org.keycloak.authorization.store.syncronization.UserSynchronizer クラス

org.keycloak.authorization.store.syncronization.UserSynchronizer の継承関係図

org.keycloak.authorization.store.syncronization.UserSynchronizer 連携図

公開メンバ関数
void	synchronize (UserRemovedEvent event, KeycloakSessionFactory factory)
void	synchronize (E event, KeycloakSessionFactory factory)

非公開メンバ関数
void	removeFromUserPolicies (UserRemovedEvent event, AuthorizationProvider authorizationProvider)
void	removeUserResources (UserRemovedEvent event, AuthorizationProvider authorizationProvider)

詳解

著者

Pedro Igor

関数詳解

removeFromUserPolicies()

void org.keycloak.authorization.store.syncronization.UserSynchronizer.removeFromUserPolicies ( UserRemovedEvent  event, AuthorizationProvider  authorizationProvider  )

inlineprivate

                                                                                                             {
        StoreFactory storeFactory = authorizationProvider.getStoreFactory();
        PolicyStore policyStore = storeFactory.getPolicyStore();
        UserModel userModel = event.getUser();
        Map<String, String[]> attributes = new HashMap<>();

        attributes.put("type", new String[] {"user"});
        attributes.put("config:users", new String[] {userModel.getId()});

        List<Policy> search = policyStore.findByResourceServer(attributes, null, -1, -1);

        for (Policy policy : search) {
            PolicyProviderFactory policyFactory = authorizationProvider.getProviderFactory(policy.getType());
            UserPolicyRepresentation representation = UserPolicyRepresentation.class.cast(policyFactory.toRepresentation(policy, authorizationProvider));
            Set<String> users = representation.getUsers();

            users.remove(userModel.getId());

            if (users.isEmpty()) {
                policyFactory.onRemove(policy, authorizationProvider);
                policyStore.delete(policy.getId());
            } else {
                policyFactory.onUpdate(policy, representation, authorizationProvider);
            }
        }
    }

removeUserResources()

void org.keycloak.authorization.store.syncronization.UserSynchronizer.removeUserResources ( UserRemovedEvent  event, AuthorizationProvider  authorizationProvider  )

inlineprivate

                                                                                                          {
        StoreFactory storeFactory = authorizationProvider.getStoreFactory();
        PolicyStore policyStore = storeFactory.getPolicyStore();
        ResourceStore resourceStore = storeFactory.getResourceStore();
        ResourceServerStore resourceServerStore = storeFactory.getResourceServerStore();
        RealmModel realm = event.getRealm();
        UserModel userModel = event.getUser();

        realm.getClients().forEach(clientModel -> {
            ResourceServer resourceServer = resourceServerStore.findById(clientModel.getId());

            if (resourceServer != null) {
                resourceStore.findByOwner(userModel.getId(), resourceServer.getId()).forEach(resource -> {
                    String resourceId = resource.getId();
                    policyStore.findByResource(resourceId, resourceServer.getId()).forEach(policy -> {
                        if (policy.getResources().size() == 1) {
                            policyStore.delete(policy.getId());
                        } else {
                            policy.removeResource(resource);
                        }
                    });
                    resourceStore.delete(resourceId);
                });
            }
        });
    }

synchronize() [1/2]

void org.keycloak.authorization.store.syncronization.Synchronizer< E extends ProviderEvent >.synchronize ( E  event, KeycloakSessionFactory  factory  )

inherited

synchronize() [2/2]

void org.keycloak.authorization.store.syncronization.UserSynchronizer.synchronize ( UserRemovedEvent  event, KeycloakSessionFactory  factory  )

inline

                                                                                    {
        ProviderFactory<AuthorizationProvider> providerFactory = factory.getProviderFactory(AuthorizationProvider.class);
        AuthorizationProvider authorizationProvider = providerFactory.create(event.getKeycloakSession());

        removeUserResources(event, authorizationProvider);
        removeFromUserPolicies(event, authorizationProvider);
    }

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/doxygen/keycloak/src/keycloak/src/main/java/org/keycloak/authorization/store/syncronization/UserSynchronizer.java