org.keycloak.services.resources.ClientsManagementService クラス

org.keycloak.services.resources.ClientsManagementService 連携図

公開メンバ関数
	ClientsManagementService (RealmModel realm, EventBuilder event)
Response	registerNode (@HeaderParam(HttpHeaders.AUTHORIZATION) String authorizationHeader, final MultivaluedMap< String, String > formData)
Response	unregisterNode (@HeaderParam(HttpHeaders.AUTHORIZATION) String authorizationHeader, final MultivaluedMap< String, String > formData)

静的公開メンバ関数
static UriBuilder	clientsManagementBaseUrl (UriBuilder baseUriBuilder)
static UriBuilder	registerNodeUrl (UriBuilder baseUriBuilder)
static UriBuilder	unregisterNodeUrl (UriBuilder baseUriBuilder)

限定公開メンバ関数
ClientModel	authorizeClient ()
String	getClientClusterHost (MultivaluedMap< String, String > formData)

限定公開変数類
HttpHeaders	headers
Providers	providers
KeycloakSession	session

非公開メンバ関数
boolean	checkSsl ()

非公開変数類
RealmModel	realm
EventBuilder	event
HttpRequest	request
ClientConnection	clientConnection

静的非公開変数類
static final Logger	logger = Logger.getLogger(ClientsManagementService.class)

詳解

著者

Marek Posolda

構築子と解体子

ClientsManagementService()

org.keycloak.services.resources.ClientsManagementService.ClientsManagementService ( RealmModel  realm, EventBuilder  event  )

inline

                                                                          {
        this.realm = realm;
        this.event = event;
    }

関数詳解

authorizeClient()

ClientModel org.keycloak.services.resources.ClientsManagementService.authorizeClient ( )

inlineprotected

                                            {
        ClientModel client = AuthorizeClientUtil.authorizeClient(session, event).getClient();

        if (client.isPublicClient()) {
            OAuth2ErrorRepresentation errorRep = new OAuth2ErrorRepresentation(OAuthErrorException.INVALID_CLIENT, "Public clients not allowed");
            event.error(Errors.INVALID_CLIENT);
            throw new BadRequestException("Public clients not allowed", javax.ws.rs.core.Response.status(javax.ws.rs.core.Response.Status.BAD_REQUEST).entity(errorRep).type(MediaType.APPLICATION_JSON_TYPE).build());
        }

        return client;
    }

checkSsl()

boolean org.keycloak.services.resources.ClientsManagementService.checkSsl ( )

inlineprivate

                               {
        if (session.getContext().getUri().getBaseUri().getScheme().equals("https")) {
            return true;
        } else {
            return !realm.getSslRequired().isRequired(clientConnection);
        }
    }

clientsManagementBaseUrl()

static UriBuilder org.keycloak.services.resources.ClientsManagementService.clientsManagementBaseUrl ( UriBuilder  baseUriBuilder )

inlinestatic

                                                                                 {
        return baseUriBuilder.path(RealmsResource.class).path(RealmsResource.class, "getClientsManagementService");
    }

getClientClusterHost()

String org.keycloak.services.resources.ClientsManagementService.getClientClusterHost ( MultivaluedMap< String, String >  formData )

inlineprotected

                                                                                   {
        String clientClusterHost = formData.getFirst(AdapterConstants.CLIENT_CLUSTER_HOST);
        if (clientClusterHost == null || clientClusterHost.length() == 0) {
            OAuth2ErrorRepresentation errorRep = new OAuth2ErrorRepresentation( OAuthErrorException.INVALID_REQUEST, "Client cluster host not specified");
            event.error(Errors.INVALID_CODE);
            throw new BadRequestException("Cluster host not specified", javax.ws.rs.core.Response.status(javax.ws.rs.core.Response.Status.BAD_REQUEST).entity(errorRep).type(MediaType.APPLICATION_JSON_TYPE).build());
        }

        return clientClusterHost;
    }

registerNode()

Response org.keycloak.services.resources.ClientsManagementService.registerNode ( @HeaderParam(HttpHeaders.AUTHORIZATION) String  authorizationHeader, final MultivaluedMap< String, String >  formData  )

inline

URL invoked by adapter to register new client cluster node. Each application cluster node will invoke this URL once it joins cluster

引数

authorizationHeader
formData

戻り値

                                                                                                                                                    {
        if (!checkSsl()) {
            throw new ForbiddenException("HTTPS required");
        }

        event.event(EventType.REGISTER_NODE);

        if (!realm.isEnabled()) {
            event.error(Errors.REALM_DISABLED);
            throw new UnauthorizedException("Realm not enabled");
        }

        ClientModel client = authorizeClient();
        String nodeHost = getClientClusterHost(formData);

        event.client(client).detail(Details.NODE_HOST, nodeHost);
        logger.debugf("Registering cluster host '%s' for client '%s'", nodeHost, client.getClientId());

        client.registerNode(nodeHost, Time.currentTime());

        event.success();

        return Response.noContent().build();
    }

registerNodeUrl()

static UriBuilder org.keycloak.services.resources.ClientsManagementService.registerNodeUrl ( UriBuilder  baseUriBuilder )

inlinestatic

                                                                        {
        UriBuilder uriBuilder = clientsManagementBaseUrl(baseUriBuilder);
        return uriBuilder.path(ClientsManagementService.class, "registerNode");
    }

unregisterNode()

Response org.keycloak.services.resources.ClientsManagementService.unregisterNode ( @HeaderParam(HttpHeaders.AUTHORIZATION) String  authorizationHeader, final MultivaluedMap< String, String >  formData  )

inline

URL invoked by adapter to register new client cluster node. Each application cluster node will invoke this URL once it joins cluster

引数

authorizationHeader
formData

戻り値

                                                                                                                                                      {
        if (!checkSsl()) {
            throw new ForbiddenException("HTTPS required");
        }

        event.event(EventType.UNREGISTER_NODE);

        if (!realm.isEnabled()) {
            event.error(Errors.REALM_DISABLED);
            throw new UnauthorizedException("Realm not enabled");
        }

        ClientModel client = authorizeClient();
        String nodeHost = getClientClusterHost(formData);

        event.client(client).detail(Details.NODE_HOST, nodeHost);
        logger.debugf("Unregistering cluster host '%s' for client '%s'", nodeHost, client.getClientId());

        client.unregisterNode(nodeHost);

        event.success();

        return Response.noContent().build();
    }

unregisterNodeUrl()

static UriBuilder org.keycloak.services.resources.ClientsManagementService.unregisterNodeUrl ( UriBuilder  baseUriBuilder )

inlinestatic

                                                                          {
        UriBuilder uriBuilder = clientsManagementBaseUrl(baseUriBuilder);
        return uriBuilder.path(ClientsManagementService.class, "unregisterNode");
    }

メンバ詳解

clientConnection

ClientConnection org.keycloak.services.resources.ClientsManagementService.clientConnection

private

event

EventBuilder org.keycloak.services.resources.ClientsManagementService.event

private

headers

HttpHeaders org.keycloak.services.resources.ClientsManagementService.headers

protected

logger

final Logger org.keycloak.services.resources.ClientsManagementService.logger = Logger.getLogger(ClientsManagementService.class)

staticprivate

providers

Providers org.keycloak.services.resources.ClientsManagementService.providers

protected

realm

RealmModel org.keycloak.services.resources.ClientsManagementService.realm

private

request

HttpRequest org.keycloak.services.resources.ClientsManagementService.request

private

session

KeycloakSession org.keycloak.services.resources.ClientsManagementService.session

protected

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/services/resources/ClientsManagementService.java