Package org.keycloak.storage.adapter

Class AbstractUserAdapterFederatedStorage

  • All Implemented Interfaces:
    RoleMapperModel, UserModel
    Direct Known Subclasses:
    AbstractUserAdapterFederatedStorage.Streams
    public abstract class AbstractUserAdapterFederatedStorage
extends UserModelDefaultMethods
    Assumes everything is managed by federated storage except for username. getId() returns a default value of "f:" + providerId + ":" + getUsername(). UserModel properties like enabled, firstName, lastName, email, etc. are all stored as attributes in federated storage. isEnabled() defaults to true if the ENABLED_ATTRIBUTE isn't set in federated storage
    Version:
    $Revision: 1 $
    Author:
    Bill Burke

    • Field Detail

      • FIRST_NAME_ATTRIBUTE

        public static String FIRST_NAME_ATTRIBUTE

      • LAST_NAME_ATTRIBUTE

        public static String LAST_NAME_ATTRIBUTE

      • EMAIL_ATTRIBUTE

        public static String EMAIL_ATTRIBUTE

      • EMAIL_VERIFIED_ATTRIBUTE

        public static String EMAIL_VERIFIED_ATTRIBUTE

      • CREATED_TIMESTAMP_ATTRIBUTE

        public static String CREATED_TIMESTAMP_ATTRIBUTE

      • ENABLED_ATTRIBUTE

        public static String ENABLED_ATTRIBUTE

    • Method Detail

      • getRequiredActionsStream

        public Stream<String> getRequiredActionsStream()

      • addRequiredAction

        public void addRequiredAction​(String action)

      • removeRequiredAction

        public void removeRequiredAction​(String action)

      • getGroupsInternal

        protected Set<GroupModel> getGroupsInternal()
        Get group membership mappings that are managed by this storage provider
        Returns:

      • appendDefaultGroups

        protected boolean appendDefaultGroups()
        Should the realm's default groups be appended to getGroups() call? If your storage provider is not managing group mappings then it is recommended that this method return true
        Returns:

      • getGroups

        public Set<GroupModel> getGroups()
        Deprecated.
        Use getGroupsStream() instead
        Gets groups from federated storage and automatically appends default groups of realm. Also calls getGroupsInternal() method to pull group membership from provider. Implementors can override that method
        Returns:

      • joinGroup

        public void joinGroup​(GroupModel group)

      • leaveGroup

        public void leaveGroup​(GroupModel group)

      • isMemberOf

        public boolean isMemberOf​(GroupModel group)

      • getRealmRoleMappings

        public Set<RoleModel> getRealmRoleMappings()
        Deprecated.
        Use getRealmRoleMappingsStream() instead
        Gets role mappings from federated storage and automatically appends default roles. Also calls getRoleMappingsInternal() method to pull role mappings from provider. Implementors can override that method
        Returns:

      • getRealmRoleMappingsStream

        public Stream<RoleModel> getRealmRoleMappingsStream()

      • getClientRoleMappings

        public Set<RoleModel> getClientRoleMappings​(ClientModel app)
        Deprecated.
        Use getClientRoleMappingsStream(ClientModel) instead
        Gets role mappings from federated storage and automatically appends default roles. Also calls getRoleMappingsInternal() method to pull role mappings from provider. Implementors can override that method
        Returns:

      • hasRole

        public boolean hasRole​(RoleModel role)

      • grantRole

        public void grantRole​(RoleModel role)

      • appendDefaultRolesToRoleMappings

        protected boolean appendDefaultRolesToRoleMappings()
        Should the realm's default roles be appended to getRoleMappings() call? If your storage provider is not managing all role mappings then it is recommended that this method return true
        Returns:

      • getRoleMappingsInternal

        protected Set<RoleModel> getRoleMappingsInternal()

      • getRoleMappings

        public Set<RoleModel> getRoleMappings()
        Deprecated.
        Use getRoleMappingsStream() instead
        Gets role mappings from federated storage and automatically appends default roles. Also calls getRoleMappingsInternal() method to pull role mappings from provider. Implementors can override that method
        Returns:

      • getFederatedRoleMappings

        protected Set<RoleModel> getFederatedRoleMappings()

      • deleteRoleMapping

        public void deleteRoleMapping​(RoleModel role)

      • isEnabled

        public boolean isEnabled()

      • setEnabled

        public void setEnabled​(boolean enabled)

      • getFederationLink

        public String getFederationLink()
        This method should not be overriden
        Returns:

      • setFederationLink

        public void setFederationLink​(String link)
        This method should not be overriden

      • getServiceAccountClientLink

        public String getServiceAccountClientLink()
        This method should not be overriden
        Returns:

      • setServiceAccountClientLink

        public void setServiceAccountClientLink​(String clientInternalId)
        This method should not be overriden

      • getId

        public String getId()
        Defaults to 'f:' + storageProvider.getId() + ':' + getUsername()
        Returns:

      • getCreatedTimestamp

        public Long getCreatedTimestamp()

      • setCreatedTimestamp

        public void setCreatedTimestamp​(Long timestamp)

      • setSingleAttribute

        public void setSingleAttribute​(String name,
                               String value)

      • removeAttribute

        public void removeAttribute​(String name)

      • setAttribute

        public void setAttribute​(String name,
                         List<String> values)

      • getFirstAttribute

        public String getFirstAttribute​(String name)

      • mapAttribute

        protected String mapAttribute​(String attributeName)

      • isEmailVerified

        public boolean isEmailVerified()

      • setEmailVerified

        public void setEmailVerified​(boolean verified)
        Stores as attribute in federated storage. EMAIL_VERIFIED_ATTRIBUTE
        Parameters:
        verified -

      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class Object