org.keycloak.credential.UserCredentialStoreManager の継承関係図

org.keycloak.credential.UserCredentialStoreManager 連携図

公開メンバ関数
	UserCredentialStoreManager (KeycloakSession session)

void	updateCredential (RealmModel realm, UserModel user, CredentialModel cred)

CredentialModel	createCredential (RealmModel realm, UserModel user, CredentialModel cred)

boolean	removeStoredCredential (RealmModel realm, UserModel user, String id)

CredentialModel	getStoredCredentialById (RealmModel realm, UserModel user, String id)

List< CredentialModel >	getStoredCredentials (RealmModel realm, UserModel user)

List< CredentialModel >	getStoredCredentialsByType (RealmModel realm, UserModel user, String type)

CredentialModel	getStoredCredentialByNameAndType (RealmModel realm, UserModel user, String name, String type)

boolean	isValid (RealmModel realm, UserModel user, CredentialInput... inputs)

boolean	isValid (RealmModel realm, UserModel user, List< CredentialInput > inputs)

void	updateCredential (RealmModel realm, UserModel user, CredentialInput input)

void	disableCredentialType (RealmModel realm, UserModel user, String credentialType)

Set< String >	getDisableableCredentialTypes (RealmModel realm, UserModel user)

boolean	isConfiguredFor (RealmModel realm, UserModel user, String type)

boolean	isConfiguredLocally (RealmModel realm, UserModel user, String type)

CredentialValidationOutput	authenticate (KeycloakSession session, RealmModel realm, CredentialInput input)

void	onCache (RealmModel realm, CachedUserModel user, UserModel delegate)

void	close ()

静的公開メンバ関数
static< T > List< T >	getCredentialProviders (KeycloakSession session, RealmModel realm, Class< T > type)

限定公開メンバ関数
UserCredentialStore	getStoreForUser (UserModel user)

限定公開変数類
KeycloakSession	session

非公開メンバ関数
void	validate (RealmModel realm, UserModel user, List< CredentialInput > toValidate, CredentialInputValidator validator)

詳解

著者: Bill Burke

バージョン

Revision: 1

構築子と解体子

◆ UserCredentialStoreManager()

org.keycloak.credential.UserCredentialStoreManager.UserCredentialStoreManager ( KeycloakSession session )

inline

                                                                {
         this.session = session;
     }

関数詳解

◆ authenticate()

CredentialValidationOutput org.keycloak.credential.UserCredentialStoreManager.authenticate	(	KeycloakSession	session,
		RealmModel	realm,
		CredentialInput	input
	)

inline

                                                                                                                      {
         List<CredentialAuthentication> list = UserStorageManager.getEnabledStorageProviders(session, realm, CredentialAuthentication.class);
         for (CredentialAuthentication auth : list) {
             if (auth.supportsCredentialAuthenticationFor(input.getType())) {
                 CredentialValidationOutput output = auth.authenticate(realm, input);
                 if (output != null) return output;
             }
         }
 
         list = getCredentialProviders(session, realm, CredentialAuthentication.class);
         for (CredentialAuthentication auth : list) {
             if (auth.supportsCredentialAuthenticationFor(input.getType())) {
                 CredentialValidationOutput output = auth.authenticate(realm, input);
                 if (output != null) return output;
             }
         }
 
         return null;
     }

◆ close()

void org.keycloak.credential.UserCredentialStoreManager.close ( )

inline

                         {
 
     }

◆ createCredential()

CredentialModel org.keycloak.credential.UserCredentialStoreManager.createCredential	(	RealmModel	realm,
		UserModel	user,
		CredentialModel	cred
	)

inline

                                                                                                     {
         return getStoreForUser(user).createCredential(realm, user, cred);
     }

◆ disableCredentialType()

void org.keycloak.credential.UserCredentialStoreManager.disableCredentialType	(	RealmModel	realm,
		UserModel	user,
		String	credentialType
	)

inline

                                                                                                {
         if (!StorageId.isLocalStorage(user)) {
             String providerId = StorageId.resolveProviderId(user);
             UserStorageProvider provider = UserStorageManager.getStorageProvider(session, realm, providerId);
             if (provider instanceof CredentialInputUpdater) {
                 if (!UserStorageManager.isStorageProviderEnabled(realm, providerId)) return;
                 CredentialInputUpdater updater = (CredentialInputUpdater) provider;
                 if (updater.supportsCredentialType(credentialType)) {
                     updater.disableCredentialType(realm, user, credentialType);
                 }
 
             }
         } else {
             if (user.getFederationLink() != null) {
                 UserStorageProvider provider = UserStorageManager.getStorageProvider(session, realm, user.getFederationLink());
                 if (provider != null && provider instanceof CredentialInputUpdater) {
                     if (!UserStorageManager.isStorageProviderEnabled(realm, user.getFederationLink())) return;
                     ((CredentialInputUpdater) provider).disableCredentialType(realm, user, credentialType);
                 }
             }
 
         }
 
         List<CredentialInputUpdater> credentialProviders = getCredentialProviders(session, realm, CredentialInputUpdater.class);
         for (CredentialInputUpdater updater : credentialProviders) {
             if (!updater.supportsCredentialType(credentialType)) continue;
             updater.disableCredentialType(realm, user, credentialType);
 
         }
 
 
     }

◆ getCredentialProviders()

static <T> List<T> org.keycloak.credential.UserCredentialStoreManager.getCredentialProviders	(	KeycloakSession	session,
		RealmModel	realm,
		Class< T >	type
	)

inlinestatic

                                                                                                                {
         List<T> list = new LinkedList<T>();
         for (ProviderFactory f : session.getKeycloakSessionFactory().getProviderFactories(CredentialProvider.class)) {
             if (!Types.supports(type, f, CredentialProviderFactory.class)) continue;
             list.add((T) session.getProvider(CredentialProvider.class, f.getId()));
         }
         return list;
 
     }

◆ getDisableableCredentialTypes()

Set<String> org.keycloak.credential.UserCredentialStoreManager.getDisableableCredentialTypes	(	RealmModel	realm,
		UserModel	user
	)

inline

                                                                                        {
         Set<String> types = new HashSet<>();
         if (!StorageId.isLocalStorage(user)) {
             String providerId = StorageId.resolveProviderId(user);
             UserStorageProvider provider = UserStorageManager.getStorageProvider(session, realm, providerId);
             if (provider instanceof CredentialInputUpdater) {
                 if (!UserStorageManager.isStorageProviderEnabled(realm, providerId)) return Collections.EMPTY_SET;
                 CredentialInputUpdater updater = (CredentialInputUpdater) provider;
                 types.addAll(updater.getDisableableCredentialTypes(realm, user));
             }
         } else {
             if (user.getFederationLink() != null) {
                 UserStorageProvider provider = UserStorageManager.getStorageProvider(session, realm, user.getFederationLink());
                 if (provider != null && provider instanceof CredentialInputUpdater) {
                     if (!UserStorageManager.isStorageProviderEnabled(realm, user.getFederationLink())) return Collections.EMPTY_SET;
                     types.addAll(((CredentialInputUpdater) provider).getDisableableCredentialTypes(realm, user));
                 }
             }
 
         }
 
         List<CredentialInputUpdater> credentialProviders = getCredentialProviders(session, realm, CredentialInputUpdater.class);
         for (CredentialInputUpdater updater : credentialProviders) {
             types.addAll(updater.getDisableableCredentialTypes(realm, user));
         }
         return types;
     }

◆ getStoredCredentialById()

CredentialModel org.keycloak.credential.UserCredentialStoreManager.getStoredCredentialById	(	RealmModel	realm,
		UserModel	user,
		String	id
	)

inline

                                                                                                 {
         return getStoreForUser(user).getStoredCredentialById(realm, user, id);
     }

◆ getStoredCredentialByNameAndType()

CredentialModel org.keycloak.credential.UserCredentialStoreManager.getStoredCredentialByNameAndType	(	RealmModel	realm,
		UserModel	user,
		String	name,
		String	type
	)

inline

                                                                                                                         {
         return getStoreForUser(user).getStoredCredentialByNameAndType(realm, user, name, type);
     }

◆ getStoredCredentials()

List<CredentialModel> org.keycloak.credential.UserCredentialStoreManager.getStoredCredentials	(	RealmModel	realm,
		UserModel	user
	)

inline

                                                                                         {
         return getStoreForUser(user).getStoredCredentials(realm, user);
     }

◆ getStoredCredentialsByType()

List<CredentialModel> org.keycloak.credential.UserCredentialStoreManager.getStoredCredentialsByType	(	RealmModel	realm,
		UserModel	user,
		String	type
	)

inline

                                                                                                            {
         return getStoreForUser(user).getStoredCredentialsByType(realm, user, type);
     }

◆ getStoreForUser()

UserCredentialStore org.keycloak.credential.UserCredentialStoreManager.getStoreForUser ( UserModel user )

inlineprotected

                                                                   {
         if (StorageId.isLocalStorage(user)) {
             return (UserCredentialStore) session.userLocalStorage();
         } else {
             return (UserCredentialStore) session.userFederatedStorage();
         }
     }

◆ isConfiguredFor()

boolean org.keycloak.credential.UserCredentialStoreManager.isConfiguredFor	(	RealmModel	realm,
		UserModel	user,
		String	type
	)

inline

                                                                                   {
         if (!StorageId.isLocalStorage(user)) {
             String providerId = StorageId.resolveProviderId(user);
             UserStorageProvider provider = UserStorageManager.getStorageProvider(session, realm, providerId);
             if (provider instanceof CredentialInputValidator) {
                 if (!UserStorageManager.isStorageProviderEnabled(realm, providerId)) return false;
                 CredentialInputValidator validator = (CredentialInputValidator) provider;
                 if (validator.supportsCredentialType(type) && validator.isConfiguredFor(realm, user, type)) {
                     return true;
                 }
             }
         } else {
             if (user.getFederationLink() != null) {
                 UserStorageProvider provider = UserStorageManager.getStorageProvider(session, realm, user.getFederationLink());
                 if (provider != null && provider instanceof CredentialInputValidator) {
                     if (!UserStorageManager.isStorageProviderEnabled(realm, user.getFederationLink())) return false;
                     if (((CredentialInputValidator) provider).isConfiguredFor(realm, user, type)) return true;
                 }
             }
 
         }
 
         return isConfiguredLocally(realm, user, type);
     }

◆ isConfiguredLocally()

boolean org.keycloak.credential.UserCredentialStoreManager.isConfiguredLocally	(	RealmModel	realm,
		UserModel	user,
		String	type
	)

inline

                                                                                       {
         List<CredentialInputValidator> credentialProviders = getCredentialProviders(session, realm, CredentialInputValidator.class);
         for (CredentialInputValidator validator : credentialProviders) {
             if (validator.supportsCredentialType(type) && validator.isConfiguredFor(realm, user, type)) {
                 return true;
             }
 
         }
         return false;
     }

◆ isValid() [1/2]

boolean org.keycloak.credential.UserCredentialStoreManager.isValid	(	RealmModel	realm,
		UserModel	user,
		CredentialInput...	inputs
	)

inline

                                                                                         {
         return isValid(realm, user, Arrays.asList(inputs));
     }

◆ isValid() [2/2]

boolean org.keycloak.credential.UserCredentialStoreManager.isValid	(	RealmModel	realm,
		UserModel	user,
		List< CredentialInput >	inputs
	)

inline

                                                                                            {
 
         List<CredentialInput> toValidate = new LinkedList<>();
         toValidate.addAll(inputs);
         if (!StorageId.isLocalStorage(user)) {
             String providerId = StorageId.resolveProviderId(user);
             UserStorageProvider provider = UserStorageManager.getStorageProvider(session, realm, providerId);
             if (provider instanceof CredentialInputValidator) {
                 if (!UserStorageManager.isStorageProviderEnabled(realm, providerId)) return false;
                 Iterator<CredentialInput> it = toValidate.iterator();
                 while (it.hasNext()) {
                     CredentialInput input = it.next();
                     CredentialInputValidator validator = (CredentialInputValidator) provider;
                     if (validator.supportsCredentialType(input.getType()) && validator.isValid(realm, user, input)) {
                         it.remove();
                     }
                 }
             }
         } else {
             if (user.getFederationLink() != null) {
                 UserStorageProvider provider = UserStorageManager.getStorageProvider(session, realm, user.getFederationLink());
                 if (provider != null && provider instanceof CredentialInputValidator) {
                     if (!UserStorageManager.isStorageProviderEnabled(realm, user.getFederationLink())) return false;
                     validate(realm, user, toValidate, ((CredentialInputValidator)provider));
                 }
             }
         }
 
         if (toValidate.isEmpty()) return true;
 
         List<CredentialInputValidator> credentialProviders = getCredentialProviders(session, realm, CredentialInputValidator.class);
         for (CredentialInputValidator validator : credentialProviders) {
             validate(realm, user, toValidate, validator);
 
         }
         return toValidate.isEmpty();
     }

◆ onCache()

void org.keycloak.credential.UserCredentialStoreManager.onCache	(	RealmModel	realm,
		CachedUserModel	user,
		UserModel	delegate
	)

inline

                                                                                     {
         List<OnUserCache> credentialProviders = getCredentialProviders(session, realm, OnUserCache.class);
         for (OnUserCache validator : credentialProviders) {
             validator.onCache(realm, user, delegate);
         }
     }

◆ removeStoredCredential()

boolean org.keycloak.credential.UserCredentialStoreManager.removeStoredCredential	(	RealmModel	realm,
		UserModel	user,
		String	id
	)

inline

                                                                                        {
         return getStoreForUser(user).removeStoredCredential(realm, user, id);
     }

◆ updateCredential() [1/2]

void org.keycloak.credential.UserCredentialStoreManager.updateCredential	(	RealmModel	realm,
		UserModel	user,
		CredentialModel	cred
	)

inline

                                                                                          {
         getStoreForUser(user).updateCredential(realm, user, cred);
 
     }

◆ updateCredential() [2/2]

void org.keycloak.credential.UserCredentialStoreManager.updateCredential	(	RealmModel	realm,
		UserModel	user,
		CredentialInput	input
	)

inline

                                                                                           {
         if (!StorageId.isLocalStorage(user)) {
             String providerId = StorageId.resolveProviderId(user);
             UserStorageProvider provider = UserStorageManager.getStorageProvider(session, realm, providerId);
             if (provider instanceof CredentialInputUpdater) {
                 if (!UserStorageManager.isStorageProviderEnabled(realm, providerId)) return;
                 CredentialInputUpdater updater = (CredentialInputUpdater) provider;
                 if (updater.supportsCredentialType(input.getType())) {
                     if (updater.updateCredential(realm, user, input)) return;
                 }
 
             }
         } else {
             if (user.getFederationLink() != null) {
                 UserStorageProvider provider = UserStorageManager.getStorageProvider(session, realm, user.getFederationLink());
                 if (provider != null && provider instanceof CredentialInputUpdater) {
                     if (!UserStorageManager.isStorageProviderEnabled(realm, user.getFederationLink())) return;
                     if (((CredentialInputUpdater) provider).updateCredential(realm, user, input)) return;
                 }
             }
         }
 
         List<CredentialInputUpdater> credentialProviders = getCredentialProviders(session, realm, CredentialInputUpdater.class);
         for (CredentialInputUpdater updater : credentialProviders) {
             if (!updater.supportsCredentialType(input.getType())) continue;
             if (updater.updateCredential(realm, user, input)) return;
 
         }
     }

◆ validate()

void org.keycloak.credential.UserCredentialStoreManager.validate	(	RealmModel	realm,
		UserModel	user,
		List< CredentialInput >	toValidate,
		CredentialInputValidator	validator
	)

inlineprivate

                                                                                                                                   {
         Iterator<CredentialInput> it = toValidate.iterator();
         while (it.hasNext()) {
             CredentialInput input = it.next();
             if (validator.supportsCredentialType(input.getType()) && validator.isValid(realm, user, input)) {
                 it.remove();
             }
         }
     }

メンバ詳解

◆ session

KeycloakSession org.keycloak.credential.UserCredentialStoreManager.session

protected

このクラス詳解は次のファイルから抽出されました:

D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/credential/UserCredentialStoreManager.java

公開メンバ関数

静的公開メンバ関数

限定公開メンバ関数

限定公開変数類

非公開メンバ関数

詳解

構築子と解体子

◆ UserCredentialStoreManager()

関数詳解

◆ authenticate()

◆ close()

◆ createCredential()

◆ disableCredentialType()

◆ getCredentialProviders()

◆ getDisableableCredentialTypes()

◆ getStoredCredentialById()

◆ getStoredCredentialByNameAndType()

◆ getStoredCredentials()

◆ getStoredCredentialsByType()

◆ getStoreForUser()

◆ isConfiguredFor()

◆ isConfiguredLocally()

◆ isValid() [1/2]

◆ isValid() [2/2]

◆ onCache()

◆ removeStoredCredential()

◆ updateCredential() [1/2]

◆ updateCredential() [2/2]

◆ validate()

メンバ詳解

◆ session