org.keycloak.authorization.AuthorizationProvider の継承関係図
org.keycloak.authorization.AuthorizationProvider 連携図
公開メンバ関数 | |
| AuthorizationProvider (KeycloakSession session, RealmModel realm, Map< String, PolicyProviderFactory > policyProviderFactories, PolicyEvaluator policyEvaluator) | |
| Evaluators | evaluators () |
| StoreFactory | getStoreFactory () |
| StoreFactory | getLocalStoreFactory () |
| Collection< PolicyProviderFactory > | getProviderFactories () |
| KeycloakSession | getKeycloakSession () |
| RealmModel | getRealm () |
| PolicyEvaluator | getPolicyEvaluator () |
| void | close () |
関数 | |
| public< F extends PolicyProviderFactory > F | getProviderFactory (String type) |
| public< P extends PolicyProvider > P | getProvider (String type) |
非公開変数類 | |
| final PolicyEvaluator | policyEvaluator |
| StoreFactory | storeFactory |
| StoreFactory | storeFactoryDelegate |
| final Map< String, PolicyProviderFactory > | policyProviderFactories |
| final KeycloakSession | keycloakSession |
| final RealmModel | realm |
詳解
The main contract here is the creation of org.keycloak.authorization.permission.evaluator.PermissionEvaluator instances. Usually an application has a single AuthorizationProvider instance and threads servicing client requests obtain org.keycloak.authorization.permission.evaluator.PermissionEvaluator from the evaluators() method.
The internal state of a AuthorizationProvider is immutable. This internal state includes all of the metadata used during the evaluation of policies.
Once created, org.keycloak.authorization.permission.evaluator.PermissionEvaluator instances can be obtained from the evaluators() method:
List<ResourcePermission> permissionsToEvaluate = getPermissions(); // the permissions to evaluate
EvaluationContext evaluationContext = createEvaluationContext(); // the context with runtime environment information
PermissionEvaluator evaluator = authorization.evaluators().from(permissionsToEvaluate, context); evaluator.evaluate(new Decision() { public void onDecision(Evaluation evaluation) {
// do something on grant
}});
構築子と解体子
◆ AuthorizationProvider()
|
inline |
final PolicyEvaluator policyEvaluator
Definition: AuthorizationProvider.java:78
final RealmModel realm
Definition: AuthorizationProvider.java:83
final KeycloakSession keycloakSession
Definition: AuthorizationProvider.java:82
final Map< String, PolicyProviderFactory > policyProviderFactories
Definition: AuthorizationProvider.java:81
関数詳解
◆ close()
|
inline |
org.keycloak.provider.Providerを実装しています。
◆ createPolicyWrapper()
|
inlineprivate |
286 public Policy create(AbstractPolicyRepresentation representation, ResourceServer resourceServer) {
298 throw new RuntimeException("Resource [" + id + "] does not exist or is not owned by the resource server.");
342 return RepresentationToModel.toModel(representation, AuthorizationProvider.this, policyStore.create(representation, resourceServer));
379 public List<Policy> findByResourceServer(Map<String, String[]> attributes, String resourceServerId, int firstResult, int maxResult) {
389 public void findByResource(String resourceId, String resourceServerId, Consumer<Policy> consumer) {
404 public List<Policy> findByScopeIds(List<String> scopeIds, String resourceId, String resourceServerId) {
409 public void findByScopeIds(List<String> scopeIds, String resourceId, String resourceServerId, Consumer<Policy> consumer) {
Policy findByName(String name, String resourceServerId)
Scope findByName(String name, String resourceServerId)
ScopeStore getScopeStore()
Resource findByName(String name, String resourceServerId)
PolicyStore getPolicyStore()
Resource findById(String id, String resourceServerId)
Scope findById(String id, String resourceServerId)
Policy findById(String id, String resourceServerId)
ResourceStore getResourceStore()
AuthorizationProvider(KeycloakSession session, RealmModel realm, Map< String, PolicyProviderFactory > policyProviderFactories, PolicyEvaluator policyEvaluator)
Definition: AuthorizationProvider.java:85
StoreFactory storeFactory
Definition: AuthorizationProvider.java:79
◆ createResourceStoreWrapper()
|
inlineprivate |
449 List<PermissionTicket> permissions = ticketStore.findByResource(id, resource.getResourceServer().getId());
495 public List<Resource> findByResourceServer(Map<String, String[]> attributes, String resourceServerId, int firstResult, int maxResult) {
505 public void findByScope(List<String> scopes, String resourceServerId, Consumer<Resource> consumer) {
Resource create(String name, ResourceServer resourceServer, String owner)
ResourceStore getResourceStore()
AuthorizationProvider(KeycloakSession session, RealmModel realm, Map< String, PolicyProviderFactory > policyProviderFactories, PolicyEvaluator policyEvaluator)
Definition: AuthorizationProvider.java:85
StoreFactory storeFactory
Definition: AuthorizationProvider.java:79
◆ createScopeWrapper()
|
inlineprivate |
248 PermissionTicketStore ticketStore = AuthorizationProvider.this.getStoreFactory().getPermissionTicketStore();
249 List<PermissionTicket> permissions = ticketStore.findByScope(id, scope.getResourceServer().getId());
274 public List<Scope> findByResourceServer(Map<String, String[]> attributes, String resourceServerId, int firstResult, int maxResult) {
ScopeStore getScopeStore()
Scope create(String name, ResourceServer resourceServer)
AuthorizationProvider(KeycloakSession session, RealmModel realm, Map< String, PolicyProviderFactory > policyProviderFactories, PolicyEvaluator policyEvaluator)
Definition: AuthorizationProvider.java:85
StoreFactory storeFactory
Definition: AuthorizationProvider.java:79
◆ createStoreFactory()
|
inlineprivate |
void close()
Definition: AuthorizationProvider.java:178
PermissionTicketStore getPermissionTicketStore()
PolicyStore createPolicyWrapper(StoreFactory storeFactory)
Definition: AuthorizationProvider.java:280
ResourceStore createResourceStoreWrapper(StoreFactory storeFactory)
Definition: AuthorizationProvider.java:430
void close()
StoreFactory storeFactory
Definition: AuthorizationProvider.java:79
ResourceServerStore getResourceServerStore()
ScopeStore createScopeWrapper(StoreFactory storeFactory)
Definition: AuthorizationProvider.java:230
◆ evaluators()
|
inline |
Returns a Evaluators instance from where org.keycloak.authorization.policy.evaluation.PolicyEvaluator instances can be obtained.
- 戻り値
- a Evaluators instance
◆ getKeycloakSession()
|
inline |
final KeycloakSession keycloakSession
Definition: AuthorizationProvider.java:82
◆ getLocalStoreFactory()
|
inline |
No cache sits in front of this
- 戻り値
final KeycloakSession keycloakSession
Definition: AuthorizationProvider.java:82
< T extends Provider > T getProvider(Class< T > clazz)
StoreFactory storeFactoryDelegate
Definition: AuthorizationProvider.java:80
◆ getPolicyEvaluator()
|
inline |
final PolicyEvaluator policyEvaluator
Definition: AuthorizationProvider.java:78
◆ getProvider()
|
inlinepackage |
Returns a PolicyProviderFactory given a type.
- 引数
-
type the type of the policy provider <P> the expected type of the provider
- 戻り値
- a PolicyProvider with the given
type
final Map< String, PolicyProviderFactory > policyProviderFactories
Definition: AuthorizationProvider.java:81
◆ getProviderFactories()
|
inline |
Returns the registered PolicyProviderFactory.
- 戻り値
- a List containing all registered PolicyProviderFactory
final Map< String, PolicyProviderFactory > policyProviderFactories
Definition: AuthorizationProvider.java:81
◆ getProviderFactory()
|
inlinepackage |
Returns a PolicyProviderFactory given a type.
- 引数
-
type the type of the policy provider <F> the expected type of the provider
- 戻り値
- a PolicyProviderFactory with the given
type
final Map< String, PolicyProviderFactory > policyProviderFactories
Definition: AuthorizationProvider.java:81
◆ getRealm()
|
inline |
final RealmModel realm
Definition: AuthorizationProvider.java:83
◆ getStoreFactory()
|
inline |
Cache sits in front of this
Returns a StoreFactory.
- 戻り値
- the StoreFactory
StoreFactory getLocalStoreFactory()
Definition: AuthorizationProvider.java:122
final KeycloakSession keycloakSession
Definition: AuthorizationProvider.java:82
< T extends Provider > T getProvider(Class< T > clazz)
StoreFactory createStoreFactory(StoreFactory storeFactory)
Definition: AuthorizationProvider.java:182
StoreFactory storeFactory
Definition: AuthorizationProvider.java:79
メンバ詳解
◆ keycloakSession
|
private |
◆ policyEvaluator
|
private |
◆ policyProviderFactories
|
private |
◆ realm
|
private |
◆ storeFactory
|
private |
◆ storeFactoryDelegate
|
private |
このクラス詳解は次のファイルから抽出されました:
- D:/AppData/doxygen/keycloak/src/keycloak/src/main/java/org/keycloak/authorization/AuthorizationProvider.java
