java.lang.Object
- org.keycloak.representations.JsonWebToken
- - org.keycloak.models.DefaultActionTokenKey
  - - org.keycloak.authentication.actiontoken.DefaultActionToken

All Implemented Interfaces:

Serializable, org.keycloak.models.SingleUseObjectKeyModel, org.keycloak.models.SingleUseObjectValueModel, org.keycloak.Token

Direct Known Subclasses:

ExecuteActionsActionToken, IdpVerifyAccountLinkActionToken, ResetCredentialsActionToken, UpdateEmailActionToken, VerifyEmailActionToken
```
public class DefaultActionToken
extends org.keycloak.models.DefaultActionTokenKey
implements org.keycloak.models.SingleUseObjectValueModel
```
Part of action token that is intended to be used e.g. in link sent in password-reset email. The token encapsulates user, expected action and its time of expiry.

Author:

hmlnarik

See Also:

Serialized Form

Nested Class Summary
- Nested classes/interfaces inherited from interface org.keycloak.models.SingleUseObjectValueModel
  org.keycloak.models.SingleUseObjectValueModel.SearchableFields

Field Summary

Fields
Modifier and Type	Field	Description
`static org.keycloak.TokenVerifier.Predicate<org.keycloak.models.DefaultActionTokenKey>`	`ACTION_TOKEN_BASIC_CHECKS`
`static String`	`JSON_FIELD_AUTHENTICATION_SESSION_ID`
`static String`	`JSON_FIELD_EMAIL`

Fields inherited from class org.keycloak.models.DefaultActionTokenKey
ACTION_TOKEN_USER_ID, JSON_FIELD_ACTION_VERIFICATION_NONCE

Fields inherited from class org.keycloak.representations.JsonWebToken
audience, exp, iat, id, issuedFor, issuer, nbf, otherClaims, subject, type

Constructor Summary

Constructors
Modifier	Constructor	Description
	`DefaultActionToken()`	Single-use random value used for verification whether the relevant action is allowed.
`protected`	`DefaultActionToken(String userId, String actionId, int absoluteExpirationInSecs, UUID actionVerificationNonce)`
`protected`	`DefaultActionToken(String userId, String actionId, int absoluteExpirationInSecs, UUID actionVerificationNonce, String compoundAuthenticationSessionId)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`String`	`getCompoundAuthenticationSessionId()`
`String`	`getEmail()`
`String`	`getNote(String name)`
`Map<String,String>`	`getNotes()`
`String`	`removeNote(String name)`	Removes given note, and returns original value (or `null` when no value was present)
`String`	`serialize(org.keycloak.models.KeycloakSession session, org.keycloak.models.RealmModel realm, javax.ws.rs.core.UriInfo uri)`	Updates the following fields and serializes this token into a signed JWT.
`void`	`setCompoundAuthenticationSessionId(String authenticationSessionId)`
`void`	`setEmail(String email)`
`String`	`setNote(String name, String value)`	Sets value of the given note

Methods inherited from class org.keycloak.models.DefaultActionTokenKey
from, getActionId, getActionVerificationNonce, getUserId

Methods inherited from class org.keycloak.representations.JsonWebToken
addAudience, audience, exp, expiration, getAudience, getCategory, getExp, getExpiration, getIat, getId, getIssuedAt, getIssuedFor, getIssuer, getNbf, getNotBefore, getOtherClaims, getSubject, getType, hasAnyAudience, hasAudience, iat, id, isActive, isActive, isExpired, isIssuedBeforeSessionStart, isNotBefore, issuedAt, issuedFor, issuedNow, issuer, nbf, notBefore, setOtherClaims, setSubject, subject, type

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.keycloak.models.SingleUseObjectKeyModel
getExpiration, serializeKey

Field Detail

JSON_FIELD_AUTHENTICATION_SESSION_ID

public static final String JSON_FIELD_AUTHENTICATION_SESSION_ID

See Also:: Constant Field Values

JSON_FIELD_EMAIL

public static final String JSON_FIELD_EMAIL

See Also:: Constant Field Values

ACTION_TOKEN_BASIC_CHECKS

public static final org.keycloak.TokenVerifier.Predicate<org.keycloak.models.DefaultActionTokenKey> ACTION_TOKEN_BASIC_CHECKS

Constructor Detail

DefaultActionToken
```
public DefaultActionToken()
```
Single-use random value used for verification whether the relevant action is allowed.

DefaultActionToken

protected DefaultActionToken(String userId,
                             String actionId,
                             int absoluteExpirationInSecs,
                             UUID actionVerificationNonce)

Parameters:: userId - User ID; actionId - Action ID; absoluteExpirationInSecs - Absolute expiration time in seconds in timezone of Keycloak.; actionVerificationNonce -

DefaultActionToken

protected DefaultActionToken(String userId,
                             String actionId,
                             int absoluteExpirationInSecs,
                             UUID actionVerificationNonce,
                             String compoundAuthenticationSessionId)

Parameters:: userId - User ID; actionId - Action ID; absoluteExpirationInSecs - Absolute expiration time in seconds in timezone of Keycloak.; actionVerificationNonce -

Method Detail
- getCompoundAuthenticationSessionId
```
public String getCompoundAuthenticationSessionId()
```
- setCompoundAuthenticationSessionId
```
public final void setCompoundAuthenticationSessionId(String authenticationSessionId)
```
- getNotes
```
public Map<String,String> getNotes()
```
  Specified by:
  
  getNotes in interface org.keycloak.models.SingleUseObjectValueModel
- getNote
```
public String getNote(String name)
```
  Specified by:
  
  getNote in interface org.keycloak.models.SingleUseObjectValueModel
- setNote
```
public final String setNote(String name,
                            String value)
```
  Sets value of the given note
  
  Returns:
  
  original value (or null when no value was present)
- removeNote
```
public final String removeNote(String name)
```
  Removes given note, and returns original value (or null when no value was present)
  
  Returns:
  
  see description
- setEmail
```
public void setEmail(String email)
```
- getEmail
```
public String getEmail()
```
- serialize
```
public String serialize(org.keycloak.models.KeycloakSession session,
                        org.keycloak.models.RealmModel realm,
                        javax.ws.rs.core.UriInfo uri)
```
  Updates the following fields and serializes this token into a signed JWT. The list of updated fields follows:
  - id: random nonce
  - issuedAt: Current time
  - issuer: URI of the given realm
  - audience: URI of the given realm (same as issuer)
  Parameters:
  
  session -
  
  realm -
  
  uri -
  
  Returns:

Class DefaultActionToken

Nested Class Summary

Nested classes/interfaces inherited from interface org.keycloak.models.SingleUseObjectValueModel

Field Summary

Fields inherited from class org.keycloak.models.DefaultActionTokenKey

Fields inherited from class org.keycloak.representations.JsonWebToken

Constructor Summary

Method Summary

Methods inherited from class org.keycloak.models.DefaultActionTokenKey

Methods inherited from class org.keycloak.representations.JsonWebToken

Methods inherited from class java.lang.Object

Methods inherited from interface org.keycloak.models.SingleUseObjectKeyModel

Field Detail

JSON_FIELD_AUTHENTICATION_SESSION_ID

JSON_FIELD_EMAIL

ACTION_TOKEN_BASIC_CHECKS

Constructor Detail

DefaultActionToken

DefaultActionToken

DefaultActionToken

Method Detail

getCompoundAuthenticationSessionId

setCompoundAuthenticationSessionId

getNotes

getNote

setNote

removeNote

setEmail

getEmail

serialize