org.keycloak.adapters.as7

Class CatalinaCookieTokenStore

java.lang.Object

org.keycloak.adapters.as7.CatalinaCookieTokenStore

All Implemented Interfaces:

AdapterTokenStore

public class CatalinaCookieTokenStore
extends Object
implements AdapterTokenStore

Handle storage of token info in cookie. Per-request object.

Author:

Marek Posolda

Constructor Summary

Constructors

Constructor and Description
CatalinaCookieTokenStore(org.apache.catalina.connector.Request request, HttpFacade facade, KeycloakDeployment deployment)

Method Summary

Methods

Modifier and Type	Method and Description
void	checkCurrentToken() Impl can validate if current token exists and perform refreshing if it exists and is expired
protected KeycloakPrincipal<RefreshableKeycloakSecurityContext>	checkPrincipalFromCookie() Verify if we already have authenticated and active principal in cookie.
boolean	isCached(RequestAuthenticator authenticator) Check if we are logged already (we have already valid and successfully refreshed accessToken).
void	logout() Handle logout on store side and possibly propagate logout call to Keycloak
void	refreshCallback(RefreshableKeycloakSecurityContext secContext) Callback invoked after successful token refresh
void	saveAccountInfo(KeycloakAccount account) Finish successful OAuth2 login and store validated account

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CatalinaCookieTokenStore

public CatalinaCookieTokenStore(org.apache.catalina.connector.Request request,
                        HttpFacade facade,
                        KeycloakDeployment deployment)

Method Detail

checkCurrentToken

public void checkCurrentToken()

Description copied from interface: AdapterTokenStore

Impl can validate if current token exists and perform refreshing if it exists and is expired

Specified by:

checkCurrentToken in interface AdapterTokenStore

isCached

public boolean isCached(RequestAuthenticator authenticator)

Description copied from interface: AdapterTokenStore

Check if we are logged already (we have already valid and successfully refreshed accessToken). Establish security context if yes

Specified by:

isCached in interface AdapterTokenStore

Parameters:

authenticator - used for actual request authentication

Returns:

true if we are logged-in already

saveAccountInfo

public void saveAccountInfo(KeycloakAccount account)

Description copied from interface: AdapterTokenStore

Finish successful OAuth2 login and store validated account

Specified by:

saveAccountInfo in interface AdapterTokenStore

logout

public void logout()

Description copied from interface: AdapterTokenStore

Handle logout on store side and possibly propagate logout call to Keycloak

Specified by:

logout in interface AdapterTokenStore

refreshCallback

public void refreshCallback(RefreshableKeycloakSecurityContext secContext)

Description copied from interface: AdapterTokenStore

Callback invoked after successful token refresh

Specified by:

refreshCallback in interface AdapterTokenStore

Parameters:

secContext - context where refresh was performed

checkPrincipalFromCookie

protected KeycloakPrincipal<RefreshableKeycloakSecurityContext> checkPrincipalFromCookie()

Verify if we already have authenticated and active principal in cookie. Perform refresh if it's not active

Returns:

valid principal