keycloak-scim/server_development/topics/user-storage/model-interfaces.adoc
2017-02-14 10:03:12 +01:00

59 lines
2.3 KiB
Text

=== Model Interfaces
Most of the methods defined in the _capability_ _interfaces_ either return or are passed in representations of a user. These representations are defined
by the `org.keycloak.models.UserModel` interface. App developers are required to implement this interface. It provides
a mapping between the external user store and the user metamodel that {{book.project.name}} uses.
[source,java]
----
package org.keycloak.models;
public interface UserModel extends RoleMapperModel {
String getId();
String getUsername();
void setUsername(String username);
String getFirstName();
void setFirstName(String firstName);
String getLastName();
void setLastName(String lastName);
String getEmail();
void setEmail(String email);
...
}
----
`UserModel` implementations provide access to read and update metadata about the user including things like username, name, email,
role and group mappings, as well as other arbitrary attributes.
There are other model classes within the `org.keycloak.models` package the represent other parts of the {{book.project.name}}
metamodel: `RealmModel`, `RoleModel`, `GroupModel`, and `ClientModel`.
==== Storage Ids
One really import method of `UserModel` is the `getId()` method. When implementing `UserModel` developers must be aware
of the user id format. The format must be
----
"f:" + component id + ":" + external id
----
The {{book.project.name}} runtime often has to lookup users by their user id. The user id contains enough information
so that the runtime does not have to query every single `UserStorageProvider` in the system to find the user.
The component id is the id returned from `ComponentModel.getId()`. The `ComponentModel` is passed in as a parameter
when creating the provider class so you can get it from there. The external id is information your provider class
needs to find the user in the external store. This is often a username or a uid. For example, it might look something
like this:
----
f:332a234e31234:wburke
----
When the runtime does a lookup by id, the id is parsed to obtain the component id. The component id is used to
locate the `UserStorageProvider` that was originally used to load the user. That provider is then passed the id.
The provider again parses the id to obtain the external id it will use to locate the user in external user storage.