public class OIDCIdentityProvider extends AbstractOAuth2IdentityProvider<OIDCIdentityProviderConfig>
Modifier and Type | Class and Description |
---|---|
protected class |
OIDCIdentityProvider.OIDCEndpoint |
AbstractOAuth2IdentityProvider.Endpoint
IdentityProvider.AuthenticationCallback
Modifier and Type | Field and Description |
---|---|
static String |
FEDERATED_ACCESS_TOKEN_RESPONSE |
static String |
FEDERATED_ID_TOKEN |
protected static org.jboss.logging.Logger |
logger |
static String |
OAUTH2_PARAMETER_PROMPT |
static String |
SCOPE_OPENID |
static String |
USER_INFO |
static String |
VALIDATED_ID_TOKEN |
ACCESS_DENIED, FEDERATED_ACCESS_TOKEN, FEDERATED_REFRESH_TOKEN, FEDERATED_TOKEN_EXPIRATION, mapper, OAUTH2_GRANT_TYPE_AUTHORIZATION_CODE, OAUTH2_GRANT_TYPE_REFRESH_TOKEN, OAUTH2_PARAMETER_ACCESS_TOKEN, OAUTH2_PARAMETER_CLIENT_ID, OAUTH2_PARAMETER_CLIENT_SECRET, OAUTH2_PARAMETER_CODE, OAUTH2_PARAMETER_GRANT_TYPE, OAUTH2_PARAMETER_REDIRECT_URI, OAUTH2_PARAMETER_RESPONSE_TYPE, OAUTH2_PARAMETER_SCOPE, OAUTH2_PARAMETER_STATE
Constructor and Description |
---|
OIDCIdentityProvider(OIDCIdentityProviderConfig config) |
Modifier and Type | Method and Description |
---|---|
void |
attachUserSession(UserSessionModel userSession,
ClientSessionModel clientSession,
BrokeredIdentityContext context) |
void |
backchannelLogout(KeycloakSession session,
UserSessionModel userSession,
javax.ws.rs.core.UriInfo uriInfo,
RealmModel realm) |
protected void |
backchannelLogout(UserSessionModel userSession,
String idToken) |
Object |
callback(RealmModel realm,
IdentityProvider.AuthenticationCallback callback,
EventBuilder event)
JAXRS callback endpoint for when the remote IDP wants to callback to keycloak.
|
protected javax.ws.rs.core.UriBuilder |
createAuthorizationUrl(AuthenticationRequest request) |
protected String |
getDefaultScopes() |
protected PublicKey |
getExternalIdpKey() |
BrokeredIdentityContext |
getFederatedIdentity(String response) |
javax.ws.rs.core.Response |
keycloakInitiatedBrowserLogout(KeycloakSession session,
UserSessionModel userSession,
javax.ws.rs.core.UriInfo uriInfo,
RealmModel realm)
Called when a Keycloak application initiates a logout through the browser.
|
protected void |
processAccessTokenResponse(BrokeredIdentityContext context,
PublicKey idpKey,
AccessTokenResponse response) |
String |
refreshToken(KeycloakSession session,
UserSessionModel userSession)
Returns access token response as a string from a refresh token invocation on the remote OIDC broker
|
protected JsonWebToken |
validateToken(PublicKey key,
String encodedToken) |
protected boolean |
verify(JWSInput jws,
PublicKey key) |
asJsonNode, doGetFederatedIdentity, extractTokenFromResponse, getConfig, getJsonProperty, performLogin, retrieveToken
close, export, getMarshaller, importNewUser, preprocessFederatedIdentity, updateBrokeredUser
protected static final org.jboss.logging.Logger logger
public static final String OAUTH2_PARAMETER_PROMPT
public static final String SCOPE_OPENID
public static final String FEDERATED_ID_TOKEN
public static final String USER_INFO
public static final String FEDERATED_ACCESS_TOKEN_RESPONSE
public static final String VALIDATED_ID_TOKEN
public OIDCIdentityProvider(OIDCIdentityProviderConfig config)
public Object callback(RealmModel realm, IdentityProvider.AuthenticationCallback callback, EventBuilder event)
IdentityProvider
callback
in interface IdentityProvider<OIDCIdentityProviderConfig>
callback
in class AbstractOAuth2IdentityProvider<OIDCIdentityProviderConfig>
protected PublicKey getExternalIdpKey()
public void backchannelLogout(KeycloakSession session, UserSessionModel userSession, javax.ws.rs.core.UriInfo uriInfo, RealmModel realm)
backchannelLogout
in interface IdentityProvider<OIDCIdentityProviderConfig>
backchannelLogout
in class AbstractIdentityProvider<OIDCIdentityProviderConfig>
protected void backchannelLogout(UserSessionModel userSession, String idToken)
public javax.ws.rs.core.Response keycloakInitiatedBrowserLogout(KeycloakSession session, UserSessionModel userSession, javax.ws.rs.core.UriInfo uriInfo, RealmModel realm)
IdentityProvider
keycloakInitiatedBrowserLogout
in interface IdentityProvider<OIDCIdentityProviderConfig>
keycloakInitiatedBrowserLogout
in class AbstractIdentityProvider<OIDCIdentityProviderConfig>
public String refreshToken(KeycloakSession session, UserSessionModel userSession)
session
- userSession
- protected javax.ws.rs.core.UriBuilder createAuthorizationUrl(AuthenticationRequest request)
createAuthorizationUrl
in class AbstractOAuth2IdentityProvider<OIDCIdentityProviderConfig>
protected void processAccessTokenResponse(BrokeredIdentityContext context, PublicKey idpKey, AccessTokenResponse response)
public BrokeredIdentityContext getFederatedIdentity(String response)
getFederatedIdentity
in class AbstractOAuth2IdentityProvider<OIDCIdentityProviderConfig>
protected JsonWebToken validateToken(PublicKey key, String encodedToken)
public void attachUserSession(UserSessionModel userSession, ClientSessionModel clientSession, BrokeredIdentityContext context)
attachUserSession
in interface IdentityProvider<OIDCIdentityProviderConfig>
attachUserSession
in class AbstractIdentityProvider<OIDCIdentityProviderConfig>
protected String getDefaultScopes()
getDefaultScopes
in class AbstractOAuth2IdentityProvider<OIDCIdentityProviderConfig>
Copyright © 2016 JBoss by Red Hat. All rights reserved.