org.keycloak.adapters.jbossweb.JBossWebPrincipalFactory クラス

org.keycloak.adapters.jbossweb.JBossWebPrincipalFactory の継承関係図

org.keycloak.adapters.jbossweb.JBossWebPrincipalFactory 連携図

公開メンバ関数
GenericPrincipal	createPrincipal (Realm realm, final Principal identity, final Set< String > roleSet)

限定公開メンバ関数
GenericPrincipal	createPrincipal (Principal userPrincipal, List< String > roles)
Principal	getPrincipal (Subject subject)
Group	createGroup (String name, Set< Principal > principals)
Group []	getRoleSets (Collection< String > roleSet)

静的関数
static Constructor	findJBossGenericPrincipalConstructor ()

静的非公開変数類
static Constructor	jbossWebPrincipalConstructor = findJBossGenericPrincipalConstructor()

詳解

著者

Bill Burke

バージョン

Revision

1

関数詳解

createGroup()

Group org.keycloak.adapters.jbossweb.JBossWebPrincipalFactory.createGroup ( String  name, Set< Principal >  principals  )

inlineprotected

                                                                        {
        Group roles = null;
        Iterator<Principal> iter = principals.iterator();
        while (iter.hasNext()) {
            Object next = iter.next();
            if (!(next instanceof Group))
                continue;
            Group grp = (Group) next;
            if (grp.getName().equals(name)) {
                roles = grp;
                break;
            }
        }
        // If we did not find a group create one
        if (roles == null) {
            roles = new SimpleGroup(name);
            principals.add(roles);
        }
        return roles;
    }

createPrincipal() [1/2]

GenericPrincipal org.keycloak.adapters.jbossweb.JBossWebPrincipalFactory.createPrincipal ( Principal  userPrincipal, List< String >  roles  )

inlineprotected

                                                                                            {
        return null;
    }

createPrincipal() [2/2]

GenericPrincipal org.keycloak.adapters.jbossweb.JBossWebPrincipalFactory.createPrincipal ( Realm  realm, final Principal  identity, final Set< String >  roleSet  )

inline

                                                                                                              {
        KeycloakAccount account = new KeycloakAccount() {
            @Override
            public Principal getPrincipal() {
                return identity;
            }

            @Override
            public Set<String> getRoles() {
                return roleSet;
            }
        };
        Subject subject = new Subject();
        Set<Principal> principals = subject.getPrincipals();
        principals.add(identity);
        Group[] roleSets = getRoleSets(roleSet);
        for (int g = 0; g < roleSets.length; g++) {
            Group group = roleSets[g];
            String name = group.getName();
            Group subjectGroup = createGroup(name, principals);
            if (subjectGroup instanceof NestableGroup) {
                /* A NestableGroup only allows Groups to be added to it so we
                need to add a SimpleGroup to subjectRoles to contain the roles
                */
                SimpleGroup tmp = new SimpleGroup("Roles");
                subjectGroup.addMember(tmp);
                subjectGroup = tmp;
            }
            // Copy the group members to the Subject group
            Enumeration<? extends Principal> members = group.members();
            while (members.hasMoreElements()) {
                Principal role = (Principal) members.nextElement();
                subjectGroup.addMember(role);
            }
        }
        // add the CallerPrincipal group if none has been added in getRoleSets
        Group callerGroup = new SimpleGroup(SecurityConstants.CALLER_PRINCIPAL_GROUP);
        callerGroup.addMember(identity);
        principals.add(callerGroup);
        SecurityContext sc = SecurityContextAssociation.getSecurityContext();
        Principal userPrincipal = getPrincipal(subject);
        sc.getUtil().createSubjectInfo(userPrincipal, account, subject);
        List<String> rolesAsStringList = new ArrayList<String>();
        rolesAsStringList.addAll(roleSet);

        try {
            return (GenericPrincipal) jbossWebPrincipalConstructor.newInstance(realm, userPrincipal.getName(), null, rolesAsStringList, userPrincipal, null, account, null, subject);
        } catch (Throwable t) {
            throw new RuntimeException("Failed to create JBossGenericPrincipal", t);
        }
    }

findJBossGenericPrincipalConstructor()

static Constructor org.keycloak.adapters.jbossweb.JBossWebPrincipalFactory.findJBossGenericPrincipalConstructor ( )

inlinestaticpackage

                                                              {
        for (Constructor<?> c : JBossGenericPrincipal.class.getConstructors()) {
            if (c.getParameterTypes().length == 9 &&
                    c.getParameterTypes()[0].equals(Realm.class) &&
                    c.getParameterTypes()[1].equals(String.class) &&
                    c.getParameterTypes()[3].equals(List.class) &&
                    c.getParameterTypes()[4].equals(Principal.class) &&
                    c.getParameterTypes()[6].equals(Object.class) &&
                    c.getParameterTypes()[8].equals(Subject.class)) {
                return c;
            }
        }
        return null;
    }

getPrincipal()

Principal org.keycloak.adapters.jbossweb.JBossWebPrincipalFactory.getPrincipal ( Subject  subject )

inlineprotected

Get the Principal given the authenticated Subject. Currently the first subject that is not of type

Group 

is considered or the single subject inside the CallerPrincipal group.

引数

subject

戻り値

the authenticated subject

                                                      {
        Principal principal = null;
        Principal callerPrincipal = null;
        if (subject != null) {
            Set<Principal> principals = subject.getPrincipals();
            if (principals != null && !principals.isEmpty()) {
                for (Principal p : principals) {
                    if (!(p instanceof Group) && principal == null) {
                        principal = p;
                    }
                    if (p instanceof Group) {
                        Group g = Group.class.cast(p);
                        if (g.getName().equals(SecurityConstants.CALLER_PRINCIPAL_GROUP) && callerPrincipal == null) {
                            Enumeration<? extends Principal> e = g.members();
                            if (e.hasMoreElements())
                                callerPrincipal = e.nextElement();
                        }
                    }
                }
            }
        }
        return callerPrincipal == null ? principal : callerPrincipal;
    }

getRoleSets()

Group [] org.keycloak.adapters.jbossweb.JBossWebPrincipalFactory.getRoleSets ( Collection< String >  roleSet )

inlineprotected

                                                              {
        SimpleGroup roles = new SimpleGroup("Roles");
        Group[] roleSets = {roles};
        for (String role : roleSet) {
            roles.addMember(new SimplePrincipal(role));
        }
        return roleSets;
    }

メンバ詳解

jbossWebPrincipalConstructor

Constructor org.keycloak.adapters.jbossweb.JBossWebPrincipalFactory.jbossWebPrincipalConstructor = findJBossGenericPrincipalConstructor()

staticprivate

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/OpenId/keycloak/doxygen/src/adapters/oidc/as7-eap6/as7-adapter-spi/src/main/java/org/keycloak/adapters/jbossweb/JBossWebPrincipalFactory.java