Package org.keycloak.protocol.oidc
Class OIDCLoginProtocol
- java.lang.Object
-
- org.keycloak.protocol.oidc.OIDCLoginProtocol
-
- All Implemented Interfaces:
org.keycloak.protocol.LoginProtocol
,org.keycloak.provider.Provider
public class OIDCLoginProtocol extends Object implements org.keycloak.protocol.LoginProtocol
- Author:
- Bill Burke, Stian Thorgersen
-
-
Field Summary
-
Constructor Summary
Constructors Constructor Description OIDCLoginProtocol()
OIDCLoginProtocol(org.keycloak.models.KeycloakSession session, org.keycloak.models.RealmModel realm, javax.ws.rs.core.UriInfo uriInfo, javax.ws.rs.core.HttpHeaders headers, org.keycloak.events.EventBuilder event)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description javax.ws.rs.core.Response
authenticated(org.keycloak.sessions.AuthenticationSessionModel authSession, org.keycloak.models.UserSessionModel userSession, org.keycloak.models.ClientSessionContext clientSessionCtx)
javax.ws.rs.core.Response
backchannelLogout(org.keycloak.models.UserSessionModel userSession, org.keycloak.models.AuthenticatedClientSessionModel clientSession)
void
close()
javax.ws.rs.core.Response
finishBrowserLogout(org.keycloak.models.UserSessionModel userSession, org.keycloak.sessions.AuthenticationSessionModel logoutSession)
javax.ws.rs.core.Response
frontchannelLogout(org.keycloak.models.UserSessionModel userSession, org.keycloak.models.AuthenticatedClientSessionModel clientSession)
protected boolean
isAuthTimeExpired(org.keycloak.models.UserSessionModel userSession, org.keycloak.sessions.AuthenticationSessionModel authSession)
protected boolean
isPromptLogin(org.keycloak.sessions.AuthenticationSessionModel authSession)
protected boolean
isReAuthRequiredForKcAction(org.keycloak.models.UserSessionModel userSession, org.keycloak.sessions.AuthenticationSessionModel authSession)
boolean
requireReauthentication(org.keycloak.models.UserSessionModel userSession, org.keycloak.sessions.AuthenticationSessionModel authSession)
javax.ws.rs.core.Response
sendError(org.keycloak.sessions.AuthenticationSessionModel authSession, org.keycloak.protocol.LoginProtocol.Error error)
boolean
sendPushRevocationPolicyRequest(org.keycloak.models.RealmModel realm, org.keycloak.models.ClientModel resource, int notBefore, String managementUrl)
OIDCLoginProtocol
setEventBuilder(org.keycloak.events.EventBuilder event)
OIDCLoginProtocol
setHttpHeaders(javax.ws.rs.core.HttpHeaders headers)
OIDCLoginProtocol
setRealm(org.keycloak.models.RealmModel realm)
OIDCLoginProtocol
setSession(org.keycloak.models.KeycloakSession session)
OIDCLoginProtocol
setUriInfo(javax.ws.rs.core.UriInfo uriInfo)
-
-
-
Field Detail
-
LOGIN_PROTOCOL
public static final String LOGIN_PROTOCOL
- See Also:
- Constant Field Values
-
STATE_PARAM
public static final String STATE_PARAM
- See Also:
- Constant Field Values
-
SCOPE_PARAM
public static final String SCOPE_PARAM
- See Also:
- Constant Field Values
-
CODE_PARAM
public static final String CODE_PARAM
- See Also:
- Constant Field Values
-
RESPONSE_TYPE_PARAM
public static final String RESPONSE_TYPE_PARAM
- See Also:
- Constant Field Values
-
GRANT_TYPE_PARAM
public static final String GRANT_TYPE_PARAM
- See Also:
- Constant Field Values
-
REDIRECT_URI_PARAM
public static final String REDIRECT_URI_PARAM
- See Also:
- Constant Field Values
-
POST_LOGOUT_REDIRECT_URI_PARAM
public static final String POST_LOGOUT_REDIRECT_URI_PARAM
- See Also:
- Constant Field Values
-
CLIENT_ID_PARAM
public static final String CLIENT_ID_PARAM
- See Also:
- Constant Field Values
-
NONCE_PARAM
public static final String NONCE_PARAM
- See Also:
- Constant Field Values
-
MAX_AGE_PARAM
public static final String MAX_AGE_PARAM
- See Also:
- Constant Field Values
-
PROMPT_PARAM
public static final String PROMPT_PARAM
- See Also:
- Constant Field Values
-
LOGIN_HINT_PARAM
public static final String LOGIN_HINT_PARAM
- See Also:
- Constant Field Values
-
REQUEST_PARAM
public static final String REQUEST_PARAM
- See Also:
- Constant Field Values
-
REQUEST_URI_PARAM
public static final String REQUEST_URI_PARAM
- See Also:
- Constant Field Values
-
UI_LOCALES_PARAM
public static final String UI_LOCALES_PARAM
- See Also:
- Constant Field Values
-
CLAIMS_PARAM
public static final String CLAIMS_PARAM
- See Also:
- Constant Field Values
-
ACR_PARAM
public static final String ACR_PARAM
- See Also:
- Constant Field Values
-
ID_TOKEN_HINT
public static final String ID_TOKEN_HINT
- See Also:
- Constant Field Values
-
LOGOUT_STATE_PARAM
public static final String LOGOUT_STATE_PARAM
- See Also:
- Constant Field Values
-
LOGOUT_REDIRECT_URI
public static final String LOGOUT_REDIRECT_URI
- See Also:
- Constant Field Values
-
LOGOUT_VALIDATED_ID_TOKEN_SESSION_STATE
public static final String LOGOUT_VALIDATED_ID_TOKEN_SESSION_STATE
- See Also:
- Constant Field Values
-
LOGOUT_VALIDATED_ID_TOKEN_ISSUED_AT
public static final String LOGOUT_VALIDATED_ID_TOKEN_ISSUED_AT
- See Also:
- Constant Field Values
-
ISSUER
public static final String ISSUER
- See Also:
- Constant Field Values
-
RESPONSE_MODE_PARAM
public static final String RESPONSE_MODE_PARAM
- See Also:
- Constant Field Values
-
PROMPT_VALUE_NONE
public static final String PROMPT_VALUE_NONE
- See Also:
- Constant Field Values
-
PROMPT_VALUE_LOGIN
public static final String PROMPT_VALUE_LOGIN
- See Also:
- Constant Field Values
-
PROMPT_VALUE_CONSENT
public static final String PROMPT_VALUE_CONSENT
- See Also:
- Constant Field Values
-
PROMPT_VALUE_SELECT_ACCOUNT
public static final String PROMPT_VALUE_SELECT_ACCOUNT
- See Also:
- Constant Field Values
-
CLIENT_SECRET_BASIC
public static final String CLIENT_SECRET_BASIC
- See Also:
- Constant Field Values
-
CLIENT_SECRET_POST
public static final String CLIENT_SECRET_POST
- See Also:
- Constant Field Values
-
CLIENT_SECRET_JWT
public static final String CLIENT_SECRET_JWT
- See Also:
- Constant Field Values
-
PRIVATE_KEY_JWT
public static final String PRIVATE_KEY_JWT
- See Also:
- Constant Field Values
-
TLS_CLIENT_AUTH
public static final String TLS_CLIENT_AUTH
- See Also:
- Constant Field Values
-
CODE_CHALLENGE_PARAM
public static final String CODE_CHALLENGE_PARAM
- See Also:
- Constant Field Values
-
CODE_CHALLENGE_METHOD_PARAM
public static final String CODE_CHALLENGE_METHOD_PARAM
- See Also:
- Constant Field Values
-
PKCE_CODE_CHALLENGE_MIN_LENGTH
public static final int PKCE_CODE_CHALLENGE_MIN_LENGTH
- See Also:
- Constant Field Values
-
PKCE_CODE_CHALLENGE_MAX_LENGTH
public static final int PKCE_CODE_CHALLENGE_MAX_LENGTH
- See Also:
- Constant Field Values
-
PKCE_CODE_VERIFIER_MIN_LENGTH
public static final int PKCE_CODE_VERIFIER_MIN_LENGTH
- See Also:
- Constant Field Values
-
PKCE_CODE_VERIFIER_MAX_LENGTH
public static final int PKCE_CODE_VERIFIER_MAX_LENGTH
- See Also:
- Constant Field Values
-
PKCE_METHOD_PLAIN
public static final String PKCE_METHOD_PLAIN
- See Also:
- Constant Field Values
-
PKCE_METHOD_S256
public static final String PKCE_METHOD_S256
- See Also:
- Constant Field Values
-
session
protected org.keycloak.models.KeycloakSession session
-
realm
protected org.keycloak.models.RealmModel realm
-
uriInfo
protected javax.ws.rs.core.UriInfo uriInfo
-
headers
protected javax.ws.rs.core.HttpHeaders headers
-
event
protected org.keycloak.events.EventBuilder event
-
responseType
protected OIDCResponseType responseType
-
responseMode
protected OIDCResponseMode responseMode
-
-
Constructor Detail
-
OIDCLoginProtocol
public OIDCLoginProtocol(org.keycloak.models.KeycloakSession session, org.keycloak.models.RealmModel realm, javax.ws.rs.core.UriInfo uriInfo, javax.ws.rs.core.HttpHeaders headers, org.keycloak.events.EventBuilder event)
-
OIDCLoginProtocol
public OIDCLoginProtocol()
-
-
Method Detail
-
setSession
public OIDCLoginProtocol setSession(org.keycloak.models.KeycloakSession session)
- Specified by:
setSession
in interfaceorg.keycloak.protocol.LoginProtocol
-
setRealm
public OIDCLoginProtocol setRealm(org.keycloak.models.RealmModel realm)
- Specified by:
setRealm
in interfaceorg.keycloak.protocol.LoginProtocol
-
setUriInfo
public OIDCLoginProtocol setUriInfo(javax.ws.rs.core.UriInfo uriInfo)
- Specified by:
setUriInfo
in interfaceorg.keycloak.protocol.LoginProtocol
-
setHttpHeaders
public OIDCLoginProtocol setHttpHeaders(javax.ws.rs.core.HttpHeaders headers)
- Specified by:
setHttpHeaders
in interfaceorg.keycloak.protocol.LoginProtocol
-
setEventBuilder
public OIDCLoginProtocol setEventBuilder(org.keycloak.events.EventBuilder event)
- Specified by:
setEventBuilder
in interfaceorg.keycloak.protocol.LoginProtocol
-
authenticated
public javax.ws.rs.core.Response authenticated(org.keycloak.sessions.AuthenticationSessionModel authSession, org.keycloak.models.UserSessionModel userSession, org.keycloak.models.ClientSessionContext clientSessionCtx)
- Specified by:
authenticated
in interfaceorg.keycloak.protocol.LoginProtocol
-
sendError
public javax.ws.rs.core.Response sendError(org.keycloak.sessions.AuthenticationSessionModel authSession, org.keycloak.protocol.LoginProtocol.Error error)
- Specified by:
sendError
in interfaceorg.keycloak.protocol.LoginProtocol
-
backchannelLogout
public javax.ws.rs.core.Response backchannelLogout(org.keycloak.models.UserSessionModel userSession, org.keycloak.models.AuthenticatedClientSessionModel clientSession)
- Specified by:
backchannelLogout
in interfaceorg.keycloak.protocol.LoginProtocol
-
frontchannelLogout
public javax.ws.rs.core.Response frontchannelLogout(org.keycloak.models.UserSessionModel userSession, org.keycloak.models.AuthenticatedClientSessionModel clientSession)
- Specified by:
frontchannelLogout
in interfaceorg.keycloak.protocol.LoginProtocol
-
finishBrowserLogout
public javax.ws.rs.core.Response finishBrowserLogout(org.keycloak.models.UserSessionModel userSession, org.keycloak.sessions.AuthenticationSessionModel logoutSession)
- Specified by:
finishBrowserLogout
in interfaceorg.keycloak.protocol.LoginProtocol
-
requireReauthentication
public boolean requireReauthentication(org.keycloak.models.UserSessionModel userSession, org.keycloak.sessions.AuthenticationSessionModel authSession)
- Specified by:
requireReauthentication
in interfaceorg.keycloak.protocol.LoginProtocol
-
isPromptLogin
protected boolean isPromptLogin(org.keycloak.sessions.AuthenticationSessionModel authSession)
-
isAuthTimeExpired
protected boolean isAuthTimeExpired(org.keycloak.models.UserSessionModel userSession, org.keycloak.sessions.AuthenticationSessionModel authSession)
-
isReAuthRequiredForKcAction
protected boolean isReAuthRequiredForKcAction(org.keycloak.models.UserSessionModel userSession, org.keycloak.sessions.AuthenticationSessionModel authSession)
-
sendPushRevocationPolicyRequest
public boolean sendPushRevocationPolicyRequest(org.keycloak.models.RealmModel realm, org.keycloak.models.ClientModel resource, int notBefore, String managementUrl)
- Specified by:
sendPushRevocationPolicyRequest
in interfaceorg.keycloak.protocol.LoginProtocol
-
close
public void close()
- Specified by:
close
in interfaceorg.keycloak.provider.Provider
-
-