public class KeycloakRBACImpl extends Object implements OAuth2RBAC
| Constructor and Description |
|---|
KeycloakRBACImpl(OAuth2ClientOptions options) |
| Modifier and Type | Method and Description |
|---|---|
void |
isAuthorized(AccessToken user,
String authority,
Handler<AsyncResult<Boolean>> handler)
Determine if this token has an associated role.
|
public KeycloakRBACImpl(OAuth2ClientOptions options)
public void isAuthorized(AccessToken user, String authority, Handler<AsyncResult<Boolean>> handler)
This method is only functional if the token is constructed with a `clientId` parameter.
The parameter matches a role specification using the following rules:
- If the name contains no colons, then the name is taken as the entire name of a role within the current application, as specified via `clientId`. - If the name starts with the literal `realm:`, the subsequent portion is taken as the name of a _realm-level_ role. - Otherwise, the name is split at the colon, with the first portion being taken as the name of an arbitrary application, and the subsequent portion as the name of a role with that app.
isAuthorized in interface OAuth2RBACauthority - The role name specifier.handler - `true` if this token has the specified role, otherwise `false`.user - the given user to assert onCopyright © 2020. All rights reserved.