org.picketlink.idm.IdentityManager Maven / Gradle / Ivy
/*
* JBoss, Home of Professional Open Source
*
* Copyright 2013 Red Hat, Inc. and/or its affiliates.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.picketlink.idm;
import org.picketlink.idm.credential.Credentials;
import org.picketlink.idm.credential.storage.CredentialStorage;
import org.picketlink.idm.model.Account;
import org.picketlink.idm.model.IdentityType;
import org.picketlink.idm.query.IdentityQuery;
import org.picketlink.idm.query.IdentityQueryBuilder;
import java.util.Date;
import java.util.List;
/**
* Manages all Identity Management related operations.
*
* @author Shane Bryzak
*/
public interface IdentityManager {
/**
* The active IdentityManager instance may be stored in the IdentityContext under this parameter name
*/
String IDENTITY_MANAGER_CTX_PARAMETER = "IDENTITY_MANAGER_CTX_PARAMETER";
// Identity CRUD methods
/**
*
* Adds the given {@link IdentityType} instance to the configured identity store.
*
*
* @param identityType
* @throws IdentityManagementException If cannot store the provided {@link IdentityType} instance.
*/
void add(IdentityType identityType) throws IdentityManagementException;
/**
*
* Updates the given {@link IdentityType} instance. The instance must have an identifier, otherwise a exception will be
* thrown.
*
*
* @param identityType
* @throws IdentityManagementException If cannot update the provided {@link IdentityType} instance.
*/
void update(IdentityType identityType) throws IdentityManagementException;
/**
*
* Removes the given {@link IdentityType} instance from the configured identity store. The instance must have an identifier,
* otherwise a exception will be thrown.
*
*
* @param value
* @throws IdentityManagementException If cannot remove the provided {@link IdentityType} instance.
*/
void remove(IdentityType value) throws IdentityManagementException;
// Query API
/**
* Returns a {@link org.picketlink.idm.query.IdentityQueryBuilder}, responsible for building queries.
*
* @return
*/
IdentityQueryBuilder getQueryBuilder();
/**
*
* Retrieves an {@link IdentityType} with the given identifier.
*
*
* The first argument tells which {@link IdentityType} type should be returned. If you provide the {@link IdentityType} base
* interface any {@link IdentityType} instance that matches the given identifier will be returned.
*
*
* @param identityType
* @param id
* @return If no {@link IdentityType} is found with the given identifier this method returns null.
*/
T lookupIdentityById(Class identityType, String id);
/**
*
* Creates an {@link IdentityQuery} that can be used to query for {@link IdentityType} instances.
*
*
* The first argument tells which {@link IdentityType} type should be returned. If you provide the {@link IdentityType} base
* interface any {@link IdentityType} instance that matches the provided query parameters will be returned.
*
*
* @param identityType
*
* @deprecated Use the {@link IdentityManager#getQueryBuilder()} to create queries.
*
* @return
*/
@Deprecated
IdentityQuery createIdentityQuery(Class identityType);
// Credential management
/**
*
* Validates the given {@link Credentials}.
*
*
* To check the validation status you should use the Credentials.getStatus method.
*
*
* @param credentials
*/
void validateCredentials(Credentials credentials);
/**
*
* Updates a credential for the given {@link Account}.
*
*
* @param account
* @param credential The credential must be a object supported by any {@link org.picketlink.idm.credential.handler.CredentialHandler}.
* Examples of credentials are the {@link org.picketlink.idm.credential.Password} and {@link org.picketlink.idm.credential.Digest} types.
*/
void updateCredential(Account account, Object credential);
/**
*
* Updates a credential for the given {@link Account}.
*
*
* This methods also allows to specify the expiration and effective date for the credential.
*
*
* @param account
* @param credential The credential must be a object supported by any {@link org.picketlink.idm.credential.handler.CredentialHandler}.
* Examples of credentials are the {@link org.picketlink.idm.credential.Password} and {@link org.picketlink.idm.credential.Digest} types.
*/
void updateCredential(Account account, Object credential, Date effectiveDate, Date expiryDate);
/**
* Returns the current stored credential value for the specific account and credential storage class
*
* @param account
* @param storageClass
* @return
*/
T retrieveCurrentCredential(Account account, Class storageClass);
/**
* Returns a list of all stored credential values for the specified account and credential storage class
*
* @param account
* @param storageClass
* @return
*/
List retrieveCredentials(Account account, Class storageClass);
/**
* Removes all credentials stored by a certain {@link org.picketlink.idm.credential.storage.CredentialStorage} associated
* with the given {@link org.picketlink.idm.model.Account}.
*
* @param account The account which credentials should be removed.
* @param storageClass The credential storage type specifying which credential types should be removed.
*/
void removeCredential(Account account, Class storageClass);
}