org.keycloak.services.resources.admin.permissions.Helper 連携図

静的公開メンバ関数
static Policy	addScopePermission (AuthorizationProvider authz, ResourceServer resourceServer, String name, Resource resource, Scope scope, Policy policy)

static Policy	addEmptyScopePermission (AuthorizationProvider authz, ResourceServer resourceServer, String name, Resource resource, Scope scope)

static Policy	createRolePolicy (AuthorizationProvider authz, ResourceServer resourceServer, RoleModel role)

static Policy	createRolePolicy (AuthorizationProvider authz, ResourceServer resourceServer, RoleModel role, String policyName)

static String	getRolePolicyName (RoleModel role)

詳解

著者: Bill Burke

バージョン

Revision: 1

関数詳解

◆ addEmptyScopePermission()

static Policy org.keycloak.services.resources.admin.permissions.Helper.addEmptyScopePermission	(	AuthorizationProvider	authz,
		ResourceServer	resourceServer,
		String	name,
		Resource	resource,
		Scope	scope
	)

inlinestatic

                                                                                                                                                           {
         ScopePermissionRepresentation representation = new ScopePermissionRepresentation();
 
         representation.setName(name);
         representation.setDecisionStrategy(DecisionStrategy.UNANIMOUS);
         representation.setLogic(Logic.POSITIVE);
         representation.addResource(resource.getName());
         representation.addScope(scope.getName());
 
         return authz.getStoreFactory().getPolicyStore().create(representation, resourceServer);
     }

◆ addScopePermission()

static Policy org.keycloak.services.resources.admin.permissions.Helper.addScopePermission	(	AuthorizationProvider	authz,
		ResourceServer	resourceServer,
		String	name,
		Resource	resource,
		Scope	scope,
		Policy	policy
	)

inlinestatic

                                                                                                                                                                     {
         ScopePermissionRepresentation representation = new ScopePermissionRepresentation();
 
         representation.setName(name);
         representation.setDecisionStrategy(DecisionStrategy.UNANIMOUS);
         representation.setLogic(Logic.POSITIVE);
         representation.addResource(resource.getName());
         representation.addScope(scope.getName());
         representation.addPolicy(policy.getName());
 
         return authz.getStoreFactory().getPolicyStore().create(representation, resourceServer);
     }

◆ createRolePolicy() [1/2]

static Policy org.keycloak.services.resources.admin.permissions.Helper.createRolePolicy	(	AuthorizationProvider	authz,
		ResourceServer	resourceServer,
		RoleModel	role
	)

inlinestatic

                                                                                                                       {
         String roleName = getRolePolicyName(role);
         return createRolePolicy(authz, resourceServer, role, roleName);
     }

◆ createRolePolicy() [2/2]

static Policy org.keycloak.services.resources.admin.permissions.Helper.createRolePolicy	(	AuthorizationProvider	authz,
		ResourceServer	resourceServer,
		RoleModel	role,
		String	policyName
	)

inlinestatic

                                                                                                                                          {
         PolicyRepresentation representation = new PolicyRepresentation();
 
         representation.setName(policyName);
         representation.setType("role");
         representation.setDecisionStrategy(DecisionStrategy.UNANIMOUS);
         representation.setLogic(Logic.POSITIVE);
         String roleValues = "[{\"id\":\"" + role.getId() + "\",\"required\": true}]";
         Map<String, String> config = new HashMap<>();
         config.put("roles", roleValues);
         representation.setConfig(config);
 
         return authz.getStoreFactory().getPolicyStore().create(representation, resourceServer);
     }

◆ getRolePolicyName()

static String org.keycloak.services.resources.admin.permissions.Helper.getRolePolicyName ( RoleModel role )

inlinestatic

                                                            {
         String roleName = "";
         if (role.getContainer() instanceof ClientModel) {
             ClientModel client = (ClientModel) role.getContainer();
             roleName = client.getClientId() + "." + role.getName();
         } else {
             roleName = role.getName();
         }
         roleName = "role.policy." + roleName;
         return roleName;
     }

このクラス詳解は次のファイルから抽出されました:

D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/services/resources/admin/permissions/Helper.java

静的公開メンバ関数

詳解

関数詳解

◆ addEmptyScopePermission()

◆ addScopePermission()

◆ createRolePolicy() [1/2]

◆ createRolePolicy() [2/2]

◆ getRolePolicyName()