org.keycloak.authorization.admin.PolicyTypeService クラス

org.keycloak.authorization.admin.PolicyTypeService の継承関係図

org.keycloak.authorization.admin.PolicyTypeService 連携図

公開メンバ関数
	PolicyTypeService (String type, ResourceServer resourceServer, AuthorizationProvider authorization, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent)
Object	getPolicyAdminResourceProvider ()
Object	getResource (@PathParam("type") String type)
Response	create (String payload)
Policy	create (AbstractPolicyRepresentation representation)
Response	findByName (@QueryParam("name") String name)
Response	findAll (@QueryParam("policyId") String id, @QueryParam("name") String name, @QueryParam("type") String type, @QueryParam("resource") String resource, @QueryParam("scope") String scope, @QueryParam("permission") Boolean permission, @QueryParam("owner") String owner, @QueryParam("first") Integer firstResult, @QueryParam("max") Integer maxResult)
Response	findPolicyProviders ()
PolicyEvaluationService	getPolicyEvaluateResource ()

限定公開メンバ関数
Object	doCreatePolicyResource (Policy policy)
AbstractPolicyRepresentation	doCreateRepresentation (String payload)
AbstractPolicyRepresentation	toRepresentation (Policy policy, AuthorizationProvider authorization)
List< Object >	doSearch (Integer firstResult, Integer maxResult, Map< String, String[]> filters)
PolicyTypeService	doCreatePolicyTypeResource (String type)
PolicyProviderAdminService	getPolicyProviderAdminResource (String policyType)
PolicyProviderFactory	getPolicyProviderFactory (String policyType)

限定公開変数類
final ResourceServer	resourceServer
final AuthorizationProvider	authorization
final AdminPermissionEvaluator	auth
final AdminEventBuilder	adminEvent

非公開変数類
final String	type

詳解

著者

Pedro Igor

構築子と解体子

PolicyTypeService()

org.keycloak.authorization.admin.PolicyTypeService.PolicyTypeService ( String  type, ResourceServer  resourceServer, AuthorizationProvider  authorization, AdminPermissionEvaluator  auth, AdminEventBuilder  adminEvent  )

inline

                                                                                                                                                                           {
        super(resourceServer, authorization, auth, adminEvent);
        this.type = type;
    }

関数詳解

create() [1/2]

Response org.keycloak.authorization.admin.PolicyService.create ( String  payload )

inlineinherited

                                           {
        if (auth != null) {
            this.auth.realm().requireManageAuthorization();
        }

        AbstractPolicyRepresentation representation = doCreateRepresentation(payload);
        Policy policy = create(representation);

        representation.setId(policy.getId());

        audit(representation, representation.getId(), OperationType.CREATE);

        return Response.status(Status.CREATED).entity(representation).build();
    }

create() [2/2]

Policy org.keycloak.authorization.admin.PolicyService.create ( AbstractPolicyRepresentation  representation )

inlineinherited

                                                                      {
        PolicyStore policyStore = authorization.getStoreFactory().getPolicyStore();
        Policy existing = policyStore.findByName(representation.getName(), resourceServer.getId());

        if (existing != null) {
            throw new ErrorResponseException("Policy with name [" + representation.getName() + "] already exists", "Conflicting policy", Status.CONFLICT);
        }

        return policyStore.create(representation, resourceServer);
    }

doCreatePolicyResource()

Object org.keycloak.authorization.admin.PolicyTypeService.doCreatePolicyResource ( Policy  policy )

inlineprotected

                                                           {
        return new PolicyTypeResourceService(policy, resourceServer,authorization, auth, adminEvent);
    }

doCreatePolicyTypeResource()

PolicyTypeService org.keycloak.authorization.admin.PolicyService.doCreatePolicyTypeResource ( String  type )

inlineprotectedinherited

                                                                        {
        return new PolicyTypeService(type, resourceServer, authorization, auth, adminEvent);
    }

doCreateRepresentation()

AbstractPolicyRepresentation org.keycloak.authorization.admin.PolicyTypeService.doCreateRepresentation ( String  payload )

inlineprotected

                                                                                  {
        PolicyProviderFactory provider = getPolicyProviderFactory(type);
        Class<? extends AbstractPolicyRepresentation> representationType = provider.getRepresentationType();

        if (representationType == null) {
            throw new RuntimeException("Policy provider for type [" + type + "] returned a null representation type.");
        }

        AbstractPolicyRepresentation representation;

        try {
            representation = JsonSerialization.readValue(payload, representationType);
        } catch (IOException e) {
            throw new RuntimeException("Failed to deserialize JSON using policy provider for type [" + type + "].", e);
        }

        representation.setType(type);

        return representation;
    }

doSearch()

List<Object> org.keycloak.authorization.admin.PolicyTypeService.doSearch ( Integer  firstResult, Integer  maxResult, Map< String, String[]>  filters  )

inlineprotected

                                                                                                           {
        filters.put("type", new String[] {type});
        return super.doSearch(firstResult, maxResult, filters);
    }

findAll()

Response org.keycloak.authorization.admin.PolicyService.findAll ( @QueryParam("policyId") String  id, @QueryParam("name") String  name, @QueryParam("type") String  type, @QueryParam("resource") String  resource, @QueryParam("scope") String  scope, @QueryParam("permission") Boolean  permission, @QueryParam("owner") String  owner, @QueryParam("first") Integer  firstResult, @QueryParam("max") Integer  maxResult  )

inlineinherited

                                                                  {
        if (auth != null) {
            this.auth.realm().requireViewAuthorization();
        }

        Map<String, String[]> search = new HashMap<>();

        if (id != null && !"".equals(id.trim())) {
            search.put("id", new String[] {id});
        }

        if (name != null && !"".equals(name.trim())) {
            search.put("name", new String[] {name});
        }

        if (type != null && !"".equals(type.trim())) {
            search.put("type", new String[] {type});
        }

        if (owner != null && !"".equals(owner.trim())) {
            search.put("owner", new String[] {owner});
        }

        StoreFactory storeFactory = authorization.getStoreFactory();

        if (resource != null && !"".equals(resource.trim())) {
            ResourceStore resourceStore = storeFactory.getResourceStore();
            Resource resourceModel = resourceStore.findById(resource, resourceServer.getId());

            if (resourceModel == null) {
                Map<String, String[]> resourceFilters = new HashMap<>();

                resourceFilters.put("name", new String[]{resource});

                if (owner != null) {
                    resourceFilters.put("owner", new String[]{owner});
                }

                Set<String> resources = resourceStore.findByResourceServer(resourceFilters, resourceServer.getId(), -1, 1).stream().map(Resource::getId).collect(Collectors.toSet());

                if (resources.isEmpty()) {
                    return Response.ok().build();
                }

                search.put("resource", resources.toArray(new String[resources.size()]));
            } else {
                search.put("resource", new String[] {resourceModel.getId()});
            }
        }

        if (scope != null && !"".equals(scope.trim())) {
            ScopeStore scopeStore = storeFactory.getScopeStore();
            Scope scopeModel = scopeStore.findById(scope, resourceServer.getId());

            if (scopeModel == null) {
                Map<String, String[]> scopeFilters = new HashMap<>();

                scopeFilters.put("name", new String[]{scope});

                Set<String> scopes = scopeStore.findByResourceServer(scopeFilters, resourceServer.getId(), -1, 1).stream().map(Scope::getId).collect(Collectors.toSet());

                if (scopes.isEmpty()) {
                    return Response.ok().build();
                }

                search.put("scope", scopes.toArray(new String[scopes.size()]));
            } else {
                search.put("scope", new String[] {scopeModel.getId()});
            }
        }

        if (permission != null) {
            search.put("permission", new String[] {permission.toString()});
        }

        return Response.ok(
                doSearch(firstResult, maxResult, search))
                .build();
    }

findByName()

Response org.keycloak.authorization.admin.PolicyService.findByName ( @QueryParam("name") String  name )

inlineinherited

                                                                {
        if (auth != null) {
            this.auth.realm().requireViewAuthorization();
        }

        StoreFactory storeFactory = authorization.getStoreFactory();

        if (name == null) {
            return Response.status(Status.BAD_REQUEST).build();
        }

        Policy model = storeFactory.getPolicyStore().findByName(name, this.resourceServer.getId());

        if (model == null) {
            return Response.status(Status.OK).build();
        }

        return Response.ok(toRepresentation(model, authorization)).build();
    }

findPolicyProviders()

Response org.keycloak.authorization.admin.PolicyService.findPolicyProviders ( )

inlineinherited

                                          {
        if (auth != null) {
            this.auth.realm().requireViewAuthorization();
        }

        return Response.ok(
                authorization.getProviderFactories().stream()
                        .filter(factory -> !factory.isInternal())
                        .map(factory -> {
                            PolicyProviderRepresentation representation = new PolicyProviderRepresentation();

                            representation.setName(factory.getName());
                            representation.setGroup(factory.getGroup());
                            representation.setType(factory.getId());

                            return representation;
                        })
                        .collect(Collectors.toList()))
                .build();
    }

getPolicyAdminResourceProvider()

Object org.keycloak.authorization.admin.PolicyTypeService.getPolicyAdminResourceProvider ( )

inline

                                                   {
        PolicyProviderAdminService resource = getPolicyProviderAdminResource(type);

        if (resource == null) {
            return null;
        }

        ResteasyProviderFactory.getInstance().injectProperties(resource);

        return resource;
    }

getPolicyEvaluateResource()

PolicyEvaluationService org.keycloak.authorization.admin.PolicyService.getPolicyEvaluateResource ( )

inlineinherited

                                                               {
        if (auth != null) {
            this.auth.realm().requireViewAuthorization();
        }

        PolicyEvaluationService resource = new PolicyEvaluationService(this.resourceServer, this.authorization, this.auth);

        ResteasyProviderFactory.getInstance().injectProperties(resource);

        return resource;
    }

getPolicyProviderAdminResource()

PolicyProviderAdminService org.keycloak.authorization.admin.PolicyService.getPolicyProviderAdminResource ( String  policyType )

inlineprotectedinherited

                                                                                           {
        return getPolicyProviderFactory(policyType).getAdminResource(resourceServer, authorization);
    }

getPolicyProviderFactory()

PolicyProviderFactory org.keycloak.authorization.admin.PolicyService.getPolicyProviderFactory ( String  policyType )

inlineprotectedinherited

                                                                                {
        return authorization.getProviderFactory(policyType);
    }

getResource()

Object org.keycloak.authorization.admin.PolicyService.getResource ( @PathParam("type") String  type )

inlineinherited

                                                              {
        PolicyProviderFactory providerFactory = getPolicyProviderFactory(type);

        if (providerFactory != null) {
            return doCreatePolicyTypeResource(type);
        }

        Policy policy = authorization.getStoreFactory().getPolicyStore().findById(type, resourceServer.getId());

        return doCreatePolicyResource(policy);
    }

toRepresentation()

AbstractPolicyRepresentation org.keycloak.authorization.admin.PolicyTypeService.toRepresentation ( Policy  policy, AuthorizationProvider  authorization  )

inlineprotected

                                                                                                                {
        return ModelToRepresentation.toRepresentation(policy, authorization, false, false);
    }

メンバ詳解

adminEvent

final AdminEventBuilder org.keycloak.authorization.admin.PolicyService.adminEvent

protectedinherited

auth

final AdminPermissionEvaluator org.keycloak.authorization.admin.PolicyService.auth

protectedinherited

authorization

final AuthorizationProvider org.keycloak.authorization.admin.PolicyService.authorization

protectedinherited

resourceServer

final ResourceServer org.keycloak.authorization.admin.PolicyService.resourceServer

protectedinherited

type

final String org.keycloak.authorization.admin.PolicyTypeService.type

private

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/authorization/admin/PolicyTypeService.java