Martin Kanis
Michal Hajas
parent
4a85b21eb3
commit
43a2eb40f1
4 changed files with 8 additions and 11 deletions
|
|
@ -389,9 +389,6 @@ public class SecretQuestionCredentialProvider implements CredentialProvider<Secr
|
||||||
this.session = session;
|
this.session = session;
|
||||||
}
|
}
|
||||||
|
|
||||||
private UserCredentialStore getCredentialStore() {
|
|
||||||
return session.userCredentialManager();
|
|
||||||
}
|
|
||||||
----
|
----
|
||||||
|
|
||||||
We also want to implement the CredentialInputValidator interface, as this allows {project_name} to know that this provider can also be used to validate a
|
We also want to implement the CredentialInputValidator interface, as this allows {project_name} to know that this provider can also be used to validate a
|
||||||
|
|
@ -417,7 +414,7 @@ public SecretQuestionCredentialModel getCredentialFromModel(CredentialModel mode
|
||||||
}
|
}
|
||||||
----
|
----
|
||||||
|
|
||||||
Finally, we have the methods to create a credential and delete a credential. These methods call the KeycloakSession's `userCredentialManager`, which
|
Finally, we have the methods to create a credential and delete a credential. These methods call the UserModel's credential manager, which
|
||||||
is responsible for knowing where to read or write the credential, for example local storage or federated storage.
|
is responsible for knowing where to read or write the credential, for example local storage or federated storage.
|
||||||
|
|
||||||
[source,java]
|
[source,java]
|
||||||
|
|
@ -427,12 +424,12 @@ public CredentialModel createCredential(RealmModel realm, UserModel user, Secret
|
||||||
if (credentialModel.getCreatedDate() == null) {
|
if (credentialModel.getCreatedDate() == null) {
|
||||||
credentialModel.setCreatedDate(Time.currentTimeMillis());
|
credentialModel.setCreatedDate(Time.currentTimeMillis());
|
||||||
}
|
}
|
||||||
return getCredentialStore().createCredential(realm, user, credentialModel);
|
return user.credentialManager().createStoredCredential(credentialModel);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean deleteCredential(RealmModel realm, UserModel user, String credentialId) {
|
public boolean deleteCredential(RealmModel realm, UserModel user, String credentialId) {
|
||||||
return getCredentialStore().removeStoredCredential(realm, user, credentialId);
|
return user.credentialManager().removeStoredCredentialById(credentialId);
|
||||||
}
|
}
|
||||||
----
|
----
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,7 @@
|
||||||
|
|
||||||
[WARNING]
|
[WARNING]
|
||||||
====
|
====
|
||||||
This functionality depends on APIs bundled in the `keycloak-model-legacy` module.
|
This functionality depends on APIs bundled in the `keycloak-model-legacy` and `keycloak-model-legacy-private` modules.
|
||||||
It will soon be replaced with the new map storage API which provides a uniform way to access both local and external information about users and other entities, and the old APIs will be removed eventually.
|
It will soon be replaced with the new map storage API which provides a uniform way to access both local and external information about users and other entities, and the old APIs will be removed eventually.
|
||||||
====
|
====
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -8,7 +8,7 @@ is propagated to the entire cluster so that the other nodes' user cache is also
|
||||||
|
|
||||||
==== Managing the user cache
|
==== Managing the user cache
|
||||||
|
|
||||||
You can access the user cache by calling `KeycloakSession.userCache()`.
|
You can access the user cache by calling `KeycloakSession.getProvider(UserCache.class)`.
|
||||||
|
|
||||||
[source,java]
|
[source,java]
|
||||||
----
|
----
|
||||||
|
|
|
||||||
|
|
@ -30,9 +30,9 @@ begin first by modifying the `createAdapter()` method.
|
||||||
[source,java]
|
[source,java]
|
||||||
----
|
----
|
||||||
protected UserModel createAdapter(RealmModel realm, String username) {
|
protected UserModel createAdapter(RealmModel realm, String username) {
|
||||||
UserModel local = session.userLocalStorage().getUserByUsername(username, realm);
|
UserModel local = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(realm, username);
|
||||||
if (local == null) {
|
if (local == null) {
|
||||||
local = session.userLocalStorage().addUser(realm, username);
|
local = UserStoragePrivateUtil.userLocalStorage(session).addUser(realm, username);
|
||||||
local.setFederationLink(model.getId());
|
local.setFederationLink(model.getId());
|
||||||
}
|
}
|
||||||
return new UserModelDelegate(local) {
|
return new UserModelDelegate(local) {
|
||||||
|
|
@ -49,7 +49,7 @@ begin first by modifying the `createAdapter()` method.
|
||||||
}
|
}
|
||||||
----
|
----
|
||||||
|
|
||||||
In this method we call the `KeycloakSession.userLocalStorage()` method to obtain a reference to local {project_name}
|
In this method we call the `UserStoragePrivateUtil.userLocalStorage(session)` method to obtain a reference to local {project_name}
|
||||||
user storage. We see if the user is stored locally, if not, we add it locally. Do not set the `id` of the local user.
|
user storage. We see if the user is stored locally, if not, we add it locally. Do not set the `id` of the local user.
|
||||||
Let {project_name} automatically generate the `id`. Also note that we call
|
Let {project_name} automatically generate the `id`. Also note that we call
|
||||||
`UserModel.setFederationLink()` and pass in the ID of the `ComponentModel` of our provider. This sets a link between
|
`UserModel.setFederationLink()` and pass in the ID of the `ComponentModel` of our provider. This sets a link between
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue