Package org.forgerock.am.identity.application

Interface IdentityService

  • public interface IdentityService
    An identity service that allows performing updates to Identity instances.

    • Method Detail

      • isActive

        boolean isActive​(Identity identity)
          throws IdRepoException,
                 SSOException
        If there is a status attribute configured, then verifies if the identity is active and returns true. This method is only valid for Identity objects of type User and Agent.
        Returns:
        true if the identity is active or if it is not configured for a status attribute, false otherwise
        Throws:
        IdRepoException - If there are repository related error conditions
        SSOException - If user's single sign on token is invalid

      • setActiveStatus

        void setActiveStatus​(Identity identity,
                     boolean active)
              throws IdRepoException,
                     SSOException
        If there is a status attribute configured, then set its status to true or activated state if the parameter active is true. This method is only valid for Identity objects of type User and Agent.
        Parameters:
        identity - The identity to perform the update on.
        active - The state value to assign to status attribute. The actual value assigned to the status attribute will depend on what is configured for that particular plugin. If active is true, the status will be assigned the value corresponding to activated
        Throws:
        IdRepoException - If there are repository related error conditions
        SSOException - If user's single sign on token is invalid

      • getBinaryAttributes

        Map<String,​byte[][]> getBinaryAttributes​(Identity identity,
                                               Set<String> attrNames)
                                        throws IdRepoException,
                                               SSOException
        Returns requested attributes and values of this object.

        This method is only valid for Identity objects of type User, Agent, Group, and Role.

        Parameters:
        attrNames - Set of attribute names to be read
        Returns:
        Map of attribute-values
        Throws:
        IdRepoException - If there are repository related error conditions
        SSOException - If user's single sign on token is invalid

      • updateAttributes

        IdentityService.IdentityAttributeUpdater updateAttributes​(Identity identity)
        Returns a builder which allows updating the attributes of the given identity.
        Parameters:
        identity - The identity to perform the update on.
        Returns:
        the attribute updater

      • isMember

        boolean isMember​(Identity identity,
                 UniversalId universalId)
          throws IdRepoException,
                 SSOException
        Verifies if this identity is a member of the identity being passed.

        This method is only valid for Identity objects of type Role, Group and User.

        Parameters:
        universalId - UniversalId to check membership with
        Returns:
        true if this Identity is a member of the given Identity
        Throws:
        IdRepoException - if there are repository related error conditions
        SSOException - if user's single sign on token is invalid

      • getMembers

        Set<AMIdentity> getMembers​(Identity identity,
                           IdType mtype)
                    throws IdRepoException,
                           SSOException
        Return all members of a given identity type of this identity as a Set of Identity objects.

        This method is only valid for Identity objects of type Group and User.

        Parameters:
        mtype - Type of identity objects
        Returns:
        Set of AMIdentity objects that are members of this object
        Throws:
        IdRepoException - if there are repository related error conditions
        SSOException - if user's single sign on token is invalid

      • getMemberships

        Set<AMIdentity> getMemberships​(Identity identity,
                               IdType mtype)
                        throws IdRepoException,
                               SSOException
        Returns the set of identities that this identity belongs to.

        This method is only valid for Identity objects of type User and Role.

        Parameters:
        mtype - Type of member identity
        Returns:
        Set of AMIdentity objects of the given type that this identity belongs to
        Throws:
        IdRepoException - if there are repository related error conditions
        SSOException - if user's single sign on token is invalid

      • addMember

        void addMember​(Identity parent,
               UniversalId universalId)
        throws IdRepoException,
               SSOException
        Adds the passed identity as a member of this identity.
        Parameters:
        parent - The identity to perform the update on.
        universalId - the identity to be added
        Throws:
        IdRepoException - if there are repository related error conditions
        SSOException - if user's single sign on token is invalid

      • addMembers

        void addMembers​(Identity parent,
                Set<UniversalId> identities)
         throws IdRepoException,
                SSOException
        Adds the passed identities as members of this identity.
        Parameters:
        parent - The identity to perform the update on.
        identities - the identities to be added
        Throws:
        IdRepoException - if there are repository related error conditions
        SSOException - if user's single sign on token is invalid

      • removeMember

        void removeMember​(Identity parent,
                  UniversalId universalId)
           throws IdRepoException,
                  SSOException
        Removes the passed identity as a member of this identity.
        Parameters:
        parent - The identity to perform the update on.
        universalId - the identity to be removed
        Throws:
        IdRepoException - if there are repository related error conditions
        SSOException - if user's single sign on token is invalid

      • removeMembers

        void removeMembers​(Identity parent,
                   Set<UniversalId> identities)
            throws IdRepoException,
                   SSOException
        Removes the passed identities as members of this identity.
        Parameters:
        parent - The identity to perform the update on.
        identities - the identities to be removed
        Throws:
        IdRepoException - if there are repository related error conditions
        SSOException - if user's single sign on token is invalid

      • changePassword

        void changePassword​(Identity identity,
                    String oldPassword,
                    String newPassword)
             throws IdRepoException,
                    SSOException
        Changes password for the identity.
        Parameters:
        identity - The identity to perform the update on.
        oldPassword - old password
        newPassword - new password
        Throws:
        IdRepoException - If there are repository related error conditions
        SSOException - If user's single sign on token is invalid