java.lang.Object
- org.keycloak.protocol.oidc.OIDCLoginProtocol

All Implemented Interfaces:

org.keycloak.protocol.LoginProtocol, org.keycloak.provider.Provider
```
public class OIDCLoginProtocol
extends Object
implements org.keycloak.protocol.LoginProtocol
```
Author:

Bill Burke, Stian Thorgersen

Nested Class Summary
- Nested classes/interfaces inherited from interface org.keycloak.protocol.LoginProtocol
  org.keycloak.protocol.LoginProtocol.Error

Field Summary

Fields
Modifier and Type	Field	Description
`static String`	`ACR_PARAM`
`static String`	`CLAIMS_PARAM`
`static String`	`CLIENT_ID_PARAM`
`static String`	`CLIENT_SECRET_BASIC`
`static String`	`CLIENT_SECRET_JWT`
`static String`	`CLIENT_SECRET_POST`
`static String`	`CODE_CHALLENGE_METHOD_PARAM`
`static String`	`CODE_CHALLENGE_PARAM`
`static String`	`CODE_PARAM`
`protected org.keycloak.events.EventBuilder`	`event`
`static String`	`GRANT_TYPE_PARAM`
`protected javax.ws.rs.core.HttpHeaders`	`headers`
`static String`	`ID_TOKEN_HINT`
`static String`	`ISSUER`
`static String`	`LOGIN_HINT_PARAM`
`static String`	`LOGIN_PROTOCOL`
`static String`	`LOGOUT_REDIRECT_URI`
`static String`	`LOGOUT_STATE_PARAM`
`static String`	`LOGOUT_VALIDATED_ID_TOKEN_ISSUED_AT`
`static String`	`LOGOUT_VALIDATED_ID_TOKEN_SESSION_STATE`
`static String`	`MAX_AGE_PARAM`
`static String`	`NONCE_PARAM`
`static int`	`PKCE_CODE_CHALLENGE_MAX_LENGTH`
`static int`	`PKCE_CODE_CHALLENGE_MIN_LENGTH`
`static int`	`PKCE_CODE_VERIFIER_MAX_LENGTH`
`static int`	`PKCE_CODE_VERIFIER_MIN_LENGTH`
`static String`	`PKCE_METHOD_PLAIN`
`static String`	`PKCE_METHOD_S256`
`static String`	`POST_LOGOUT_REDIRECT_URI_PARAM`
`static String`	`PRIVATE_KEY_JWT`
`static String`	`PROMPT_PARAM`
`static String`	`PROMPT_VALUE_CONSENT`
`static String`	`PROMPT_VALUE_LOGIN`
`static String`	`PROMPT_VALUE_NONE`
`static String`	`PROMPT_VALUE_SELECT_ACCOUNT`
`protected org.keycloak.models.RealmModel`	`realm`
`static String`	`REDIRECT_URI_PARAM`
`static String`	`REQUEST_PARAM`
`static String`	`REQUEST_URI_PARAM`
`static String`	`RESPONSE_MODE_PARAM`
`static String`	`RESPONSE_TYPE_PARAM`
`protected OIDCResponseMode`	`responseMode`
`protected OIDCResponseType`	`responseType`
`static String`	`SCOPE_PARAM`
`protected org.keycloak.models.KeycloakSession`	`session`
`static String`	`STATE_PARAM`
`static String`	`TLS_CLIENT_AUTH`
`static String`	`UI_LOCALES_PARAM`
`protected javax.ws.rs.core.UriInfo`	`uriInfo`

Constructor Summary

Constructors
Constructor	Description
`OIDCLoginProtocol()`
`OIDCLoginProtocol(org.keycloak.models.KeycloakSession session, org.keycloak.models.RealmModel realm, javax.ws.rs.core.UriInfo uriInfo, javax.ws.rs.core.HttpHeaders headers, org.keycloak.events.EventBuilder event)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`javax.ws.rs.core.Response`	`authenticated(org.keycloak.sessions.AuthenticationSessionModel authSession, org.keycloak.models.UserSessionModel userSession, org.keycloak.models.ClientSessionContext clientSessionCtx)`
`javax.ws.rs.core.Response`	`backchannelLogout(org.keycloak.models.UserSessionModel userSession, org.keycloak.models.AuthenticatedClientSessionModel clientSession)`
`void`	`close()`
`javax.ws.rs.core.Response`	`finishBrowserLogout(org.keycloak.models.UserSessionModel userSession, org.keycloak.sessions.AuthenticationSessionModel logoutSession)`
`javax.ws.rs.core.Response`	`frontchannelLogout(org.keycloak.models.UserSessionModel userSession, org.keycloak.models.AuthenticatedClientSessionModel clientSession)`
`protected boolean`	`isAuthTimeExpired(org.keycloak.models.UserSessionModel userSession, org.keycloak.sessions.AuthenticationSessionModel authSession)`
`protected boolean`	`isPromptLogin(org.keycloak.sessions.AuthenticationSessionModel authSession)`
`protected boolean`	`isReAuthRequiredForKcAction(org.keycloak.models.UserSessionModel userSession, org.keycloak.sessions.AuthenticationSessionModel authSession)`
`boolean`	`requireReauthentication(org.keycloak.models.UserSessionModel userSession, org.keycloak.sessions.AuthenticationSessionModel authSession)`
`javax.ws.rs.core.Response`	`sendError(org.keycloak.sessions.AuthenticationSessionModel authSession, org.keycloak.protocol.LoginProtocol.Error error)`
`boolean`	`sendPushRevocationPolicyRequest(org.keycloak.models.RealmModel realm, org.keycloak.models.ClientModel resource, int notBefore, String managementUrl)`
`OIDCLoginProtocol`	`setEventBuilder(org.keycloak.events.EventBuilder event)`
`OIDCLoginProtocol`	`setHttpHeaders(javax.ws.rs.core.HttpHeaders headers)`
`OIDCLoginProtocol`	`setRealm(org.keycloak.models.RealmModel realm)`
`OIDCLoginProtocol`	`setSession(org.keycloak.models.KeycloakSession session)`
`OIDCLoginProtocol`	`setUriInfo(javax.ws.rs.core.UriInfo uriInfo)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

LOGIN_PROTOCOL

public static final String LOGIN_PROTOCOL

See Also:: Constant Field Values

STATE_PARAM
```
public static final String STATE_PARAM
```
See Also:

Constant Field Values

SCOPE_PARAM
```
public static final String SCOPE_PARAM
```
See Also:

Constant Field Values

CODE_PARAM
```
public static final String CODE_PARAM
```
See Also:

Constant Field Values

RESPONSE_TYPE_PARAM

public static final String RESPONSE_TYPE_PARAM

See Also:: Constant Field Values

GRANT_TYPE_PARAM

public static final String GRANT_TYPE_PARAM

See Also:: Constant Field Values

REDIRECT_URI_PARAM

public static final String REDIRECT_URI_PARAM

See Also:: Constant Field Values

POST_LOGOUT_REDIRECT_URI_PARAM

public static final String POST_LOGOUT_REDIRECT_URI_PARAM

See Also:: Constant Field Values

CLIENT_ID_PARAM

public static final String CLIENT_ID_PARAM

See Also:: Constant Field Values

NONCE_PARAM
```
public static final String NONCE_PARAM
```
See Also:

Constant Field Values

MAX_AGE_PARAM

public static final String MAX_AGE_PARAM

See Also:: Constant Field Values

PROMPT_PARAM

public static final String PROMPT_PARAM

See Also:: Constant Field Values

LOGIN_HINT_PARAM

public static final String LOGIN_HINT_PARAM

See Also:: Constant Field Values

REQUEST_PARAM

public static final String REQUEST_PARAM

See Also:: Constant Field Values

REQUEST_URI_PARAM

public static final String REQUEST_URI_PARAM

See Also:: Constant Field Values

UI_LOCALES_PARAM

public static final String UI_LOCALES_PARAM

See Also:: Constant Field Values

CLAIMS_PARAM

public static final String CLAIMS_PARAM

See Also:: Constant Field Values

ACR_PARAM
```
public static final String ACR_PARAM
```
See Also:

Constant Field Values

ID_TOKEN_HINT

public static final String ID_TOKEN_HINT

See Also:: Constant Field Values

LOGOUT_STATE_PARAM

public static final String LOGOUT_STATE_PARAM

See Also:: Constant Field Values

LOGOUT_REDIRECT_URI

public static final String LOGOUT_REDIRECT_URI

See Also:: Constant Field Values

LOGOUT_VALIDATED_ID_TOKEN_SESSION_STATE

public static final String LOGOUT_VALIDATED_ID_TOKEN_SESSION_STATE

See Also:: Constant Field Values

LOGOUT_VALIDATED_ID_TOKEN_ISSUED_AT

public static final String LOGOUT_VALIDATED_ID_TOKEN_ISSUED_AT

See Also:: Constant Field Values

ISSUER
```
public static final String ISSUER
```
See Also:

Constant Field Values

RESPONSE_MODE_PARAM

public static final String RESPONSE_MODE_PARAM

See Also:: Constant Field Values

PROMPT_VALUE_NONE

public static final String PROMPT_VALUE_NONE

See Also:: Constant Field Values

PROMPT_VALUE_LOGIN

public static final String PROMPT_VALUE_LOGIN

See Also:: Constant Field Values

PROMPT_VALUE_CONSENT

public static final String PROMPT_VALUE_CONSENT

See Also:: Constant Field Values

PROMPT_VALUE_SELECT_ACCOUNT

public static final String PROMPT_VALUE_SELECT_ACCOUNT

See Also:: Constant Field Values

CLIENT_SECRET_BASIC

public static final String CLIENT_SECRET_BASIC

See Also:: Constant Field Values

CLIENT_SECRET_POST

public static final String CLIENT_SECRET_POST

See Also:: Constant Field Values

CLIENT_SECRET_JWT

public static final String CLIENT_SECRET_JWT

See Also:: Constant Field Values

PRIVATE_KEY_JWT

public static final String PRIVATE_KEY_JWT

See Also:: Constant Field Values

TLS_CLIENT_AUTH

public static final String TLS_CLIENT_AUTH

See Also:: Constant Field Values

CODE_CHALLENGE_PARAM

public static final String CODE_CHALLENGE_PARAM

See Also:: Constant Field Values

CODE_CHALLENGE_METHOD_PARAM

public static final String CODE_CHALLENGE_METHOD_PARAM

See Also:: Constant Field Values

PKCE_CODE_CHALLENGE_MIN_LENGTH
```
public static final int PKCE_CODE_CHALLENGE_MIN_LENGTH
```
See Also:

Constant Field Values

PKCE_CODE_CHALLENGE_MAX_LENGTH
```
public static final int PKCE_CODE_CHALLENGE_MAX_LENGTH
```
See Also:

Constant Field Values

PKCE_CODE_VERIFIER_MIN_LENGTH
```
public static final int PKCE_CODE_VERIFIER_MIN_LENGTH
```
See Also:

Constant Field Values

PKCE_CODE_VERIFIER_MAX_LENGTH
```
public static final int PKCE_CODE_VERIFIER_MAX_LENGTH
```
See Also:

Constant Field Values

PKCE_METHOD_PLAIN

public static final String PKCE_METHOD_PLAIN

See Also:: Constant Field Values

PKCE_METHOD_S256

public static final String PKCE_METHOD_S256

See Also:: Constant Field Values

session

protected org.keycloak.models.KeycloakSession session

realm

protected org.keycloak.models.RealmModel realm

uriInfo

protected javax.ws.rs.core.UriInfo uriInfo

headers

protected javax.ws.rs.core.HttpHeaders headers

event

protected org.keycloak.events.EventBuilder event

responseType

protected OIDCResponseType responseType

responseMode

protected OIDCResponseMode responseMode

Constructor Detail

OIDCLoginProtocol

public OIDCLoginProtocol(org.keycloak.models.KeycloakSession session,
                         org.keycloak.models.RealmModel realm,
                         javax.ws.rs.core.UriInfo uriInfo,
                         javax.ws.rs.core.HttpHeaders headers,
                         org.keycloak.events.EventBuilder event)

OIDCLoginProtocol
```
public OIDCLoginProtocol()
```

Method Detail

setSession

public OIDCLoginProtocol setSession(org.keycloak.models.KeycloakSession session)

Specified by:: setSession in interface org.keycloak.protocol.LoginProtocol

setRealm

public OIDCLoginProtocol setRealm(org.keycloak.models.RealmModel realm)

Specified by:: setRealm in interface org.keycloak.protocol.LoginProtocol

setUriInfo
```
public OIDCLoginProtocol setUriInfo(javax.ws.rs.core.UriInfo uriInfo)
```
Specified by:

setUriInfo in interface org.keycloak.protocol.LoginProtocol

setHttpHeaders
```
public OIDCLoginProtocol setHttpHeaders(javax.ws.rs.core.HttpHeaders headers)
```
Specified by:

setHttpHeaders in interface org.keycloak.protocol.LoginProtocol

setEventBuilder

public OIDCLoginProtocol setEventBuilder(org.keycloak.events.EventBuilder event)

Specified by:: setEventBuilder in interface org.keycloak.protocol.LoginProtocol

authenticated

public javax.ws.rs.core.Response authenticated(org.keycloak.sessions.AuthenticationSessionModel authSession,
                                               org.keycloak.models.UserSessionModel userSession,
                                               org.keycloak.models.ClientSessionContext clientSessionCtx)

Specified by:: authenticated in interface org.keycloak.protocol.LoginProtocol

sendError

public javax.ws.rs.core.Response sendError(org.keycloak.sessions.AuthenticationSessionModel authSession,
                                           org.keycloak.protocol.LoginProtocol.Error error)

Specified by:: sendError in interface org.keycloak.protocol.LoginProtocol

backchannelLogout

public javax.ws.rs.core.Response backchannelLogout(org.keycloak.models.UserSessionModel userSession,
                                                   org.keycloak.models.AuthenticatedClientSessionModel clientSession)

Specified by:: backchannelLogout in interface org.keycloak.protocol.LoginProtocol

frontchannelLogout

public javax.ws.rs.core.Response frontchannelLogout(org.keycloak.models.UserSessionModel userSession,
                                                    org.keycloak.models.AuthenticatedClientSessionModel clientSession)

Specified by:: frontchannelLogout in interface org.keycloak.protocol.LoginProtocol

finishBrowserLogout

public javax.ws.rs.core.Response finishBrowserLogout(org.keycloak.models.UserSessionModel userSession,
                                                     org.keycloak.sessions.AuthenticationSessionModel logoutSession)

Specified by:: finishBrowserLogout in interface org.keycloak.protocol.LoginProtocol

requireReauthentication

public boolean requireReauthentication(org.keycloak.models.UserSessionModel userSession,
                                       org.keycloak.sessions.AuthenticationSessionModel authSession)

Specified by:: requireReauthentication in interface org.keycloak.protocol.LoginProtocol

isPromptLogin

protected boolean isPromptLogin(org.keycloak.sessions.AuthenticationSessionModel authSession)

isAuthTimeExpired

protected boolean isAuthTimeExpired(org.keycloak.models.UserSessionModel userSession,
                                    org.keycloak.sessions.AuthenticationSessionModel authSession)

isReAuthRequiredForKcAction

protected boolean isReAuthRequiredForKcAction(org.keycloak.models.UserSessionModel userSession,
                                              org.keycloak.sessions.AuthenticationSessionModel authSession)

sendPushRevocationPolicyRequest

public boolean sendPushRevocationPolicyRequest(org.keycloak.models.RealmModel realm,
                                               org.keycloak.models.ClientModel resource,
                                               int notBefore,
                                               String managementUrl)

Specified by:: sendPushRevocationPolicyRequest in interface org.keycloak.protocol.LoginProtocol

close
```
public void close()
```
Specified by:

close in interface org.keycloak.provider.Provider

Class OIDCLoginProtocol

Nested Class Summary

Nested classes/interfaces inherited from interface org.keycloak.protocol.LoginProtocol

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

LOGIN_PROTOCOL

STATE_PARAM

SCOPE_PARAM

CODE_PARAM

RESPONSE_TYPE_PARAM

GRANT_TYPE_PARAM

REDIRECT_URI_PARAM

POST_LOGOUT_REDIRECT_URI_PARAM

CLIENT_ID_PARAM

NONCE_PARAM

MAX_AGE_PARAM

PROMPT_PARAM

LOGIN_HINT_PARAM

REQUEST_PARAM

REQUEST_URI_PARAM

UI_LOCALES_PARAM

CLAIMS_PARAM

ACR_PARAM

ID_TOKEN_HINT

LOGOUT_STATE_PARAM

LOGOUT_REDIRECT_URI

LOGOUT_VALIDATED_ID_TOKEN_SESSION_STATE

LOGOUT_VALIDATED_ID_TOKEN_ISSUED_AT

ISSUER

RESPONSE_MODE_PARAM

PROMPT_VALUE_NONE

PROMPT_VALUE_LOGIN

PROMPT_VALUE_CONSENT

PROMPT_VALUE_SELECT_ACCOUNT

CLIENT_SECRET_BASIC

CLIENT_SECRET_POST

CLIENT_SECRET_JWT

PRIVATE_KEY_JWT

TLS_CLIENT_AUTH

CODE_CHALLENGE_PARAM

CODE_CHALLENGE_METHOD_PARAM

PKCE_CODE_CHALLENGE_MIN_LENGTH

PKCE_CODE_CHALLENGE_MAX_LENGTH

PKCE_CODE_VERIFIER_MIN_LENGTH

PKCE_CODE_VERIFIER_MAX_LENGTH

PKCE_METHOD_PLAIN

PKCE_METHOD_S256

session

realm

uriInfo

headers

event

responseType

responseMode

Constructor Detail

OIDCLoginProtocol

OIDCLoginProtocol

Method Detail

setSession

setRealm

setUriInfo

setHttpHeaders

setEventBuilder

authenticated

sendError

backchannelLogout

frontchannelLogout

finishBrowserLogout

requireReauthentication

isPromptLogin

isAuthTimeExpired

isReAuthRequiredForKcAction

sendPushRevocationPolicyRequest

close