public class SamlProtocol extends Object implements LoginProtocol
Modifier and Type | Class and Description |
---|---|
static class |
SamlProtocol.ProtocolMapperProcessor<T> |
Constructor and Description |
---|
SamlProtocol() |
Modifier and Type | Method and Description |
---|---|
javax.ws.rs.core.Response |
authenticated(UserSessionModel userSession,
ClientSessionCode accessCode) |
void |
backchannelLogout(UserSessionModel userSession,
ClientSessionModel clientSession) |
javax.ws.rs.core.Response |
cancelLogin(ClientSessionModel clientSession) |
void |
close() |
javax.ws.rs.core.Response |
consentDenied(ClientSessionModel clientSession) |
protected SAML2LogoutRequestBuilder |
createLogoutRequest(String logoutUrl,
ClientSessionModel clientSession,
ClientModel client) |
javax.ws.rs.core.Response |
finishLogout(UserSessionModel userSession) |
static boolean |
forceNameIdFormat(ClientModel client) |
static boolean |
forcePostBinding(ClientModel client) |
javax.ws.rs.core.Response |
frontchannelLogout(UserSessionModel userSession,
ClientSessionModel clientSession) |
protected javax.ws.rs.core.Response |
getErrorResponse(ClientSessionModel clientSession,
String status) |
static String |
getLogoutServiceUrl(javax.ws.rs.core.UriInfo uriInfo,
ClientModel client,
String bindingType) |
protected String |
getNameId(String nameIdFormat,
ClientSessionModel clientSession,
UserSessionModel userSession) |
protected String |
getNameIdFormat(ClientSessionModel clientSession) |
protected String |
getResponseIssuer(RealmModel realm) |
static SignatureAlgorithm |
getSignatureAlgorithm(ClientModel client) |
static boolean |
includeAuthnStatement(ClientModel client) |
javax.ws.rs.core.Response |
invalidSessionError(ClientSessionModel clientSession) |
protected boolean |
isLogoutPostBindingForClient(ClientSessionModel clientSession) |
protected boolean |
isLogoutPostBindingForInitiator(UserSessionModel session) |
protected boolean |
isPostBinding(ClientSessionModel clientSession) |
void |
populateRoles(SamlProtocol.ProtocolMapperProcessor<SAMLRoleListMapper> roleListMapper,
org.picketlink.identity.federation.saml.v2.protocol.ResponseType response,
KeycloakSession session,
UserSessionModel userSession,
ClientSessionModel clientSession) |
static boolean |
requiresAssertionSignature(ClientModel client) |
static boolean |
requiresRealmSignature(ClientModel client) |
SamlProtocol |
setEventBuilder(EventBuilder event) |
SamlProtocol |
setHttpHeaders(javax.ws.rs.core.HttpHeaders headers) |
SamlProtocol |
setRealm(RealmModel realm) |
SamlProtocol |
setSession(KeycloakSession session) |
SamlProtocol |
setUriInfo(javax.ws.rs.core.UriInfo uriInfo) |
void |
transformAttributeStatement(List<SamlProtocol.ProtocolMapperProcessor<SAMLAttributeStatementMapper>> attributeStatementMappers,
org.picketlink.identity.federation.saml.v2.protocol.ResponseType response,
KeycloakSession session,
UserSessionModel userSession,
ClientSessionModel clientSession) |
org.picketlink.identity.federation.saml.v2.protocol.ResponseType |
transformLoginResponse(List<SamlProtocol.ProtocolMapperProcessor<SAMLLoginResponseMapper>> mappers,
org.picketlink.identity.federation.saml.v2.protocol.ResponseType response,
KeycloakSession session,
UserSessionModel userSession,
ClientSessionModel clientSession) |
protected static final org.jboss.logging.Logger logger
public static final String ATTRIBUTE_TRUE_VALUE
public static final String ATTRIBUTE_FALSE_VALUE
public static final String SAML_SIGNING_CERTIFICATE_ATTRIBUTE
public static final String SAML_ENCRYPTION_CERTIFICATE_ATTRIBUTE
public static final String SAML_CLIENT_SIGNATURE_ATTRIBUTE
public static final String SAML_ASSERTION_CONSUMER_URL_POST_ATTRIBUTE
public static final String SAML_ASSERTION_CONSUMER_URL_REDIRECT_ATTRIBUTE
public static final String SAML_SINGLE_LOGOUT_SERVICE_URL_POST_ATTRIBUTE
public static final String SAML_SINGLE_LOGOUT_SERVICE_URL_REDIRECT_ATTRIBUTE
public static final String SAML_FORCE_NAME_ID_FORMAT_ATTRIBUTE
public static final String SAML_NAME_ID_FORMAT_ATTRIBUTE
public static final String LOGIN_PROTOCOL
public static final String SAML_BINDING
public static final String SAML_POST_BINDING
public static final String SAML_REDIRECT_BINDING
public static final String SAML_SERVER_SIGNATURE
public static final String SAML_ASSERTION_SIGNATURE
public static final String SAML_AUTHNSTATEMENT
public static final String SAML_SIGNATURE_ALGORITHM
public static final String SAML_ENCRYPT
public static final String SAML_FORCE_POST_BINDING
public static final String SAML_REQUEST_ID
public static final String SAML_LOGOUT_BINDING
public static final String SAML_LOGOUT_REQUEST_ID
public static final String SAML_LOGOUT_RELAY_STATE
public static final String SAML_LOGOUT_BINDING_URI
public static final String SAML_LOGOUT_SIGNATURE_ALGORITHM
public static final String SAML_NAME_ID
public static final String SAML_NAME_ID_FORMAT
public static final String SAML_DEFAULT_NAMEID_FORMAT
public static final String SAML_PERSISTENT_NAME_ID_FOR
protected KeycloakSession session
protected RealmModel realm
protected javax.ws.rs.core.UriInfo uriInfo
protected javax.ws.rs.core.HttpHeaders headers
protected EventBuilder event
public SamlProtocol setSession(KeycloakSession session)
setSession
in interface LoginProtocol
public SamlProtocol setRealm(RealmModel realm)
setRealm
in interface LoginProtocol
public SamlProtocol setUriInfo(javax.ws.rs.core.UriInfo uriInfo)
setUriInfo
in interface LoginProtocol
public SamlProtocol setHttpHeaders(javax.ws.rs.core.HttpHeaders headers)
setHttpHeaders
in interface LoginProtocol
public SamlProtocol setEventBuilder(EventBuilder event)
setEventBuilder
in interface LoginProtocol
public javax.ws.rs.core.Response cancelLogin(ClientSessionModel clientSession)
cancelLogin
in interface LoginProtocol
public javax.ws.rs.core.Response invalidSessionError(ClientSessionModel clientSession)
invalidSessionError
in interface LoginProtocol
protected String getResponseIssuer(RealmModel realm)
protected javax.ws.rs.core.Response getErrorResponse(ClientSessionModel clientSession, String status)
protected boolean isPostBinding(ClientSessionModel clientSession)
protected boolean isLogoutPostBindingForInitiator(UserSessionModel session)
protected boolean isLogoutPostBindingForClient(ClientSessionModel clientSession)
public static boolean forcePostBinding(ClientModel client)
protected String getNameIdFormat(ClientSessionModel clientSession)
public static boolean forceNameIdFormat(ClientModel client)
protected String getNameId(String nameIdFormat, ClientSessionModel clientSession, UserSessionModel userSession)
public javax.ws.rs.core.Response authenticated(UserSessionModel userSession, ClientSessionCode accessCode)
authenticated
in interface LoginProtocol
public static boolean requiresRealmSignature(ClientModel client)
public static boolean requiresAssertionSignature(ClientModel client)
public static boolean includeAuthnStatement(ClientModel client)
public static SignatureAlgorithm getSignatureAlgorithm(ClientModel client)
public void transformAttributeStatement(List<SamlProtocol.ProtocolMapperProcessor<SAMLAttributeStatementMapper>> attributeStatementMappers, org.picketlink.identity.federation.saml.v2.protocol.ResponseType response, KeycloakSession session, UserSessionModel userSession, ClientSessionModel clientSession)
public org.picketlink.identity.federation.saml.v2.protocol.ResponseType transformLoginResponse(List<SamlProtocol.ProtocolMapperProcessor<SAMLLoginResponseMapper>> mappers, org.picketlink.identity.federation.saml.v2.protocol.ResponseType response, KeycloakSession session, UserSessionModel userSession, ClientSessionModel clientSession)
public void populateRoles(SamlProtocol.ProtocolMapperProcessor<SAMLRoleListMapper> roleListMapper, org.picketlink.identity.federation.saml.v2.protocol.ResponseType response, KeycloakSession session, UserSessionModel userSession, ClientSessionModel clientSession)
public javax.ws.rs.core.Response consentDenied(ClientSessionModel clientSession)
consentDenied
in interface LoginProtocol
public static String getLogoutServiceUrl(javax.ws.rs.core.UriInfo uriInfo, ClientModel client, String bindingType)
public javax.ws.rs.core.Response frontchannelLogout(UserSessionModel userSession, ClientSessionModel clientSession)
frontchannelLogout
in interface LoginProtocol
public javax.ws.rs.core.Response finishLogout(UserSessionModel userSession)
finishLogout
in interface LoginProtocol
public void backchannelLogout(UserSessionModel userSession, ClientSessionModel clientSession)
backchannelLogout
in interface LoginProtocol
protected SAML2LogoutRequestBuilder createLogoutRequest(String logoutUrl, ClientSessionModel clientSession, ClientModel client)
Copyright © 2015. All rights reserved.