Merge pull request #339 from pedroigor/KEYCLOAK-6628
[KEYCLOAK-6628] - Expose methods to query roles, groups, and attributes of users in Evaluation API
This commit is contained in:
Matthew Helmke
GitHub
commit
ff4d8436d3
1 changed files with 8 additions and 0 deletions
|
|
@ -8,6 +8,7 @@ This API consists of a few interfaces that provides you access to information su
|
|||
* The permission being requested
|
||||
* The identity that is requesting the permission, from which you can obtain claims/attributes
|
||||
* Runtime environment and any other attribute associated with the execution context
|
||||
* Information about users such as group membership and roles
|
||||
|
||||
The main interface is *org.keycloak.authorization.policy.evaluation.Evaluation*, which defines the following contract:
|
||||
|
||||
|
|
@ -28,6 +29,13 @@ public interface Evaluation {
|
|||
*/
|
||||
EvaluationContext getContext();
|
||||
|
||||
/**
|
||||
* Returns a {@link Realm} that can be used by policies to query information.
|
||||
*
|
||||
* @return a {@link Realm} instance
|
||||
*/
|
||||
Realm getRealm();
|
||||
|
||||
/**
|
||||
* Grants the requested permission to the caller.
|
||||
*/
|
||||
|
|
|
|||
Loading…
Reference in a new issue