org.keycloak.services.resources.admin.ClientScopeEvaluateScopeMappingsResource クラス

org.keycloak.services.resources.admin.ClientScopeEvaluateScopeMappingsResource 連携図

公開メンバ関数
	ClientScopeEvaluateScopeMappingsResource (RoleContainerModel roleContainer, AdminPermissionEvaluator auth, ClientModel client, String scopeParam, KeycloakSession session)
List< RoleRepresentation >	getGrantedScopeMappings ()
List< RoleRepresentation >	getNotGrantedScopeMappings ()

非公開メンバ関数
List< RoleModel >	getGrantedRoles ()

非公開変数類
final RoleContainerModel	roleContainer
final AdminPermissionEvaluator	auth
final ClientModel	client
final String	scopeParam
final KeycloakSession	session

詳解

著者

Marek Posolda

構築子と解体子

ClientScopeEvaluateScopeMappingsResource()

org.keycloak.services.resources.admin.ClientScopeEvaluateScopeMappingsResource.ClientScopeEvaluateScopeMappingsResource ( RoleContainerModel  roleContainer, AdminPermissionEvaluator  auth, ClientModel  client, String  scopeParam, KeycloakSession  session  )

inline

                                                                                                {
        this.roleContainer = roleContainer;
        this.auth = auth;
        this.client = client;
        this.scopeParam = scopeParam;
        this.session = session;
    }

関数詳解

getGrantedRoles()

List<RoleModel> org.keycloak.services.resources.admin.ClientScopeEvaluateScopeMappingsResource.getGrantedRoles ( )

inlineprivate

                                              {
        if (client.isFullScopeAllowed()) {
            return new LinkedList<>(roleContainer.getRoles());
        }

        Set<ClientScopeModel> clientScopes = TokenManager.getRequestedClientScopes(scopeParam, client);

        List<RoleModel> result = new LinkedList<>();

        for (RoleModel role : roleContainer.getRoles()) {
            if (!auth.roles().canView(role)) continue;

            for (ScopeContainerModel scopeContainer : clientScopes) {
                if (scopeContainer.hasScope(role)) {
                    result.add(role);
                    break;
                }
            }
        }

        return result;
    }

getGrantedScopeMappings()

List<RoleRepresentation> org.keycloak.services.resources.admin.ClientScopeEvaluateScopeMappingsResource.getGrantedScopeMappings ( )

inline

Get effective scope mapping of all roles of particular role container, which this client is defacto allowed to have in the accessToken issued for him.

This contains scope mappings, which this client has directly, as well as scope mappings, which are granted to all client scopes, which are linked with this client.

戻り値

                                                              {
        return getGrantedRoles().stream().map((RoleModel role) -> {

            return ModelToRepresentation.toRepresentation(role);

        }).collect(Collectors.toList());
    }

getNotGrantedScopeMappings()

List<RoleRepresentation> org.keycloak.services.resources.admin.ClientScopeEvaluateScopeMappingsResource.getNotGrantedScopeMappings ( )

inline

Get roles, which this client doesn't have scope for and can't have them in the accessToken issued for him. Defacto all the other roles of particular role container, which are not in getGrantedScopeMappings()

戻り値

                                                                 {
        List<RoleModel> grantedRoles = getGrantedRoles();

        return roleContainer.getRoles().stream().filter((RoleModel role) -> {

            return !grantedRoles.contains(role);

        }).map((RoleModel role) -> {

            return ModelToRepresentation.toRepresentation(role);

        }).collect(Collectors.toList());
    }

メンバ詳解

auth

final AdminPermissionEvaluator org.keycloak.services.resources.admin.ClientScopeEvaluateScopeMappingsResource.auth

private

client

final ClientModel org.keycloak.services.resources.admin.ClientScopeEvaluateScopeMappingsResource.client

private

roleContainer

final RoleContainerModel org.keycloak.services.resources.admin.ClientScopeEvaluateScopeMappingsResource.roleContainer

private

scopeParam

final String org.keycloak.services.resources.admin.ClientScopeEvaluateScopeMappingsResource.scopeParam

private

session

final KeycloakSession org.keycloak.services.resources.admin.ClientScopeEvaluateScopeMappingsResource.session

private

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/services/resources/admin/ClientScopeEvaluateScopeMappingsResource.java