Package org.keycloak.authentication.authenticators.client

Class JWTClientSecretAuthenticator

java.lang.Object

org.keycloak.authentication.authenticators.client.AbstractClientAuthenticator

org.keycloak.authentication.authenticators.client.JWTClientSecretAuthenticator

All Implemented Interfaces:

ClientAuthenticator, ClientAuthenticatorFactory, ConfigurableAuthenticatorFactory, ConfiguredProvider, Provider, ProviderFactory<ClientAuthenticator>

public class JWTClientSecretAuthenticator
extends AbstractClientAuthenticator

Client authentication based on JWT signed by client secret instead of private key . See specs for more details.

This is server side, which verifies JWT from client_assertion parameter, where the assertion was created on adapter side by org.keycloak.adapters.authentication.JWTClientSecretCredentialsProvider

Field Summary

Fields

Modifier and Type	Field	Description
static final String	PROVIDER_ID

Fields inherited from interface org.keycloak.authentication.ConfigurableAuthenticatorFactory

REQUIREMENT_CHOICES

Constructor Summary

Constructors

Constructor	Description
JWTClientSecretAuthenticator()

Method Summary

Modifier and Type	Method	Description
void	authenticateClient(ClientAuthenticationFlowContext context)
Map<String,Object>	getAdapterConfiguration(ClientModel client)
List<ProviderConfigProperty>	getConfigProperties()
List<ProviderConfigProperty>	getConfigPropertiesPerClient()
String	getDisplayType()
String	getHelpText()
String	getId()
Set<String>	getProtocolAuthenticatorMethods(String loginProtocol)
AuthenticationExecutionModel.Requirement[]	getRequirementChoices()
boolean	isConfigurable()
boolean	supportsSecret()

Methods inherited from class org.keycloak.authentication.authenticators.client.AbstractClientAuthenticator

close, create, create, getReferenceCategory, init, isUserSetupAllowed, postInit

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.keycloak.provider.ConfiguredProvider

getConfig

Methods inherited from interface org.keycloak.provider.ProviderFactory

dependsOn, getConfigMetadata, order

Field Details

PROVIDER_ID

public static final String PROVIDER_ID

See Also:

• Constant Field Values

Constructor Details

JWTClientSecretAuthenticator

public JWTClientSecretAuthenticator()

Method Details

authenticateClient

public void authenticateClient(ClientAuthenticationFlowContext context)

isConfigurable

public boolean isConfigurable()

getConfigPropertiesPerClient

public List<ProviderConfigProperty> getConfigPropertiesPerClient()

getAdapterConfiguration

public Map<String,Object> getAdapterConfiguration(ClientModel client)

getProtocolAuthenticatorMethods

public Set<String> getProtocolAuthenticatorMethods(String loginProtocol)

supportsSecret

public boolean supportsSecret()

getId

public String getId()

getDisplayType

public String getDisplayType()

getRequirementChoices

public AuthenticationExecutionModel.Requirement[] getRequirementChoices()

getHelpText

public String getHelpText()

getConfigProperties

public List<ProviderConfigProperty> getConfigProperties()