public interface UserFederationProvider extends Provider
Modifier and Type | Interface and Description |
---|---|
static class |
UserFederationProvider.EditMode
Optional type that can be by implementations to describe edit mode of federation storage
|
Modifier and Type | Field and Description |
---|---|
static String |
EMAIL |
static String |
FIRST_NAME |
static String |
LAST_NAME |
static String |
USERNAME |
Modifier and Type | Method and Description |
---|---|
void |
close()
This method is called at the end of requests.
|
List<UserModel> |
getGroupMembers(RealmModel realm,
GroupModel group,
int firstResult,
int maxResults)
Return group members from federation storage.
|
Set<String> |
getSupportedCredentialTypes()
What UserCredentialModel types should be handled by this provider? This is called in scenarios when we don't know user,
who is going to authenticate (For example Kerberos authentication).
|
Set<String> |
getSupportedCredentialTypes(UserModel user)
What UserCredentialModel types should be handled by this provider for this user? Keycloak will only call
validCredentials() with the credential types specified in this method.
|
UserModel |
getUserByEmail(RealmModel realm,
String email)
Keycloak will search for user in local storage first.
|
UserModel |
getUserByUsername(RealmModel realm,
String username)
Keycloak will search for user in local storage first.
|
boolean |
isValid(RealmModel realm,
UserModel local)
Is the Keycloak UserModel still valid and/or existing in federated storage? Keycloak may call this method
in various user operations.
|
void |
preRemove(RealmModel realm)
called whenever a Realm is removed
|
void |
preRemove(RealmModel realm,
GroupModel group)
called before a role is removed.
|
void |
preRemove(RealmModel realm,
RoleModel role)
called before a role is removed.
|
UserModel |
register(RealmModel realm,
UserModel user)
Called if this federation provider has priority and supports synchronized registrations.
|
boolean |
removeUser(RealmModel realm,
UserModel user) |
List<UserModel> |
searchByAttributes(Map<String,String> attributes,
RealmModel realm,
int maxResults)
Keycloak does not search in local storage first before calling this method.
|
boolean |
synchronizeRegistrations()
Should user registrations be synchronized with this provider?
FYI, only one provider will be chosen (by priority) to have this synchronization
|
UserModel |
validateAndProxy(RealmModel realm,
UserModel local)
Gives the provider an option to validate if user still exists in federation backend and then proxy UserModel loaded from local storage.
|
CredentialValidationOutput |
validCredentials(RealmModel realm,
UserCredentialModel credential)
Validate credentials of unknown user.
|
boolean |
validCredentials(RealmModel realm,
UserModel user,
List<UserCredentialModel> input)
Validate credentials for this user.
|
boolean |
validCredentials(RealmModel realm,
UserModel user,
UserCredentialModel... input) |
static final String USERNAME
static final String EMAIL
static final String FIRST_NAME
static final String LAST_NAME
UserModel validateAndProxy(RealmModel realm, UserModel local)
realm
- local
- boolean synchronizeRegistrations()
UserModel register(RealmModel realm, UserModel user)
realm
- user
- boolean removeUser(RealmModel realm, UserModel user)
UserModel getUserByUsername(RealmModel realm, String username)
realm
- username
- UserModel getUserByEmail(RealmModel realm, String email)
realm
- email
- List<UserModel> searchByAttributes(Map<String,String> attributes, RealmModel realm, int maxResults)
attributes
- realm
- List<UserModel> getGroupMembers(RealmModel realm, GroupModel group, int firstResult, int maxResults)
realm
- group
- firstResult
- maxResults
- void preRemove(RealmModel realm)
realm
- void preRemove(RealmModel realm, RoleModel role)
realm
- role
- void preRemove(RealmModel realm, GroupModel group)
realm
- group
- boolean isValid(RealmModel realm, UserModel local)
realm
- local
- Set<String> getSupportedCredentialTypes(UserModel user)
Set<String> getSupportedCredentialTypes()
boolean validCredentials(RealmModel realm, UserModel user, List<UserCredentialModel> input)
realm
- user
- input
- boolean validCredentials(RealmModel realm, UserModel user, UserCredentialModel... input)
CredentialValidationOutput validCredentials(RealmModel realm, UserCredentialModel credential)
realm
- credential
- Copyright © 2016 JBoss by Red Hat. All rights reserved.