All Classes and Interfaces
Class
Description
Handles some common transaction logic related to start, rollback-only etc.
Base class for arbitrary value type validators.
Base class for String value format validators.
Configuration of the attribute group.
This interface wraps the attributes associated with a user profile.
Defines constants for authentication flow bindings.
Allow to encode compound string to fully lookup authenticationSessionModel
Represents the state of the authentication.
The internal Keycloak representation of a Rich Authorization Request authorization_details object, together with
some extra metadata to make it easier to work with this data in other parts of the codebase.
This context object will contain all parsed Rich Authorization Request objects, together with the internal representation
that Keycloak is going to use for Scopes.
Base32 - encodes and decodes RFC3548 Base32 (see http://www.faqs.org/rfcs/rfc3548.html )
Abstraction interface for lookoup of clients by id and clientId.
Provides Client Policy Context.
Events on which client policies mechanism detects and do its operation
Provides a method for handling an event defined in
ClientPolicyEvent.Provider of the client records.
Provider of the client scopes records.
Request-scoped context object
Predecessor of AuthenticationSessionModel, ClientLoginSessionModel and ClientSessionModel (then action tickets).
Stored configuration of a User Storage provider instance.
Single purpose method that knows how to authenticate a user based on a credential type.
Implentations of this interface can validate CredentialInput, i.e.
Used just in cases when we want to "directly" update or retrieve the hash or salt of user credential (For example during export/import)
Output of credential validation
Provider of group records
The Hostname provider is used by Keycloak to decide URLs for frontend and backend requests.
Represents an incoming HTTP request.
Represents an out coming HTTP response.
Specifies a mapping from broker login to user data.
A model type representing the configuration for identity providers.
The
IdentityProviderStorageProvider is concerned with the storage/retrieval of the configured identity providers
in Keycloak.Enum to control how login identity providers should be fetched.
Enum that contains all fields that are considered when deciding if a provider should be available for login or not.
Handles invalidation requests.
Tagging interface for the kinds of invalidatable object
Component model backed by JSON configuration.
Task to be executed inside transaction
Interface for tasks that compute a result and need access to the
KeycloakSession.Serializer and deserializer for
ProviderConfigProperty.MAP_TYPEThrown when data can't be retrieved for the model.
Thrown to indicate that an error is expected as a result of the validations run against a model.
Model implementation of an organization internet domain.
A
Provider that manages organization and its data within the scope of a realm.The supported encodings when reading the raw secret from the storage
Created by st on 23/05/17.
Deprecated.
Specifies a mapping from user data to a protocol claim assertion.
Configuration property metadata.
Exception thrown when a provider configuration property name is not unique.
Builds a list of ProviderConfigProperty instances.
At boot time, keycloak discovers all factories.
Thrown when UserStorageProvider UserModel adapter is read-only
Holds the configuration for a required action.
Abstraction interface for lookup of both realm roles and client roles by id, name and description.
Provider of the role records.
Base interface for components that want to provide an alternative storage mechanism for roles
Represents usually one browser session with potentially many browser tabs.
A representation of a Script with some additional meta-data.
Convenience interface to ease implementation of small
Validator implementations.Provides a cache to store data for single-use use case or the details about used action tokens.
This model represents contents of an action token shareable among Keycloak instances in the cluster.
Useful when you want to describe config properties that are effected by the parent ComponentModel
Validates and manages the credentials of a known entity (for example, a user).
A theme resource provider can be used to load additional templates and resources.
This is an optional capability interface that is intended to be implemented by any
UserStorageProvider that supports bulk operations.This is an optional capability interface that is intended to be implemented by
UserStorageProvider that supports count queries.This is an optional capability interface that is intended to be implemented by any
UserStorageProvider that supports basic user querying.Delegation pattern.
Extension of the
ValidationContext used when validators are called for UserProfile attribute validation.Constants related to user profile
This interface represents the different contexts from where user profiles are managed.
This interface allows user storage providers to customize the user profile configuration and its attributes for realm
on a per-user storage provider basis.
This is an optional capability interface that is intended to be implemented by any
UserStorageProvider that supports complex user querying.This is an optional capability interface that is intended to be implemented by any
UserStorageProvider that supports complex user querying.This is an optional capability interface that is intended to be implemented by any
UserStorageProvider that supports addition of new users.Flag used when creating user session
Holds information about the validation state.
Denotes an error found during validation.
Denotes the result of a validation.
Validates given input in a
ValidationContext.A factory for custom
Validator implementations plugged-in through this SPI.Facade for Validation functions with support for
Validator implementation lookup by id.A
CharBuffer based representation of the secret obtained from the vault that supports automated cleanup of memory.VaultKeyResolver is a BiFunction whose implementation of the BiFunction.apply(Object, Object) method takes
two Strings representing the realm name and the key name (as used in ${vault.key} expressions) and returns
another String representing the final constructed key that is to be used when obtaining secrets from the vault.Provider interface for a vault.
Raw representation of the secret obtained from vault that supports automated cleanup of memory.
SPI for a low-level vault access.
A
String based representation of the secret obtained from the vault that supports automated cleanup of memory.A facade to the configured vault provider that exposes utility methods for obtaining the vault secrets in different
formats (such as
VaultRawSecret, VaultCharSecret or VaultStringSecret).
UserCredentialModelas it contains all the functionality required by this class