public final class AuthorizationProvider extends Object implements Provider
The main contract here is the creation of PermissionEvaluator instances. Usually
an application has a single AuthorizationProvider instance and threads servicing client requests obtain PermissionEvaluator
from the evaluators() method.
The internal state of a AuthorizationProvider is immutable. This internal state includes all of the metadata
used during the evaluation of policies.
Once created, PermissionEvaluator instances can be obtained from the evaluators() method:
List permissionsToEvaluate = getPermissions(); // the permissions to evaluate
EvaluationContext evaluationContext = createEvaluationContext(); // the context with runtime environment information
PermissionEvaluator evaluator = authorization.evaluators().from(permissionsToEvaluate, context);
evaluator.evaluate(new Decision() {
public void onDecision(Evaluation evaluation) {
// do something on grant
}
});
| Constructor and Description |
|---|
AuthorizationProvider(KeycloakSession session,
RealmModel realm,
PolicyEvaluator policyEvaluator) |
| Modifier and Type | Method and Description |
|---|---|
void |
close() |
Evaluators |
evaluators()
Returns a
Evaluators instance from where PolicyEvaluator instances
can be obtained. |
KeycloakSession |
getKeycloakSession() |
StoreFactory |
getLocalStoreFactory()
No cache sits in front of this
|
PolicyEvaluator |
getPolicyEvaluator() |
<P extends PolicyProvider> |
getProvider(String type)
Returns a
PolicyProviderFactory given a type. |
Collection<PolicyProviderFactory> |
getProviderFactories()
Returns the registered
PolicyProviderFactory. |
PolicyProviderFactory |
getProviderFactory(String type)
Returns a
PolicyProviderFactory given a type. |
RealmModel |
getRealm() |
StoreFactory |
getStoreFactory()
Cache sits in front of this
Returns a
StoreFactory. |
public AuthorizationProvider(KeycloakSession session, RealmModel realm, PolicyEvaluator policyEvaluator)
public Evaluators evaluators()
Evaluators instance from where PolicyEvaluator instances
can be obtained.Evaluators instancepublic StoreFactory getStoreFactory()
StoreFactory.StoreFactorypublic StoreFactory getLocalStoreFactory()
public Collection<PolicyProviderFactory> getProviderFactories()
PolicyProviderFactory.List containing all registered PolicyProviderFactorypublic PolicyProviderFactory getProviderFactory(String type)
PolicyProviderFactory given a type.F - the expected type of the providertype - the type of the policy providerPolicyProviderFactory with the given typepublic <P extends PolicyProvider> P getProvider(String type)
PolicyProviderFactory given a type.P - the expected type of the providertype - the type of the policy providerPolicyProvider with the given typepublic KeycloakSession getKeycloakSession()
public RealmModel getRealm()
public PolicyEvaluator getPolicyEvaluator()
Copyright © 2021 JBoss by Red Hat. All rights reserved.