Package org.keycloak.services.resources.admin

Class ClientScopeResource

  • public class ClientScopeResource
extends Object
    Base resource class for managing one particular client of a realm.
    Version:
    $Revision: 1 $
    Author:
    Bill Burke

    • Field Detail

      • logger

        protected static final org.jboss.logging.Logger logger

      • realm

        protected org.keycloak.models.RealmModel realm

      • clientScope

        protected org.keycloak.models.ClientScopeModel clientScope

      • session

        protected org.keycloak.models.KeycloakSession session

      • dynamicScreenPattern

        protected static Pattern dynamicScreenPattern

      • scopeNamePattern

        protected static final Pattern scopeNamePattern

    • Constructor Detail

      • ClientScopeResource

        public ClientScopeResource​(org.keycloak.models.RealmModel realm,
                           AdminPermissionEvaluator auth,
                           org.keycloak.models.ClientScopeModel clientScope,
                           org.keycloak.models.KeycloakSession session,
                           AdminEventBuilder adminEvent)

    • Method Detail

      • getScopeMappedResource

        @Path("scope-mappings")
public ScopeMappedResource getScopeMappedResource()
        Base path for managing the role scope mappings for the client scope
        Returns:

      • update

        @PUT
@Consumes("application/json")
public javax.ws.rs.core.Response update​(org.keycloak.representations.idm.ClientScopeRepresentation rep)
        Update the client scope
        Parameters:
        rep -
        Returns:

      • getClientScope

        @GET
@Produces("application/json")
public org.keycloak.representations.idm.ClientScopeRepresentation getClientScope()
        Get representation of the client scope
        Returns:

      • deleteClientScope

        @DELETE
public javax.ws.rs.core.Response deleteClientScope()
        Delete the client scope

      • validateDynamicClientScope

        public static void validateDynamicClientScope​(org.keycloak.representations.idm.ClientScopeRepresentation clientScope)
                                       throws ErrorResponseException
        Performs some validation based on attributes combinations and format. Validations differ based on whether the DYNAMIC_SCOPES feature is enabled or not
        Parameters:
        clientScope -
        Throws:
        ErrorResponseException

      • validateDynamicScopeUpdate

        public void validateDynamicScopeUpdate​(org.keycloak.representations.idm.ClientScopeRepresentation rep)
        Makes sure that an update that makes a Client Scope Dynamic is rejected if the Client Scope is assigned to a client as a default scope.
        Parameters:
        rep - the ClientScopeRepresentation with the changes from the frontend.