org.keycloak.services.resources.admin.ClientsResource 連携図

公開メンバ関数
	ClientsResource (RealmModel realm, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent)

List< ClientRepresentation >	getClients (@QueryParam("clientId") String clientId, @QueryParam("viewableOnly") @DefaultValue("false") boolean viewableOnly)

Response	createClient (final ClientRepresentation rep)

ClientResource	getClient (final @PathParam("id") String id)

限定公開変数類
RealmModel	realm

KeycloakSession	session

静的限定公開変数類
static final Logger	logger = Logger.getLogger(ClientsResource.class)

非公開メンバ関数
AuthorizationService	getAuthorizationService (ClientModel clientModel)

非公開変数類
AdminPermissionEvaluator	auth

AdminEventBuilder	adminEvent

詳解

Base resource class for managing a realm's clients.

Clients

著者: Bill Burke

バージョン

Revision: 1

構築子と解体子

◆ ClientsResource()

org.keycloak.services.resources.admin.ClientsResource.ClientsResource	(	RealmModel	realm,
		AdminPermissionEvaluator	auth,
		AdminEventBuilder	adminEvent
	)

inline

                                                                                                           {
         this.realm = realm;
         this.auth = auth;
         this.adminEvent = adminEvent.resource(ResourceType.CLIENT);
 
     }

関数詳解

◆ createClient()

Response org.keycloak.services.resources.admin.ClientsResource.createClient ( final ClientRepresentation rep )

inline

Create a new client

Client's client_id must be unique!

引数

rep

戻り値

                                                                  {
         auth.clients().requireManage();
 
         ValidationMessages validationMessages = new ValidationMessages();
         if (!ClientValidator.validate(rep, validationMessages) || !PairwiseClientValidator.validate(session, rep, validationMessages)) {
             Properties messages = AdminRoot.getMessages(session, realm, auth.adminAuth().getToken().getLocale());
             throw new ErrorResponseException(
                     validationMessages.getStringMessages(),
                     validationMessages.getStringMessages(messages),
                     Response.Status.BAD_REQUEST
             );
         }
 
         try {
             ClientModel clientModel = ClientManager.createClient(session, realm, rep, true);
 
             if (TRUE.equals(rep.isServiceAccountsEnabled())) {
                 UserModel serviceAccount = session.users().getServiceAccount(clientModel);
 
                 if (serviceAccount == null) {
                     new ClientManager(new RealmManager(session)).enableServiceAccount(clientModel);
                 }
             }
 
             adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri(), clientModel.getId()).representation(rep).success();
 
             if (Profile.isFeatureEnabled(Profile.Feature.AUTHORIZATION)) {
                 if (TRUE.equals(rep.getAuthorizationServicesEnabled())) {
                     AuthorizationService authorizationService = getAuthorizationService(clientModel);
 
                     authorizationService.enable(true);
 
                     ResourceServerRepresentation authorizationSettings = rep.getAuthorizationSettings();
 
                     if (authorizationSettings != null) {
                         authorizationService.resourceServer().importSettings(authorizationSettings);
                     }
                 }
             }
 
             return Response.created(session.getContext().getUri().getAbsolutePathBuilder().path(clientModel.getId()).build()).build();
         } catch (ModelDuplicateException e) {
             return ErrorResponse.exists("Client " + rep.getClientId() + " already exists");
         }
     }

◆ getAuthorizationService()

AuthorizationService org.keycloak.services.resources.admin.ClientsResource.getAuthorizationService ( ClientModel clientModel )

inlineprivate

                                                                                   {
         return new AuthorizationService(session, clientModel, auth, adminEvent);
     }

◆ getClient()

ClientResource org.keycloak.services.resources.admin.ClientsResource.getClient ( final @PathParam("id") String id )

inline

Base path for managing a specific client.

引数

id	id of client (not client-id)

戻り値

                                                                       {
 
         ClientModel clientModel = realm.getClientById(id);
         if (clientModel == null) {
             // we do this to make sure somebody can't phish ids
             if (auth.clients().canList()) throw new NotFoundException("Could not find client");
             else throw new ForbiddenException();
         }
 
         session.getContext().setClient(clientModel);
 
         ClientResource clientResource = new ClientResource(realm, auth, clientModel, session, adminEvent);
         ResteasyProviderFactory.getInstance().injectProperties(clientResource);
         return clientResource;
     }

◆ getClients()

List<ClientRepresentation> org.keycloak.services.resources.admin.ClientsResource.getClients	(	@QueryParam("clientId") String	clientId,
		@QueryParam("viewableOnly") @DefaultValue("false") boolean	viewableOnly
	)

inline

Get clients belonging to the realm

Returns a list of clients belonging to the realm

引数

clientId	filter by clientId
viewableOnly	filter clients that cannot be viewed in full by admin

                                                                                                                                                                    {
         List<ClientRepresentation> rep = new ArrayList<>();
 
         if (clientId == null || clientId.trim().equals("")) {
             List<ClientModel> clientModels = realm.getClients();
             auth.clients().requireList();
             boolean view = auth.clients().canView();
             for (ClientModel clientModel : clientModels) {
                 if (view || auth.clients().canView(clientModel)) {
                     ClientRepresentation representation = ModelToRepresentation.toRepresentation(clientModel, session);
                     rep.add(representation);
                     representation.setAccess(auth.clients().getAccess(clientModel));
                 } else if (!viewableOnly) {
                     ClientRepresentation client = new ClientRepresentation();
                     client.setId(clientModel.getId());
                     client.setClientId(clientModel.getClientId());
                     client.setDescription(clientModel.getDescription());
                     rep.add(client);
                 }
             }
         } else {
             ClientModel clientModel = realm.getClientByClientId(clientId);
             if (clientModel != null) {
                 if (auth.clients().canView(clientModel)) {
                     ClientRepresentation representation = ModelToRepresentation.toRepresentation(clientModel, session);
                     representation.setAccess(auth.clients().getAccess(clientModel));
                     rep.add(representation);
                 } else if (!viewableOnly && auth.clients().canList()){
                     ClientRepresentation client = new ClientRepresentation();
                     client.setId(clientModel.getId());
                     client.setClientId(clientModel.getClientId());
                     client.setDescription(clientModel.getDescription());
                     rep.add(client);
 
                 } else {
                     throw new ForbiddenException();
                 }
             }
         }
         return rep;
     }

メンバ詳解

◆ adminEvent

AdminEventBuilder org.keycloak.services.resources.admin.ClientsResource.adminEvent

private

◆ auth

AdminPermissionEvaluator org.keycloak.services.resources.admin.ClientsResource.auth

private

◆ logger

final Logger org.keycloak.services.resources.admin.ClientsResource.logger = Logger.getLogger(ClientsResource.class)

staticprotected

◆ realm

RealmModel org.keycloak.services.resources.admin.ClientsResource.realm

protected

◆ session

KeycloakSession org.keycloak.services.resources.admin.ClientsResource.session

protected

このクラス詳解は次のファイルから抽出されました:

D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java

公開メンバ関数

限定公開変数類

静的限定公開変数類

非公開メンバ関数

非公開変数類

詳解

構築子と解体子

◆ ClientsResource()

関数詳解

◆ createClient()

◆ getAuthorizationService()

◆ getClient()

◆ getClients()

メンバ詳解

◆ adminEvent

◆ auth

◆ logger

◆ realm

◆ session