Package org.keycloak.adapters.authorization

Class PolicyEnforcer

java.lang.Object
org.keycloak.adapters.authorization.PolicyEnforcer
public class PolicyEnforcer extends Object

A Policy Enforcement Point (PEP) that requests and enforces authorization decisions from Keycloak.

Author:
Pedro Igor

  • Constructor Details

  • Method Details

    • builder

      public static PolicyEnforcer.Builder builder()

    • enforce

      public org.keycloak.AuthorizationContext enforce(HttpRequest request, HttpResponse response)

    • getHttpClient

      public org.apache.http.client.HttpClient getHttpClient()

    • getAuthzClient

      public AuthzClient getAuthzClient()

    • getPaths

      public Map<String,org.keycloak.representations.adapters.config.PolicyEnforcerConfig.PathConfig> getPaths()

    • getClaimInformationPointProviderFactories

      public Map<String,ClaimInformationPointProviderFactory> getClaimInformationPointProviderFactories()

    • getPathMatcher

      public PathConfigMatcher getPathMatcher()

    • isAuthorized

      protected boolean isAuthorized(org.keycloak.representations.adapters.config.PolicyEnforcerConfig.PathConfig actualPathConfig, org.keycloak.representations.adapters.config.PolicyEnforcerConfig.MethodConfig methodConfig, org.keycloak.representations.AccessToken accessToken, HttpRequest request, Map<String,List<String>> claims)

    • resolveClaims

      protected Map<String,List<String>> resolveClaims(org.keycloak.representations.adapters.config.PolicyEnforcerConfig.PathConfig pathConfig, HttpRequest request)

    • challenge

      protected boolean challenge(org.keycloak.representations.adapters.config.PolicyEnforcerConfig.PathConfig pathConfig, org.keycloak.representations.adapters.config.PolicyEnforcerConfig.MethodConfig methodConfig, HttpRequest request, HttpResponse response)

    • handleAccessDenied

      protected void handleAccessDenied(HttpResponse response)