org.keycloak.services.resources.admin

Class RealmAdminResource

java.lang.Object

org.keycloak.services.resources.admin.RealmAdminResource

public class RealmAdminResource
extends Object

Base resource class for the admin REST api of one realm

Version:

$Revision: 1 $

Author:

Bill Burke

Field Summary

Fields

Modifier and Type	Field and Description
protected RealmAuth	auth
protected org.keycloak.common.ClientConnection	connection
protected javax.ws.rs.core.HttpHeaders	headers
protected static ServicesLogger	logger
protected RealmModel	realm
protected KeycloakSession	session
protected javax.ws.rs.core.UriInfo	uriInfo

Constructor Summary

Constructors

Constructor and Description
RealmAdminResource(RealmAuth auth, RealmModel realm, TokenManager tokenManager, AdminEventBuilder adminEvent)

Method Summary

Modifier and Type	Method and Description
void	addDefaultGroup(String groupId)
void	clearAdminEvents() Delete all admin events
void	clearEvents() Delete all events
void	clearRealmCache() Clear realm cache
void	clearUserCache() Clear user cache
ClientRepresentation	convertClientDescription(String description) Base path for importing clients under this realm.
void	deleteRealm() Delete the realm
void	deleteSession(String sessionId) Remove a specific user session.
AuthenticationManagementResource	flows()
AttackDetectionResource	getAttackDetection() Base path for managing attack detection.
ClientInitialAccessResource	getClientInitialAccess() Base path for managing client initial access tokens
ClientsResource	getClients() Base path for managing clients under this realm.
List<Map<String,String>>	getClientSessionStats() Get client session stats Returns a JSON map.
ClientTemplatesResource	getClientTemplates() Base path for managing client templates under this realm.
List<GroupRepresentation>	getDefaultGroups() Get group hierarchy.
List<EventRepresentation>	getEvents(List<String> types, String client, String user, String dateFrom, String dateTo, String ipAddress, Integer firstResult, Integer maxResults) Get events Returns all events, or filters them based on URL query parameters listed here
List<AdminEventRepresentation>	getEvents(List<String> operationTypes, String authRealm, String authClient, String authUser, String authIpAddress, String resourcePath, String dateFrom, String dateTo, Integer firstResult, Integer maxResults) Get admin events Returns all admin events, or filters events based on URL query parameters listed here
GroupRepresentation	getGroupByPath(String path)
GroupsResource	getGroups()
IdentityProvidersResource	getIdentityProviderResource()
RealmRepresentation	getRealm() Get the top-level representation of the realm It will not include nested information like User and Client representations.
RealmEventsConfigRepresentation	getRealmEventsConfig() Get the events provider configuration Returns JSON object with events provider configuration
RoleContainerResource	getRoleContainerResource() base path for managing realm-level roles of this realm
GlobalRequestResult	logoutAll() Removes all user sessions.
javax.ws.rs.core.Response	partialImport(PartialImportRepresentation rep) Partial import from a JSON file to an existing realm.
GlobalRequestResult	pushRevocation() Push the realm's revocation policy to any client that has an admin url associated with it.
void	removeDefaultGroup(String groupId)
RoleByIdResource	rolesById() Path for managing all realm-level or client-level roles defined in this realm by its id.
javax.ws.rs.core.Response	testLDAPConnection(String action, String connectionUrl, String bindDn, String bindCredential, String useTruststoreSpi) Test LDAP connection
javax.ws.rs.core.Response	updateRealm(RealmRepresentation rep) Update the top-level information of the realm Any user, roles or client information in the representation will be ignored.
void	updateRealmEventsConfig(RealmEventsConfigRepresentation rep) Update the events provider Change the events provider and/or its configuration
UserFederationProvidersResource	userFederation()
UsersResource	users() Base path for managing users in this realm.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

logger

protected static final ServicesLogger logger

auth

protected RealmAuth auth

realm

protected RealmModel realm

session

@Context
protected KeycloakSession session

uriInfo

@Context
protected javax.ws.rs.core.UriInfo uriInfo

connection

@Context
protected org.keycloak.common.ClientConnection connection

headers

@Context
protected javax.ws.rs.core.HttpHeaders headers

Constructor Detail

RealmAdminResource

public RealmAdminResource(RealmAuth auth,
                          RealmModel realm,
                          TokenManager tokenManager,
                          AdminEventBuilder adminEvent)

Method Detail

convertClientDescription

@Path(value="client-description-converter")
 @Consumes(value={"application/json","application/xml","text/plain"})
 @POST
 @Produces(value="application/json")
public ClientRepresentation convertClientDescription(String description)

Base path for importing clients under this realm.

Returns:

getAttackDetection

@Path(value="attack-detection")
public AttackDetectionResource getAttackDetection()

Base path for managing attack detection.

Returns:

getClients

@Path(value="clients")
public ClientsResource getClients()

Base path for managing clients under this realm.

Returns:

getClientTemplates

@Path(value="client-templates")
public ClientTemplatesResource getClientTemplates()

Base path for managing client templates under this realm.

Returns:

getClientInitialAccess

@Path(value="clients-initial-access")
public ClientInitialAccessResource getClientInitialAccess()

Base path for managing client initial access tokens

Returns:

getRoleContainerResource

@Path(value="roles")
public RoleContainerResource getRoleContainerResource()

base path for managing realm-level roles of this realm

Returns:

getRealm

@GET
 @Produces(value="application/json")
public RealmRepresentation getRealm()

Get the top-level representation of the realm It will not include nested information like User and Client representations.

Returns:

updateRealm

@PUT
 @Consumes(value="application/json")
public javax.ws.rs.core.Response updateRealm(RealmRepresentation rep)

Update the top-level information of the realm Any user, roles or client information in the representation will be ignored. This will only update top-level attributes of the realm.

Parameters:

rep -

Returns:

deleteRealm

@DELETE
public void deleteRealm()

Delete the realm

users

@Path(value="users")
public UsersResource users()

Base path for managing users in this realm.

Returns:

userFederation

@Path(value="user-federation")
public UserFederationProvidersResource userFederation()

flows

@Path(value="authentication")
public AuthenticationManagementResource flows()

rolesById

@Path(value="roles-by-id")
public RoleByIdResource rolesById()

Path for managing all realm-level or client-level roles defined in this realm by its id.

Returns:

pushRevocation

@Path(value="push-revocation")
 @POST
public GlobalRequestResult pushRevocation()

Push the realm's revocation policy to any client that has an admin url associated with it.

logoutAll

@Path(value="logout-all")
 @POST
public GlobalRequestResult logoutAll()

Removes all user sessions. Any client that has an admin url will also be told to invalidate any sessions they have.

deleteSession

@Path(value="sessions/{session}")
 @DELETE
public void deleteSession(@PathParam(value="session")
                                                                     String sessionId)

Remove a specific user session. Any client that has an admin url will also be told to invalidate this particular session.

Parameters:

sessionId -

getClientSessionStats

@Path(value="client-session-stats")
 @GET
 @Produces(value="application/json")
public List<Map<String,String>> getClientSessionStats()

Get client session stats Returns a JSON map. The key is the client id, the value is the number of sessions that currently are active with that client. Only clients that actually have a session associated with them will be in this map.

Returns:

getRealmEventsConfig

@GET
 @Path(value="events/config")
 @Produces(value="application/json")
public RealmEventsConfigRepresentation getRealmEventsConfig()

Get the events provider configuration Returns JSON object with events provider configuration

Returns:

updateRealmEventsConfig

@PUT
 @Path(value="events/config")
 @Consumes(value="application/json")
public void updateRealmEventsConfig(RealmEventsConfigRepresentation rep)

Update the events provider Change the events provider and/or its configuration

Parameters:

rep -

getEvents

@Path(value="events")
 @GET
 @Produces(value="application/json")
public List<EventRepresentation> getEvents(@QueryParam(value="type")
                                                                                                            List<String> types,
                                                                                                            @QueryParam(value="client")
                                                                                                            String client,
                                                                                                            @QueryParam(value="user")
                                                                                                            String user,
                                                                                                            @QueryParam(value="dateFrom")
                                                                                                            String dateFrom,
                                                                                                            @QueryParam(value="dateTo")
                                                                                                            String dateTo,
                                                                                                            @QueryParam(value="ipAddress")
                                                                                                            String ipAddress,
                                                                                                            @QueryParam(value="first")
                                                                                                            Integer firstResult,
                                                                                                            @QueryParam(value="max")
                                                                                                            Integer maxResults)

Get events Returns all events, or filters them based on URL query parameters listed here

Parameters:

types - The types of events to return

client - App or oauth client name

user - User id

ipAddress - IP address

dateTo - To date

dateFrom - From date

firstResult - Paging offset

maxResults - Paging size

Returns:

getEvents

@Path(value="admin-events")
 @GET
 @Produces(value="application/json")
public List<AdminEventRepresentation> getEvents(@QueryParam(value="operationTypes")
                                                                                                                       List<String> operationTypes,
                                                                                                                       @QueryParam(value="authRealm")
                                                                                                                       String authRealm,
                                                                                                                       @QueryParam(value="authClient")
                                                                                                                       String authClient,
                                                                                                                       @QueryParam(value="authUser")
                                                                                                                       String authUser,
                                                                                                                       @QueryParam(value="authIpAddress")
                                                                                                                       String authIpAddress,
                                                                                                                       @QueryParam(value="resourcePath")
                                                                                                                       String resourcePath,
                                                                                                                       @QueryParam(value="dateFrom")
                                                                                                                       String dateFrom,
                                                                                                                       @QueryParam(value="dateTo")
                                                                                                                       String dateTo,
                                                                                                                       @QueryParam(value="first")
                                                                                                                       Integer firstResult,
                                                                                                                       @QueryParam(value="max")
                                                                                                                       Integer maxResults)

Get admin events Returns all admin events, or filters events based on URL query parameters listed here

Parameters:

operationTypes -

authRealm -

authClient -

authUser - user id

authIpAddress -

resourcePath -

dateTo -

dateFrom -

firstResult -

maxResults -

Returns:

clearEvents

@Path(value="events")
 @DELETE
public void clearEvents()

Delete all events

clearAdminEvents

@Path(value="admin-events")
 @DELETE
public void clearAdminEvents()

Delete all admin events

testLDAPConnection

@Path(value="testLDAPConnection")
 @GET
public javax.ws.rs.core.Response testLDAPConnection(@QueryParam(value="action")
                                                                                            String action,
                                                                                            @QueryParam(value="connectionUrl")
                                                                                            String connectionUrl,
                                                                                            @QueryParam(value="bindDn")
                                                                                            String bindDn,
                                                                                            @QueryParam(value="bindCredential")
                                                                                            String bindCredential,
                                                                                            @QueryParam(value="useTruststoreSpi")
                                                                                            String useTruststoreSpi)

Test LDAP connection

Parameters:

action -

connectionUrl -

bindDn -

bindCredential -

Returns:

getIdentityProviderResource

@Path(value="identity-provider")
public IdentityProvidersResource getIdentityProviderResource()

getDefaultGroups

@GET
 @Produces(value="application/json")
 @Path(value="default-groups")
public List<GroupRepresentation> getDefaultGroups()

Get group hierarchy. Only name and ids are returned.

Returns:

addDefaultGroup

@PUT
 @Path(value="default-groups/{groupId}")
public void addDefaultGroup(@PathParam(value="groupId")
                                                                          String groupId)

removeDefaultGroup

@DELETE
 @Path(value="default-groups/{groupId}")
public void removeDefaultGroup(@PathParam(value="groupId")
                                                                                String groupId)

getGroups

@Path(value="groups")
public GroupsResource getGroups()

getGroupByPath

@GET
 @Path(value="group-by-path/{path: .*}")
 @Produces(value="application/json")
public GroupRepresentation getGroupByPath(@PathParam(value="path")
                                                                                                                             String path)

partialImport

@Path(value="partialImport")
 @POST
 @Consumes(value="application/json")
public javax.ws.rs.core.Response partialImport(PartialImportRepresentation rep)

Partial import from a JSON file to an existing realm.

Parameters:

rep -

Returns:

clearRealmCache

@Path(value="clear-realm-cache")
 @POST
public void clearRealmCache()

Clear realm cache

clearUserCache

@Path(value="clear-user-cache")
 @POST
public void clearUserCache()

Clear user cache