keycloak-service
公開メンバ関数 | 非公開メンバ関数 | 非公開変数類 | 全メンバ一覧
org.keycloak.authorization.admin.ResourceServerService クラス
org.keycloak.authorization.admin.ResourceServerService 連携図
Collaboration graph

公開メンバ関数

 ResourceServerService (AuthorizationProvider authorization, ResourceServer resourceServer, ClientModel client, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent)
 
ResourceServer create (boolean newClient)
 
Response update (ResourceServerRepresentation server)
 
void delete ()
 
Response findById ()
 
Response exportSettings ()
 
Response importSettings (ResourceServerRepresentation rep)
 
ResourceSetService getResourceSetResource ()
 
ScopeService getScopeResource ()
 
PolicyService getPolicyResource ()
 
Object getPermissionTypeResource ()
 

非公開メンバ関数

void createDefaultPermission (ResourceRepresentation resource, PolicyRepresentation policy)
 
PolicyRepresentation createDefaultPolicy ()
 
ResourceRepresentation createDefaultResource ()
 
void audit (OperationType operation, UriInfo uriInfo, boolean newClient)
 

非公開変数類

final AuthorizationProvider authorization
 
final AdminPermissionEvaluator auth
 
final AdminEventBuilder adminEvent
 
final KeycloakSession session
 
ResourceServer resourceServer
 
final ClientModel client
 

詳解

著者
Pedro Igor

構築子と解体子

◆ ResourceServerService()

org.keycloak.authorization.admin.ResourceServerService.ResourceServerService ( AuthorizationProvider  authorization,
ResourceServer  resourceServer,
ClientModel  client,
AdminPermissionEvaluator  auth,
AdminEventBuilder  adminEvent 
)
inline
68  {
69  this.authorization = authorization;
70  this.session = authorization.getKeycloakSession();
71  this.client = client;
72  this.resourceServer = resourceServer;
73  this.auth = auth;
74  this.adminEvent = adminEvent;
75  }
org.keycloak.authorization.admin.ResourceServerService.session
final KeycloakSession session
Definition: ResourceServerService.java:64
org.keycloak.authorization.admin.ResourceServerService.authorization
final AuthorizationProvider authorization
Definition: ResourceServerService.java:61
org.keycloak.authorization.admin.ResourceServerService.client
final ClientModel client
Definition: ResourceServerService.java:66
org.keycloak.authorization.admin.ResourceServerService.auth
final AdminPermissionEvaluator auth
Definition: ResourceServerService.java:62
org.keycloak.authorization.admin.ResourceServerService.resourceServer
ResourceServer resourceServer
Definition: ResourceServerService.java:65
org.keycloak.authorization.admin.ResourceServerService.adminEvent
final AdminEventBuilder adminEvent
Definition: ResourceServerService.java:63

関数詳解

◆ audit()

void org.keycloak.authorization.admin.ResourceServerService.audit ( OperationType  operation,
UriInfo  uriInfo,
boolean  newClient 
)
inlineprivate
225  {
226  if (newClient) {
227  adminEvent.resource(ResourceType.AUTHORIZATION_RESOURCE_SERVER).operation(operation).resourcePath(uriInfo, client.getId())
228  .representation(ModelToRepresentation.toRepresentation(resourceServer, client)).success();
229  } else {
230  adminEvent.resource(ResourceType.AUTHORIZATION_RESOURCE_SERVER).operation(operation).resourcePath(uriInfo)
231  .representation(ModelToRepresentation.toRepresentation(resourceServer, client)).success();
232  }
233  }
org.keycloak.services.resources.admin.AdminEventBuilder.resource
AdminEventBuilder resource(ResourceType resourceType)
Definition: AdminEventBuilder.java:118
org.keycloak.services.resources.admin.AdminEventBuilder.operation
AdminEventBuilder operation(OperationType operationType)
Definition: AdminEventBuilder.java:113
org.keycloak.authorization.admin.ResourceServerService.client
final ClientModel client
Definition: ResourceServerService.java:66
org.keycloak.services.resources.admin.AdminEventBuilder.resourcePath
AdminEventBuilder resourcePath(String... pathElements)
Definition: AdminEventBuilder.java:171
org.keycloak.authorization.admin.ResourceServerService.resourceServer
ResourceServer resourceServer
Definition: ResourceServerService.java:65
org.keycloak.authorization.admin.ResourceServerService.adminEvent
final AdminEventBuilder adminEvent
Definition: ResourceServerService.java:63
org.keycloak.services.resources.admin.AdminEventBuilder.representation
AdminEventBuilder representation(Object value)
Definition: AdminEventBuilder.java:210

◆ create()

ResourceServer org.keycloak.authorization.admin.ResourceServerService.create ( boolean  newClient)
inline
77  {
78  this.auth.realm().requireManageAuthorization();
79 
80  UserModel serviceAccount = this.session.users().getServiceAccount(client);
81 
82  if (serviceAccount == null) {
83  throw new RuntimeException("Client does not have a service account.");
84  }
85 
86  if (this.resourceServer == null) {
87  this.resourceServer = RepresentationToModel.createResourceServer(client, session, true);
88  }
89 
90  createDefaultPermission(createDefaultResource(), createDefaultPolicy());
91  audit(OperationType.CREATE, session.getContext().getUri(), newClient);
92 
93  return resourceServer;
94  }
org.keycloak.authorization.admin.ResourceServerService.session
final KeycloakSession session
Definition: ResourceServerService.java:64
org.keycloak.authorization.admin.ResourceServerService.createDefaultPolicy
PolicyRepresentation createDefaultPolicy()
Definition: ResourceServerService.java:194
org.keycloak.authorization.admin.ResourceServerService.client
final ClientModel client
Definition: ResourceServerService.java:66
org.keycloak.authorization.admin.ResourceServerService.auth
final AdminPermissionEvaluator auth
Definition: ResourceServerService.java:62
org.keycloak.authorization.admin.ResourceServerService.createDefaultPermission
void createDefaultPermission(ResourceRepresentation resource, PolicyRepresentation policy)
Definition: ResourceServerService.java:180
org.keycloak.authorization.admin.ResourceServerService.resourceServer
ResourceServer resourceServer
Definition: ResourceServerService.java:65
org.keycloak.authorization.admin.ResourceServerService.audit
void audit(OperationType operation, UriInfo uriInfo, boolean newClient)
Definition: ResourceServerService.java:225
org.keycloak.authorization.admin.ResourceServerService.createDefaultResource
ResourceRepresentation createDefaultResource()
Definition: ResourceServerService.java:214

◆ createDefaultPermission()

void org.keycloak.authorization.admin.ResourceServerService.createDefaultPermission ( ResourceRepresentation  resource,
PolicyRepresentation  policy 
)
inlineprivate
180  {
181  ResourcePermissionRepresentation defaultPermission = new ResourcePermissionRepresentation();
182 
183  defaultPermission.setName("Default Permission");
184  defaultPermission.setDescription("A permission that applies to the default resource type");
185  defaultPermission.setDecisionStrategy(DecisionStrategy.UNANIMOUS);
186  defaultPermission.setLogic(Logic.POSITIVE);
187 
188  defaultPermission.setResourceType(resource.getType());
189  defaultPermission.addPolicy(policy.getName());
190 
191  getPolicyResource().create(defaultPermission);
192  }
org.keycloak.authorization.admin.PolicyService.create
Response create(String payload)
Definition: PolicyService.java:114
org.keycloak.authorization.admin.ResourceServerService.getPolicyResource
PolicyService getPolicyResource()
Definition: ResourceServerService.java:162

◆ createDefaultPolicy()

PolicyRepresentation org.keycloak.authorization.admin.ResourceServerService.createDefaultPolicy ( )
inlineprivate
194  {
195  PolicyRepresentation defaultPolicy = new PolicyRepresentation();
196 
197  defaultPolicy.setName("Default Policy");
198  defaultPolicy.setDescription("A policy that grants access only for users within this realm");
199  defaultPolicy.setType("js");
200  defaultPolicy.setDecisionStrategy(DecisionStrategy.AFFIRMATIVE);
201  defaultPolicy.setLogic(Logic.POSITIVE);
202 
203  HashMap<String, String> defaultPolicyConfig = new HashMap<>();
204 
205  defaultPolicyConfig.put("code", "// by default, grants any permission associated with this policy\n$evaluation.grant();\n");
206 
207  defaultPolicy.setConfig(defaultPolicyConfig);
208 
209  getPolicyResource().create(defaultPolicy);
210 
211  return defaultPolicy;
212  }
org.keycloak.authorization.admin.PolicyService.create
Response create(String payload)
Definition: PolicyService.java:114
org.keycloak.authorization.admin.ResourceServerService.getPolicyResource
PolicyService getPolicyResource()
Definition: ResourceServerService.java:162

◆ createDefaultResource()

ResourceRepresentation org.keycloak.authorization.admin.ResourceServerService.createDefaultResource ( )
inlineprivate
214  {
215  ResourceRepresentation defaultResource = new ResourceRepresentation();
216 
217  defaultResource.setName("Default Resource");
218  defaultResource.setUris(Collections.singleton("/*"));
219  defaultResource.setType("urn:" + this.client.getClientId() + ":resources:default");
220 
221  getResourceSetResource().create(defaultResource);
222  return defaultResource;
223  }
org.keycloak.authorization.admin.ResourceServerService.getResourceSetResource
ResourceSetService getResourceSetResource()
Definition: ResourceServerService.java:144
org.keycloak.authorization.admin.ResourceServerService.client
final ClientModel client
Definition: ResourceServerService.java:66
org.keycloak.authorization.admin.ResourceSetService.create
ResourceRepresentation create(ResourceRepresentation resource)
Definition: ResourceSetService.java:110

◆ delete()

void org.keycloak.authorization.admin.ResourceServerService.delete ( )
inline
107  {
108  this.auth.realm().requireManageAuthorization();
109  authorization.getStoreFactory().getResourceServerStore().delete(resourceServer.getId());
110  audit(OperationType.DELETE, session.getContext().getUri(), false);
111  }
org.keycloak.authorization.admin.ResourceServerService.session
final KeycloakSession session
Definition: ResourceServerService.java:64
org.keycloak.authorization.admin.ResourceServerService.authorization
final AuthorizationProvider authorization
Definition: ResourceServerService.java:61
org.keycloak.authorization.admin.ResourceServerService.auth
final AdminPermissionEvaluator auth
Definition: ResourceServerService.java:62
org.keycloak.authorization.admin.ResourceServerService.resourceServer
ResourceServer resourceServer
Definition: ResourceServerService.java:65
org.keycloak.authorization.admin.ResourceServerService.audit
void audit(OperationType operation, UriInfo uriInfo, boolean newClient)
Definition: ResourceServerService.java:225

◆ exportSettings()

Response org.keycloak.authorization.admin.ResourceServerService.exportSettings ( )
inline
123  {
124  this.auth.realm().requireManageAuthorization();
125  return Response.ok(ExportUtils.exportAuthorizationSettings(session, client)).build();
126  }
org.keycloak.authorization.admin.ResourceServerService.session
final KeycloakSession session
Definition: ResourceServerService.java:64
org.keycloak.authorization.admin.ResourceServerService.client
final ClientModel client
Definition: ResourceServerService.java:66
org.keycloak.authorization.admin.ResourceServerService.auth
final AdminPermissionEvaluator auth
Definition: ResourceServerService.java:62

◆ findById()

Response org.keycloak.authorization.admin.ResourceServerService.findById ( )
inline
115  {
116  this.auth.realm().requireViewAuthorization();
117  return Response.ok(toRepresentation(this.resourceServer, this.client)).build();
118  }
org.keycloak.authorization.admin.ResourceServerService.client
final ClientModel client
Definition: ResourceServerService.java:66
org.keycloak.authorization.admin.ResourceServerService.auth
final AdminPermissionEvaluator auth
Definition: ResourceServerService.java:62
org.keycloak.authorization.admin.ResourceServerService.resourceServer
ResourceServer resourceServer
Definition: ResourceServerService.java:65

◆ getPermissionTypeResource()

Object org.keycloak.authorization.admin.ResourceServerService.getPermissionTypeResource ( )
inline
171  {
172  this.auth.realm().requireViewAuthorization();
173  PermissionService resource = new PermissionService(this.resourceServer, this.authorization, this.auth, adminEvent);
174 
175  ResteasyProviderFactory.getInstance().injectProperties(resource);
176 
177  return resource;
178  }
org.keycloak.authorization.admin.ResourceServerService.authorization
final AuthorizationProvider authorization
Definition: ResourceServerService.java:61
org.keycloak.authorization.admin.ResourceServerService.auth
final AdminPermissionEvaluator auth
Definition: ResourceServerService.java:62
org.keycloak.authorization.admin.ResourceServerService.resourceServer
ResourceServer resourceServer
Definition: ResourceServerService.java:65
org.keycloak.authorization.admin.ResourceServerService.adminEvent
final AdminEventBuilder adminEvent
Definition: ResourceServerService.java:63

◆ getPolicyResource()

PolicyService org.keycloak.authorization.admin.ResourceServerService.getPolicyResource ( )
inline
162  {
163  PolicyService resource = new PolicyService(this.resourceServer, this.authorization, this.auth, adminEvent);
164 
165  ResteasyProviderFactory.getInstance().injectProperties(resource);
166 
167  return resource;
168  }
org.keycloak.authorization.admin.ResourceServerService.authorization
final AuthorizationProvider authorization
Definition: ResourceServerService.java:61
org.keycloak.authorization.admin.ResourceServerService.auth
final AdminPermissionEvaluator auth
Definition: ResourceServerService.java:62
org.keycloak.authorization.admin.ResourceServerService.resourceServer
ResourceServer resourceServer
Definition: ResourceServerService.java:65
org.keycloak.authorization.admin.ResourceServerService.adminEvent
final AdminEventBuilder adminEvent
Definition: ResourceServerService.java:63

◆ getResourceSetResource()

ResourceSetService org.keycloak.authorization.admin.ResourceServerService.getResourceSetResource ( )
inline
144  {
145  ResourceSetService resource = new ResourceSetService(this.session, this.resourceServer, this.authorization, this.auth, adminEvent);
146 
147  ResteasyProviderFactory.getInstance().injectProperties(resource);
148 
149  return resource;
150  }
org.keycloak.authorization.admin.ResourceServerService.session
final KeycloakSession session
Definition: ResourceServerService.java:64
org.keycloak.authorization.admin.ResourceServerService.authorization
final AuthorizationProvider authorization
Definition: ResourceServerService.java:61
org.keycloak.authorization.admin.ResourceServerService.auth
final AdminPermissionEvaluator auth
Definition: ResourceServerService.java:62
org.keycloak.authorization.admin.ResourceServerService.resourceServer
ResourceServer resourceServer
Definition: ResourceServerService.java:65
org.keycloak.authorization.admin.ResourceServerService.adminEvent
final AdminEventBuilder adminEvent
Definition: ResourceServerService.java:63

◆ getScopeResource()

ScopeService org.keycloak.authorization.admin.ResourceServerService.getScopeResource ( )
inline
153  {
154  ScopeService resource = new ScopeService(this.session, this.resourceServer, this.authorization, this.auth, adminEvent);
155 
156  ResteasyProviderFactory.getInstance().injectProperties(resource);
157 
158  return resource;
159  }
org.keycloak.authorization.admin.ResourceServerService.session
final KeycloakSession session
Definition: ResourceServerService.java:64
org.keycloak.authorization.admin.ResourceServerService.authorization
final AuthorizationProvider authorization
Definition: ResourceServerService.java:61
org.keycloak.authorization.admin.ResourceServerService.auth
final AdminPermissionEvaluator auth
Definition: ResourceServerService.java:62
org.keycloak.authorization.admin.ResourceServerService.resourceServer
ResourceServer resourceServer
Definition: ResourceServerService.java:65
org.keycloak.authorization.admin.ResourceServerService.adminEvent
final AdminEventBuilder adminEvent
Definition: ResourceServerService.java:63

◆ importSettings()

Response org.keycloak.authorization.admin.ResourceServerService.importSettings ( ResourceServerRepresentation  rep)
inline
131  {
132  this.auth.realm().requireManageAuthorization();
133 
134  rep.setClientId(client.getId());
135 
136  RepresentationToModel.toModel(rep, authorization);
137 
138  audit(OperationType.UPDATE, session.getContext().getUri(), false);
139 
140  return Response.noContent().build();
141  }
org.keycloak.authorization.admin.ResourceServerService.session
final KeycloakSession session
Definition: ResourceServerService.java:64
org.keycloak.authorization.admin.ResourceServerService.authorization
final AuthorizationProvider authorization
Definition: ResourceServerService.java:61
org.keycloak.authorization.admin.ResourceServerService.client
final ClientModel client
Definition: ResourceServerService.java:66
org.keycloak.authorization.admin.ResourceServerService.auth
final AdminPermissionEvaluator auth
Definition: ResourceServerService.java:62
org.keycloak.authorization.admin.ResourceServerService.audit
void audit(OperationType operation, UriInfo uriInfo, boolean newClient)
Definition: ResourceServerService.java:225

◆ update()

Response org.keycloak.authorization.admin.ResourceServerService.update ( ResourceServerRepresentation  server)
inline
99  {
100  this.auth.realm().requireManageAuthorization();
101  this.resourceServer.setAllowRemoteResourceManagement(server.isAllowRemoteResourceManagement());
102  this.resourceServer.setPolicyEnforcementMode(server.getPolicyEnforcementMode());
103  audit(OperationType.UPDATE, session.getContext().getUri(), false);
104  return Response.noContent().build();
105  }
org.keycloak.authorization.admin.ResourceServerService.session
final KeycloakSession session
Definition: ResourceServerService.java:64
org.keycloak.authorization.admin.ResourceServerService.auth
final AdminPermissionEvaluator auth
Definition: ResourceServerService.java:62
org.keycloak.authorization.admin.ResourceServerService.resourceServer
ResourceServer resourceServer
Definition: ResourceServerService.java:65
org.keycloak.authorization.admin.ResourceServerService.audit
void audit(OperationType operation, UriInfo uriInfo, boolean newClient)
Definition: ResourceServerService.java:225

メンバ詳解

◆ adminEvent

final AdminEventBuilder org.keycloak.authorization.admin.ResourceServerService.adminEvent
private

◆ auth

final AdminPermissionEvaluator org.keycloak.authorization.admin.ResourceServerService.auth
private

◆ authorization

final AuthorizationProvider org.keycloak.authorization.admin.ResourceServerService.authorization
private

◆ client

final ClientModel org.keycloak.authorization.admin.ResourceServerService.client
private

◆ resourceServer

ResourceServer org.keycloak.authorization.admin.ResourceServerService.resourceServer
private

◆ session

final KeycloakSession org.keycloak.authorization.admin.ResourceServerService.session
private
このクラス詳解は次のファイルから抽出されました:
2018年11月18日(日) 14時00分07秒作成 - keycloak-service / 構成:   doxygen 1.8.13