredClientInitialAccess ( )

inline

org.keycloak.models.RealmProviderを実装しています。

                                                    {
         getRealmDelegate().removeExpiredClientInitialAccess();
     }

◆ removeGroup()

boolean org.keycloak.models.cache.infinispan.RealmCacheSession.removeGroup	(	RealmModel	realm,
		GroupModel	group
	)

inline

org.keycloak.models.RealmProviderを実装しています。

                                                                    {
         invalidateGroup(group.getId(), realm.getId(), true);
         listInvalidations.add(realm.getId());
         cache.groupQueriesInvalidations(realm.getId(), invalidations);
         if (group.getParentId() != null) {
             invalidateGroup(group.getParentId(), realm.getId(), false); // Queries already invalidated
         }
 
         invalidationEvents.add(GroupRemovedEvent.create(group, realm.getId()));
 
         return getRealmDelegate().removeGroup(realm, group);
     }

◆ removeRealm()

boolean org.keycloak.models.cache.infinispan.RealmCacheSession.removeRealm ( String id )

inline

org.keycloak.models.RealmProviderを実装しています。

                                           {
         RealmModel realm = getRealm(id);
         if (realm == null) return false;
 
         evictRealmOnRemoval(realm);
         return getRealmDelegate().removeRealm(id);
     }

◆ removeRole()

boolean org.keycloak.models.cache.infinispan.RealmCacheSession.removeRole	(	RealmModel	realm,
		RoleModel	role
	)

inline

org.keycloak.models.RealmProviderを実装しています。

                                                                 {
         listInvalidations.add(role.getContainer().getId());
 
         invalidateRole(role.getId());
         invalidationEvents.add(RoleRemovedEvent.create(role.getId(), role.getName(), role.getContainer().getId()));
         roleRemovalInvalidations(role.getId(), role.getName(), role.getContainer().getId());
 
         return getRealmDelegate().removeRole(realm, role);
     }

◆ roleRemovalInvalidations()

void org.keycloak.models.cache.infinispan.RealmCacheSession.roleRemovalInvalidations	(	String	roleId,
		String	roleName,
		String	roleContainerId
	)

inlineprivate

                                                                                                   {
         Set<String> newInvalidations = new HashSet<>();
         cache.roleRemoval(roleId, roleName, roleContainerId, newInvalidations);
         invalidations.addAll(newInvalidations);
         // need to make sure that scope and group mapping clients and groups are invalidated
         for (String id : newInvalidations) {
             ClientModel adapter = managedApplications.get(id);
             if (adapter != null && adapter instanceof ClientAdapter){
                 ((ClientAdapter)adapter).invalidate();
                 continue;
             }
             GroupAdapter group = managedGroups.get(id);
             if (group != null) {
                 group.invalidate();
                 continue;
             }
             ClientScopeAdapter clientScope = managedClientScopes.get(id);
             if (clientScope != null) {
                 clientScope.invalidate();
                 continue;
             }
             RoleAdapter role = managedRoles.get(id);
             if (role != null) {
                 role.invalidate();
                 continue;
             }
 
 
         }
     }

◆ runInvalidations()

void org.keycloak.models.cache.infinispan.RealmCacheSession.runInvalidations ( )

inlineprotected

                                       {
         for (String id : invalidations) {
             cache.invalidateObject(id);
         }
 
         cache.sendInvalidationEvents(session, invalidationEvents, InfinispanCacheRealmProviderFactory.REALM_INVALIDATION_EVENTS);
     }

◆ searchForGroupByName()

List<GroupModel> org.keycloak.models.cache.infinispan.RealmCacheSession.searchForGroupByName	(	RealmModel	realm,
		String	search,
		Integer	first,
		Integer	max
	)

inline

org.keycloak.models.RealmProviderを実装しています。

                                                                                                               {
         return getRealmDelegate().searchForGroupByName(realm, search, first, max);
     }

◆ validateCache()

ClientModel org.keycloak.models.cache.infinispan.RealmCacheSession.validateCache	(	RealmModel	realm,
		CachedClient	cached
	)

inlineprotected

                                                                                {
         if (!realm.getId().equals(cached.getRealm())) {
             return null;
         }
 
         StorageId storageId = new StorageId(cached.getId());
         if (!storageId.isLocal()) {
             ComponentModel component = realm.getComponent(storageId.getProviderId());
             ClientStorageProviderModel model = new ClientStorageProviderModel(component);
 
             // although we do set a timeout, Infinispan has no guarantees when the user will be evicted
             // its also hard to test stuff
             if (model.shouldInvalidate(cached)) {
                 registerClientInvalidation(cached.getId(), cached.getClientId(), realm.getId());
                 return getClientDelegate().getClientById(cached.getId(), realm);
             }
         }
         ClientAdapter adapter = new ClientAdapter(realm, cached, this);
 
         return adapter;
     }

メンバ詳解

◆ cache

RealmCacheManager org.keycloak.models.cache.infinispan.RealmCacheSession.cache

protected

◆ clearAll

boolean org.keycloak.models.cache.infinispan.RealmCacheSession.clearAll

protected

◆ clientDelegate

ClientProvider org.keycloak.models.cache.infinispan.RealmCacheSession.clientDelegate

protected

◆ invalidationEvents

Set<InvalidationEvent> org.keycloak.models.cache.infinispan.RealmCacheSession.invalidationEvents = new HashSet<>()

protected

◆ invalidations

Set<String> org.keycloak.models.cache.infinispan.RealmCacheSession.invalidations = new HashSet<>()

protected

◆ listInvalidations

Set<String> org.keycloak.models.cache.infinispan.RealmCacheSession.listInvalidations = new HashSet<>()

protected

◆ logger

final Logger org.keycloak.models.cache.infinispan.RealmCacheSession.logger = Logger.getLogger(RealmCacheSession.class)

staticprotected

◆ managedApplications

Map<String, ClientModel> org.keycloak.models.cache.infinispan.RealmCacheSession.managedApplications = new HashMap<>()

protected

◆ managedClientScopes

Map<String, ClientScopeAdapter> org.keycloak.models.cache.infinispan.RealmCacheSession.managedClientScopes = new HashMap<>()

protected

◆ managedGroups

Map<String, GroupAdapter> org.keycloak.models.cache.infinispan.RealmCacheSession.managedGroups = new HashMap<>()

protected

◆ managedRealms

Map<String, RealmAdapter> org.keycloak.models.cache.infinispan.RealmCacheSession.managedRealms = new HashMap<>()

protected

◆ managedRoles

Map<String, RoleAdapter> org.keycloak.models.cache.infinispan.RealmCacheSession.managedRoles = new HashMap<>()

protected

◆ REALM_CLIENTS_QUERY_SUFFIX

final String org.keycloak.models.cache.infinispan.RealmCacheSession.REALM_CLIENTS_QUERY_SUFFIX = ".realm.clients"

static

◆ realmDelegate

RealmProvider org.keycloak.models.cache.infinispan.RealmCacheSession.realmDelegate

protected

◆ ROLES_QUERY_SUFFIX

final String org.keycloak.models.cache.infinispan.RealmCacheSession.ROLES_QUERY_SUFFIX = ".roles"

static

◆ session

KeycloakSession org.keycloak.models.cache.infinispan.RealmCacheSession.session

protected

◆ setRollbackOnly

boolean org.keycloak.models.cache.infinispan.RealmCacheSession.setRollbackOnly

protected

◆ startupRevision

final long org.keycloak.models.cache.infinispan.RealmCacheSession.startupRevision

protected

◆ transactionActive

boolean org.keycloak.models.cache.infinispan.RealmCacheSession.transactionActive

protected

このクラス詳解は次のファイルから抽出されました:

D:/AppData/doxygen/keycloak/src/keycloak/src/main/java/org/keycloak/models/cache/infinispan/RealmCacheSession.java

公開メンバ関数

静的公開変数類

限定公開メンバ関数

限定公開変数類

静的限定公開変数類

静的関数

非公開メンバ関数

詳解

構築子と解体子

◆ RealmCacheSession()

関数詳解

◆ addClient() [1/2]

◆ addClient() [2/2]

◆ addClientRole() [1/2]

◆ addClientRole() [2/2]

◆ addedClient()

◆ addedRole()

◆ addGroupEventIfAbsent()

◆ addRealmRole() [1/2]

◆ addRealmRole() [2/2]

◆ addTopLevelGroup()

◆ cacheClient()

◆ clear()

◆ close()

◆ createClientInitialAccessModel()

◆ createGroup() [1/2]

◆ createGroup() [2/2]

◆ createRealm() [1/2]

◆ createRealm() [2/2]

◆ decreaseRemainingCount()

◆ evictRealmOnRemoval()

◆ getAfterTransaction()

◆ getClientByClientId()

◆ getClientByClientIdCacheKey()

◆ getClientById()

◆ getClientDelegate()

◆ getClientInitialAccessModel()

◆ getClientRole()

◆ getClientRoles()

◆ getClients()

◆ getClientScopeById()

◆ getGroupById()

◆ getGroups()

◆ getGroupsCount()

◆ getGroupsCountByNameContaining()

◆ getGroupsQueryCacheKey()

◆ getMigrationModel()

◆ getPrepareTransaction()

◆ getRealm()

◆ getRealmByName()

◆ getRealmByNameCacheKey()

◆ getRealmClientsQueryCacheKey()

◆ getRealmDelegate()

◆ getRealmRole()

◆ getRealmRoles()

◆ getRealms()

◆ getRoleById()

◆ getRoleByNameCacheKey()

◆ getRolesCacheKey()

◆ getStartupRevision()

◆ getTopGroupsQueryCacheKey()

◆ getTopLevelGroups() [1/2]

◆ getTopLevelGroups() [2/2]

◆ groupAdded()

◆ invalidateClient()

◆ invalidateClientScope()

◆ invalidateGroup() [1/2]

◆ invalidateGroup() [2/2]

◆ invalidateRole()

◆ isInvalid()

◆ listClientInitialAccess()

◆ moveGroup()

◆ registerClientInvalidation()

◆ registerClientScopeInvalidation()

◆ registerGroupInvalidation()

◆ registerRealmInvalidation()

◆ registerRoleInvalidation()

◆ removeClient()

◆ removeClientInitialAccessModel()

◆ removeExpiredClientInitialAccess()