Class AbstractActionTokenHandler<T extends org.keycloak.representations.JsonWebToken>
- java.lang.Object
-
- org.keycloak.authentication.actiontoken.AbstractActionTokenHandler<T>
-
- All Implemented Interfaces:
ActionTokenHandler<T>
,ActionTokenHandlerFactory<T>
,org.keycloak.provider.Provider
,org.keycloak.provider.ProviderFactory<ActionTokenHandler<T>>
- Direct Known Subclasses:
ExecuteActionsActionTokenHandler
,IdpVerifyAccountLinkActionTokenHandler
,ResetCredentialsActionTokenHandler
,UpdateEmailActionTokenHandler
,VerifyEmailActionTokenHandler
public abstract class AbstractActionTokenHandler<T extends org.keycloak.representations.JsonWebToken> extends Object implements ActionTokenHandler<T>, ActionTokenHandlerFactory<T>
- Author:
- hmlnarik
-
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
canUseTokenRepeatedly(T token, ActionTokenContext<T> tokenContext)
Returnstrue
when the token can be used repeatedly to invoke the action,false
when the token is intended to be for single use only.void
close()
ActionTokenHandler<T>
create(org.keycloak.models.KeycloakSession session)
org.keycloak.events.EventType
eventType()
Returns a event type logged withEventBuilder
class.String
getAuthenticationSessionIdFromToken(T token, ActionTokenContext<T> tokenContext, org.keycloak.sessions.AuthenticationSessionModel currentAuthSession)
Returns a compound authentication session ID requested from within the given token that the handler should attempt to join.String
getDefaultErrorMessage()
Returns an error to be shown in the response when token handling fails and no more specific error message is provided.String
getDefaultEventError()
Returns an error to be shown in theEventBuilder
detail when token handling fails and no more specific error is provided.String
getId()
Class<T>
getTokenClass()
Returns the Java token class for use with deserialization.void
init(org.keycloak.Config.Scope config)
void
postInit(org.keycloak.models.KeycloakSessionFactory factory)
org.keycloak.sessions.AuthenticationSessionModel
startFreshAuthenticationSession(T token, ActionTokenContext<T> tokenContext)
Creates a fresh authentication session according to the information from the token.protected org.keycloak.TokenVerifier.Predicate<DefaultActionToken>
verifyEmail(ActionTokenContext<? extends DefaultActionToken> context)
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.keycloak.authentication.actiontoken.ActionTokenHandler
getVerifiers, handleToken
-
-
-
-
Method Detail
-
create
public ActionTokenHandler<T> create(org.keycloak.models.KeycloakSession session)
- Specified by:
create
in interfaceorg.keycloak.provider.ProviderFactory<T extends org.keycloak.representations.JsonWebToken>
-
init
public void init(org.keycloak.Config.Scope config)
- Specified by:
init
in interfaceorg.keycloak.provider.ProviderFactory<T extends org.keycloak.representations.JsonWebToken>
-
postInit
public void postInit(org.keycloak.models.KeycloakSessionFactory factory)
- Specified by:
postInit
in interfaceorg.keycloak.provider.ProviderFactory<T extends org.keycloak.representations.JsonWebToken>
-
getId
public String getId()
- Specified by:
getId
in interfaceorg.keycloak.provider.ProviderFactory<T extends org.keycloak.representations.JsonWebToken>
-
close
public void close()
- Specified by:
close
in interfaceorg.keycloak.provider.Provider
- Specified by:
close
in interfaceorg.keycloak.provider.ProviderFactory<T extends org.keycloak.representations.JsonWebToken>
-
getTokenClass
public Class<T> getTokenClass()
Description copied from interface:ActionTokenHandler
Returns the Java token class for use with deserialization.- Specified by:
getTokenClass
in interfaceActionTokenHandler<T extends org.keycloak.representations.JsonWebToken>
- Returns:
-
eventType
public org.keycloak.events.EventType eventType()
Description copied from interface:ActionTokenHandler
Returns a event type logged withEventBuilder
class.- Specified by:
eventType
in interfaceActionTokenHandler<T extends org.keycloak.representations.JsonWebToken>
- Returns:
-
getDefaultErrorMessage
public String getDefaultErrorMessage()
Description copied from interface:ActionTokenHandler
Returns an error to be shown in the response when token handling fails and no more specific error message is provided.- Specified by:
getDefaultErrorMessage
in interfaceActionTokenHandler<T extends org.keycloak.representations.JsonWebToken>
- Returns:
-
getDefaultEventError
public String getDefaultEventError()
Description copied from interface:ActionTokenHandler
Returns an error to be shown in theEventBuilder
detail when token handling fails and no more specific error is provided.- Specified by:
getDefaultEventError
in interfaceActionTokenHandler<T extends org.keycloak.representations.JsonWebToken>
- Returns:
-
getAuthenticationSessionIdFromToken
public String getAuthenticationSessionIdFromToken(T token, ActionTokenContext<T> tokenContext, org.keycloak.sessions.AuthenticationSessionModel currentAuthSession)
Description copied from interface:ActionTokenHandler
Returns a compound authentication session ID requested from within the given token that the handler should attempt to join.- Specified by:
getAuthenticationSessionIdFromToken
in interfaceActionTokenHandler<T extends org.keycloak.representations.JsonWebToken>
- Parameters:
token
- Token. Can benull
currentAuthSession
- Authentication session that is currently in progress,null
if no authentication session is not set- Returns:
- Authentication session ID (can be
null
if the token does not contain authentication session ID) - See Also:
AuthenticationSessionCompoundId
-
startFreshAuthenticationSession
public org.keycloak.sessions.AuthenticationSessionModel startFreshAuthenticationSession(T token, ActionTokenContext<T> tokenContext)
Description copied from interface:ActionTokenHandler
Creates a fresh authentication session according to the information from the token. The default implementation creates a new authentication session that requests termination after required actions.- Specified by:
startFreshAuthenticationSession
in interfaceActionTokenHandler<T extends org.keycloak.representations.JsonWebToken>
- Returns:
-
canUseTokenRepeatedly
public boolean canUseTokenRepeatedly(T token, ActionTokenContext<T> tokenContext)
Description copied from interface:ActionTokenHandler
Returnstrue
when the token can be used repeatedly to invoke the action,false
when the token is intended to be for single use only.- Specified by:
canUseTokenRepeatedly
in interfaceActionTokenHandler<T extends org.keycloak.representations.JsonWebToken>
- Returns:
- see above
-
verifyEmail
protected org.keycloak.TokenVerifier.Predicate<DefaultActionToken> verifyEmail(ActionTokenContext<? extends DefaultActionToken> context)
-
-