Package org.keycloak.services.managers

Class AuthenticationManager

  • Direct Known Subclasses:
    AppAuthManager
    public class AuthenticationManager
extends Object
    Stateless object that manages authentication
    Version:
    $Revision: 1 $
    Author:
    Bill Burke

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      static javax.ws.rs.core.Response actionRequired​(org.keycloak.models.KeycloakSession session, org.keycloak.sessions.AuthenticationSessionModel authSession, org.keycloak.http.HttpRequest request, org.keycloak.events.EventBuilder event)  
      AuthenticationManager.AuthResult authenticateIdentityCookie​(org.keycloak.models.KeycloakSession session, org.keycloak.models.RealmModel realm)  
      static AuthenticationManager.AuthResult authenticateIdentityCookie​(org.keycloak.models.KeycloakSession session, org.keycloak.models.RealmModel realm, boolean checkActive)  
      static BackchannelLogoutResponse backchannelLogout​(org.keycloak.models.KeycloakSession session, org.keycloak.models.RealmModel realm, org.keycloak.models.UserSessionModel userSession, javax.ws.rs.core.UriInfo uriInfo, org.keycloak.common.ClientConnection connection, javax.ws.rs.core.HttpHeaders headers, boolean logoutBroker)  
      static BackchannelLogoutResponse backchannelLogout​(org.keycloak.models.KeycloakSession session, org.keycloak.models.RealmModel realm, org.keycloak.models.UserSessionModel userSession, javax.ws.rs.core.UriInfo uriInfo, org.keycloak.common.ClientConnection connection, javax.ws.rs.core.HttpHeaders headers, boolean logoutBroker, boolean offlineSession)  
      static void backchannelLogout​(org.keycloak.models.KeycloakSession session, org.keycloak.models.UserSessionModel userSession, boolean logoutBroker)  
      static void backchannelLogoutUserFromClient​(org.keycloak.models.KeycloakSession session, org.keycloak.models.RealmModel realm, org.keycloak.models.UserModel user, org.keycloak.models.ClientModel client, javax.ws.rs.core.UriInfo uriInfo, javax.ws.rs.core.HttpHeaders headers)
      Logout all clientSessions of this user and client
      static javax.ws.rs.core.Response browserLogout​(org.keycloak.models.KeycloakSession session, org.keycloak.models.RealmModel realm, org.keycloak.models.UserSessionModel userSession, javax.ws.rs.core.UriInfo uriInfo, org.keycloak.common.ClientConnection connection, javax.ws.rs.core.HttpHeaders headers)  
      static IdentityCookieToken createIdentityToken​(org.keycloak.models.KeycloakSession keycloakSession, org.keycloak.models.RealmModel realm, org.keycloak.models.UserModel user, org.keycloak.models.UserSessionModel session, String issuer)  
      static void createLoginCookie​(org.keycloak.models.KeycloakSession keycloakSession, org.keycloak.models.RealmModel realm, org.keycloak.models.UserModel user, org.keycloak.models.UserSessionModel session, javax.ws.rs.core.UriInfo uriInfo, org.keycloak.common.ClientConnection connection)  
      static org.keycloak.sessions.AuthenticationSessionModel createOrJoinLogoutSession​(org.keycloak.models.KeycloakSession session, org.keycloak.models.RealmModel realm, AuthenticationSessionManager asm, org.keycloak.models.UserSessionModel userSession, boolean browserCookie)  
      static void createRememberMeCookie​(String username, javax.ws.rs.core.UriInfo uriInfo, org.keycloak.models.KeycloakSession session)  
      static org.keycloak.authentication.RequiredActionProvider createRequiredAction​(RequiredActionContextResult context)  
      static void evaluateRequiredActionTriggers​(org.keycloak.models.KeycloakSession session, org.keycloak.sessions.AuthenticationSessionModel authSession, org.keycloak.http.HttpRequest request, org.keycloak.events.EventBuilder event, org.keycloak.models.RealmModel realm, org.keycloak.models.UserModel user)  
      protected static javax.ws.rs.core.Response executionActions​(org.keycloak.models.KeycloakSession session, org.keycloak.sessions.AuthenticationSessionModel authSession, org.keycloak.http.HttpRequest request, org.keycloak.events.EventBuilder event, org.keycloak.models.RealmModel realm, org.keycloak.models.UserModel user, Stream<String> requiredActions)  
      static void expireCookie​(org.keycloak.models.RealmModel realm, String cookieName, String path, boolean httpOnly, org.keycloak.common.ClientConnection connection, org.keycloak.common.util.ServerCookie.SameSiteAttributeValue sameSite, org.keycloak.models.KeycloakSession session)  
      static void expireIdentityCookie​(org.keycloak.models.RealmModel realm, javax.ws.rs.core.UriInfo uriInfo, org.keycloak.models.KeycloakSession session)  
      static void expireOldAuthSessionCookie​(org.keycloak.models.RealmModel realm, javax.ws.rs.core.UriInfo uriInfo, org.keycloak.models.KeycloakSession session)  
      static void expireOldIdentityCookie​(org.keycloak.models.RealmModel realm, javax.ws.rs.core.UriInfo uriInfo, org.keycloak.models.KeycloakSession session)  
      static void expireRememberMeCookie​(org.keycloak.models.RealmModel realm, javax.ws.rs.core.UriInfo uriInfo, org.keycloak.models.KeycloakSession session)  
      static boolean expireUserSessionCookie​(org.keycloak.models.KeycloakSession session, org.keycloak.models.UserSessionModel userSession, org.keycloak.models.RealmModel realm, javax.ws.rs.core.UriInfo uriInfo, javax.ws.rs.core.HttpHeaders headers, org.keycloak.common.ClientConnection connection)  
      static javax.ws.rs.core.Response finishBrowserLogout​(org.keycloak.models.KeycloakSession session, org.keycloak.models.RealmModel realm, org.keycloak.models.UserSessionModel userSession, javax.ws.rs.core.UriInfo uriInfo, org.keycloak.common.ClientConnection connection, javax.ws.rs.core.HttpHeaders headers)  
      static javax.ws.rs.core.Response finishedRequiredActions​(org.keycloak.models.KeycloakSession session, org.keycloak.sessions.AuthenticationSessionModel authSession, org.keycloak.models.UserSessionModel userSession, org.keycloak.common.ClientConnection clientConnection, org.keycloak.http.HttpRequest request, javax.ws.rs.core.UriInfo uriInfo, org.keycloak.events.EventBuilder event)  
      static void finishUnconfirmedUserSession​(org.keycloak.models.KeycloakSession session, org.keycloak.models.RealmModel realm, org.keycloak.models.UserSessionModel userSessionModel)  
      static String getAccountCookiePath​(org.keycloak.models.RealmModel realm, javax.ws.rs.core.UriInfo uriInfo)  
      static org.keycloak.sessions.CommonClientSessionModel.Action getClientLogoutAction​(org.keycloak.sessions.AuthenticationSessionModel logoutAuthSession, String clientUuid)
      Returns the logout state of the particular client as per the logoutAuthSession
      protected static String getIdentityCookiePath​(org.keycloak.models.RealmModel realm, javax.ws.rs.core.UriInfo uriInfo)  
      static String getOldCookiePath​(org.keycloak.models.RealmModel realm, javax.ws.rs.core.UriInfo uriInfo)  
      static String getRealmCookiePath​(org.keycloak.models.RealmModel realm, javax.ws.rs.core.UriInfo uriInfo)  
      static String getRememberMeUsername​(org.keycloak.models.RealmModel realm, javax.ws.rs.core.HttpHeaders headers)  
      static String getSessionIdFromSessionCookie​(org.keycloak.models.KeycloakSession session)  
      static boolean isOfflineSessionValid​(org.keycloak.models.RealmModel realm, org.keycloak.models.UserSessionModel userSession)  
      static boolean isSessionValid​(org.keycloak.models.RealmModel realm, org.keycloak.models.UserSessionModel userSession)  
      static boolean isSSOAuthentication​(org.keycloak.models.AuthenticatedClientSessionModel clientSession)  
      static void logSuccess​(org.keycloak.models.KeycloakSession session, org.keycloak.sessions.AuthenticationSessionModel authSession)  
      static org.keycloak.models.UserModel lookupUserForBruteForceLog​(org.keycloak.models.KeycloakSession session, org.keycloak.models.RealmModel realm, org.keycloak.sessions.AuthenticationSessionModel authenticationSession)  
      static javax.ws.rs.core.Response nextActionAfterAuthentication​(org.keycloak.models.KeycloakSession session, org.keycloak.sessions.AuthenticationSessionModel authSession, org.keycloak.common.ClientConnection clientConnection, org.keycloak.http.HttpRequest request, javax.ws.rs.core.UriInfo uriInfo, org.keycloak.events.EventBuilder event)  
      static String nextRequiredAction​(org.keycloak.models.KeycloakSession session, org.keycloak.sessions.AuthenticationSessionModel authSession, org.keycloak.http.HttpRequest request, org.keycloak.events.EventBuilder event)  
      static javax.ws.rs.core.Response redirectAfterSuccessfulFlow​(org.keycloak.models.KeycloakSession session, org.keycloak.models.RealmModel realm, org.keycloak.models.UserSessionModel userSession, org.keycloak.models.ClientSessionContext clientSessionCtx, org.keycloak.http.HttpRequest request, javax.ws.rs.core.UriInfo uriInfo, org.keycloak.common.ClientConnection clientConnection, org.keycloak.events.EventBuilder event, org.keycloak.sessions.AuthenticationSessionModel authSession)  
      static javax.ws.rs.core.Response redirectAfterSuccessfulFlow​(org.keycloak.models.KeycloakSession session, org.keycloak.models.RealmModel realm, org.keycloak.models.UserSessionModel userSession, org.keycloak.models.ClientSessionContext clientSessionCtx, org.keycloak.http.HttpRequest request, javax.ws.rs.core.UriInfo uriInfo, org.keycloak.common.ClientConnection clientConnection, org.keycloak.events.EventBuilder event, org.keycloak.sessions.AuthenticationSessionModel authSession, org.keycloak.protocol.LoginProtocol protocol)  
      static javax.ws.rs.core.Response redirectToRequiredActions​(org.keycloak.models.KeycloakSession session, org.keycloak.models.RealmModel realm, org.keycloak.sessions.AuthenticationSessionModel authSession, javax.ws.rs.core.UriInfo uriInfo, String requiredAction)  
      static void setClientLogoutAction​(org.keycloak.sessions.AuthenticationSessionModel logoutAuthSession, String clientUuid, org.keycloak.sessions.CommonClientSessionModel.Action action)
      Sets logout state of the particular client into the logoutAuthSession
      static void setClientScopesInSession​(org.keycloak.sessions.AuthenticationSessionModel authSession)  
      static void setKcActionStatus​(String executedProviderId, org.keycloak.authentication.RequiredActionContext.KcActionStatus status, org.keycloak.sessions.AuthenticationSessionModel authSession)  
      static AuthenticationManager.AuthResult verifyIdentityToken​(org.keycloak.models.KeycloakSession session, org.keycloak.models.RealmModel realm, javax.ws.rs.core.UriInfo uriInfo, org.keycloak.common.ClientConnection connection, boolean checkActive, boolean checkTokenType, String checkAudience, boolean isCookie, String tokenString, javax.ws.rs.core.HttpHeaders headers, org.keycloak.TokenVerifier.Predicate<? super org.keycloak.representations.AccessToken>... additionalChecks)  

    • Constructor Detail

      • AuthenticationManager

        public AuthenticationManager()

    • Method Detail

      • isSessionValid

        public static boolean isSessionValid​(org.keycloak.models.RealmModel realm,
                                     org.keycloak.models.UserSessionModel userSession)

      • isOfflineSessionValid

        public static boolean isOfflineSessionValid​(org.keycloak.models.RealmModel realm,
                                            org.keycloak.models.UserSessionModel userSession)

      • expireUserSessionCookie

        public static boolean expireUserSessionCookie​(org.keycloak.models.KeycloakSession session,
                                              org.keycloak.models.UserSessionModel userSession,
                                              org.keycloak.models.RealmModel realm,
                                              javax.ws.rs.core.UriInfo uriInfo,
                                              javax.ws.rs.core.HttpHeaders headers,
                                              org.keycloak.common.ClientConnection connection)

      • backchannelLogout

        public static void backchannelLogout​(org.keycloak.models.KeycloakSession session,
                                     org.keycloak.models.UserSessionModel userSession,
                                     boolean logoutBroker)

      • backchannelLogout

        public static BackchannelLogoutResponse backchannelLogout​(org.keycloak.models.KeycloakSession session,
                                                          org.keycloak.models.RealmModel realm,
                                                          org.keycloak.models.UserSessionModel userSession,
                                                          javax.ws.rs.core.UriInfo uriInfo,
                                                          org.keycloak.common.ClientConnection connection,
                                                          javax.ws.rs.core.HttpHeaders headers,
                                                          boolean logoutBroker)

      • backchannelLogout

        public static BackchannelLogoutResponse backchannelLogout​(org.keycloak.models.KeycloakSession session,
                                                          org.keycloak.models.RealmModel realm,
                                                          org.keycloak.models.UserSessionModel userSession,
                                                          javax.ws.rs.core.UriInfo uriInfo,
                                                          org.keycloak.common.ClientConnection connection,
                                                          javax.ws.rs.core.HttpHeaders headers,
                                                          boolean logoutBroker,
                                                          boolean offlineSession)
        Parameters:
        session -
        realm -
        userSession -
        uriInfo -
        connection -
        headers -
        logoutBroker -
        offlineSession -
        Returns:
        BackchannelLogoutResponse with logout information

      • createOrJoinLogoutSession

        public static org.keycloak.sessions.AuthenticationSessionModel createOrJoinLogoutSession​(org.keycloak.models.KeycloakSession session,
                                                                                         org.keycloak.models.RealmModel realm,
                                                                                         AuthenticationSessionManager asm,
                                                                                         org.keycloak.models.UserSessionModel userSession,
                                                                                         boolean browserCookie)

      • setClientLogoutAction

        public static void setClientLogoutAction​(org.keycloak.sessions.AuthenticationSessionModel logoutAuthSession,
                                         String clientUuid,
                                         org.keycloak.sessions.CommonClientSessionModel.Action action)
        Sets logout state of the particular client into the logoutAuthSession
        Parameters:
        logoutAuthSession - logoutAuthSession. May be null in which case this is a no-op.
        clientUuid - Client. Must not be null
        action -

      • getClientLogoutAction

        public static org.keycloak.sessions.CommonClientSessionModel.Action getClientLogoutAction​(org.keycloak.sessions.AuthenticationSessionModel logoutAuthSession,
                                                                                          String clientUuid)
        Returns the logout state of the particular client as per the logoutAuthSession
        Parameters:
        logoutAuthSession - logoutAuthSession. May be null in which case this is a no-op.
        clientUuid - Internal ID of the client. Must not be null
        Returns:
        State if it can be determined, null otherwise.

      • backchannelLogoutUserFromClient

        public static void backchannelLogoutUserFromClient​(org.keycloak.models.KeycloakSession session,
                                                   org.keycloak.models.RealmModel realm,
                                                   org.keycloak.models.UserModel user,
                                                   org.keycloak.models.ClientModel client,
                                                   javax.ws.rs.core.UriInfo uriInfo,
                                                   javax.ws.rs.core.HttpHeaders headers)
        Logout all clientSessions of this user and client
        Parameters:
        session -
        realm -
        user -
        client -
        uriInfo -
        headers -

      • browserLogout

        public static javax.ws.rs.core.Response browserLogout​(org.keycloak.models.KeycloakSession session,
                                                      org.keycloak.models.RealmModel realm,
                                                      org.keycloak.models.UserSessionModel userSession,
                                                      javax.ws.rs.core.UriInfo uriInfo,
                                                      org.keycloak.common.ClientConnection connection,
                                                      javax.ws.rs.core.HttpHeaders headers)

      • finishBrowserLogout

        public static javax.ws.rs.core.Response finishBrowserLogout​(org.keycloak.models.KeycloakSession session,
                                                            org.keycloak.models.RealmModel realm,
                                                            org.keycloak.models.UserSessionModel userSession,
                                                            javax.ws.rs.core.UriInfo uriInfo,
                                                            org.keycloak.common.ClientConnection connection,
                                                            javax.ws.rs.core.HttpHeaders headers)

      • finishUnconfirmedUserSession

        public static void finishUnconfirmedUserSession​(org.keycloak.models.KeycloakSession session,
                                                org.keycloak.models.RealmModel realm,
                                                org.keycloak.models.UserSessionModel userSessionModel)

      • createIdentityToken

        public static IdentityCookieToken createIdentityToken​(org.keycloak.models.KeycloakSession keycloakSession,
                                                      org.keycloak.models.RealmModel realm,
                                                      org.keycloak.models.UserModel user,
                                                      org.keycloak.models.UserSessionModel session,
                                                      String issuer)

      • createLoginCookie

        public static void createLoginCookie​(org.keycloak.models.KeycloakSession keycloakSession,
                                     org.keycloak.models.RealmModel realm,
                                     org.keycloak.models.UserModel user,
                                     org.keycloak.models.UserSessionModel session,
                                     javax.ws.rs.core.UriInfo uriInfo,
                                     org.keycloak.common.ClientConnection connection)

      • createRememberMeCookie

        public static void createRememberMeCookie​(String username,
                                          javax.ws.rs.core.UriInfo uriInfo,
                                          org.keycloak.models.KeycloakSession session)

      • getRememberMeUsername

        public static String getRememberMeUsername​(org.keycloak.models.RealmModel realm,
                                           javax.ws.rs.core.HttpHeaders headers)

      • expireIdentityCookie

        public static void expireIdentityCookie​(org.keycloak.models.RealmModel realm,
                                        javax.ws.rs.core.UriInfo uriInfo,
                                        org.keycloak.models.KeycloakSession session)

      • expireOldIdentityCookie

        public static void expireOldIdentityCookie​(org.keycloak.models.RealmModel realm,
                                           javax.ws.rs.core.UriInfo uriInfo,
                                           org.keycloak.models.KeycloakSession session)

      • expireRememberMeCookie

        public static void expireRememberMeCookie​(org.keycloak.models.RealmModel realm,
                                          javax.ws.rs.core.UriInfo uriInfo,
                                          org.keycloak.models.KeycloakSession session)

      • expireOldAuthSessionCookie

        public static void expireOldAuthSessionCookie​(org.keycloak.models.RealmModel realm,
                                              javax.ws.rs.core.UriInfo uriInfo,
                                              org.keycloak.models.KeycloakSession session)

      • getIdentityCookiePath

        protected static String getIdentityCookiePath​(org.keycloak.models.RealmModel realm,
                                              javax.ws.rs.core.UriInfo uriInfo)

      • getRealmCookiePath

        public static String getRealmCookiePath​(org.keycloak.models.RealmModel realm,
                                        javax.ws.rs.core.UriInfo uriInfo)

      • getOldCookiePath

        public static String getOldCookiePath​(org.keycloak.models.RealmModel realm,
                                      javax.ws.rs.core.UriInfo uriInfo)

      • getAccountCookiePath

        public static String getAccountCookiePath​(org.keycloak.models.RealmModel realm,
                                          javax.ws.rs.core.UriInfo uriInfo)

      • expireCookie

        public static void expireCookie​(org.keycloak.models.RealmModel realm,
                                String cookieName,
                                String path,
                                boolean httpOnly,
                                org.keycloak.common.ClientConnection connection,
                                org.keycloak.common.util.ServerCookie.SameSiteAttributeValue sameSite,
                                org.keycloak.models.KeycloakSession session)

      • authenticateIdentityCookie

        public AuthenticationManager.AuthResult authenticateIdentityCookie​(org.keycloak.models.KeycloakSession session,
                                                                   org.keycloak.models.RealmModel realm)

      • authenticateIdentityCookie

        public static AuthenticationManager.AuthResult authenticateIdentityCookie​(org.keycloak.models.KeycloakSession session,
                                                                          org.keycloak.models.RealmModel realm,
                                                                          boolean checkActive)

      • redirectAfterSuccessfulFlow

        public static javax.ws.rs.core.Response redirectAfterSuccessfulFlow​(org.keycloak.models.KeycloakSession session,
                                                                    org.keycloak.models.RealmModel realm,
                                                                    org.keycloak.models.UserSessionModel userSession,
                                                                    org.keycloak.models.ClientSessionContext clientSessionCtx,
                                                                    org.keycloak.http.HttpRequest request,
                                                                    javax.ws.rs.core.UriInfo uriInfo,
                                                                    org.keycloak.common.ClientConnection clientConnection,
                                                                    org.keycloak.events.EventBuilder event,
                                                                    org.keycloak.sessions.AuthenticationSessionModel authSession)

      • redirectAfterSuccessfulFlow

        public static javax.ws.rs.core.Response redirectAfterSuccessfulFlow​(org.keycloak.models.KeycloakSession session,
                                                                    org.keycloak.models.RealmModel realm,
                                                                    org.keycloak.models.UserSessionModel userSession,
                                                                    org.keycloak.models.ClientSessionContext clientSessionCtx,
                                                                    org.keycloak.http.HttpRequest request,
                                                                    javax.ws.rs.core.UriInfo uriInfo,
                                                                    org.keycloak.common.ClientConnection clientConnection,
                                                                    org.keycloak.events.EventBuilder event,
                                                                    org.keycloak.sessions.AuthenticationSessionModel authSession,
                                                                    org.keycloak.protocol.LoginProtocol protocol)

      • getSessionIdFromSessionCookie

        public static String getSessionIdFromSessionCookie​(org.keycloak.models.KeycloakSession session)

      • isSSOAuthentication

        public static boolean isSSOAuthentication​(org.keycloak.models.AuthenticatedClientSessionModel clientSession)

      • nextActionAfterAuthentication

        public static javax.ws.rs.core.Response nextActionAfterAuthentication​(org.keycloak.models.KeycloakSession session,
                                                                      org.keycloak.sessions.AuthenticationSessionModel authSession,
                                                                      org.keycloak.common.ClientConnection clientConnection,
                                                                      org.keycloak.http.HttpRequest request,
                                                                      javax.ws.rs.core.UriInfo uriInfo,
                                                                      org.keycloak.events.EventBuilder event)

      • redirectToRequiredActions

        public static javax.ws.rs.core.Response redirectToRequiredActions​(org.keycloak.models.KeycloakSession session,
                                                                  org.keycloak.models.RealmModel realm,
                                                                  org.keycloak.sessions.AuthenticationSessionModel authSession,
                                                                  javax.ws.rs.core.UriInfo uriInfo,
                                                                  String requiredAction)

      • finishedRequiredActions

        public static javax.ws.rs.core.Response finishedRequiredActions​(org.keycloak.models.KeycloakSession session,
                                                                org.keycloak.sessions.AuthenticationSessionModel authSession,
                                                                org.keycloak.models.UserSessionModel userSession,
                                                                org.keycloak.common.ClientConnection clientConnection,
                                                                org.keycloak.http.HttpRequest request,
                                                                javax.ws.rs.core.UriInfo uriInfo,
                                                                org.keycloak.events.EventBuilder event)

      • nextRequiredAction

        public static String nextRequiredAction​(org.keycloak.models.KeycloakSession session,
                                        org.keycloak.sessions.AuthenticationSessionModel authSession,
                                        org.keycloak.http.HttpRequest request,
                                        org.keycloak.events.EventBuilder event)

      • actionRequired

        public static javax.ws.rs.core.Response actionRequired​(org.keycloak.models.KeycloakSession session,
                                                       org.keycloak.sessions.AuthenticationSessionModel authSession,
                                                       org.keycloak.http.HttpRequest request,
                                                       org.keycloak.events.EventBuilder event)

      • setClientScopesInSession

        public static void setClientScopesInSession​(org.keycloak.sessions.AuthenticationSessionModel authSession)

      • createRequiredAction

        public static org.keycloak.authentication.RequiredActionProvider createRequiredAction​(RequiredActionContextResult context)

      • executionActions

        protected static javax.ws.rs.core.Response executionActions​(org.keycloak.models.KeycloakSession session,
                                                            org.keycloak.sessions.AuthenticationSessionModel authSession,
                                                            org.keycloak.http.HttpRequest request,
                                                            org.keycloak.events.EventBuilder event,
                                                            org.keycloak.models.RealmModel realm,
                                                            org.keycloak.models.UserModel user,
                                                            Stream<String> requiredActions)

      • evaluateRequiredActionTriggers

        public static void evaluateRequiredActionTriggers​(org.keycloak.models.KeycloakSession session,
                                                  org.keycloak.sessions.AuthenticationSessionModel authSession,
                                                  org.keycloak.http.HttpRequest request,
                                                  org.keycloak.events.EventBuilder event,
                                                  org.keycloak.models.RealmModel realm,
                                                  org.keycloak.models.UserModel user)

      • verifyIdentityToken

        public static AuthenticationManager.AuthResult verifyIdentityToken​(org.keycloak.models.KeycloakSession session,
                                                                   org.keycloak.models.RealmModel realm,
                                                                   javax.ws.rs.core.UriInfo uriInfo,
                                                                   org.keycloak.common.ClientConnection connection,
                                                                   boolean checkActive,
                                                                   boolean checkTokenType,
                                                                   String checkAudience,
                                                                   boolean isCookie,
                                                                   String tokenString,
                                                                   javax.ws.rs.core.HttpHeaders headers,
                                                                   org.keycloak.TokenVerifier.Predicate<? super org.keycloak.representations.AccessToken>... additionalChecks)

      • setKcActionStatus

        public static void setKcActionStatus​(String executedProviderId,
                                     org.keycloak.authentication.RequiredActionContext.KcActionStatus status,
                                     org.keycloak.sessions.AuthenticationSessionModel authSession)

      • logSuccess

        public static void logSuccess​(org.keycloak.models.KeycloakSession session,
                              org.keycloak.sessions.AuthenticationSessionModel authSession)

      • lookupUserForBruteForceLog

        public static org.keycloak.models.UserModel lookupUserForBruteForceLog​(org.keycloak.models.KeycloakSession session,
                                                                       org.keycloak.models.RealmModel realm,
                                                                       org.keycloak.sessions.AuthenticationSessionModel authenticationSession)