Package org.keycloak.protocol.oidc
Class OIDCLoginProtocol
java.lang.Object
org.keycloak.protocol.oidc.OIDCLoginProtocol
- All Implemented Interfaces:
LoginProtocol,Provider
- Author:
- Bill Burke, Stian Thorgersen
-
Nested Class Summary
Nested classes/interfaces inherited from interface org.keycloak.protocol.LoginProtocol
LoginProtocol.Error -
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringprotected EventBuilderstatic final Stringprotected jakarta.ws.rs.core.HttpHeadersstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final intstatic final intstatic final intstatic final intstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringprotected RealmModelstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringprotected OIDCResponseModeprotected OIDCResponseTypestatic final Stringprotected KeycloakSessionstatic final Stringstatic final Stringstatic final Stringprotected jakarta.ws.rs.core.UriInfo -
Constructor Summary
ConstructorsConstructorDescriptionOIDCLoginProtocol(KeycloakSession session, RealmModel realm, jakarta.ws.rs.core.UriInfo uriInfo, jakarta.ws.rs.core.HttpHeaders headers, EventBuilder event) -
Method Summary
Modifier and TypeMethodDescriptionjakarta.ws.rs.core.Responseauthenticated(AuthenticationSessionModel authSession, UserSessionModel userSession, ClientSessionContext clientSessionCtx) jakarta.ws.rs.core.ResponsebackchannelLogout(UserSessionModel userSession, AuthenticatedClientSessionModel clientSession) voidclose()jakarta.ws.rs.core.ResponsefinishBrowserLogout(UserSessionModel userSession, AuthenticationSessionModel logoutSession) jakarta.ws.rs.core.ResponsefrontchannelLogout(UserSessionModel userSession, AuthenticatedClientSessionModel clientSession) protected booleanisAuthTimeExpired(UserSessionModel userSession, AuthenticationSessionModel authSession) protected booleanisPromptLogin(AuthenticationSessionModel authSession) protected booleanisReAuthRequiredForKcAction(UserSessionModel userSession, AuthenticationSessionModel authSession) booleanrequireReauthentication(UserSessionModel userSession, AuthenticationSessionModel authSession) jakarta.ws.rs.core.ResponsesendError(AuthenticationSessionModel authSession, LoginProtocol.Error error) booleansendPushRevocationPolicyRequest(RealmModel realm, ClientModel resource, int notBefore, String managementUrl) setEventBuilder(EventBuilder event) setHttpHeaders(jakarta.ws.rs.core.HttpHeaders headers) setRealm(RealmModel realm) setSession(KeycloakSession session) setUriInfo(jakarta.ws.rs.core.UriInfo uriInfo)
-
Field Details
-
LOGIN_PROTOCOL
- See Also:
-
STATE_PARAM
- See Also:
-
SCOPE_PARAM
- See Also:
-
CODE_PARAM
- See Also:
-
RESPONSE_TYPE_PARAM
- See Also:
-
GRANT_TYPE_PARAM
- See Also:
-
REDIRECT_URI_PARAM
- See Also:
-
POST_LOGOUT_REDIRECT_URI_PARAM
- See Also:
-
CLIENT_ID_PARAM
- See Also:
-
NONCE_PARAM
- See Also:
-
MAX_AGE_PARAM
- See Also:
-
PROMPT_PARAM
- See Also:
-
LOGIN_HINT_PARAM
- See Also:
-
REQUEST_PARAM
- See Also:
-
REQUEST_URI_PARAM
- See Also:
-
UI_LOCALES_PARAM
- See Also:
-
CLAIMS_PARAM
- See Also:
-
ACR_PARAM
- See Also:
-
ID_TOKEN_HINT
- See Also:
-
LOGOUT_STATE_PARAM
- See Also:
-
LOGOUT_REDIRECT_URI
- See Also:
-
LOGOUT_VALIDATED_ID_TOKEN_SESSION_STATE
- See Also:
-
LOGOUT_VALIDATED_ID_TOKEN_ISSUED_AT
- See Also:
-
ISSUER
- See Also:
-
RESPONSE_MODE_PARAM
- See Also:
-
PROMPT_VALUE_NONE
- See Also:
-
PROMPT_VALUE_LOGIN
- See Also:
-
PROMPT_VALUE_CONSENT
- See Also:
-
PROMPT_VALUE_SELECT_ACCOUNT
- See Also:
-
CLIENT_SECRET_BASIC
- See Also:
-
CLIENT_SECRET_POST
- See Also:
-
CLIENT_SECRET_JWT
- See Also:
-
PRIVATE_KEY_JWT
- See Also:
-
TLS_CLIENT_AUTH
- See Also:
-
CODE_CHALLENGE_PARAM
- See Also:
-
CODE_CHALLENGE_METHOD_PARAM
- See Also:
-
PKCE_CODE_CHALLENGE_MIN_LENGTH
public static final int PKCE_CODE_CHALLENGE_MIN_LENGTH- See Also:
-
PKCE_CODE_CHALLENGE_MAX_LENGTH
public static final int PKCE_CODE_CHALLENGE_MAX_LENGTH- See Also:
-
PKCE_CODE_VERIFIER_MIN_LENGTH
public static final int PKCE_CODE_VERIFIER_MIN_LENGTH- See Also:
-
PKCE_CODE_VERIFIER_MAX_LENGTH
public static final int PKCE_CODE_VERIFIER_MAX_LENGTH- See Also:
-
PKCE_METHOD_PLAIN
- See Also:
-
PKCE_METHOD_S256
- See Also:
-
session
-
realm
-
uriInfo
protected jakarta.ws.rs.core.UriInfo uriInfo -
headers
protected jakarta.ws.rs.core.HttpHeaders headers -
event
-
responseType
-
responseMode
-
-
Constructor Details
-
OIDCLoginProtocol
public OIDCLoginProtocol(KeycloakSession session, RealmModel realm, jakarta.ws.rs.core.UriInfo uriInfo, jakarta.ws.rs.core.HttpHeaders headers, EventBuilder event) -
OIDCLoginProtocol
public OIDCLoginProtocol()
-
-
Method Details
-
setSession
- Specified by:
setSessionin interfaceLoginProtocol
-
setRealm
- Specified by:
setRealmin interfaceLoginProtocol
-
setUriInfo
- Specified by:
setUriInfoin interfaceLoginProtocol
-
setHttpHeaders
- Specified by:
setHttpHeadersin interfaceLoginProtocol
-
setEventBuilder
- Specified by:
setEventBuilderin interfaceLoginProtocol
-
authenticated
public jakarta.ws.rs.core.Response authenticated(AuthenticationSessionModel authSession, UserSessionModel userSession, ClientSessionContext clientSessionCtx) - Specified by:
authenticatedin interfaceLoginProtocol
-
sendError
public jakarta.ws.rs.core.Response sendError(AuthenticationSessionModel authSession, LoginProtocol.Error error) - Specified by:
sendErrorin interfaceLoginProtocol
-
backchannelLogout
public jakarta.ws.rs.core.Response backchannelLogout(UserSessionModel userSession, AuthenticatedClientSessionModel clientSession) - Specified by:
backchannelLogoutin interfaceLoginProtocol
-
frontchannelLogout
public jakarta.ws.rs.core.Response frontchannelLogout(UserSessionModel userSession, AuthenticatedClientSessionModel clientSession) - Specified by:
frontchannelLogoutin interfaceLoginProtocol
-
finishBrowserLogout
public jakarta.ws.rs.core.Response finishBrowserLogout(UserSessionModel userSession, AuthenticationSessionModel logoutSession) - Specified by:
finishBrowserLogoutin interfaceLoginProtocol
-
requireReauthentication
public boolean requireReauthentication(UserSessionModel userSession, AuthenticationSessionModel authSession) - Specified by:
requireReauthenticationin interfaceLoginProtocol
-
isPromptLogin
-
isAuthTimeExpired
protected boolean isAuthTimeExpired(UserSessionModel userSession, AuthenticationSessionModel authSession) -
isReAuthRequiredForKcAction
protected boolean isReAuthRequiredForKcAction(UserSessionModel userSession, AuthenticationSessionModel authSession) -
sendPushRevocationPolicyRequest
public boolean sendPushRevocationPolicyRequest(RealmModel realm, ClientModel resource, int notBefore, String managementUrl) - Specified by:
sendPushRevocationPolicyRequestin interfaceLoginProtocol
-
close
public void close()
-