public final class AuthorizationProvider extends Object implements Provider
The main contract here is the creation of PermissionEvaluator instances. Usually
an application has a single AuthorizationProvider instance and threads servicing client requests obtain org.keycloak.authorization.core.permission.evaluator.PermissionEvaluator
from the evaluators() method.
The internal state of a AuthorizationProvider is immutable. This internal state includes all of the metadata
used during the evaluation of policies.
Once created, PermissionEvaluator instances can be obtained from the evaluators() method:
List permissionsToEvaluate = getPermissions(); // the permissions to evaluate
EvaluationContext evaluationContext = createEvaluationContext(); // the context with runtime environment information
PermissionEvaluator evaluator = authorization.evaluators().from(permissionsToEvaluate, context);
evaluator.evaluate(new Decision() {
public void onDecision(Evaluation evaluation) {
// do something on grant
}
});
| Constructor and Description |
|---|
AuthorizationProvider(KeycloakSession session,
StoreFactory storeFactory) |
AuthorizationProvider(KeycloakSession session,
StoreFactory storeFactory,
Executor scheduller) |
| Modifier and Type | Method and Description |
|---|---|
void |
close() |
Evaluators |
evaluators()
Returns a
Evaluators instance from where PolicyEvaluator instances
can be obtained. |
KeycloakSession |
getKeycloakSession() |
List<PolicyProviderFactory> |
getProviderFactories()
Returns the registered
PolicyProviderFactory. |
<F extends PolicyProviderFactory> |
getProviderFactory(String type)
Returns a
PolicyProviderFactory given a type. |
StoreFactory |
getStoreFactory()
Returns a
StoreFactory. |
public AuthorizationProvider(KeycloakSession session, StoreFactory storeFactory, Executor scheduller)
public AuthorizationProvider(KeycloakSession session, StoreFactory storeFactory)
public Evaluators evaluators()
Evaluators instance from where PolicyEvaluator instances
can be obtained.Evaluators instancepublic StoreFactory getStoreFactory()
StoreFactory.StoreFactorypublic List<PolicyProviderFactory> getProviderFactories()
PolicyProviderFactory.List containing all registered PolicyProviderFactorypublic <F extends PolicyProviderFactory> F getProviderFactory(String type)
PolicyProviderFactory given a type.F - the expected type of the providertype - the type of the policy providerPolicyProviderFactory with the given typepublic KeycloakSession getKeycloakSession()
Copyright © 2016 JBoss by Red Hat. All rights reserved.