org.keycloak.authorization.AuthorizationProvider の継承関係図
org.keycloak.authorization.AuthorizationProvider 連携図
公開メンバ関数 | |
| AuthorizationProvider (KeycloakSession session, RealmModel realm, Map< String, PolicyProviderFactory > policyProviderFactories, PolicyEvaluator policyEvaluator) | |
| Evaluators | evaluators () |
| StoreFactory | getStoreFactory () |
| StoreFactory | getLocalStoreFactory () |
| Collection< PolicyProviderFactory > | getProviderFactories () |
| KeycloakSession | getKeycloakSession () |
| RealmModel | getRealm () |
| PolicyEvaluator | getPolicyEvaluator () |
| void | close () |
関数 | |
| public< F extends PolicyProviderFactory > F | getProviderFactory (String type) |
| public< P extends PolicyProvider > P | getProvider (String type) |
非公開変数類 | |
| final PolicyEvaluator | policyEvaluator |
| StoreFactory | storeFactory |
| StoreFactory | storeFactoryDelegate |
| final Map< String, PolicyProviderFactory > | policyProviderFactories |
| final KeycloakSession | keycloakSession |
| final RealmModel | realm |
詳解
The main contract here is the creation of org.keycloak.authorization.permission.evaluator.PermissionEvaluator instances. Usually an application has a single AuthorizationProvider instance and threads servicing client requests obtain org.keycloak.authorization.permission.evaluator.PermissionEvaluator from the evaluators() method.
The internal state of a AuthorizationProvider is immutable. This internal state includes all of the metadata used during the evaluation of policies.
Once created, org.keycloak.authorization.permission.evaluator.PermissionEvaluator instances can be obtained from the evaluators() method:
List<ResourcePermission> permissionsToEvaluate = getPermissions(); // the permissions to evaluate
EvaluationContext evaluationContext = createEvaluationContext(); // the context with runtime environment information
PermissionEvaluator evaluator = authorization.evaluators().from(permissionsToEvaluate, context); evaluator.evaluate(new Decision() { public void onDecision(Evaluation evaluation) {
// do something on grant
}});
構築子と解体子
◆ AuthorizationProvider()
|
inline |
final Map< String, PolicyProviderFactory > policyProviderFactories
Definition: AuthorizationProvider.java:81
final PolicyEvaluator policyEvaluator
Definition: AuthorizationProvider.java:78
final KeycloakSession keycloakSession
Definition: AuthorizationProvider.java:82
final RealmModel realm
Definition: AuthorizationProvider.java:83
関数詳解
◆ close()
|
inline |
org.keycloak.provider.Providerを実装しています。
◆ createPolicyWrapper()
|
inlineprivate |
286 public Policy create(AbstractPolicyRepresentation representation, ResourceServer resourceServer) {
298 throw new RuntimeException("Resource [" + id + "] does not exist or is not owned by the resource server.");
342 return RepresentationToModel.toModel(representation, AuthorizationProvider.this, policyStore.create(representation, resourceServer));
379 public List<Policy> findByResourceServer(Map<String, String[]> attributes, String resourceServerId, int firstResult, int maxResult) {
389 public void findByResource(String resourceId, String resourceServerId, Consumer<Policy> consumer) {
404 public List<Policy> findByScopeIds(List<String> scopeIds, String resourceId, String resourceServerId) {
409 public void findByScopeIds(List<String> scopeIds, String resourceId, String resourceServerId, Consumer<Policy> consumer) {
Policy findByName(String name, String resourceServerId)
AuthorizationProvider(KeycloakSession session, RealmModel realm, Map< String, PolicyProviderFactory > policyProviderFactories, PolicyEvaluator policyEvaluator)
Definition: AuthorizationProvider.java:85
Resource findById(String id, String resourceServerId)
PolicyStore getPolicyStore()
ScopeStore getScopeStore()
StoreFactory storeFactory
Definition: AuthorizationProvider.java:79
ResourceStore getResourceStore()
Scope findById(String id, String resourceServerId)
Policy findById(String id, String resourceServerId)
Scope findByName(String name, String resourceServerId)
Resource findByName(String name, String resourceServerId)
◆ createResourceStoreWrapper()
|
inlineprivate |
449 List<PermissionTicket> permissions = ticketStore.findByResource(id, resource.getResourceServer().getId());
495 public List<Resource> findByResourceServer(Map<String, String[]> attributes, String resourceServerId, int firstResult, int maxResult) {
505 public void findByScope(List<String> scopes, String resourceServerId, Consumer<Resource> consumer) {
AuthorizationProvider(KeycloakSession session, RealmModel realm, Map< String, PolicyProviderFactory > policyProviderFactories, PolicyEvaluator policyEvaluator)
Definition: AuthorizationProvider.java:85
StoreFactory storeFactory
Definition: AuthorizationProvider.java:79
ResourceStore getResourceStore()
Resource create(String name, ResourceServer resourceServer, String owner)
◆ createScopeWrapper()
|
inlineprivate |
248 PermissionTicketStore ticketStore = AuthorizationProvider.this.getStoreFactory().getPermissionTicketStore();
249 List<PermissionTicket> permissions = ticketStore.findByScope(id, scope.getResourceServer().getId());
274 public List<Scope> findByResourceServer(Map<String, String[]> attributes, String resourceServerId, int firstResult, int maxResult) {
AuthorizationProvider(KeycloakSession session, RealmModel realm, Map< String, PolicyProviderFactory > policyProviderFactories, PolicyEvaluator policyEvaluator)
Definition: AuthorizationProvider.java:85
ScopeStore getScopeStore()
StoreFactory storeFactory
Definition: AuthorizationProvider.java:79
Scope create(String name, ResourceServer resourceServer)
◆ createStoreFactory()
|
inlineprivate |
ResourceServerStore getResourceServerStore()
StoreFactory storeFactory
Definition: AuthorizationProvider.java:79
void close()
PolicyStore createPolicyWrapper(StoreFactory storeFactory)
Definition: AuthorizationProvider.java:280
ScopeStore createScopeWrapper(StoreFactory storeFactory)
Definition: AuthorizationProvider.java:230
void close()
Definition: AuthorizationProvider.java:178
PermissionTicketStore getPermissionTicketStore()
ResourceStore createResourceStoreWrapper(StoreFactory storeFactory)
Definition: AuthorizationProvider.java:430
◆ evaluators()
|
inline |
Returns a Evaluators instance from where org.keycloak.authorization.policy.evaluation.PolicyEvaluator instances can be obtained.
- 戻り値
- a Evaluators instance
◆ getKeycloakSession()
|
inline |
final KeycloakSession keycloakSession
Definition: AuthorizationProvider.java:82
◆ getLocalStoreFactory()
|
inline |
No cache sits in front of this
- 戻り値
final KeycloakSession keycloakSession
Definition: AuthorizationProvider.java:82
StoreFactory storeFactoryDelegate
Definition: AuthorizationProvider.java:80
< T extends Provider > T getProvider(Class< T > clazz)
◆ getPolicyEvaluator()
|
inline |
final PolicyEvaluator policyEvaluator
Definition: AuthorizationProvider.java:78
◆ getProvider()
|
inlinepackage |
Returns a PolicyProviderFactory given a type.
- 引数
-
type the type of the policy provider <P> the expected type of the provider
- 戻り値
- a PolicyProvider with the given
type
final Map< String, PolicyProviderFactory > policyProviderFactories
Definition: AuthorizationProvider.java:81
◆ getProviderFactories()
|
inline |
Returns the registered PolicyProviderFactory.
- 戻り値
- a List containing all registered PolicyProviderFactory
final Map< String, PolicyProviderFactory > policyProviderFactories
Definition: AuthorizationProvider.java:81
◆ getProviderFactory()
|
inlinepackage |
Returns a PolicyProviderFactory given a type.
- 引数
-
type the type of the policy provider <F> the expected type of the provider
- 戻り値
- a PolicyProviderFactory with the given
type
final Map< String, PolicyProviderFactory > policyProviderFactories
Definition: AuthorizationProvider.java:81
◆ getRealm()
|
inline |
final RealmModel realm
Definition: AuthorizationProvider.java:83
◆ getStoreFactory()
|
inline |
Cache sits in front of this
Returns a StoreFactory.
- 戻り値
- the StoreFactory
StoreFactory storeFactory
Definition: AuthorizationProvider.java:79
StoreFactory getLocalStoreFactory()
Definition: AuthorizationProvider.java:122
final KeycloakSession keycloakSession
Definition: AuthorizationProvider.java:82
StoreFactory createStoreFactory(StoreFactory storeFactory)
Definition: AuthorizationProvider.java:182
< T extends Provider > T getProvider(Class< T > clazz)
メンバ詳解
◆ keycloakSession
|
private |
◆ policyEvaluator
|
private |
◆ policyProviderFactories
|
private |
◆ realm
|
private |
◆ storeFactory
|
private |
◆ storeFactoryDelegate
|
private |
このクラス詳解は次のファイルから抽出されました:
- D:/AppData/doxygen/keycloak/oidc-service/src/main/java/org/keycloak/authorization/AuthorizationProvider.java
