org.keycloak.services.clientregistration.policy.impl.ClientScopesClientRegistrationPolicy の継承関係図

org.keycloak.services.clientregistration.policy.impl.ClientScopesClientRegistrationPolicy 連携図

公開メンバ関数
	ClientScopesClientRegistrationPolicy (KeycloakSession session, ComponentModel componentModel)

void	beforeRegister (ClientRegistrationContext context) throws ClientRegistrationPolicyException

void	afterRegister (ClientRegistrationContext context, ClientModel clientModel)

void	beforeUpdate (ClientRegistrationContext context, ClientModel clientModel) throws ClientRegistrationPolicyException

void	afterUpdate (ClientRegistrationContext context, ClientModel clientModel)

void	beforeView (ClientRegistrationProvider provider, ClientModel clientModel) throws ClientRegistrationPolicyException

void	beforeDelete (ClientRegistrationProvider provider, ClientModel clientModel) throws ClientRegistrationPolicyException

default void	close ()

非公開メンバ関数
void	checkClientScopesAllowed (List< String > requestedScopes, List< String > allowedScopes) throws ClientRegistrationPolicyException

List< String >	getAllowedScopeNames (RealmModel realm, boolean defaultScopes)

非公開変数類
final KeycloakSession	session

final RealmModel	realm

final ComponentModel	componentModel

静的非公開変数類
static final Logger	logger = Logger.getLogger(ClientScopesClientRegistrationPolicy.class)

詳解

著者: Marek Posolda

構築子と解体子

◆ ClientScopesClientRegistrationPolicy()

org.keycloak.services.clientregistration.policy.impl.ClientScopesClientRegistrationPolicy.ClientScopesClientRegistrationPolicy	(	KeycloakSession	session,
		ComponentModel	componentModel
	)

inline

                                                                                                         {
         this.session = session;
         this.componentModel = componentModel;
         this.realm = session.realms().getRealm(componentModel.getParentId());
     }

関数詳解

◆ afterRegister()

void org.keycloak.services.clientregistration.policy.impl.ClientScopesClientRegistrationPolicy.afterRegister	(	ClientRegistrationContext	context,
		ClientModel	clientModel
	)

inline

org.keycloak.services.clientregistration.policy.ClientRegistrationPolicyを実装しています。

                                                                                           {
 
     }

◆ afterUpdate()

void org.keycloak.services.clientregistration.policy.impl.ClientScopesClientRegistrationPolicy.afterUpdate	(	ClientRegistrationContext	context,
		ClientModel	clientModel
	)

inline

org.keycloak.services.clientregistration.policy.ClientRegistrationPolicyを実装しています。

                                                                                         {
 
     }

◆ beforeDelete()

void org.keycloak.services.clientregistration.policy.impl.ClientScopesClientRegistrationPolicy.beforeDelete	(	ClientRegistrationProvider	provider,
		ClientModel	clientModel
	)		throws ClientRegistrationPolicyException

inline

org.keycloak.services.clientregistration.policy.ClientRegistrationPolicyを実装しています。

                                                                                                                                     {
 
     }

◆ beforeRegister()

void org.keycloak.services.clientregistration.policy.impl.ClientScopesClientRegistrationPolicy.beforeRegister ( ClientRegistrationContext context ) throws ClientRegistrationPolicyException

inline

org.keycloak.services.clientregistration.policy.ClientRegistrationPolicyを実装しています。

                                                                                                            {
         List<String> requestedDefaultScopeNames = context.getClient().getDefaultClientScopes();
         List<String> requestedOptionalScopeNames = context.getClient().getOptionalClientScopes();
 
         List<String> allowedDefaultScopeNames = getAllowedScopeNames(realm, true);
         List<String> allowedOptionalScopeNames = getAllowedScopeNames(realm, false);
 
         checkClientScopesAllowed(requestedDefaultScopeNames, allowedDefaultScopeNames);
         checkClientScopesAllowed(requestedOptionalScopeNames, allowedOptionalScopeNames);
     }

◆ beforeUpdate()

void org.keycloak.services.clientregistration.policy.impl.ClientScopesClientRegistrationPolicy.beforeUpdate	(	ClientRegistrationContext	context,
		ClientModel	clientModel
	)		throws ClientRegistrationPolicyException

inline

org.keycloak.services.clientregistration.policy.ClientRegistrationPolicyを実装しています。

                                                                                                                                   {
         List<String> requestedDefaultScopeNames = context.getClient().getDefaultClientScopes();
         List<String> requestedOptionalScopeNames = context.getClient().getOptionalClientScopes();
 
         // Allow scopes, which were already presented before
         if (requestedDefaultScopeNames != null) {
             requestedDefaultScopeNames.removeAll(clientModel.getClientScopes(true, false).keySet());
         }
         if (requestedOptionalScopeNames != null) {
             requestedOptionalScopeNames.removeAll(clientModel.getClientScopes(false, false).keySet());
         }
 
         List<String> allowedDefaultScopeNames = getAllowedScopeNames(realm, true);
         List<String> allowedOptionalScopeNames = getAllowedScopeNames(realm, false);
 
         checkClientScopesAllowed(requestedDefaultScopeNames, allowedDefaultScopeNames);
         checkClientScopesAllowed(requestedOptionalScopeNames, allowedOptionalScopeNames);
     }

◆ beforeView()

void org.keycloak.services.clientregistration.policy.impl.ClientScopesClientRegistrationPolicy.beforeView	(	ClientRegistrationProvider	provider,
		ClientModel	clientModel
	)		throws ClientRegistrationPolicyException

inline

org.keycloak.services.clientregistration.policy.ClientRegistrationPolicyを実装しています。

                                                                                                                                   {
 
     }

◆ checkClientScopesAllowed()

void org.keycloak.services.clientregistration.policy.impl.ClientScopesClientRegistrationPolicy.checkClientScopesAllowed	(	List< String >	requestedScopes,
		List< String >	allowedScopes
	)		throws ClientRegistrationPolicyException

inlineprivate

                                                                                                                                              {
         if (requestedScopes != null) {
             for (String requested : requestedScopes) {
                 if (!allowedScopes.contains(requested)) {
                     logger.warnf("Requested scope '%s' not trusted in the list: %s", requested, allowedScopes.toString());
                     throw new ClientRegistrationPolicyException("Not permitted to use specified clientScope");
                 }
             }
         }
     }

◆ close()

default void org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy.close ( )

inlineinherited

43 {

44 }

◆ getAllowedScopeNames()

List<String> org.keycloak.services.clientregistration.policy.impl.ClientScopesClientRegistrationPolicy.getAllowedScopeNames	(	RealmModel	realm,
		boolean	defaultScopes
	)

inlineprivate

                                                                                        {
         List<String> allAllowed = new LinkedList<>();
 
         // Add client scopes allowed by config
         List<String> allowedScopesConfig = componentModel.getConfig().getList(ClientScopesClientRegistrationPolicyFactory.ALLOWED_CLIENT_SCOPES);
         if (allowedScopesConfig != null) {
             allAllowed.addAll(allowedScopesConfig);
         }
 
         // If allowDefaultScopes, then realm default scopes are allowed as default scopes (+ optional scopes are allowed as optional scopes)
         boolean allowDefaultScopes = componentModel.get(ClientScopesClientRegistrationPolicyFactory.ALLOW_DEFAULT_SCOPES, true);
         if (allowDefaultScopes) {
             List<String> scopeNames = realm.getDefaultClientScopes(defaultScopes).stream().map((ClientScopeModel clientScope) -> {
 
                 return clientScope.getName();
 
             }).collect(Collectors.toList());
 
             allAllowed.addAll(scopeNames);
         }
 
         return allAllowed;
     }

メンバ詳解

◆ componentModel

final ComponentModel org.keycloak.services.clientregistration.policy.impl.ClientScopesClientRegistrationPolicy.componentModel

private

◆ logger

final Logger org.keycloak.services.clientregistration.policy.impl.ClientScopesClientRegistrationPolicy.logger = Logger.getLogger(ClientScopesClientRegistrationPolicy.class)

staticprivate

◆ realm

final RealmModel org.keycloak.services.clientregistration.policy.impl.ClientScopesClientRegistrationPolicy.realm

private

◆ session

final KeycloakSession org.keycloak.services.clientregistration.policy.impl.ClientScopesClientRegistrationPolicy.session

private

このクラス詳解は次のファイルから抽出されました:

D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/services/clientregistration/policy/impl/ClientScopesClientRegistrationPolicy.java

公開メンバ関数

非公開メンバ関数

非公開変数類

静的非公開変数類

詳解

構築子と解体子

◆ ClientScopesClientRegistrationPolicy()

関数詳解

◆ afterRegister()

◆ afterUpdate()

◆ beforeDelete()

◆ beforeRegister()

◆ beforeUpdate()

◆ beforeView()

◆ checkClientScopesAllowed()

◆ close()

◆ getAllowedScopeNames()

メンバ詳解

◆ componentModel

◆ logger

◆ realm

◆ session