StoreFactoryCacheManager.java
/*
* Copyright 2016 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.models.cache.infinispan.authorization;
import org.infinispan.Cache;
import org.jboss.logging.Logger;
import org.keycloak.models.cache.infinispan.CacheManager;
import org.keycloak.models.cache.infinispan.RealmCacheManager;
import org.keycloak.models.cache.infinispan.authorization.events.AuthorizationCacheInvalidationEvent;
import org.keycloak.models.cache.infinispan.authorization.stream.InResourcePredicate;
import org.keycloak.models.cache.infinispan.authorization.stream.InResourceServerPredicate;
import org.keycloak.models.cache.infinispan.authorization.stream.InScopePredicate;
import org.keycloak.models.cache.infinispan.entities.Revisioned;
import org.keycloak.models.cache.infinispan.events.InvalidationEvent;
import java.util.Objects;
import java.util.Set;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class StoreFactoryCacheManager extends CacheManager {
private static final Logger logger = Logger.getLogger(StoreFactoryCacheManager.class);
public StoreFactoryCacheManager(Cache<String, Revisioned> cache, Cache<String, Long> revisions) {
super(cache, revisions);
}
@Override
protected Logger getLogger() {
return logger;
}
@Override
protected void addInvalidationsFromEvent(InvalidationEvent event, Set<String> invalidations) {
if (event instanceof AuthorizationCacheInvalidationEvent) {
invalidations.add(event.getId());
((AuthorizationCacheInvalidationEvent) event).addInvalidations(this, invalidations);
}
}
public void resourceServerUpdated(String id, Set<String> invalidations) {
invalidations.add(id);
invalidations.add(StoreFactoryCacheSession.getResourceServerByClientCacheKey(id));
}
public void resourceServerRemoval(String id, Set<String> invalidations) {
resourceServerUpdated(id, invalidations);
addInvalidations(InResourceServerPredicate.create(id), invalidations);
}
public void scopeUpdated(String id, String name, String serverId, Set<String> invalidations) {
invalidations.add(id);
invalidations.add(StoreFactoryCacheSession.getScopeByNameCacheKey(name, serverId));
invalidations.add(StoreFactoryCacheSession.getResourceByScopeCacheKey(id, serverId));
invalidations.add(StoreFactoryCacheSession.getPermissionTicketByScope(id, serverId));
}
public void scopeRemoval(String id, String name, String serverId, Set<String> invalidations) {
scopeUpdated(id, name, serverId, invalidations);
addInvalidations(InScopePredicate.create(id), invalidations);
}
public void resourceUpdated(String id, String name, String type, Set<String> uris, Set<String> scopes, String serverId, String owner, Set<String> invalidations) {
invalidations.add(id);
invalidations.add(StoreFactoryCacheSession.getResourceByNameCacheKey(name, owner, serverId));
invalidations.add(StoreFactoryCacheSession.getResourceByOwnerCacheKey(owner, serverId));
invalidations.add(StoreFactoryCacheSession.getResourceByOwnerCacheKey(owner, null));
invalidations.add(StoreFactoryCacheSession.getPermissionTicketByResource(id, serverId));
addInvalidations(InResourcePredicate.create(name), invalidations);
if (type != null) {
invalidations.add(StoreFactoryCacheSession.getResourceByTypeCacheKey(type, serverId));
invalidations.add(StoreFactoryCacheSession.getResourceByTypeCacheKey(type, owner, serverId));
invalidations.add(StoreFactoryCacheSession.getResourceByTypeCacheKey(type, null, serverId));
invalidations.add(StoreFactoryCacheSession.getResourceByTypeInstanceCacheKey(type, serverId));
addInvalidations(InResourcePredicate.create(type), invalidations);
}
if (uris != null) {
for (String uri: uris) {
invalidations.add(StoreFactoryCacheSession.getResourceByUriCacheKey(uri, serverId));
}
}
if (scopes != null) {
for (String scope : scopes) {
invalidations.add(StoreFactoryCacheSession.getResourceByScopeCacheKey(scope, serverId));
addInvalidations(InScopePredicate.create(scope), invalidations);
}
}
}
public void resourceRemoval(String id, String name, String type, Set<String> uris, String owner, Set<String> scopes, String serverId, Set<String> invalidations) {
resourceUpdated(id, name, type, uris, scopes, serverId, owner, invalidations);
addInvalidations(InResourcePredicate.create(id), invalidations);
}
public void policyUpdated(String id, String name, Set<String> resources, Set<String> resourceTypes, Set<String> scopes, String serverId, Set<String> invalidations) {
invalidations.add(id);
invalidations.add(StoreFactoryCacheSession.getPolicyByNameCacheKey(name, serverId));
if (resources != null) {
for (String resource : resources) {
invalidations.add(StoreFactoryCacheSession.getPolicyByResource(resource, serverId));
if (Objects.nonNull(scopes)) {
for (String scope : scopes) {
invalidations.add(StoreFactoryCacheSession.getPolicyByResourceScope(scope, resource, serverId));
}
}
}
}
if (resourceTypes != null) {
for (String type : resourceTypes) {
invalidations.add(StoreFactoryCacheSession.getPolicyByResourceType(type, serverId));
}
}
if (scopes != null) {
for (String scope : scopes) {
invalidations.add(StoreFactoryCacheSession.getPolicyByScope(scope, serverId));
invalidations.add(StoreFactoryCacheSession.getPolicyByResourceScope(scope, null, serverId));
}
}
}
public void permissionTicketUpdated(String id, String owner, String requester, String resource, String resourceName, String scope, String serverId, Set<String> invalidations) {
invalidations.add(id);
invalidations.add(StoreFactoryCacheSession.getPermissionTicketByOwner(owner, serverId));
invalidations.add(StoreFactoryCacheSession.getPermissionTicketByResource(resource, serverId));
invalidations.add(StoreFactoryCacheSession.getPermissionTicketByGranted(requester, serverId));
invalidations.add(StoreFactoryCacheSession.getPermissionTicketByGranted(requester, null));
invalidations.add(StoreFactoryCacheSession.getPermissionTicketByResourceNameAndGranted(resourceName, requester, serverId));
invalidations.add(StoreFactoryCacheSession.getPermissionTicketByResourceNameAndGranted(resourceName, requester, null));
if (scope != null) {
invalidations.add(StoreFactoryCacheSession.getPermissionTicketByScope(scope, serverId));
}
}
public void policyRemoval(String id, String name, Set<String> resources, Set<String> resourceTypes, Set<String> scopes, String serverId, Set<String> invalidations) {
policyUpdated(id, name, resources, resourceTypes, scopes, serverId, invalidations);
}
public void permissionTicketRemoval(String id, String owner, String requester, String resource, String resourceName, String scope, String serverId, Set<String> invalidations) {
permissionTicketUpdated(id, owner, requester, resource, resourceName, scope, serverId, invalidations);
}
}