org.keycloak.authorization.client.resource.PermissionResource クラス

org.keycloak.authorization.client.resource.PermissionResource 連携図

公開メンバ関数
	PermissionResource (Http http, ServerConfiguration serverConfiguration, TokenCallable pat)
PermissionResponse	forResource (PermissionRequest request)
PermissionResponse	create (PermissionRequest request)
PermissionResponse	create (final List< PermissionRequest > requests)
PermissionTicketRepresentation	create (final PermissionTicketRepresentation ticket)
List< PermissionTicketRepresentation >	findByScope (final String scopeId)
List< PermissionTicketRepresentation >	findByResource (final String resourceId)
List< PermissionTicketRepresentation >	find (final String resourceId, final String scopeId, final String owner, final String requester, final Boolean granted, final Boolean returnNames, final Integer firstResult, final Integer maxResult)
void	update (final PermissionTicketRepresentation ticket)

非公開変数類
final Http	http
final ServerConfiguration	serverConfiguration
final TokenCallable	pat

詳解

An entry point for managing permission tickets using the Protection API.

著者

Pedro Igor

構築子と解体子

PermissionResource()

org.keycloak.authorization.client.resource.PermissionResource.PermissionResource ( Http  http, ServerConfiguration  serverConfiguration, TokenCallable  pat  )

inline

                                                                                                     {
        this.http = http;
        this.serverConfiguration = serverConfiguration;
        this.pat = pat;
    }

関数詳解

create() [1/3]

PermissionResponse org.keycloak.authorization.client.resource.PermissionResource.create ( PermissionRequest  request )

inline

Creates a new permission ticket for a single resource and scope(s).

引数

request

the PermissionRequest representing the resource and scope(s) (not null )

戻り値

a permission response holding a permission ticket with the requested permissions

                                                                {
        return create(Arrays.asList(request));
    }

create() [2/3]

PermissionResponse org.keycloak.authorization.client.resource.PermissionResource.create ( final List< PermissionRequest >  requests )

inline

Creates a new permission ticket for a set of one or more resource and scope(s).

引数

request

the PermissionRequest representing the resource and scope(s) (not null )

戻り値

a permission response holding a permission ticket with the requested permissions

                                                                             {
        if (requests == null || requests.isEmpty()) {
            throw new IllegalArgumentException("Permission request must not be null or empty");
        }
        Callable<PermissionResponse> callable = new Callable<PermissionResponse>() {
            @Override
            public PermissionResponse call() throws Exception {
                return http.<PermissionResponse>post(serverConfiguration.getPermissionEndpoint())
                        .authorizationBearer(pat.call())
                        .json(JsonSerialization.writeValueAsBytes(requests))
                        .response().json(PermissionResponse.class).execute();
            }
        };
        try {
            return callable.call();
        } catch (Exception cause) {
            return Throwables.retryAndWrapExceptionIfNecessary(callable, pat, "Error creating permission ticket", cause);
        }
    }

create() [3/3]

PermissionTicketRepresentation org.keycloak.authorization.client.resource.PermissionResource.create ( final PermissionTicketRepresentation  ticket )

inline

Creates a new uma permission for a single resource and scope(s).

引数

ticket

the PermissionTicketRepresentation representing the resource and scope(s) (not null )

戻り値

a permission response holding the permission ticket representation

                                                                                              {
        if (ticket == null) {
            throw new IllegalArgumentException("Permission ticket must not be null or empty");
        }
        if (ticket.getRequester() == null || ticket.getRequesterName() == null) {
            throw new IllegalArgumentException("Permission ticket must have a requester");
        }
        if (ticket.getResource() == null || ticket.getResourceName() == null) {
            throw new IllegalArgumentException("Permission ticket must have a resource");
        }
        if (ticket.getScope() == null || ticket.getScopeName() == null) {
            throw new IllegalArgumentException("Permission ticket must have a scope");
        }
        Callable<PermissionTicketRepresentation> callable = new Callable<PermissionTicketRepresentation>() {
            @Override
            public PermissionTicketRepresentation call() throws Exception {
                return http.<PermissionTicketRepresentation>post(serverConfiguration.getPermissionEndpoint()+"/ticket")
                        .json(JsonSerialization.writeValueAsBytes(ticket))
                        .authorizationBearer(pat.call())
                        .response().json(new TypeReference<PermissionTicketRepresentation>(){}).execute();
            }
        };
        try {
            return callable.call();
        } catch (Exception cause) {
            return Throwables.retryAndWrapExceptionIfNecessary(callable, pat, "Error updating permission ticket", cause);
        }
    }

find()

List<PermissionTicketRepresentation> org.keycloak.authorization.client.resource.PermissionResource.find ( final String  resourceId, final String  scopeId, final String  owner, final String  requester, final Boolean  granted, final Boolean  returnNames, final Integer  firstResult, final Integer  maxResult  )

inline

Query the server for any permission ticket with the matching arguments.

引数

resourceId	the resource id or name
scopeId	the scope id or name
owner	the owner id or name
requester	the requester id or name
granted	if true, only permission tickets marked as granted are returned.
returnNames	if the response should include names for resource, scope and owner
firstResult	the position of the first resource to retrieve
maxResult	the maximum number of resources to retrieve

戻り値

a list of permission tickets with the matching arguments

                                                                              {
        Callable<List<PermissionTicketRepresentation>> callable = new Callable<List<PermissionTicketRepresentation>>() {
            @Override
            public List<PermissionTicketRepresentation> call() throws Exception {
                return http.<List<PermissionTicketRepresentation>>get(serverConfiguration.getPermissionEndpoint()+"/ticket")
                        .authorizationBearer(pat.call())
                        .param("resourceId", resourceId)
                        .param("scopeId", scopeId)
                        .param("owner", owner)
                        .param("requester", requester)
                        .param("granted", granted == null ? null : granted.toString())
                        .param("returnNames", returnNames == null ? null : returnNames.toString())
                        .param("firstResult", firstResult == null ? null : firstResult.toString())
                        .param("maxResult", maxResult == null ? null : maxResult.toString())
                        .response().json(new TypeReference<List<PermissionTicketRepresentation>>(){}).execute();
            }
        };
        try {
            return callable.call();
        } catch (Exception cause) {
            return Throwables.retryAndWrapExceptionIfNecessary(callable, pat, "Error querying permission ticket", cause);
        }
    }

findByResource()

List<PermissionTicketRepresentation> org.keycloak.authorization.client.resource.PermissionResource.findByResource ( final String  resourceId )

inline

Query the server for any permission ticket associated with the given resourceId.

引数

resourceId

the resource id (not null )

戻り値

a list of permission tickets associated with the given resourceId

                                                                                        {
        if (resourceId == null) {
            throw new IllegalArgumentException("Resource id must not be null");
        }
        Callable<List<PermissionTicketRepresentation>> callable = new Callable<List<PermissionTicketRepresentation>>() {
            @Override
            public List<PermissionTicketRepresentation> call() throws Exception {
                return http.<List<PermissionTicketRepresentation>>get(serverConfiguration.getPermissionEndpoint()+"/ticket")
                        .authorizationBearer(pat.call())
                        .param("resourceId", resourceId)
                        .response().json(new TypeReference<List<PermissionTicketRepresentation>>(){}).execute();
            }
        };
        try {
            return callable.call();
        } catch (Exception cause) {
            return Throwables.retryAndWrapExceptionIfNecessary(callable, pat, "Error querying permission ticket by resource", cause);
        }
    }

findByScope()

List<PermissionTicketRepresentation> org.keycloak.authorization.client.resource.PermissionResource.findByScope ( final String  scopeId )

inline

Query the server for any permission ticket associated with the given scopeId.

引数

scopeId

the scope id (not null )

戻り値

a list of permission tickets associated with the given scopeId

                                                                                  {
        if (scopeId == null) {
            throw new IllegalArgumentException("Scope id must not be null");
        }
        Callable<List<PermissionTicketRepresentation>> callable = new Callable<List<PermissionTicketRepresentation>>() {
            @Override
            public List<PermissionTicketRepresentation> call() throws Exception {
                return http.<List<PermissionTicketRepresentation>>get(serverConfiguration.getPermissionEndpoint()+"/ticket")
                        .authorizationBearer(pat.call())
                        .param("scopeId", scopeId)
                        .response().json(new TypeReference<List<PermissionTicketRepresentation>>(){}).execute();
            }
        };
        try {
            return callable.call();
        } catch (Exception cause) {
            return Throwables.retryAndWrapExceptionIfNecessary(callable, pat, "Error querying permission ticket by scope", cause);
        }
    }

forResource()

PermissionResponse org.keycloak.authorization.client.resource.PermissionResource.forResource ( PermissionRequest  request )

inline

非推奨:

use create(PermissionRequest)

引数

request

戻り値

                                                                     {
        return create(request);
    }

update()

void org.keycloak.authorization.client.resource.PermissionResource.update ( final PermissionTicketRepresentation  ticket )

inline

Updates a permission ticket.

引数

ticket

the permission ticket

                                                                    {
        if (ticket == null) {
            throw new IllegalArgumentException("Permission ticket must not be null or empty");
        }
        if (ticket.getId() == null) {
            throw new IllegalArgumentException("Permission ticket must have an id");
        }
        Callable callable = new Callable() {
            @Override
            public Object call() throws Exception {
                http.<List>put(serverConfiguration.getPermissionEndpoint()+"/ticket")
                        .json(JsonSerialization.writeValueAsBytes(ticket))
                        .authorizationBearer(pat.call())
                        .response().json(List.class).execute();
                return null;
            }
        };
        try {
            callable.call();
        } catch (Exception cause) {
            Throwables.retryAndWrapExceptionIfNecessary(callable, pat, "Error updating permission ticket", cause);
        }
    }

メンバ詳解

http

final Http org.keycloak.authorization.client.resource.PermissionResource.http

private

pat

final TokenCallable org.keycloak.authorization.client.resource.PermissionResource.pat

private

serverConfiguration

final ServerConfiguration org.keycloak.authorization.client.resource.PermissionResource.serverConfiguration

private

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/OpenId/keycloak/doxygen/src/authz/client/src/main/java/org/keycloak/authorization/client/resource/PermissionResource.java