Class ScopeMappedResource
java.lang.Object
org.keycloak.services.resources.admin.ScopeMappedResource
Base class for managing the scope mappings of a specific client.
- Version:
- $Revision: 1 $
- Author:
- Bill Burke
-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected AdminEventBuilderprotected AdminPermissionEvaluatorprotected RealmModelprotected ScopeContainerModelprotected KeycloakSession -
Constructor Summary
ConstructorsConstructorDescriptionScopeMappedResource(RealmModel realm, AdminPermissionEvaluator auth, ScopeContainerModel scopeContainer, KeycloakSession session, AdminEventBuilder adminEvent, AdminPermissionEvaluator.RequirePermissionCheck managePermission, AdminPermissionEvaluator.RequirePermissionCheck viewPermission) -
Method Summary
Modifier and TypeMethodDescriptionvoidAdd a set of realm-level roles to the client's scopevoidRemove a set of realm-level roles from the client's scopeGet realm-level roles that are available to attach to this client's scopegetClientByIdScopeMappings(String client) getCompositeRealmScopeMappings(boolean briefRepresentation) Get effective realm-level roles associated with the client's scope What this does is recurse any composite roles associated with the client's scope and adds the roles to this lists.Get realm-level roles associated with the client's scopeDeprecated.the method is not used neither from admin console or from admin client.
-
Field Details
-
realm
-
auth
-
managePermission
-
viewPermission
-
scopeContainer
-
session
-
adminEvent
-
-
Constructor Details
-
ScopeMappedResource
public ScopeMappedResource(RealmModel realm, AdminPermissionEvaluator auth, ScopeContainerModel scopeContainer, KeycloakSession session, AdminEventBuilder adminEvent, AdminPermissionEvaluator.RequirePermissionCheck managePermission, AdminPermissionEvaluator.RequirePermissionCheck viewPermission)
-
-
Method Details
-
getScopeMappings
Deprecated.the method is not used neither from admin console or from admin client. It may be removed in future releases.Get all scope mappings for the client- Returns:
-
getRealmScopeMappings
@Path("realm") @GET @Produces("application/json") public Stream<RoleRepresentation> getRealmScopeMappings()Get realm-level roles associated with the client's scope- Returns:
-
getAvailableRealmScopeMappings
@Path("realm/available") @GET @Produces("application/json") public Stream<RoleRepresentation> getAvailableRealmScopeMappings()Get realm-level roles that are available to attach to this client's scope- Returns:
-
getCompositeRealmScopeMappings
@Path("realm/composite") @GET @Produces("application/json") public Stream<RoleRepresentation> getCompositeRealmScopeMappings(@QueryParam("briefRepresentation") @DefaultValue("true") boolean briefRepresentation) Get effective realm-level roles associated with the client's scope What this does is recurse any composite roles associated with the client's scope and adds the roles to this lists. The method is really to show a comprehensive total view of realm-level roles associated with the client.- Parameters:
briefRepresentation- if false, return roles with their attributes- Returns:
-
addRealmScopeMappings
@Path("realm") @POST @Consumes("application/json") public void addRealmScopeMappings(List<RoleRepresentation> roles) Add a set of realm-level roles to the client's scope- Parameters:
roles-
-
deleteRealmScopeMappings
@Path("realm") @DELETE @Consumes("application/json") public void deleteRealmScopeMappings(List<RoleRepresentation> roles) Remove a set of realm-level roles from the client's scope- Parameters:
roles-
-
getClientByIdScopeMappings
@Path("clients/{client}") public ScopeMappedClientResource getClientByIdScopeMappings(@PathParam("client") String client)
-