Class ClientResource
- java.lang.Object
-
- org.keycloak.services.resources.admin.ClientResource
-
public class ClientResource extends Object
Base resource class for managing one particular client of a realm.- Version:
- $Revision: 1 $
- Author:
- Bill Burke
-
-
Field Summary
Fields Modifier and Type Field Description protected org.keycloak.models.ClientModel
client
protected org.keycloak.common.ClientConnection
clientConnection
protected static org.jboss.logging.Logger
logger
protected org.keycloak.models.RealmModel
realm
protected org.keycloak.models.KeycloakSession
session
-
Constructor Summary
Constructors Constructor Description ClientResource(org.keycloak.models.RealmModel realm, AdminPermissionEvaluator auth, org.keycloak.models.ClientModel clientModel, org.keycloak.models.KeycloakSession session, AdminEventBuilder adminEvent)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addDefaultClientScope(String clientScopeId)
void
addOptionalClientScope(String clientScopeId)
AuthorizationService
authorization()
ClientScopeEvaluateResource
clientScopeEvaluateResource()
void
deleteClient()
Delete the clientMap<String,Long>
getApplicationSessionCount()
Get application session count Returns a number of user sessions associated with this client { "count": number }ClientAttributeCertificateResource
getCertficateResource(String attributePrefix)
Get representation of certificate resourceorg.keycloak.representations.idm.ClientRepresentation
getClient()
Get representation of the clientorg.keycloak.representations.idm.CredentialRepresentation
getClientRotatedSecret()
Get the rotated client secretorg.keycloak.representations.idm.CredentialRepresentation
getClientSecret()
Get the client secretStream<org.keycloak.representations.idm.ClientScopeRepresentation>
getDefaultClientScopes()
Get default client scopes.javax.ws.rs.core.Response
getInstallationProvider(String providerId)
org.keycloak.representations.idm.ManagementPermissionReference
getManagementPermissions()
Return object stating whether client Authorization permissions have been initialized or not and a referenceMap<String,Long>
getOfflineSessionCount()
Get application offline session count Returns a number of offline user sessions associated with this client { "count": number }Stream<org.keycloak.representations.idm.UserSessionRepresentation>
getOfflineUserSessions(Integer firstResult, Integer maxResults)
Get offline sessions for client Returns a list of offline user sessions associated with this clientStream<org.keycloak.representations.idm.ClientScopeRepresentation>
getOptionalClientScopes()
Get optional client scopes.ProtocolMappersResource
getProtocolMappers()
RoleContainerResource
getRoleContainerResource()
ScopeMappedResource
getScopeMappedResource()
Base path for managing the scope mappings for the clientorg.keycloak.representations.idm.UserRepresentation
getServiceAccountUser()
Get a user dedicated to the service accountStream<org.keycloak.representations.idm.UserSessionRepresentation>
getUserSessions(Integer firstResult, Integer maxResults)
Get user sessions for client Returns a list of user sessions associated with this clientjavax.ws.rs.core.Response
invalidateRotatedSecret()
Invalidate the rotated secret for the clientorg.keycloak.representations.adapters.action.GlobalRequestResult
pushRevocation()
Push the client's revocation policy to its admin URL If the client has an admin URL, push revocation policy to it.org.keycloak.representations.idm.ClientRepresentation
regenerateRegistrationAccessToken()
Generate a new registration access token for the clientorg.keycloak.representations.idm.CredentialRepresentation
regenerateSecret()
Generate a new secret for the clientvoid
registerNode(Map<String,String> formParams)
Register a cluster node with the client Manually register cluster node to this client - usually it's not needed to call this directly as adapter should handle by sending registration request to Keycloakvoid
removeDefaultClientScope(String clientScopeId)
void
removeOptionalClientScope(String clientScopeId)
org.keycloak.representations.idm.ManagementPermissionReference
setManagementPermissionsEnabled(org.keycloak.representations.idm.ManagementPermissionReference ref)
Return object stating whether client Authorization permissions have been initialized or not and a referenceorg.keycloak.representations.adapters.action.GlobalRequestResult
testNodesAvailable()
Test if registered cluster nodes are available Tests availability by sending 'ping' request to all cluster nodes.static org.keycloak.representations.idm.ManagementPermissionReference
toMgmtRef(org.keycloak.models.ClientModel client, AdminPermissionManagement permissions)
void
unregisterNode(String node)
Unregister a cluster node from the clientjavax.ws.rs.core.Response
update(org.keycloak.representations.idm.ClientRepresentation rep)
Update the client
-
-
-
Field Detail
-
logger
protected static final org.jboss.logging.Logger logger
-
realm
protected org.keycloak.models.RealmModel realm
-
client
protected org.keycloak.models.ClientModel client
-
session
protected final org.keycloak.models.KeycloakSession session
-
clientConnection
protected final org.keycloak.common.ClientConnection clientConnection
-
-
Constructor Detail
-
ClientResource
public ClientResource(org.keycloak.models.RealmModel realm, AdminPermissionEvaluator auth, org.keycloak.models.ClientModel clientModel, org.keycloak.models.KeycloakSession session, AdminEventBuilder adminEvent)
-
-
Method Detail
-
getProtocolMappers
@Path("protocol-mappers") public ProtocolMappersResource getProtocolMappers()
-
update
@PUT @Consumes("application/json") public javax.ws.rs.core.Response update(org.keycloak.representations.idm.ClientRepresentation rep)
Update the client- Parameters:
rep
-- Returns:
-
getClient
@GET @Produces("application/json") public org.keycloak.representations.idm.ClientRepresentation getClient()
Get representation of the client- Returns:
-
getCertficateResource
@Path("certificates/{attr}") public ClientAttributeCertificateResource getCertficateResource(@PathParam("attr") String attributePrefix)
Get representation of certificate resource- Parameters:
attributePrefix
-- Returns:
-
getInstallationProvider
@GET @Path("installation/providers/{providerId}") public javax.ws.rs.core.Response getInstallationProvider(@PathParam("providerId") String providerId)
-
deleteClient
@DELETE public void deleteClient()
Delete the client
-
regenerateSecret
@Path("client-secret") @POST @Produces("application/json") @Consumes("application/json") public org.keycloak.representations.idm.CredentialRepresentation regenerateSecret()
Generate a new secret for the client- Returns:
-
regenerateRegistrationAccessToken
@Path("registration-access-token") @POST @Produces("application/json") @Consumes("application/json") public org.keycloak.representations.idm.ClientRepresentation regenerateRegistrationAccessToken()
Generate a new registration access token for the client- Returns:
-
getClientSecret
@Path("client-secret") @GET @Produces("application/json") public org.keycloak.representations.idm.CredentialRepresentation getClientSecret()
Get the client secret- Returns:
-
getScopeMappedResource
@Path("scope-mappings") public ScopeMappedResource getScopeMappedResource()
Base path for managing the scope mappings for the client- Returns:
-
getRoleContainerResource
@Path("roles") public RoleContainerResource getRoleContainerResource()
-
getDefaultClientScopes
@GET @Produces("application/json") @Path("default-client-scopes") public Stream<org.keycloak.representations.idm.ClientScopeRepresentation> getDefaultClientScopes()
Get default client scopes. Only name and ids are returned.- Returns:
-
addDefaultClientScope
@PUT @Path("default-client-scopes/{clientScopeId}") public void addDefaultClientScope(@PathParam("clientScopeId") String clientScopeId)
-
removeDefaultClientScope
@DELETE @Path("default-client-scopes/{clientScopeId}") public void removeDefaultClientScope(@PathParam("clientScopeId") String clientScopeId)
-
getOptionalClientScopes
@GET @Produces("application/json") @Path("optional-client-scopes") public Stream<org.keycloak.representations.idm.ClientScopeRepresentation> getOptionalClientScopes()
Get optional client scopes. Only name and ids are returned.- Returns:
-
addOptionalClientScope
@PUT @Path("optional-client-scopes/{clientScopeId}") public void addOptionalClientScope(@PathParam("clientScopeId") String clientScopeId)
-
removeOptionalClientScope
@DELETE @Path("optional-client-scopes/{clientScopeId}") public void removeOptionalClientScope(@PathParam("clientScopeId") String clientScopeId)
-
clientScopeEvaluateResource
@Path("evaluate-scopes") public ClientScopeEvaluateResource clientScopeEvaluateResource()
-
getServiceAccountUser
@Path("service-account-user") @GET @Produces("application/json") public org.keycloak.representations.idm.UserRepresentation getServiceAccountUser()
Get a user dedicated to the service account- Returns:
-
pushRevocation
@Path("push-revocation") @POST @Produces("application/json") public org.keycloak.representations.adapters.action.GlobalRequestResult pushRevocation()
Push the client's revocation policy to its admin URL If the client has an admin URL, push revocation policy to it.
-
getApplicationSessionCount
@Path("session-count") @GET @Produces("application/json") public Map<String,Long> getApplicationSessionCount()
Get application session count Returns a number of user sessions associated with this client { "count": number }- Returns:
-
getUserSessions
@Path("user-sessions") @GET @Produces("application/json") public Stream<org.keycloak.representations.idm.UserSessionRepresentation> getUserSessions(@QueryParam("first") Integer firstResult, @QueryParam("max") Integer maxResults)
Get user sessions for client Returns a list of user sessions associated with this client- Parameters:
firstResult
- Paging offsetmaxResults
- Maximum results size (defaults to 100)- Returns:
-
getOfflineSessionCount
@Path("offline-session-count") @GET @Produces("application/json") public Map<String,Long> getOfflineSessionCount()
Get application offline session count Returns a number of offline user sessions associated with this client { "count": number }- Returns:
-
getOfflineUserSessions
@Path("offline-sessions") @GET @Produces("application/json") public Stream<org.keycloak.representations.idm.UserSessionRepresentation> getOfflineUserSessions(@QueryParam("first") Integer firstResult, @QueryParam("max") Integer maxResults)
Get offline sessions for client Returns a list of offline user sessions associated with this client- Parameters:
firstResult
- Paging offsetmaxResults
- Maximum results size (defaults to 100)- Returns:
-
registerNode
@Path("nodes") @POST @Consumes("application/json") public void registerNode(Map<String,String> formParams)
Register a cluster node with the client Manually register cluster node to this client - usually it's not needed to call this directly as adapter should handle by sending registration request to Keycloak- Parameters:
formParams
-
-
unregisterNode
@Path("nodes/{node}") @DELETE public void unregisterNode(@PathParam("node") String node)
Unregister a cluster node from the client- Parameters:
node
-
-
testNodesAvailable
@Path("test-nodes-available") @GET @Produces("application/json") public org.keycloak.representations.adapters.action.GlobalRequestResult testNodesAvailable()
Test if registered cluster nodes are available Tests availability by sending 'ping' request to all cluster nodes.- Returns:
-
authorization
@Path("/authz") public AuthorizationService authorization()
-
getManagementPermissions
@Path("management/permissions") @GET @Produces("application/json") public org.keycloak.representations.idm.ManagementPermissionReference getManagementPermissions()
Return object stating whether client Authorization permissions have been initialized or not and a reference- Returns:
-
toMgmtRef
public static org.keycloak.representations.idm.ManagementPermissionReference toMgmtRef(org.keycloak.models.ClientModel client, AdminPermissionManagement permissions)
-
setManagementPermissionsEnabled
@Path("management/permissions") @PUT @Produces("application/json") @Consumes("application/json") public org.keycloak.representations.idm.ManagementPermissionReference setManagementPermissionsEnabled(org.keycloak.representations.idm.ManagementPermissionReference ref)
Return object stating whether client Authorization permissions have been initialized or not and a reference- Returns:
- initialized manage permissions reference
-
invalidateRotatedSecret
@Path("client-secret/rotated") @DELETE @Produces("application/json") @Consumes("application/json") public javax.ws.rs.core.Response invalidateRotatedSecret()
Invalidate the rotated secret for the client- Returns:
-
getClientRotatedSecret
@Path("client-secret/rotated") @GET @Produces("application/json") public org.keycloak.representations.idm.CredentialRepresentation getClientRotatedSecret()
Get the rotated client secret- Returns:
-
-