org.keycloak.services.managers.UserSessionManager 連携図

公開メンバ関数
	UserSessionManager (KeycloakSession session)

void	createOrUpdateOfflineSession (AuthenticatedClientSessionModel clientSession, UserSessionModel userSession)

UserSessionModel	findOfflineUserSession (RealmModel realm, String userSessionId)

Set< ClientModel >	findClientsWithOfflineToken (RealmModel realm, UserModel user)

List< UserSessionModel >	findOfflineSessions (RealmModel realm, UserModel user)

boolean	revokeOfflineToken (UserModel user, ClientModel client)

void	revokeOfflineUserSession (UserSessionModel userSession)

boolean	isOfflineTokenAllowed (ClientSessionContext clientSessionCtx)

非公開メンバ関数
UserSessionModel	createOfflineUserSession (UserModel user, UserSessionModel userSession)

void	createOfflineClientSession (UserModel user, AuthenticatedClientSessionModel clientSession, UserSessionModel offlineUserSession)

void	checkOfflineUserSessionHasClientSessions (RealmModel realm, UserModel user, UserSessionModel userSession)

非公開変数類
final KeycloakSession	kcSession

final UserSessionPersisterProvider	persister

静的非公開変数類
static final Logger	logger = Logger.getLogger(UserSessionManager.class)

詳解

著者: Marek Posolda

構築子と解体子

◆ UserSessionManager()

org.keycloak.services.managers.UserSessionManager.UserSessionManager ( KeycloakSession session )

inline

                                                        {
         this.kcSession = session;
         this.persister = session.getProvider(UserSessionPersisterProvider.class);
     }

関数詳解

◆ checkOfflineUserSessionHasClientSessions()

void org.keycloak.services.managers.UserSessionManager.checkOfflineUserSessionHasClientSessions	(	RealmModel	realm,
		UserModel	user,
		UserSessionModel	userSession
	)

inlineprivate

                                                                                                                           {
         // TODO: Might need optimization to prevent loading client sessions from cache
         if (! userSession.getAuthenticatedClientSessions().isEmpty()) {
             return;
         }
 
         if (logger.isTraceEnabled()) {
             logger.tracef("Removing offline userSession for user %s as it doesn't have any client sessions attached. UserSessionID: %s", user.getUsername(), userSession.getId());
         }
         kcSession.sessions().removeOfflineUserSession(realm, userSession);
         persister.removeUserSession(userSession.getId(), true);
     }

◆ createOfflineClientSession()

void org.keycloak.services.managers.UserSessionManager.createOfflineClientSession	(	UserModel	user,
		AuthenticatedClientSessionModel	clientSession,
		UserSessionModel	offlineUserSession
	)

inlineprivate

                                                                                                                                                 {
         if (logger.isTraceEnabled()) {
             logger.tracef("Creating new offline token client session. ClientSessionId: '%s', UserSessionID: '%s' , Username: '%s', Client: '%s'" ,
                     clientSession.getId(), offlineUserSession.getId(), user.getUsername(), clientSession.getClient().getClientId());
         }
 
         kcSession.sessions().createOfflineClientSession(clientSession, offlineUserSession);
         persister.createClientSession(clientSession, true);
     }

◆ createOfflineUserSession()

UserSessionModel org.keycloak.services.managers.UserSessionManager.createOfflineUserSession	(	UserModel	user,
		UserSessionModel	userSession
	)

inlineprivate

                                                                                                     {
         if (logger.isTraceEnabled()) {
             logger.tracef("Creating new offline user session. UserSessionID: '%s' , Username: '%s'", userSession.getId(), user.getUsername());
         }
 
         UserSessionModel offlineUserSession = kcSession.sessions().createOfflineUserSession(userSession);
         persister.createUserSession(offlineUserSession, true);
         return offlineUserSession;
     }

◆ createOrUpdateOfflineSession()

void org.keycloak.services.managers.UserSessionManager.createOrUpdateOfflineSession	(	AuthenticatedClientSessionModel	clientSession,
		UserSessionModel	userSession
	)

inline

                                                                                                                           {
         UserModel user = userSession.getUser();
 
         // Create and persist offline userSession if we don't have one
         UserSessionModel offlineUserSession = kcSession.sessions().getOfflineUserSession(clientSession.getRealm(), userSession.getId());
         if (offlineUserSession == null) {
             offlineUserSession = createOfflineUserSession(user, userSession);
         } else {
             // update lastSessionRefresh but don't need to persist
             offlineUserSession.setLastSessionRefresh(Time.currentTime());
         }
 
         // Create and persist clientSession
         AuthenticatedClientSessionModel offlineClientSession = offlineUserSession.getAuthenticatedClientSessionByClient(clientSession.getClient().getId());
         if (offlineClientSession == null) {
             createOfflineClientSession(user, clientSession, offlineUserSession);
         }
     }

◆ findClientsWithOfflineToken()

Set<ClientModel> org.keycloak.services.managers.UserSessionManager.findClientsWithOfflineToken	(	RealmModel	realm,
		UserModel	user
	)

inline

                                                                                           {
         List<UserSessionModel> userSessions = kcSession.sessions().getOfflineUserSessions(realm, user);
         Set<ClientModel> clients = new HashSet<>();
         for (UserSessionModel userSession : userSessions) {
             Set<String> clientIds = userSession.getAuthenticatedClientSessions().keySet();
             for (String clientUUID : clientIds) {
                 ClientModel client = realm.getClientById(clientUUID);
                 clients.add(client);
             }
         }
         return clients;
     }

◆ findOfflineSessions()

List<UserSessionModel> org.keycloak.services.managers.UserSessionManager.findOfflineSessions	(	RealmModel	realm,
		UserModel	user
	)

inline

                                                                                         {
         return kcSession.sessions().getOfflineUserSessions(realm, user);
     }

◆ findOfflineUserSession()

UserSessionModel org.keycloak.services.managers.UserSessionManager.findOfflineUserSession	(	RealmModel	realm,
		String	userSessionId
	)

inline

                                                                                            {
         return kcSession.sessions().getOfflineUserSession(realm, userSessionId);
     }

◆ isOfflineTokenAllowed()

boolean org.keycloak.services.managers.UserSessionManager.isOfflineTokenAllowed ( ClientSessionContext clientSessionCtx )

inline

                                                                                 {
         RoleModel offlineAccessRole = clientSessionCtx.getClientSession().getRealm().getRole(Constants.OFFLINE_ACCESS_ROLE);
         if (offlineAccessRole == null) {
             ServicesLogger.LOGGER.roleNotInRealm(Constants.OFFLINE_ACCESS_ROLE);
             return false;
         }
 
         // Check if offline_access is allowed here. Even through composite roles
         for (RoleModel role : clientSessionCtx.getRoles()) {
             if (role.hasRole(offlineAccessRole)) {
                 return true;
             }
         }
 
         return false;
     }

◆ revokeOfflineToken()

boolean org.keycloak.services.managers.UserSessionManager.revokeOfflineToken	(	UserModel	user,
		ClientModel	client
	)

inline

                                                                           {
         RealmModel realm = client.getRealm();
 
         List<UserSessionModel> userSessions = kcSession.sessions().getOfflineUserSessions(realm, user);
         boolean anyRemoved = false;
         for (UserSessionModel userSession : userSessions) {
             AuthenticatedClientSessionModel clientSession = userSession.getAuthenticatedClientSessionByClient(client.getId());
             if (clientSession != null) {
                 if (logger.isTraceEnabled()) {
                     logger.tracef("Removing existing offline token for user '%s' and client '%s' .",
                             user.getUsername(), client.getClientId());
                 }
 
                 clientSession.detachFromUserSession();
                 persister.removeClientSession(userSession.getId(), client.getId(), true);
                 checkOfflineUserSessionHasClientSessions(realm, user, userSession);
                 anyRemoved = true;
             }
         }
 
         return anyRemoved;
     }

◆ revokeOfflineUserSession()

void org.keycloak.services.managers.UserSessionManager.revokeOfflineUserSession ( UserSessionModel userSession )

inline

                                                                        {
         if (logger.isTraceEnabled()) {
             logger.tracef("Removing offline user session '%s' for user '%s' ", userSession.getId(), userSession.getLoginUsername());
         }
         kcSession.sessions().removeOfflineUserSession(userSession.getRealm(), userSession);
         persister.removeUserSession(userSession.getId(), true);
     }

メンバ詳解

◆ kcSession

final KeycloakSession org.keycloak.services.managers.UserSessionManager.kcSession

private

◆ logger

final Logger org.keycloak.services.managers.UserSessionManager.logger = Logger.getLogger(UserSessionManager.class)

staticprivate

◆ persister

final UserSessionPersisterProvider org.keycloak.services.managers.UserSessionManager.persister

private

このクラス詳解は次のファイルから抽出されました:

D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/services/managers/UserSessionManager.java

公開メンバ関数

非公開メンバ関数

非公開変数類

静的非公開変数類

詳解

構築子と解体子

◆ UserSessionManager()

関数詳解

◆ checkOfflineUserSessionHasClientSessions()

◆ createOfflineClientSession()

◆ createOfflineUserSession()

◆ createOrUpdateOfflineSession()

◆ findClientsWithOfflineToken()

◆ findOfflineSessions()

◆ findOfflineUserSession()

◆ isOfflineTokenAllowed()

◆ revokeOfflineToken()

◆ revokeOfflineUserSession()

メンバ詳解

◆ kcSession

◆ logger

◆ persister