keycloak
静的公開メンバ関数 | 非公開メンバ関数 | 静的非公開メンバ関数 | 全メンバ一覧
org.keycloak.models.utils.KeycloakModelUtils クラス
org.keycloak.models.utils.KeycloakModelUtils 連携図
Collaboration graph

静的公開メンバ関数

static String generateId ()
 
static byte [] generateSecret ()
 
static byte [] generateSecret (int bytes)
 
static PublicKey getPublicKey (String publicKeyPem)
 
static X509Certificate getCertificate (String cert)
 
static PrivateKey getPrivateKey (String privateKeyPem)
 
static Key getSecretKey (String secret)
 
static String getPemFromKey (Key key)
 
static String getPemFromCertificate (X509Certificate certificate)
 
static CertificateRepresentation generateKeyPairCertificate (String subject)
 
static UserCredentialModel generateSecret (ClientModel client)
 
static String getDefaultClientAuthenticatorType ()
 
static String generateCodeSecret ()
 
static ClientModel createClient (RealmModel realm, String name)
 
static boolean searchFor (RoleModel role, RoleModel composite, Set< String > visited)
 
static UserModel findUserByNameOrEmail (KeycloakSession session, RealmModel realm, String username)
 
static void runJobInTransaction (KeycloakSessionFactory factory, KeycloakSessionTask task)
 
static void runJobInTransactionWithTimeout (KeycloakSessionFactory factory, KeycloakSessionTask task, int timeoutInSeconds)
 
static String getMasterRealmAdminApplicationClientId (String realmName)
 
static UserStorageProviderModel findUserStorageProviderByName (String displayName, RealmModel realm)
 
static UserStorageProviderModel findUserStorageProviderById (String fedProviderId, RealmModel realm)
 
static ComponentModel createComponentModel (String name, String parentId, String providerId, String providerType, String... config)
 
static String toLowerCaseSafe (String str)
 
static RoleModel setupOfflineRole (RealmModel realm)
 
static void deepFindAuthenticationExecutions (RealmModel realm, AuthenticationFlowModel flow, List< AuthenticationExecutionModel > result)
 
static String resolveFirstAttribute (GroupModel group, String name)
 
static String resolveFirstAttribute (UserModel user, String name)
 
static List< String > resolveAttribute (GroupModel group, String name)
 
static List< String > resolveAttribute (UserModel user, String name)
 
static GroupModel findGroupByPath (RealmModel realm, String path)
 
static Set< RoleModelgetClientScopeMappings (ClientModel client, ScopeContainerModel container)
 
static RoleModel getRoleFromString (RealmModel realm, String roleName)
 
static String [] parseRole (String role)
 
static boolean isFlowUsed (RealmModel realm, AuthenticationFlowModel model)
 
static boolean isClientScopeUsed (RealmModel realm, ClientScopeModel clientScope)
 
static ClientScopeModel getClientScopeByName (RealmModel realm, String clientScopeName)
 
static ClientScopeModel findClientScopeById (RealmModel realm, String clientScopeId)
 
static String convertClientScopeName (String previousName)
 
static void setupAuthorizationServices (RealmModel realm)
 
static void suspendJtaTransaction (KeycloakSessionFactory factory, Runnable runnable)
 
static String getIdentityProviderDisplayName (KeycloakSession session, IdentityProviderModel provider)
 

非公開メンバ関数

 KeycloakModelUtils ()
 

静的非公開メンバ関数

static GroupModel findSubGroup (String[] path, int index, GroupModel parent)
 

詳解

Set of helper methods, which are useful in various model implementations.

著者
Marek Posolda

構築子と解体子

◆ KeycloakModelUtils()

org.keycloak.models.utils.KeycloakModelUtils.KeycloakModelUtils ( )
inlineprivate
70  {
71  }

関数詳解

◆ convertClientScopeName()

static String org.keycloak.models.utils.KeycloakModelUtils.convertClientScopeName ( String  previousName)
inlinestatic

Replace spaces in the name with underscore, so that scope name can be used as value of scope parameter

580  {
581  if (previousName.contains(" ")) {
582  return previousName.replaceAll(" ", "_");
583  } else {
584  return previousName;
585  }
586  }

◆ createClient()

static ClientModel org.keycloak.models.utils.KeycloakModelUtils.createClient ( RealmModel  realm,
String  name 
)
inlinestatic
162  {
163  ClientModel app = realm.addClient(name);
164  app.setClientAuthenticatorType(getDefaultClientAuthenticatorType());
165  generateSecret(app);
166  app.setFullScopeAllowed(true);
167 
168  return app;
169  }
org.keycloak.models.utils.KeycloakModelUtils.getDefaultClientAuthenticatorType
static String getDefaultClientAuthenticatorType()
Definition: KeycloakModelUtils.java:154
org.keycloak.models.utils.KeycloakModelUtils.generateSecret
static byte [] generateSecret()
Definition: KeycloakModelUtils.java:77

◆ createComponentModel()

static ComponentModel org.keycloak.models.utils.KeycloakModelUtils.createComponentModel ( String  name,
String  parentId,
String  providerId,
String  providerType,
String...  config 
)
inlinestatic
315  {
316  ComponentModel mapperModel = new ComponentModel();
317  mapperModel.setParentId(parentId);
318  mapperModel.setName(name);
319  mapperModel.setProviderId(providerId);
320  mapperModel.setProviderType(providerType);
321 
322  String key = null;
323  for (String configEntry : config) {
324  if (key == null) {
325  key = configEntry;
326  } else {
327  mapperModel.getConfig().add(key, configEntry);
328  key = null;
329  }
330  }
331  if (key != null) {
332  throw new IllegalStateException("Invalid count of arguments for config. Maybe mistake?");
333  }
334 
335  return mapperModel;
336  }

◆ deepFindAuthenticationExecutions()

static void org.keycloak.models.utils.KeycloakModelUtils.deepFindAuthenticationExecutions ( RealmModel  realm,
AuthenticationFlowModel  flow,
List< AuthenticationExecutionModel result 
)
inlinestatic

Recursively find all AuthenticationExecutionModel from specified flow or all it's subflows

引数
realm
flow
resultinput should be empty list. At the end will be all executions added to this list
365  {
366  List<AuthenticationExecutionModel> executions = realm.getAuthenticationExecutions(flow.getId());
367  for (AuthenticationExecutionModel execution : executions) {
368  if (execution.isAuthenticatorFlow()) {
369  AuthenticationFlowModel subFlow = realm.getAuthenticationFlowById(execution.getFlowId());
370  deepFindAuthenticationExecutions(realm, subFlow, result);
371  } else {
372  result.add(execution);
373  }
374  }
375  }
org.keycloak.models.utils.KeycloakModelUtils.deepFindAuthenticationExecutions
static void deepFindAuthenticationExecutions(RealmModel realm, AuthenticationFlowModel flow, List< AuthenticationExecutionModel > result)
Definition: KeycloakModelUtils.java:365

◆ findClientScopeById()

static ClientScopeModel org.keycloak.models.utils.KeycloakModelUtils.findClientScopeById ( RealmModel  realm,
String  clientScopeId 
)
inlinestatic

Lookup clientScope OR client by id. Method is useful if you know just ID, but you don't know if underlying model is clientScope or client

569  {
570  ClientScopeModel clientScope = realm.getClientScopeById(clientScopeId);
571 
572  if (clientScope != null) {
573  return clientScope;
574  } else {
575  return realm.getClientById(clientScopeId);
576  }
577  }

◆ findGroupByPath()

static GroupModel org.keycloak.models.utils.KeycloakModelUtils.findGroupByPath ( RealmModel  realm,
String  path 
)
inlinestatic
443  {
444  if (path == null) {
445  return null;
446  }
447  if (path.startsWith("/")) {
448  path = path.substring(1);
449  }
450  if (path.endsWith("/")) {
451  path = path.substring(0, path.length() - 1);
452  }
453  String[] split = path.split("/");
454  if (split.length == 0) return null;
455  GroupModel found = null;
456  for (GroupModel group : realm.getTopLevelGroups()) {
457  if (group.getName().equals(split[0])) {
458  if (split.length == 1) {
459  found = group;
460  break;
461  }
462  else {
463  if (split.length > 1) {
464  found = findSubGroup(split, 1, group);
465  if (found != null) break;
466  }
467  }
468 
469  }
470  }
471  return found;
472  }
org.keycloak.models.utils.KeycloakModelUtils.findSubGroup
static GroupModel findSubGroup(String[] path, int index, GroupModel parent)
Definition: KeycloakModelUtils.java:423

◆ findSubGroup()

static GroupModel org.keycloak.models.utils.KeycloakModelUtils.findSubGroup ( String []  path,
int  index,
GroupModel  parent 
)
inlinestaticprivate
423  {
424  for (GroupModel group : parent.getSubGroups()) {
425  if (group.getName().equals(path[index])) {
426  if (path.length == index + 1) {
427  return group;
428  }
429  else {
430  if (index + 1 < path.length) {
431  GroupModel found = findSubGroup(path, index + 1, group);
432  if (found != null) return found;
433  } else {
434  return null;
435  }
436  }
437 
438  }
439  }
440  return null;
441  }
org.keycloak.models.utils.KeycloakModelUtils.findSubGroup
static GroupModel findSubGroup(String[] path, int index, GroupModel parent)
Definition: KeycloakModelUtils.java:423

◆ findUserByNameOrEmail()

static UserModel org.keycloak.models.utils.KeycloakModelUtils.findUserByNameOrEmail ( KeycloakSession  session,
RealmModel  realm,
String  username 
)
inlinestatic

Try to find user by username or email for authentication

引数
realmrealm
usernameusername or email of user
戻り値
found user
205  {
206  if (realm.isLoginWithEmailAllowed() && username.indexOf('@') != -1) {
207  UserModel user = session.users().getUserByEmail(username, realm);
208  if (user != null) {
209  return user;
210  }
211  }
212 
213  return session.users().getUserByUsername(username, realm);
214  }

◆ findUserStorageProviderById()

static UserStorageProviderModel org.keycloak.models.utils.KeycloakModelUtils.findUserStorageProviderById ( String  fedProviderId,
RealmModel  realm 
)
inlinestatic
306  {
307  for (UserStorageProviderModel fedProvider : realm.getUserStorageProviders()) {
308  if (fedProviderId.equals(fedProvider.getId())) {
309  return fedProvider;
310  }
311  }
312  return null;
313  }

◆ findUserStorageProviderByName()

static UserStorageProviderModel org.keycloak.models.utils.KeycloakModelUtils.findUserStorageProviderByName ( String  displayName,
RealmModel  realm 
)
inlinestatic
293  {
294  if (displayName == null) {
295  return null;
296  }
297 
298  for (UserStorageProviderModel fedProvider : realm.getUserStorageProviders()) {
299  if (displayName.equals(fedProvider.getName())) {
300  return fedProvider;
301  }
302  }
303  return null;
304  }

◆ generateCodeSecret()

static String org.keycloak.models.utils.KeycloakModelUtils.generateCodeSecret ( )
inlinestatic
158  {
159  return UUID.randomUUID().toString();
160  }

◆ generateId()

static String org.keycloak.models.utils.KeycloakModelUtils.generateId ( )
inlinestatic
73  {
74  return UUID.randomUUID().toString();
75  }

◆ generateKeyPairCertificate()

static CertificateRepresentation org.keycloak.models.utils.KeycloakModelUtils.generateKeyPairCertificate ( String  subject)
inlinestatic
135  {
136  KeyPair keyPair = KeyUtils.generateRsaKeyPair(2048);
137  X509Certificate certificate = CertificateUtils.generateV1SelfSignedCertificate(keyPair, subject);
138 
139  String privateKeyPem = PemUtils.encodeKey(keyPair.getPrivate());
140  String certPem = PemUtils.encodeCertificate(certificate);
141 
142  CertificateRepresentation rep = new CertificateRepresentation();
143  rep.setPrivateKey(privateKeyPem);
144  rep.setCertificate(certPem);
145  return rep;
146  }

◆ generateSecret() [1/3]

static byte [] org.keycloak.models.utils.KeycloakModelUtils.generateSecret ( )
inlinestatic
77  {
78  return generateSecret(32);
79  }
org.keycloak.models.utils.KeycloakModelUtils.generateSecret
static byte [] generateSecret()
Definition: KeycloakModelUtils.java:77

◆ generateSecret() [2/3]

static byte [] org.keycloak.models.utils.KeycloakModelUtils.generateSecret ( int  bytes)
inlinestatic
81  {
82  byte[] buf = new byte[bytes];
83  new SecureRandom().nextBytes(buf);
84  return buf;
85  }

◆ generateSecret() [3/3]

static UserCredentialModel org.keycloak.models.utils.KeycloakModelUtils.generateSecret ( ClientModel  client)
inlinestatic
148  {
149  UserCredentialModel secret = UserCredentialModel.generateSecret();
150  client.setSecret(secret.getValue());
151  return secret;
152  }

◆ getCertificate()

static X509Certificate org.keycloak.models.utils.KeycloakModelUtils.getCertificate ( String  cert)
inlinestatic
99  {
100  if (cert != null) {
101  try {
102  return PemUtils.decodeCertificate(cert);
103  } catch (Exception e) {
104  throw new RuntimeException(e);
105  }
106  } else {
107  return null;
108  }
109  }

◆ getClientScopeByName()

static ClientScopeModel org.keycloak.models.utils.KeycloakModelUtils.getClientScopeByName ( RealmModel  realm,
String  clientScopeName 
)
inlinestatic
555  {
556  for (ClientScopeModel clientScope : realm.getClientScopes()) {
557  if (clientScopeName.equals(clientScope.getName())) {
558  return clientScope;
559  }
560  }
561 
562  return null;
563  }

◆ getClientScopeMappings()

static Set<RoleModel> org.keycloak.models.utils.KeycloakModelUtils.getClientScopeMappings ( ClientModel  client,
ScopeContainerModel  container 
)
inlinestatic
474  {
475  Set<RoleModel> mappings = container.getScopeMappings();
476  Set<RoleModel> result = new HashSet<>();
477  for (RoleModel role : mappings) {
478  RoleContainerModel roleContainer = role.getContainer();
479  if (roleContainer instanceof ClientModel) {
480  if (client.getId().equals(((ClientModel)roleContainer).getId())) {
481  result.add(role);
482  }
483 
484  }
485  }
486  return result;
487  }

◆ getDefaultClientAuthenticatorType()

static String org.keycloak.models.utils.KeycloakModelUtils.getDefaultClientAuthenticatorType ( )
inlinestatic
154  {
155  return "client-secret";
156  }

◆ getIdentityProviderDisplayName()

static String org.keycloak.models.utils.KeycloakModelUtils.getIdentityProviderDisplayName ( KeycloakSession  session,
IdentityProviderModel  provider 
)
inlinestatic
627  {
628  String displayName = provider.getDisplayName();
629  if (displayName != null && !displayName.isEmpty()) {
630  return displayName;
631  }
632 
633  SocialIdentityProviderFactory providerFactory = (SocialIdentityProviderFactory) session.getKeycloakSessionFactory()
634  .getProviderFactory(SocialIdentityProvider.class, provider.getProviderId());
635  if (providerFactory != null) {
636  return providerFactory.getName();
637  } else {
638  return provider.getAlias();
639  }
640  }

◆ getMasterRealmAdminApplicationClientId()

static String org.keycloak.models.utils.KeycloakModelUtils.getMasterRealmAdminApplicationClientId ( String  realmName)
inlinestatic
286  {
287  return realmName + "-realm";
288  }

◆ getPemFromCertificate()

static String org.keycloak.models.utils.KeycloakModelUtils.getPemFromCertificate ( X509Certificate  certificate)
inlinestatic
131  {
132  return PemUtils.encodeCertificate(certificate);
133  }

◆ getPemFromKey()

static String org.keycloak.models.utils.KeycloakModelUtils.getPemFromKey ( Key  key)
inlinestatic
127  {
128  return PemUtils.encodeKey(key);
129  }

◆ getPrivateKey()

static PrivateKey org.keycloak.models.utils.KeycloakModelUtils.getPrivateKey ( String  privateKeyPem)
inlinestatic
112  {
113  if (privateKeyPem != null) {
114  try {
115  return PemUtils.decodePrivateKey(privateKeyPem);
116  } catch (Exception e) {
117  throw new RuntimeException(e);
118  }
119  }
120  return null;
121  }

◆ getPublicKey()

static PublicKey org.keycloak.models.utils.KeycloakModelUtils.getPublicKey ( String  publicKeyPem)
inlinestatic
87  {
88  if (publicKeyPem != null) {
89  try {
90  return PemUtils.decodePublicKey(publicKeyPem);
91  } catch (Exception e) {
92  throw new RuntimeException(e);
93  }
94  } else {
95  return null;
96  }
97  }

◆ getRoleFromString()

static RoleModel org.keycloak.models.utils.KeycloakModelUtils.getRoleFromString ( RealmModel  realm,
String  roleName 
)
inlinestatic
490  {
491  String[] parsedRole = parseRole(roleName);
492  RoleModel role = null;
493  if (parsedRole[0] == null) {
494  role = realm.getRole(parsedRole[1]);
495  } else {
496  ClientModel client = realm.getClientByClientId(parsedRole[0]);
497  if (client != null) {
498  role = client.getRole(parsedRole[1]);
499  }
500  }
501  return role;
502  }
org.keycloak.models.utils.KeycloakModelUtils.parseRole
static String [] parseRole(String role)
Definition: KeycloakModelUtils.java:505

◆ getSecretKey()

static Key org.keycloak.models.utils.KeycloakModelUtils.getSecretKey ( String  secret)
inlinestatic
123  {
124  return secret != null ? new SecretKeySpec(secret.getBytes(), "HmacSHA256") : null;
125  }

◆ isClientScopeUsed()

static boolean org.keycloak.models.utils.KeycloakModelUtils.isClientScopeUsed ( RealmModel  realm,
ClientScopeModel  clientScope 
)
inlinestatic
545  {
546  for (ClientModel client : realm.getClients()) {
547  if ((client.getClientScopes(true, false).containsKey(clientScope.getName())) ||
548  (client.getClientScopes(false, false).containsKey(clientScope.getName()))) {
549  return true;
550  }
551  }
552  return false;
553  }

◆ isFlowUsed()

static boolean org.keycloak.models.utils.KeycloakModelUtils.isFlowUsed ( RealmModel  realm,
AuthenticationFlowModel  model 
)
inlinestatic

Check to see if a flow is currently in use

引数
realm
model
戻り値
526  {
527  AuthenticationFlowModel realmFlow = null;
528 
529  if ((realmFlow = realm.getBrowserFlow()) != null && realmFlow.getId().equals(model.getId())) return true;
530  if ((realmFlow = realm.getRegistrationFlow()) != null && realmFlow.getId().equals(model.getId())) return true;
531  if ((realmFlow = realm.getClientAuthenticationFlow()) != null && realmFlow.getId().equals(model.getId())) return true;
532  if ((realmFlow = realm.getDirectGrantFlow()) != null && realmFlow.getId().equals(model.getId())) return true;
533  if ((realmFlow = realm.getResetCredentialsFlow()) != null && realmFlow.getId().equals(model.getId())) return true;
534  if ((realmFlow = realm.getDockerAuthenticationFlow()) != null && realmFlow.getId().equals(model.getId())) return true;
535 
536  for (IdentityProviderModel idp : realm.getIdentityProviders()) {
537  if (model.getId().equals(idp.getFirstBrokerLoginFlowId())) return true;
538  if (model.getId().equals(idp.getPostBrokerLoginFlowId())) return true;
539  }
540 
541  return false;
542 
543  }

◆ parseRole()

static String [] org.keycloak.models.utils.KeycloakModelUtils.parseRole ( String  role)
inlinestatic
505  {
506  int scopeIndex = role.lastIndexOf('.');
507  if (scopeIndex > -1) {
508  String appName = role.substring(0, scopeIndex);
509  role = role.substring(scopeIndex + 1);
510  String[] rtn = {appName, role};
511  return rtn;
512  } else {
513  String[] rtn = {null, role};
514  return rtn;
515 
516  }
517  }

◆ resolveAttribute() [1/2]

static List<String> org.keycloak.models.utils.KeycloakModelUtils.resolveAttribute ( GroupModel  group,
String  name 
)
inlinestatic
403  {
404  List<String> values = group.getAttribute(name);
405  if (values != null && !values.isEmpty()) return values;
406  if (group.getParentId() == null) return null;
407  return resolveAttribute(group.getParent(), name);
408 
409  }
org.keycloak.models.utils.KeycloakModelUtils.resolveAttribute
static List< String > resolveAttribute(GroupModel group, String name)
Definition: KeycloakModelUtils.java:403

◆ resolveAttribute() [2/2]

static List<String> org.keycloak.models.utils.KeycloakModelUtils.resolveAttribute ( UserModel  user,
String  name 
)
inlinestatic
412  {
413  List<String> values = user.getAttribute(name);
414  if (!values.isEmpty()) return values;
415  for (GroupModel group : user.getGroups()) {
416  values = resolveAttribute(group, name);
417  if (values != null) return values;
418  }
419  return Collections.emptyList();
420  }
org.keycloak.models.utils.KeycloakModelUtils.resolveAttribute
static List< String > resolveAttribute(GroupModel group, String name)
Definition: KeycloakModelUtils.java:403

◆ resolveFirstAttribute() [1/2]

static String org.keycloak.models.utils.KeycloakModelUtils.resolveFirstAttribute ( GroupModel  group,
String  name 
)
inlinestatic
377  {
378  String value = group.getFirstAttribute(name);
379  if (value != null) return value;
380  if (group.getParentId() == null) return null;
381  return resolveFirstAttribute(group.getParent(), name);
382 
383  }
org.keycloak.models.utils.KeycloakModelUtils.resolveFirstAttribute
static String resolveFirstAttribute(GroupModel group, String name)
Definition: KeycloakModelUtils.java:377

◆ resolveFirstAttribute() [2/2]

static String org.keycloak.models.utils.KeycloakModelUtils.resolveFirstAttribute ( UserModel  user,
String  name 
)
inlinestatic
引数
user
name
戻り値
392  {
393  String value = user.getFirstAttribute(name);
394  if (value != null) return value;
395  for (GroupModel group : user.getGroups()) {
396  value = resolveFirstAttribute(group, name);
397  if (value != null) return value;
398  }
399  return null;
400 
401  }
org.keycloak.models.utils.KeycloakModelUtils.resolveFirstAttribute
static String resolveFirstAttribute(GroupModel group, String name)
Definition: KeycloakModelUtils.java:377

◆ runJobInTransaction()

static void org.keycloak.models.utils.KeycloakModelUtils.runJobInTransaction ( KeycloakSessionFactory  factory,
KeycloakSessionTask  task 
)
inlinestatic

Wrap given runnable job into KeycloakTransaction.

引数
factory
task
222  {
223  KeycloakSession session = factory.create();
224  KeycloakTransaction tx = session.getTransactionManager();
225  try {
226  tx.begin();
227  task.run(session);
228 
229  if (tx.isActive()) {
230  if (tx.getRollbackOnly()) {
231  tx.rollback();
232  } else {
233  tx.commit();
234  }
235  }
236  } catch (RuntimeException re) {
237  if (tx.isActive()) {
238  tx.rollback();
239  }
240  throw re;
241  } finally {
242  session.close();
243  }
244  }

◆ runJobInTransactionWithTimeout()

static void org.keycloak.models.utils.KeycloakModelUtils.runJobInTransactionWithTimeout ( KeycloakSessionFactory  factory,
KeycloakSessionTask  task,
int  timeoutInSeconds 
)
inlinestatic

Wrap given runnable job into KeycloakTransaction. Set custom timeout for the JTA transaction (in case we're in the environment with JTA enabled)

引数
factory
task
timeoutInSeconds
254  {
255  JtaTransactionManagerLookup lookup = (JtaTransactionManagerLookup)factory.getProviderFactory(JtaTransactionManagerLookup.class);
256  try {
257  if (lookup != null) {
258  if (lookup.getTransactionManager() != null) {
259  try {
260  lookup.getTransactionManager().setTransactionTimeout(timeoutInSeconds);
261  } catch (SystemException e) {
262  throw new RuntimeException(e);
263  }
264  }
265  }
266 
267  runJobInTransaction(factory, task);
268 
269  } finally {
270  if (lookup != null) {
271  if (lookup.getTransactionManager() != null) {
272  try {
273  // Reset to default transaction timeout
274  lookup.getTransactionManager().setTransactionTimeout(0);
275  } catch (SystemException e) {
276  // Shouldn't happen for Wildfly transaction manager
277  throw new RuntimeException(e);
278  }
279  }
280  }
281  }
282 
283  }
org.keycloak.models.utils.KeycloakModelUtils.runJobInTransaction
static void runJobInTransaction(KeycloakSessionFactory factory, KeycloakSessionTask task)
Definition: KeycloakModelUtils.java:222

◆ searchFor()

static boolean org.keycloak.models.utils.KeycloakModelUtils.searchFor ( RoleModel  role,
RoleModel  composite,
Set< String >  visited 
)
inlinestatic

Deep search if given role is descendant of composite role

引数
rolerole to check
compositecomposite role
visitedset of already visited roles (used for recursion)
戻り値
true if "role" is descendant of "composite"
179  {
180  if (visited.contains(composite.getId())) {
181  return false;
182  }
183 
184  visited.add(composite.getId());
185 
186  if (!composite.isComposite()) {
187  return false;
188  }
189 
190  Set<RoleModel> compositeRoles = composite.getComposites();
191  return compositeRoles.contains(role) ||
192  compositeRoles.stream()
193  .filter(x -> x.isComposite() && searchFor(role, x, visited))
194  .findFirst()
195  .isPresent();
196  }
org.keycloak.models.utils.KeycloakModelUtils.searchFor
static boolean searchFor(RoleModel role, RoleModel composite, Set< String > visited)
Definition: KeycloakModelUtils.java:179

◆ setupAuthorizationServices()

static void org.keycloak.models.utils.KeycloakModelUtils.setupAuthorizationServices ( RealmModel  realm)
inlinestatic
588  {
589  for (String roleName : Constants.AUTHZ_DEFAULT_AUTHORIZATION_ROLES) {
590  if (realm.getRole(roleName) == null) {
591  RoleModel role = realm.addRole(roleName);
592  role.setDescription("${role_" + roleName + "}");
593  realm.addDefaultRole(roleName);
594  }
595  }
596  }

◆ setupOfflineRole()

static RoleModel org.keycloak.models.utils.KeycloakModelUtils.setupOfflineRole ( RealmModel  realm)
inlinestatic
345  {
346  RoleModel offlineRole = realm.getRole(Constants.OFFLINE_ACCESS_ROLE);
347 
348  if (offlineRole == null) {
349  offlineRole = realm.addRole(Constants.OFFLINE_ACCESS_ROLE);
350  offlineRole.setDescription("${role_offline-access}");
351  realm.addDefaultRole(Constants.OFFLINE_ACCESS_ROLE);
352  }
353 
354  return offlineRole;
355  }

◆ suspendJtaTransaction()

static void org.keycloak.models.utils.KeycloakModelUtils.suspendJtaTransaction ( KeycloakSessionFactory  factory,
Runnable  runnable 
)
inlinestatic
598  {
599  JtaTransactionManagerLookup lookup = (JtaTransactionManagerLookup)factory.getProviderFactory(JtaTransactionManagerLookup.class);
600  Transaction suspended = null;
601  try {
602  if (lookup != null) {
603  if (lookup.getTransactionManager() != null) {
604  try {
605  suspended = lookup.getTransactionManager().suspend();
606  } catch (SystemException e) {
607  throw new RuntimeException(e);
608  }
609  }
610  }
611  runnable.run();
612  } finally {
613  if (suspended != null) {
614  try {
615  lookup.getTransactionManager().resume(suspended);
616  } catch (InvalidTransactionException e) {
617  throw new RuntimeException(e);
618  } catch (SystemException e) {
619  throw new RuntimeException(e);
620  }
621  }
622 
623  }
624 
625  }

◆ toLowerCaseSafe()

static String org.keycloak.models.utils.KeycloakModelUtils.toLowerCaseSafe ( String  str)
inlinestatic
341  {
342  return str==null ? null : str.toLowerCase();
343  }
このクラス詳解は次のファイルから抽出されました:
2018年10月29日(月) 00時35分21秒作成 - keycloak / 構成:   doxygen 1.8.13