All Classes and Interfaces
Class
Description
Handles some common transaction logic related to start, rollback-only etc.
Defines constants for authentication flow bindings.
Allow to encode compound string to fully lookup authenticationSessionModel
Represents the state of the authentication.
The internal Keycloak representation of a Rich Authorization Request authorization_details object, together with
some extra metadata to make it easier to work with this data in other parts of the codebase.
This context object will contain all parsed Rich Authorization Request objects, together with the internal representation
that Keycloak is going to use for Scopes.
Base32 - encodes and decodes RFC3548 Base32 (see http://www.faqs.org/rfcs/rfc3548.html )
Abstraction interface for lookoup of clients by id and clientId.
Provides Client Policy Context.
Events on which client policies mechanism detects and do its operation
Provides a method for handling an event defined in
ClientPolicyEvent.Provider of the client records.
Provider of the client scopes records.
Request-scoped context object
Predecesor of AuthenticationSessionModel, ClientLoginSessionModel and ClientSessionModel (then action tickets).
Stored configuration of a User Storage provider instance.
Single purpose method that knows how to authenticate a user based on a credential type.
Implentations of this interface can validate CredentialInput, i.e.
Used just in cases when we want to "directly" update or retrieve the hash or salt of user credential (For example during export/import)
Output of credential validation
Provider of group records
The Hostname provider is used by Keycloak to decide URLs for frontend and backend requests.
An extension of
javax.ws.rs.core.Cookie in order to support additional
fields and behavior.Represents an incoming HTTP request.
Represents an out coming HTTP response.
Specifies a mapping from broker login to user data.
A model type representing the configuration for identity providers.
Handles invalidation requests.
Tagging interface for the kinds of invalidatable object
Component model backed by JSON configuration.
Task to be executed inside transaction
Interface for tasks that compute a result and need access to the
KeycloakSession.Thrown when data can't be retrieved for the model.
The supported encodings when reading the raw secret from the storage
Created by st on 23/05/17.
Deprecated.
Specifies a mapping from user data to a protocol claim assertion.
Configuration property metadata.
Builds a list of ProviderConfigProperty instances.
At boot time, keycloak discovers all factories.
Thrown when UserStorageProvider UserModel adapter is read-only
Abstraction interface for lookup of both realm roles and client roles by id, name and description.
Provider of the role records.
Base interface for components that want to provide an alternative storage mechanism for roles
Represents usually one browser session with potentially many browser tabs.
A representation of a Script with some additional meta-data.
Provides a cache to store data for single-use use case or the details about used action tokens.
This model represents contents of an action token shareable among Keycloak instances in the cluster.
Useful when you want to describe config properties that are effected by the parent ComponentModel
Validates and manages the credentials of a known entity (for example, a user).
A theme resource provider can be used to load additional templates and resources.
This is an optional capability interface that is intended to be implemented by any
UserStorageProvider that supports bulk operations.This is an optional capability interface that is intended to be implemented by
UserStorageProvider that supports count queries.This is an optional capability interface that is intended to be implemented by any
UserStorageProvider that supports basic user querying.Delegation pattern.
This is an optional capability interface that is intended to be implemented by any
UserStorageProvider that supports complex user querying.This is an optional capability interface that is intended to be implemented by any
UserStorageProvider that supports complex user querying.This is an optional capability interface that is intended to be implemented by any
UserStorageProvider that supports addition of new users.Flag used when creating user session
A
CharBuffer based representation of the secret obtained from the vault that supports automated cleanup of memory.VaultKeyResolver is a BiFunction whose implementation of the BiFunction.apply(Object, Object) method takes
two Strings representing the realm name and the key name (as used in ${vault.key} expressions) and returns
another String representing the final constructed key that is to be used when obtaining secrets from the vault.Provider interface for a vault.
Raw representation of the secret obtained from vault that supports automated cleanup of memory.
SPI for a low-level vault access.
A
String based representation of the secret obtained from the vault that supports automated cleanup of memory.A facade to the configured vault provider that exposes utility methods for obtaining the vault secrets in different
formats (such as
VaultRawSecret, VaultCharSecret or VaultStringSecret).
UserCredentialModelas it contains all the functionality required by this class