public final class AuthorizationProvider extends Object implements Provider
The main contract here is the creation of PermissionEvaluator
instances. Usually
an application has a single AuthorizationProvider
instance and threads servicing client requests obtain org.keycloak.authorization.core.permission.evaluator.PermissionEvaluator
from the evaluators()
method.
The internal state of a AuthorizationProvider
is immutable. This internal state includes all of the metadata
used during the evaluation of policies.
Once created, PermissionEvaluator
instances can be obtained from the evaluators()
method:
ListpermissionsToEvaluate = getPermissions(); // the permissions to evaluate EvaluationContext evaluationContext = createEvaluationContext(); // the context with runtime environment information PermissionEvaluator evaluator = authorization.evaluators().from(permissionsToEvaluate, context); evaluator.evaluate(new Decision() { public void onDecision(Evaluation evaluation) { // do something on grant } });
Constructor and Description |
---|
AuthorizationProvider(KeycloakSession session,
StoreFactory storeFactory) |
AuthorizationProvider(KeycloakSession session,
StoreFactory storeFactory,
Executor scheduller) |
Modifier and Type | Method and Description |
---|---|
void |
close() |
Evaluators |
evaluators()
Returns a
Evaluators instance from where PolicyEvaluator instances
can be obtained. |
KeycloakSession |
getKeycloakSession() |
List<PolicyProviderFactory> |
getProviderFactories()
Returns the registered
PolicyProviderFactory . |
<F extends PolicyProviderFactory> |
getProviderFactory(String type)
Returns a
PolicyProviderFactory given a type . |
StoreFactory |
getStoreFactory()
Returns a
StoreFactory . |
public AuthorizationProvider(KeycloakSession session, StoreFactory storeFactory, Executor scheduller)
public AuthorizationProvider(KeycloakSession session, StoreFactory storeFactory)
public Evaluators evaluators()
Evaluators
instance from where PolicyEvaluator
instances
can be obtained.Evaluators
instancepublic StoreFactory getStoreFactory()
StoreFactory
.StoreFactory
public List<PolicyProviderFactory> getProviderFactories()
PolicyProviderFactory
.List
containing all registered PolicyProviderFactory
public <F extends PolicyProviderFactory> F getProviderFactory(String type)
PolicyProviderFactory
given a type
.F
- the expected type of the providertype
- the type of the policy providerPolicyProviderFactory
with the given type
public KeycloakSession getKeycloakSession()
Copyright © 2016 JBoss by Red Hat. All rights reserved.