Class JWTClientAuthenticator
- java.lang.Object
-
- org.keycloak.authentication.authenticators.client.AbstractClientAuthenticator
-
- org.keycloak.authentication.authenticators.client.JWTClientAuthenticator
-
- All Implemented Interfaces:
org.keycloak.authentication.ClientAuthenticator
,org.keycloak.authentication.ClientAuthenticatorFactory
,org.keycloak.authentication.ConfigurableAuthenticatorFactory
,org.keycloak.provider.ConfiguredProvider
,org.keycloak.provider.Provider
,org.keycloak.provider.ProviderFactory<org.keycloak.authentication.ClientAuthenticator>
public class JWTClientAuthenticator extends AbstractClientAuthenticator
Client authentication based on JWT signed by client private key . See specs for more details. This is server side, which verifies JWT from client_assertion parameter, where the assertion was created on adapter side by org.keycloak.adapters.authentication.JWTClientCredentialsProvider- Author:
- Marek Posolda
-
-
Field Summary
Fields Modifier and Type Field Description static String
ATTR_PREFIX
static String
CERTIFICATE_ATTR
static String
PROVIDER_ID
-
Constructor Summary
Constructors Constructor Description JWTClientAuthenticator()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
authenticateClient(org.keycloak.authentication.ClientAuthenticationFlowContext context)
Map<String,Object>
getAdapterConfiguration(org.keycloak.models.ClientModel client)
List<org.keycloak.provider.ProviderConfigProperty>
getConfigProperties()
List<org.keycloak.provider.ProviderConfigProperty>
getConfigPropertiesPerClient()
String
getDisplayType()
String
getHelpText()
String
getId()
Set<String>
getProtocolAuthenticatorMethods(String loginProtocol)
org.keycloak.models.AuthenticationExecutionModel.Requirement[]
getRequirementChoices()
protected PublicKey
getSignatureValidationKey(org.keycloak.models.ClientModel client, org.keycloak.authentication.ClientAuthenticationFlowContext context, org.keycloak.jose.jws.JWSInput jws)
boolean
isConfigurable()
-
Methods inherited from class org.keycloak.authentication.authenticators.client.AbstractClientAuthenticator
close, create, create, getReferenceCategory, init, isFormDataRequest, isUserSetupAllowed, postInit
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
-
-
-
Field Detail
-
PROVIDER_ID
public static final String PROVIDER_ID
- See Also:
- Constant Field Values
-
ATTR_PREFIX
public static final String ATTR_PREFIX
- See Also:
- Constant Field Values
-
CERTIFICATE_ATTR
public static final String CERTIFICATE_ATTR
- See Also:
- Constant Field Values
-
-
Method Detail
-
authenticateClient
public void authenticateClient(org.keycloak.authentication.ClientAuthenticationFlowContext context)
-
getSignatureValidationKey
protected PublicKey getSignatureValidationKey(org.keycloak.models.ClientModel client, org.keycloak.authentication.ClientAuthenticationFlowContext context, org.keycloak.jose.jws.JWSInput jws)
-
getDisplayType
public String getDisplayType()
-
isConfigurable
public boolean isConfigurable()
-
getRequirementChoices
public org.keycloak.models.AuthenticationExecutionModel.Requirement[] getRequirementChoices()
-
getHelpText
public String getHelpText()
-
getConfigProperties
public List<org.keycloak.provider.ProviderConfigProperty> getConfigProperties()
-
getConfigPropertiesPerClient
public List<org.keycloak.provider.ProviderConfigProperty> getConfigPropertiesPerClient()
-
getAdapterConfiguration
public Map<String,Object> getAdapterConfiguration(org.keycloak.models.ClientModel client)
-
getId
public String getId()
-
-