org.keycloak.services.resources.account.AccountRestService クラス

org.keycloak.services.resources.account.AccountRestService 連携図

公開メンバ関数
	AccountRestService (KeycloakSession session, Auth auth, ClientModel client, EventBuilder event)
void	init ()
Response	preflight ()
Response	account ()
Response	updateAccount (UserRepresentation userRep)
Response	sessions ()
Response	sessionsLogout (@QueryParam("current") boolean removeCurrent)
Response	sessionLogout (@QueryParam("id") String id)
AccountCredentialResource	credentials ()

限定公開変数類
HttpHeaders	headers
ClientConnection	clientConnection

非公開変数類
HttpRequest	request
final KeycloakSession	session
final ClientModel	client
final EventBuilder	event
EventStoreProvider	eventStore
Auth	auth
final RealmModel	realm
final UserModel	user

詳解

著者

Stian Thorgersen

構築子と解体子

AccountRestService()

org.keycloak.services.resources.account.AccountRestService.AccountRestService ( KeycloakSession  session, Auth  auth, ClientModel  client, EventBuilder  event  )

inline

                                                                                                          {
        this.session = session;
        this.auth = auth;
        this.realm = auth.getRealm();
        this.user = auth.getUser();
        this.client = client;
        this.event = event;
    }

関数詳解

account()

Response org.keycloak.services.resources.account.AccountRestService.account ( )

inline

Get account information.

戻り値

                              {
        auth.requireOneOf(AccountRoles.MANAGE_ACCOUNT, AccountRoles.VIEW_PROFILE);

        UserModel user = auth.getUser();

        UserRepresentation rep = new UserRepresentation();
        rep.setUsername(user.getUsername());
        rep.setFirstName(user.getFirstName());
        rep.setLastName(user.getLastName());
        rep.setEmail(user.getEmail());
        rep.setEmailVerified(user.isEmailVerified());
        rep.setAttributes(user.getAttributes());

        return Cors.add(request, Response.ok(rep)).auth().allowedOrigins(auth.getToken()).build();
    }

credentials()

AccountCredentialResource org.keycloak.services.resources.account.AccountRestService.credentials ( )

inline

                                                   {
        return new AccountCredentialResource(session, event, user);
    }

init()

void org.keycloak.services.resources.account.AccountRestService.init ( )

inline

                       {
        eventStore = session.getProvider(EventStoreProvider.class);
    }

preflight()

Response org.keycloak.services.resources.account.AccountRestService.preflight ( )

inline

CORS preflight

戻り値

                                {
        return Cors.add(request, Response.ok()).auth().preflight().build();
    }

sessionLogout()

Response org.keycloak.services.resources.account.AccountRestService.sessionLogout ( @QueryParam("id") String  id )

inline

Remove a specific session

引数

id	a specific session to remove

戻り値

                                                               {
        UserSessionModel userSession = session.sessions().getUserSession(realm, id);
        if (userSession != null && userSession.getUser().equals(user)) {
            AuthenticationManager.backchannelLogout(session, userSession, true);
        }
        return Cors.add(request, Response.ok()).auth().allowedOrigins(auth.getToken()).build();
    }

sessions()

Response org.keycloak.services.resources.account.AccountRestService.sessions ( )

inline

Get session information.

戻り値

                               {
        List<SessionRepresentation> reps = new LinkedList<>();

        List<UserSessionModel> sessions = session.sessions().getUserSessions(realm, user);
        for (UserSessionModel s : sessions) {
            SessionRepresentation rep = new SessionRepresentation();
            rep.setId(s.getId());
            rep.setIpAddress(s.getIpAddress());
            rep.setStarted(s.getStarted());
            rep.setLastAccess(s.getLastSessionRefresh());
            rep.setExpires(s.getStarted() + realm.getSsoSessionMaxLifespan());
            rep.setClients(new LinkedList());

            for (String clientUUID : s.getAuthenticatedClientSessions().keySet()) {
                ClientModel client = realm.getClientById(clientUUID);
                ClientRepresentation clientRep = new ClientRepresentation();
                clientRep.setClientId(client.getClientId());
                clientRep.setClientName(client.getName());
                rep.getClients().add(clientRep);
            }

            reps.add(rep);
        }

        return Cors.add(request, Response.ok(reps)).auth().allowedOrigins(auth.getToken()).build();
    }

sessionsLogout()

Response org.keycloak.services.resources.account.AccountRestService.sessionsLogout ( @QueryParam("current") boolean  removeCurrent )

inline

Remove sessions

引数

removeCurrent

remove current session (default is false)

戻り値

                                                                                 {
        UserSessionModel userSession = auth.getSession();

        List<UserSessionModel> userSessions = session.sessions().getUserSessions(realm, user);
        for (UserSessionModel s : userSessions) {
            if (removeCurrent || !s.getId().equals(userSession.getId())) {
                AuthenticationManager.backchannelLogout(session, s, true);
            }
        }

        return Cors.add(request, Response.ok()).auth().allowedOrigins(auth.getToken()).build();
    }

updateAccount()

Response org.keycloak.services.resources.account.AccountRestService.updateAccount ( UserRepresentation  userRep )

inline

                                                              {
        auth.require(AccountRoles.MANAGE_ACCOUNT);

        event.event(EventType.UPDATE_PROFILE).client(auth.getClient()).user(user);

        try {
            RealmModel realm = session.getContext().getRealm();

            boolean usernameChanged = userRep.getUsername() != null && !userRep.getUsername().equals(user.getUsername());
            if (realm.isEditUsernameAllowed()) {
                if (usernameChanged) {
                    UserModel existing = session.users().getUserByUsername(userRep.getUsername(), realm);
                    if (existing != null) {
                        return ErrorResponse.exists(Messages.USERNAME_EXISTS);
                    }

                    user.setUsername(userRep.getUsername());
                }
            } else if (usernameChanged) {
                return ErrorResponse.error(Messages.READ_ONLY_USERNAME, Response.Status.BAD_REQUEST);
            }

            boolean emailChanged = userRep.getEmail() != null && !userRep.getEmail().equals(user.getEmail());
            if (emailChanged && !realm.isDuplicateEmailsAllowed()) {
                UserModel existing = session.users().getUserByEmail(userRep.getEmail(), realm);
                if (existing != null) {
                    return ErrorResponse.exists(Messages.EMAIL_EXISTS);
                }
            }

            if (realm.isRegistrationEmailAsUsername() && !realm.isDuplicateEmailsAllowed()) {
                UserModel existing = session.users().getUserByUsername(userRep.getEmail(), realm);
                if (existing != null) {
                    return ErrorResponse.exists(Messages.USERNAME_EXISTS);
                }
            }

            if (emailChanged) {
                String oldEmail = user.getEmail();
                user.setEmail(userRep.getEmail());
                user.setEmailVerified(false);
                event.clone().event(EventType.UPDATE_EMAIL).detail(Details.PREVIOUS_EMAIL, oldEmail).detail(Details.UPDATED_EMAIL, userRep.getEmail()).success();

                if (realm.isRegistrationEmailAsUsername()) {
                    user.setUsername(userRep.getEmail());
                }
            }

            user.setFirstName(userRep.getFirstName());
            user.setLastName(userRep.getLastName());

            if (userRep.getAttributes() != null) {
                for (String k : user.getAttributes().keySet()) {
                    if (!userRep.getAttributes().containsKey(k)) {
                        user.removeAttribute(k);
                    }
                }

                for (Map.Entry<String, List<String>> e : userRep.getAttributes().entrySet()) {
                    user.setAttribute(e.getKey(), e.getValue());
                }
            }

            event.success();

            return Cors.add(request, Response.ok()).auth().allowedOrigins(auth.getToken()).build();
        } catch (ReadOnlyException e) {
            return ErrorResponse.error(Messages.READ_ONLY_USER, Response.Status.BAD_REQUEST);
        }
    }

メンバ詳解

auth

Auth org.keycloak.services.resources.account.AccountRestService.auth

private

client

final ClientModel org.keycloak.services.resources.account.AccountRestService.client

private

clientConnection

ClientConnection org.keycloak.services.resources.account.AccountRestService.clientConnection

protected

event

final EventBuilder org.keycloak.services.resources.account.AccountRestService.event

private

eventStore

EventStoreProvider org.keycloak.services.resources.account.AccountRestService.eventStore

private

headers

HttpHeaders org.keycloak.services.resources.account.AccountRestService.headers

protected

realm

final RealmModel org.keycloak.services.resources.account.AccountRestService.realm

private

request

HttpRequest org.keycloak.services.resources.account.AccountRestService.request

private

session

final KeycloakSession org.keycloak.services.resources.account.AccountRestService.session

private

user

final UserModel org.keycloak.services.resources.account.AccountRestService.user

private

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/services/resources/account/AccountRestService.java