org.keycloak.forms.account.freemarker.model.AuthorizationBean 連携図

クラス
class	ManagedPermissionBean

class	PermissionScopeBean

class	RequesterBean

class	ResourceBean

class	ResourceServerBean

公開メンバ関数
	AuthorizationBean (KeycloakSession session, UserModel user, UriInfo uriInfo)

Collection< ResourceBean >	getResourcesWaitingOthersApproval ()

Collection< ResourceBean >	getResourcesWaitingApproval ()

List< ResourceBean >	getResources ()

Collection< ResourceBean >	getSharedResources ()

ResourceBean	getResource ()

非公開メンバ関数
ResourceBean	getResource (String id)

Collection< RequesterBean >	toPermissionRepresentation (List< PermissionTicket > permissionRequests)

Collection< ResourceBean >	toResourceRepresentation (List< PermissionTicket > tickets)

List< PermissionTicket >	findPermissions (Map< String, String > filters)

非公開変数類
final UserModel	user

final AuthorizationProvider	authorization

final UriInfo	uriInfo

ResourceBean	resource

List< ResourceBean >	resources

Collection< ResourceBean >	userSharedResources

Collection< ResourceBean >	requestsWaitingPermission

Collection< ResourceBean >	resourcesWaitingOthersApproval

詳解

著者: Stian Thorgersen

構築子と解体子

◆ AuthorizationBean()

org.keycloak.forms.account.freemarker.model.AuthorizationBean.AuthorizationBean	(	KeycloakSession	session,
		UserModel	user,
		UriInfo	uriInfo
	)

inline

                                                                                        {
         this.user = user;
         this.uriInfo = uriInfo;
         authorization = session.getProvider(AuthorizationProvider.class);
         List<String> pathParameters = uriInfo.getPathParameters().get("resource_id");
 
         if (pathParameters != null && !pathParameters.isEmpty()) {
             Resource resource = authorization.getStoreFactory().getResourceStore().findById(pathParameters.get(0), null);
 
             if (resource != null && !resource.getOwner().equals(user.getId())) {
                 throw new RuntimeException("User [" + user.getUsername() + "] can not access resource [" + resource.getId() + "]");
             }
         }
     }

関数詳解

◆ findPermissions()

List<PermissionTicket> org.keycloak.forms.account.freemarker.model.AuthorizationBean.findPermissions ( Map< String, String > filters )

inlineprivate

                                                                                 {
         return authorization.getStoreFactory().getPermissionTicketStore().find(filters, null, -1, -1);
     }

◆ getResource() [1/2]

ResourceBean org.keycloak.forms.account.freemarker.model.AuthorizationBean.getResource ( )

inline

                                       {
         if (resource == null) {
             String resourceId = uriInfo.getPathParameters().getFirst("resource_id");
 
             if (resourceId != null) {
                 resource = getResource(resourceId);
             }
         }
 
         return resource;
     }

◆ getResource() [2/2]

ResourceBean org.keycloak.forms.account.freemarker.model.AuthorizationBean.getResource ( String id )

inlineprivate

                                                 {
         return new ResourceBean(authorization.getStoreFactory().getResourceStore().findById(id, null));
     }

◆ getResources()

List<ResourceBean> org.keycloak.forms.account.freemarker.model.AuthorizationBean.getResources ( )

inline

                                              {
         if (resources == null) {
             resources = authorization.getStoreFactory().getResourceStore().findByOwner(user.getId(), null).stream()
                     .filter(Resource::isOwnerManagedAccess)
                     .map(ResourceBean::new)
                     .collect(Collectors.toList());
         }
         return resources;
     }

◆ getResourcesWaitingApproval()

Collection<ResourceBean> org.keycloak.forms.account.freemarker.model.AuthorizationBean.getResourcesWaitingApproval ( )

inline

                                                                   {
         if (requestsWaitingPermission == null) {
             HashMap<String, String> filters = new HashMap<>();
 
             filters.put(PermissionTicket.OWNER, user.getId());
             filters.put(PermissionTicket.GRANTED, Boolean.FALSE.toString());
 
             requestsWaitingPermission = toResourceRepresentation(findPermissions(filters));
         }
 
         return requestsWaitingPermission;
     }

◆ getResourcesWaitingOthersApproval()

Collection<ResourceBean> org.keycloak.forms.account.freemarker.model.AuthorizationBean.getResourcesWaitingOthersApproval ( )

inline

                                                                         {
         if (resourcesWaitingOthersApproval == null) {
             HashMap<String, String> filters = new HashMap<>();
 
             filters.put(PermissionTicket.REQUESTER, user.getId());
             filters.put(PermissionTicket.GRANTED, Boolean.FALSE.toString());
 
             resourcesWaitingOthersApproval = toResourceRepresentation(findPermissions(filters));
         }
 
         return resourcesWaitingOthersApproval;
     }

◆ getSharedResources()

Collection<ResourceBean> org.keycloak.forms.account.freemarker.model.AuthorizationBean.getSharedResources ( )

inline

                                                          {
         if (userSharedResources == null) {
             HashMap<String, String> filters = new HashMap<>();
 
             filters.put(PermissionTicket.REQUESTER, user.getId());
             filters.put(PermissionTicket.GRANTED, Boolean.TRUE.toString());
 
             PermissionTicketStore ticketStore = authorization.getStoreFactory().getPermissionTicketStore();
 
             userSharedResources = toResourceRepresentation(ticketStore.find(filters, null, -1, -1));
         }
         return userSharedResources;
     }

◆ toPermissionRepresentation()

Collection<RequesterBean> org.keycloak.forms.account.freemarker.model.AuthorizationBean.toPermissionRepresentation ( List< PermissionTicket > permissionRequests )

inlineprivate

                                                                                                             {
         Map<String, RequesterBean> requests = new HashMap<>();
 
         for (PermissionTicket ticket : permissionRequests) {
             Resource resource = ticket.getResource();
 
             if (!resource.isOwnerManagedAccess()) {
                 continue;
             }
 
             requests.computeIfAbsent(ticket.getRequester(), resourceId -> new RequesterBean(ticket, authorization)).addScope(ticket);
         }
 
         return requests.values();
     }

◆ toResourceRepresentation()

Collection<ResourceBean> org.keycloak.forms.account.freemarker.model.AuthorizationBean.toResourceRepresentation ( List< PermissionTicket > tickets )

inlineprivate

                                                                                               {
         Map<String, ResourceBean> requests = new HashMap<>();
 
         for (PermissionTicket ticket : tickets) {
             Resource resource = ticket.getResource();
 
             if (!resource.isOwnerManagedAccess()) {
                 continue;
             }
 
             requests.computeIfAbsent(resource.getId(), resourceId -> getResource(resourceId)).addPermission(ticket, authorization);
         }
 
         return requests.values();
     }

メンバ詳解

◆ authorization

final AuthorizationProvider org.keycloak.forms.account.freemarker.model.AuthorizationBean.authorization

private

◆ requestsWaitingPermission

Collection<ResourceBean> org.keycloak.forms.account.freemarker.model.AuthorizationBean.requestsWaitingPermission

private

◆ resource

ResourceBean org.keycloak.forms.account.freemarker.model.AuthorizationBean.resource

private

◆ resources

List<ResourceBean> org.keycloak.forms.account.freemarker.model.AuthorizationBean.resources

private

◆ resourcesWaitingOthersApproval

Collection<ResourceBean> org.keycloak.forms.account.freemarker.model.AuthorizationBean.resourcesWaitingOthersApproval

private

◆ uriInfo

final UriInfo org.keycloak.forms.account.freemarker.model.AuthorizationBean.uriInfo

private

◆ user

final UserModel org.keycloak.forms.account.freemarker.model.AuthorizationBean.user

private

◆ userSharedResources

Collection<ResourceBean> org.keycloak.forms.account.freemarker.model.AuthorizationBean.userSharedResources

private

このクラス詳解は次のファイルから抽出されました:

D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/forms/account/freemarker/model/AuthorizationBean.java

クラス

公開メンバ関数

非公開メンバ関数

非公開変数類

詳解

構築子と解体子

◆ AuthorizationBean()

関数詳解

◆ findPermissions()

◆ getResource() [1/2]

◆ getResource() [2/2]

◆ getResources()

◆ getResourcesWaitingApproval()

◆ getResourcesWaitingOthersApproval()

◆ getSharedResources()

◆ toPermissionRepresentation()

◆ toResourceRepresentation()

メンバ詳解

◆ authorization

◆ requestsWaitingPermission

◆ resource

◆ resources

◆ resourcesWaitingOthersApproval

◆ uriInfo

◆ user

◆ userSharedResources