org.keycloak.authorization.policy.provider.aggregated.AggregatePolicyProvider クラス

org.keycloak.authorization.policy.provider.aggregated.AggregatePolicyProvider の継承関係図

org.keycloak.authorization.policy.provider.aggregated.AggregatePolicyProvider 連携図

公開メンバ関数
void	evaluate (Evaluation evaluation)
void	close ()

詳解

著者

Pedro Igor

関数詳解

close()

void org.keycloak.authorization.policy.provider.aggregated.AggregatePolicyProvider.close ( )

inline

org.keycloak.provider.Providerを実装しています。

                        {

    }

evaluate()

void org.keycloak.authorization.policy.provider.aggregated.AggregatePolicyProvider.evaluate ( Evaluation  evaluation )

inline

org.keycloak.authorization.policy.provider.PolicyProviderを実装しています。

                                                {
        DecisionResultCollector decision = new DecisionResultCollector() {
            @Override
            protected void onComplete(Result result) {
                if (isGranted(result.getResults().iterator().next())) {
                    evaluation.grant();
                } else {
                    evaluation.deny();
                }
            }
        };
        AuthorizationProvider authorization = evaluation.getAuthorizationProvider();
        Policy policy = evaluation.getPolicy();
        DefaultEvaluation defaultEvaluation = DefaultEvaluation.class.cast(evaluation);
        Map<Policy, Map<Object, Decision.Effect>> decisionCache = defaultEvaluation.getDecisionCache();
        ResourcePermission permission = evaluation.getPermission();

        for (Policy associatedPolicy : policy.getAssociatedPolicies()) {
            Map<Object, Decision.Effect> decisions = decisionCache.computeIfAbsent(associatedPolicy, p -> new HashMap<>());
            Decision.Effect effect = decisions.get(permission);
            DefaultEvaluation eval = new DefaultEvaluation(evaluation.getPermission(), evaluation.getContext(), policy, associatedPolicy, decision, authorization, decisionCache);

            if (effect == null) {
                PolicyProvider policyProvider = authorization.getProvider(associatedPolicy.getType());

                policyProvider.evaluate(eval);

                eval.denyIfNoEffect();
                decisions.put(permission, eval.getEffect());
            } else {
                eval.setEffect(effect);
            }
        }

        decision.onComplete(permission);
    }

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/OpenId/keycloak/doxygen/src/authz/policy/common/src/main/java/org/keycloak/authorization/policy/provider/aggregated/AggregatePolicyProvider.java